I use ClamXAV on OS X, which is based on the GPLed clamAV anti-virus engine. I have also used clamAV embedded in the PostFix mail server on Linux to scan incoming email for sites I maintained. It gets decent reviews against other packages and I have been happy with it. I use a Windows variant when I am forced to deal with XP as well. Anyway, it is completely open source and all above-board. I would not touch Symantec software with 3.048 m pole these days.
The reason I use AV software on OS X is not just masochism. For one, I have a rarely used XP/bootcamp install and it is safer to scan it from OS X which a Windows virus cannot easily affect. For another, I avoid unwittingly passing virii from one Windows user to another. Lastly, I am paranoid and want to stay in good habits. It is quite likely that viruses will eventually appear on OS X as it grows in popularity, even though it is not as good a host. The practice costs me nothing and may save me something in the end.
"Reasonable" is linked with "customary", which changes over time and is also informed by regulation and case-law. It used to be "reasonable" in many places to put railings around pools, balconies, etc., Now it is considered necessary in many places to have rails be within certain distances of each other (to prevent children falling through or getting heads stuck) either because of codes or because of successful law suits. "Reasonable" postings about danger and liability (e.g. "No lifeguard on duty") also develop over time.
The same sort of thing would happen with computer liability, and, in fact, we will see it happen with HIPAA where very little guidance is given as to what a "reasonable" precaution is. There will be a lot of confusion at first, but it will slowly settle out. It is now considered "standard" precaution to keep your system patched, run anti-virus and run a firewall. Maybe avoiding 0-day vulnerabilities is not "standard", but you can actually reduce threats by tightening down your services, hardware/software firewalls, being paranoid about email, and changing browsing habits (e.g., no javascript). Over time, I expect those precautions would begin to be more standard. The test will be when someone gets sued and a jury finds that their caution was not "reasonable". As such, it generally pays to be more cautious than the current standard.
Redhat particularly, but also Mac, bundle more software. This means you have many more lower priority vulnerabilities because you have more LOC in userspace. Does a bug in VLC equate to an OS bug? How about Firefox? Can it be used to root your system? All grey areas. Given that, the total numbers of bugs are not surprising at all and the low number of high priority bugs is telling to the extent that patch numbers are a valid measure at all. Taking a while to fix higher numbers of low priority bugs isn't a big deal as long as the high priority bugs are dealt with quickly. That would be the obvious follow up question, which they did not apparently ask. Another obvious question is who reported the defects? Are these vendor provided numbers or third party (e.g. CERT) security alerts? Another question no one (except Sun) bothered to ask.
You are about to have your butt shoved up your nose, Cancel or Allow?
Seriously, though, several things struck me. One was that a screenshot of the (malware) author's webpage showed that Firefox "support" was expected in a new release. Of course, I browse with NoScript enabled on a Macintosh which has been significantly tightened down. I regularly complain to sites that require users to have javascript enabled to do business with them and generally get favorable responses, especially when referring them to recent articles. I often find that even if functionality is degraded, most sites I visit function.
Another interesting thing is that the trojan itself presumably only needed normal user permissions to do its main job, nullifying account protection and one of the things which makes Mac/Windows/Vista better than XP. It needs privilege escalation to hide and make sure it can survive removal attempts, but the encryption and other things also make detection harder without rooting the box.
IE 7/Vista's browser sandbox, in theory, should make this kind of attack less successful, since it makes it harder to convince the browser/system to modify the environment without user intervention even when account permissions would normally allow it. Newer memory protections in both Vista and gcc 4.1+ systems should also make its job significantly harder, but one of the best things is just to limit what a web page is allowed to do and that is one of the things that is much easier to customize in Firefox (with your choice of extensions).
The fact that this is yet another case where otherwise trustworthy systems are the source of an attack is disturbing. Site-rating systems like WOT and certificate rating are rapidly becoming worthless. Also, this means that, since the e-commerce sites are obviously not secure, the attackers can obviously get access to your data from them, regardless of what precautions you take. Systems like Paypal where your account information is not provided to the vendor become more valuable, assuming Paypal itself is not compromised. One-time credit-cards are also very useful.
As for two-factor authentication, something akin to a scramble-pad may work. use multiple choice for a challenge (with randomized positions) or provide randomized buttons to enter a pin. Similar systems are sometimes used for physical security to good effect.
Sorry for the late reply, but I wanted to put a good deal of thought into it.
Of course my description was simplistic. It's a one paragraph explanation of a complex system, as is your rebuttal. It is also a defense of a system I do not support myself. The point is that your original post is a strawman. The situation is quite a bit bigger than "Free Market Good, Subsidies Bad", or the common "Farmers cannot compete, they want welfare". If you propose a replacement for a system, the first step is knowing what the system is intended to accomplish and what the consequences are of removing it. Too often we thrash back and forth generation by generation undoing things we find distasteful without ever really considering the underlying problems. Solving them takes careful thought, not just idealism.
Anything which acted to stabilize the produce market would keep prices at or above their current levels for the simple reason that raising food costs money. They are not "artificially high" since lower prices are not sustainable. If anything, they are artificially low, since food prices have been prevented from increasing even though production costs have expanded markedly, wiping out savings, increasing debt, and decreasing access to health care among farmers. Farmers are literally being forced to choose between going to the doctor to have recommended tests or buy seed. In fact, if you read any of the serious arguments against subsidies such as the arguments in the UN and WTO, it is that the *low* prices are destroying foreign markets.
More mechanized farming increases production, but is hitting diminishing returns regarding decreasing per unit cost, especially as it begins to degrade soil, increase pest resistance, diminish aquifer levels, increase fossil fuel usage and so forth. A lot of high production techniques are hitting the Red Queen Syndrome stage where they are fighting problems of their own making. You especially see that with cattle ranching here. So, agribusiness has the ability to break the market by flooding it with product, but not actually sustain lower prices, which leads us back to the point that if availability increases, the market collapses, unless some stabilizing force intervenes (which need not be subsidies). For US farmers, their biggest cost is simply that they live in the US.
If consumers don't pay for food, who does? Part of the current solution is to tax (ideally the rich, but we know how that works) to pay for farm programs to keep prices down for the poor. I don't think that is really the best approach, especially since assistance programs are usually based on a price index which accounts for food costs. Part of the rationale is to keep US produce competitive against foreign markets with lower costs of living, something which has both economic and strategic importance. Tariffs could accomplish a similar effect but still amount to market regulation and are forbidden by NAFTA, etc. I have serious issues with the meddling in the corn, rice, and sugar markets, which has encouraged monoculture, abused marginal cropland, and wasted fresh water here.
Depending on foreign markets for food would be disastrous for a number of reasons, including the fact that food is one of our principle exports right now and is one of the few things balancing our deficit. There is just not much that we have right now that the rest of the world wants. Farm land is a principle resource. Another reason is that the rest of the world does not like us very much right now and dependence offers political leverage especially since it also increases dependence on transport which further increases dependence on fossil fuels. Our food supply right now is uncomfortably dependent on foreign oil as it is. Yet another, is that food supply is volatile and foreign markets will feed themselves first. Insurance and futures help but have limited value. People cannot eat insurance. They can eat surplus production and food reserves. Warfare, disease, drought, flood, etc., can all disrupt supply, sometimes catastroph
This is not quite the first attempt of this sort, though the other example I know about is much lower-tech. In Carson's _Silent Spring_ she reports on an attempt to control japanese beetles which were responsible for massive crop damage by releasing huge numbers of sterile male beetles. The sterile beetles tried to mate with fertile females, which did not work, resulting in many fewer fertile eggs being laid and the population fell drastically. This was much more effective than more direct approaches involving DDT and other chemicals which were killing other insects (e.g. honey bees, mantises), but not affecting the beetles much.
The subsidies were created after the agricultural collapse of the '30s, so the scenario *did* happen. There may be other solutions besides subsidies, but they were put in place for a reason. Another reason for subsidies over tariffs is that subsidies can be revoked if the need for food suddenly increases (e.g. sudden crop losses, or decrease in foreign food markets).
As for people preferring to buy local, that has been shown false frequently. People rarely buy local food these days unless it is much cheaper, especially fruit which can be grown and ripened later or earlier in the season or vegetables mass produced elsewhere. Missouri is littered with farms, but the food is trucked out and non-local food is trucked in. For personal experience, in the local farmers' markets people balk at cucumbers sold 5-10 cents higher than the local supermarket even though they are locally grown, pesticide free, and vastly superior in quality. Same goes for heritage breed tomatoes (actual texture and flavor!) and so forth. Local peaches do well here for some reason, but orchards were devastated by an ice storm this winter.
A last factor is that poor-lower middle class people have no option. They buy the cheapest because that is what they can afford.
One of the underlying problems is that agribusiness allows us to produce so much food that those very businesses cannot afford to operate against the market prices they create. The technological genie is out of the bottle, however, and cannot be put back in. Foreign economies with developing agribusiness and no subsides (e.g. Ethiopia) suffer devastating price swings. In order to stabilize world coffee prices, US companies subsidize Ethiopian coffee in the form of the "Fair-Trade" system.
Small farms on the "welfare system" as you call it, are the only thing which keeps food production from switching entirely to agribusiness and horrific farming practices which destroy cropland and affect human health (e.g. feedlots and over-use of antibiotics). Without them, there would be no consumer choice at all. Small farms cannot set fair prices due to the subsidies (when prices go up, subsidies are reduced), but all farming in the US would collapse without the subsidies. Would you be willing to pay three times as much for food so that farmers could charge a fair price and live without government support? How would you limit production to prevent economic collapse?
I do not like subsidies either, especially as farmers are continuing to get squeezed even with them, but I am at a loss for a better solution. Part of the solution *is* to get people to buy local and process local, which is why I am involved in trying to revitalize local markets and cottage industry, but it is a very hard battle.
While I am not entirely supportive of the agricultural subsidies, their rationale is a little better than that. By subsidizing farmers to not grow crops (but maintain the cropland), they stabilize prices. Without the subsidies, produce prices would plummet, farmers, even large scale agribusinness, would bankrupt, then food prices would skyrocket. For examples, look at the leadup to the Great Depression or current problems with unstable food and coffee export prices in Ethiopia. By maintaining surplus cropland, the subsidies can be revoked if food prices suddenly go up, such as because of crop disease or drought.
The bottom line is that efficiencies in farming brought about by hybridization, large scale irrigation, and farm automation created a situation where we can grow orders of magnitude more crops than the economy can actually consume. This is one of the biggest arguments against the companies that campaign against pesticide and gene mod restrictions. We just don't require greater efficiency and large scale organic growing would reduce the need for subsidies.
Great, so SCOTUS remands Constitutional issues (copyright extension) back to Congress, and then wrests legislative power away from them. Dubya sets up his own judicial system in Gitmo. Soldiers playing cop in Iraq. FBI playing "secret agent" at home. The Patent and Trademark Office weighing in on National Security. WTF? Next thing you know we'll have corporations determining foreign policy.
I was a very good coder when I was younger. As a team lead, in addition to handling overhead, I wrote as much code as the entire rest of the team (6-8 people) and wrote better code.
When I got older/more experienced, I noticed that by walking the beat and mentoring the other programmers I could multiply the productivity of each team member, resulting in more productivity than I could gain by merely writing better code myself. Of course, 1) there were hopeless programmers who would not improve, and 2) I had to do a minimum amount of coding to remain skilled. This is, arguably, one of the major benefits of XP, that pair programming spreads experience and great coders improve overall productivity, but it is still hard for the system to recognize and reward the best contributors.
What is needed is an in-between position of a technical team lead who manages peoples' technical skills and acts as a trouble-shooter and innovator. Often, though, these skills may be wasted on a single small team. As a consultant, I had great success on contract to a large company as a mentor, where I would develop some code and 'walk the beat' helping others, sit in on meetings and reviews, bring in outside techniques (not bleeding edge stuff but adapting proven techniques used elsewhere) and so forth. The departments I was involved with won awards for productivity and technical innovation.
As other posters note, however, in many businesses 'innovation' and 'creativity' per se are not what is needed. A real focus on using proven techniques and keeping solutions practical is always necessary, which requires business savvy. Extreme tact is often required as well, since, as you say, technical stumbling blocks are often symptoms of failed business processes. Building trust on the business side and finding out where the political land-mines are requires time and often the acquisition of bruises. In some businesses, politics is so hostile that there is simply nothing to be done but shrug and move on. It is often a convenient scape goat.
When management was destructively micromanaging and seemed determined to set up death marches. I would simply tell folks I could not be paid enough to do a bad job. I had my professional reputation to consider and would not put my name on unprofessional work. If you have a good enough reputation, this may make a difference, but use sparingly and be prepared to back it up. In some cases, this caused parts of management to go to bat for me. In some cases, I walked away with no regrets.
Increasing reliance on sole source contracts and large contracting houses made mentoring-type contracts increasingly difficult, and internal politics often ties the hands of an insider. You simply cannot say the same things as an employee and get away with it.
The situation is further complicated by the fact that the system in question is very complex and rather chaotic. The doomsday predictions are well within the range of outcomes of credible models. For instance, the film The Day After Tomorrow, stripped of the over-dramatization, actually presents a real possibility which is a better explanation for the frozen mammoth (with buttercups in teeth and stomach) than the original papers on the subject (hypothesizing volcanic eruption and rapidly expanding CO2). That does not mean the outcome is probable. But, the sum total of nasty, improbable outcomes, though still not overly likely, is worrisome.
Many models, though not being able to predict real outcomes with certainty, do show a high likelihood that the climate will become highly unstable for a least a period of time. Weather models have not gotten good at predicting long range weather, but studies of the mathematics of chaos have at least made it possible to say when the weather can be predicted accurately and when it cannot, essentially picking out singularities in the models and degrees of instability in the actual weather systems. As global warming is put into the climate models, they become increasingly chaotic and increasingly unpredictable.
I think saying "the sky is falling" is going a bit far, but saying that we are likely in for a bumpy ride and maybe some major turbulence (please remain seated and fasten your seat belts) is quite warranted.
Then the question becomes: OK, what do we do about it? We cannot evacuate the coastlines due to a non-zero probability of catastrophic sea-level rises and increasing hurricane threats, especially while evacuating other areas for other non-zero threats. What we can do is a little risk management. In our small farming operations, we are laying groundwork for water storage and collection in case of extended drought, for (at least short term) utility independence in case the massive ice storm we got hit by this year is not isolated, and looking at storing seeds for hardier varieties of plants in case of climate drift. We are also looking at working through the Agricultural Extension and other means to encourage farmers to be more versatile in the face of change. It was not long ago here that the Ag Extension would not talk to farmers unless you had at least 40 acres and were raising beef cattle. Extended droughts have hurt beef here immensely and caused them to shift their policy toward greater versatility.
Shoring up coastal areas, better storm preparation, some real thought on what to do if climate change causes an upsurge in disease carrying mosquitoes in currently quiet areas, and so forth, are also probably quite warranted. Recent events show we are not prepared for what is happening now, let alone for possible increases, so these actions are prudent in any case.
Yes, I caught the pregnancy thing, too. Way to slant coverage.
As I've been doing research related to homeschool laws and homeschooling my daughter, I've become very distrustful of child services overall. In many areas, they ignore the law, tromp all over parental rights (such as illegal search and seizure, due process, etc.), and, unless you can afford litigation, the only way to work with the system is to confess and "cooperate". They seize children or harass parents based on ideological differences and ignore subjects of real abuse. I have also directly seen cases where prejudice leaves children in foster care when close relatives are willing and able to care for children (children mixed race, white relatives). I know a woman who has been in and out of drug rehab and prison for years now and had abusive boyfriends and the system keeps trying to give her kid back to her, but they find time to harass parents who want to give their kids a good education. There are good people in the system, but they are extremely overworked and it doesn't take many zealots to drag things down.
That being said, Shell is an extremist and a freak who does much more harm than good. There are other advocacy groups who are better organized, less militant, and more effective, such as the Homeschool Legal Defense Association.
Children need to be protected, but parents need to be free to pursue differences in religion, ideology, parental practices, and so forth without reprisal and child protection needs to take children away from abusive drunks and drug addicts, not to mention cut down on abuse in schools (by other children and adults).
This is an interesting case. Naturally, your first response to OP's allegation that some people in the government would intentionally risk causing the end of humanity is: Nobody is crazy enough to do that. But then it hits you: Obviously this bozo is.
So now I don't know exactly what to think.
Well, unfortunately, I think the GP is not the only crazy that would think like this. There are a lot of extremists out there that think the Earth needs a good cleansing and are not afraid to die themselves. Whether they could ever get their hands on an asteroid steering system is another question.
Crazies aside, there is a good reason to steer an NEO closer to Earth. It would make a great resource if it could be coaxed into orbit, especially if it contained smeltable metals or was big enough to serve as a platform for a space station. Lifting materials into orbit is hellishly expensive. If we have to redirect an asteroid, figuring out how to do it with precision could be worth quite a lot. Start by forcing it into an elliptical orbit and adjust from there.
I worked a contract at a large company once where they had coated windows which blocked cell-phone use rather effectively. The problem was that I was there to teach QA techniques in a mobile and pervasive device development lab--- and it was behind two layers of such glass. Employees were constantly filing out to the loading dock to test devices.
My real problem with the lack of cell phone use in some large companies is not personal use. People survived without that at work for many years. I would generally forward my cell phone to the desk phone on arrival. My gripe is with the sprawling campuses where my *client* cannot get a hold of me because I am in another section of the building; it reduces their own efficiency. There is also the fact that as I was often an independent contractor rather than a 9-5 employee, I had other clients to think of as well.
This was a real problem early on with the Clean Air Act and Air Quality Monitoring regulations as well and still is depending on what state agencies you have to work with. Like, SOX, company officials must affirm that the data they submit is true and accurate and that they are in compliance when there is often significant disagreement over the meanings of terms, measurements, calibration practices, data collection, fraud prevention, and "compliance". Over time, standards for behavior develop and give companies some cover. From what I have seen, showing attempts to work with the regulatory agencies and seek clarification, whether successful or not, shows good faith, and beyond that, adhering to industry standards or seeking independent certification. Sometimes regulatory agency refusal to play nicely and provide guidance goes badly for them in court and forces them to change, but it takes time and persistence on the part of regulatees.
HIPAA seems to be similarly vague in many places and I would imagine fault will most likely be decided by a jury after-the-fact with "benefit" of hindsight.
It is an interesting process to watch but no fun to be a part of. What is distressing in the AQM industry from what I have seen/been told is the number of company officials who depend on contractors to work the process for them and sign on the bottom line without understanding the process or doing any checking themselves even when advised by the contractors that they are personally liable. Managers do not want to understand scientific process, regulations, or data security, they just want it "taken care of".
In relatively early versions of TCL, they had the ability to create a sub-interpreter. The controlling interpreter could then populate the sub-interpreter with whatever commands and environment were deemed safe and create limited connections between the interpreters. Scripts running in the sub-interpreter simply did not have access to anything else. We used this to execute user scripts and configuration files in secure setups where anything coming in from the outside could be considered suspect. This could easily be done with javascript where untrusted pages/scripts would run in a limited sandbox. It was not terribly inefficient, either (against the interpreter overhead) and could even be nested. The page itself could even request such treatment, or an otherwise trusted page could request it for certain blocks of code. This pushes the actual security responsibility to the interpreter where it arguably belongs anyway. The client could decide it doesn't like the whole page and run it all in a sandbox.
Overall, I think javascript is much overused and abused for what should be simple content.
And I suppose solar output changes fully explain the surface temperature of Venus as well? The truth is that the planets are very different. Saying we fully understand the mechanisms on extraterrestrial planets and can extrapolate to climate changes on Earth is a stretch--- which is not to say the attempt is not useful, just premature to draw conclusions. We have barely begun to figure out how the climate works here, but we have learned some useful things, such is that the system is *much* more complex than energy in, energy out. There is a high correlation between past CO2 levels and past climate and our (inadequate) studies of solar output and mechanisms (mostly) do not suggest that the Sun is the primary or even a major culprit. Whether the CO2 correlation is strictly causal is open to debate, but good models certainly show that the idea is more than reasonable.
Even if the Sun is causing the warming, higher levels of green house gases will only accelerate the process, and the likely response by humans should likely be the same --- an attempt to at least slow the warming to a rate at which we can adapt adequately. If, in fact, the Sun is the culprit, we will not be able to avoid effects long term, but at least we can likely slow it down or keep from speeding it up.
Now, an admitted and serious problem with warming-related climate models, and this goes for greenhouse or solar induced ones, is that they are not locally accurate. We have good date from ice-cap cores and other sources showing long-term climate changes which we can correlate to both CO2 levels and our understanding of Sun cycles. The problem is that this tells us little of what the weather was like on a particular Tuesday near Whiteface Mountain or Barnaget Bay ten thousand years ago. Our models are limited in complexity by computing power, data precision, and creeping chaos. We can show likely results, but all we really *know* is that climate mechanisms will change markedly. We have not been watching the weather in detail long enough to know more. We can have some success in columnar models which show, for instance, ozone creation in areas where horizontal mixing is minimal, but we cannot model local effects over wide areas very well. This, in turn, means we cannot model the precise effects of local inputs either. Power plants in one state, for instance, often do not effect air quality in the same state. Weather patterns move the output large distances. The effects of potential changes in jet streams and ocean currents have a real potential to hose any models we can put together.
Technically, the offense was moving data between the networks *at all* without authorization. Someone has to sanitize data which is transferred. For binary formats, that means going through it with a hex editor. There were very good reasons to stick to text formats. The people who wrote the rule new about the possible problems with binary data; the person who broke it did not know enough to understand the consequences--- and therefore should not have done it.
We had a blast when we declassified the source code to the system we were working on. The program handled highly classified data, but there was no reason the algorithms themselves had to be controlled. The Air Force stood to save money by maintaining the code off-site in a non-classified facility. But every line of every file had to be gone through by an authorized person before it could be cleared and it was a large system.
We handled WINTEL data, which meant that it could be used to identify people in the field, people who could die (or worse) if their identities were compromised. Stupid mistakes like moving data without authorization undo all of the precautions we went to to protect that data and the people who collected it. I took my job very seriously and so did many of the people there.
And yes, when people brazenly break protocol when handling sensitive data, I think they should go to jail, the exception being protection for whistle-blowers.
Contrast that with the casual treatment of Valerie Plame.
Indeed, where I used to work (Pentagon), an Air Force officer used a floppy to transfer an unclassified Word Document from the isolated classified network to the open unclassified network. The Word document had scooped up random classified data from the hard drive in its buffers.
When DISA was done, they had scrubbed half a dozen "contaminated" systems, carted the guy off to Leavenworth, and left a mark on the section's record (too many of those and its *very* bad for everyone working in the section).
In these cases, I do not know why:
The systems had classified data and were hooked to the Internet. That alone should land people in jail.
The employees had permission to install *anything* on the system. Unless they were administrators, that would have counted as a violation of security by itself, and if they were administrators, doing anything unauthorized should have had them canned. I had to go through hoops just to install new tools on development machines.
The employees were not jailed with no questions asked. I guarantee that would put a stop to the practice.
The whole section was not audited, leading to immediate correction of the above.
Requirements when we set up an off-site Secret test facility were no less strict and a single violation would have cost the right to operate it. I really have to wonder how lax things have gotten. It also makes me very nervous about the government's insistence of late on creating large integrated databases. Even if I trusted them to use the data ethically (I don't) I do not have confidence that they could secure it adequately.
According to 2005 FBI Internet Crime Report, almost all surveyed companies used antivirus, antispyware, firewalls and antispam software. The article also says that many victims in this case were as well. I have also had a Win2K box compromised that was very well protected; malware detectors and updates do not work against new exploits. I generally run Linux and Mac systems, and, although there are many fewer threats, I have them protected to the nines. In this case, as others mention, it is the human element: innocent looking attachments are sent from trusted individuals. This is a very good case for PGP and other systems, not to mention rampant paranoia when receiving any attachment.
This has actually been discussed to some extent for years. One method is to only allow domains to be registered or displayed in a single language character set, such that a domain name can use latin characters or greek characters, but not both. This can be enforced at registration or when displayed in the browser (the browser can highlight improper URLs). This does not prevent attacks where the entire spelling of the domain is available in an alternate character set. One solution is for the browser to somehow tell the user what language a URL is written in.
Here is a detailed description of how IE handles this, and also a w3c page discussing general techniques and different browsers. An interesting note is the possible use of the fraction slash to add fake urls to a domain name. Of course, at the end of the day, standard phishing protection applies to domains which slip through the net.
I got my Internet access cut off by a local DSL provider a little while back because of a sudden bandwidth spike. They had noticed that my account had suddenly gone to the top of their bandwidth-usage chart and stayed there. They informed me that the account had been suspended because of a "probable virus infection". At first I thought that they were just having problems with (legitimate) torrent use, but I did have a Win2K box up at that point to run some software my wife needed for work. Lo and behold, despite patches and security, the box had been owned. I told them I had taken the 2K box off-line (booted it back into Linux and the other box was a Mac) and they immediately reactivated the account.
Another very serious problem is that it is so difficult to maintain a chain of evidence in an electronic world. Will the ISPs take proper precautions to secure their data and logs from attackers and forgeries? If the DoJ drags you into court claiming you uploaded an illegal file two years ago, how do you defend yourself? Logs are just data, data is easily edited. Without electronic signatures on every log entry, it is easy to just add a new one or modify an existing entry. Who would be able to tell?
A digital timestamping service like stamper lets me prove I did something at a particular time, but how do I prove a negative?
Why would the government do something like this? Silencing political enemies, dealing with "inconvenient" people, chilling free speech, and stopping investigations into corruption when they do not have any real charges to use. (corrupt) Police now will sometimes follow and harass individuals looking for dirt; how much easier when it can be created, complete with convincing audit trail. Hand a jury an "exploited child" and they won't listen to a defense.
Browser marketshare varies widely according to audience.
Another thing to consider is the reverse: audience may vary by browser. For instance, some studies have shown that Mac users spend more on software and peripherals per capita. Certain categories of users may have different amounts of disposable income and different amounts of interest in your product and that may be correlated to browser use, so alienating certain categories of users may have more (or less) effect than the raw percentages suggest. I would suggest being very careful before considering a business strategy which includes standing at the door to your store and telling one in ten or even one in twenty of your customers that their business is simply not wanted. Consider a bank drive up which did not do business with customers who drive up in a Mercury.
Slashdot Mirror
I use ClamXAV on OS X, which is based on the GPLed clamAV anti-virus engine. I have also used clamAV embedded in the PostFix mail server on Linux to scan incoming email for sites I maintained. It gets decent reviews against other packages and I have been happy with it. I use a Windows variant when I am forced to deal with XP as well. Anyway, it is completely open source and all above-board. I would not touch Symantec software with 3.048 m pole these days.
The reason I use AV software on OS X is not just masochism. For one, I have a rarely used XP/bootcamp install and it is safer to scan it from OS X which a Windows virus cannot easily affect. For another, I avoid unwittingly passing virii from one Windows user to another. Lastly, I am paranoid and want to stay in good habits. It is quite likely that viruses will eventually appear on OS X as it grows in popularity, even though it is not as good a host. The practice costs me nothing and may save me something in the end.
"Reasonable" is linked with "customary", which changes over time and is also informed by regulation and case-law. It used to be "reasonable" in many places to put railings around pools, balconies, etc., Now it is considered necessary in many places to have rails be within certain distances of each other (to prevent children falling through or getting heads stuck) either because of codes or because of successful law suits. "Reasonable" postings about danger and liability (e.g. "No lifeguard on duty") also develop over time.
:) )
The same sort of thing would happen with computer liability, and, in fact, we will see it happen with HIPAA where very little guidance is given as to what a "reasonable" precaution is. There will be a lot of confusion at first, but it will slowly settle out. It is now considered "standard" precaution to keep your system patched, run anti-virus and run a firewall. Maybe avoiding 0-day vulnerabilities is not "standard", but you can actually reduce threats by tightening down your services, hardware/software firewalls, being paranoid about email, and changing browsing habits (e.g., no javascript). Over time, I expect those precautions would begin to be more standard. The test will be when someone gets sued and a jury finds that their caution was not "reasonable". As such, it generally pays to be more cautious than the current standard.
(IANAL
Redhat particularly, but also Mac, bundle more software. This means you have many more lower priority vulnerabilities because you have more LOC in userspace. Does a bug in VLC equate to an OS bug? How about Firefox? Can it be used to root your system? All grey areas. Given that, the total numbers of bugs are not surprising at all and the low number of high priority bugs is telling to the extent that patch numbers are a valid measure at all. Taking a while to fix higher numbers of low priority bugs isn't a big deal as long as the high priority bugs are dealt with quickly. That would be the obvious follow up question, which they did not apparently ask. Another obvious question is who reported the defects? Are these vendor provided numbers or third party (e.g. CERT) security alerts? Another question no one (except Sun) bothered to ask.
You are about to have your butt shoved up your nose, Cancel or Allow?
Seriously, though, several things struck me. One was that a screenshot of the (malware) author's webpage showed that Firefox "support" was expected in a new release. Of course, I browse with NoScript enabled on a Macintosh which has been significantly tightened down. I regularly complain to sites that require users to have javascript enabled to do business with them and generally get favorable responses, especially when referring them to recent articles. I often find that even if functionality is degraded, most sites I visit function.
Another interesting thing is that the trojan itself presumably only needed normal user permissions to do its main job, nullifying account protection and one of the things which makes Mac/Windows/Vista better than XP. It needs privilege escalation to hide and make sure it can survive removal attempts, but the encryption and other things also make detection harder without rooting the box.
IE 7/Vista's browser sandbox, in theory, should make this kind of attack less successful, since it makes it harder to convince the browser/system to modify the environment without user intervention even when account permissions would normally allow it. Newer memory protections in both Vista and gcc 4.1+ systems should also make its job significantly harder, but one of the best things is just to limit what a web page is allowed to do and that is one of the things that is much easier to customize in Firefox (with your choice of extensions).
The fact that this is yet another case where otherwise trustworthy systems are the source of an attack is disturbing. Site-rating systems like WOT and certificate rating are rapidly becoming worthless. Also, this means that, since the e-commerce sites are obviously not secure, the attackers can obviously get access to your data from them, regardless of what precautions you take. Systems like Paypal where your account information is not provided to the vendor become more valuable, assuming Paypal itself is not compromised. One-time credit-cards are also very useful.
As for two-factor authentication, something akin to a scramble-pad may work. use multiple choice for a challenge (with randomized positions) or provide randomized buttons to enter a pin. Similar systems are sometimes used for physical security to good effect.
Sorry for the late reply, but I wanted to put a good deal of thought into it.
Of course my description was simplistic. It's a one paragraph explanation of a complex system, as is your rebuttal. It is also a defense of a system I do not support myself. The point is that your original post is a strawman. The situation is quite a bit bigger than "Free Market Good, Subsidies Bad", or the common "Farmers cannot compete, they want welfare". If you propose a replacement for a system, the first step is knowing what the system is intended to accomplish and what the consequences are of removing it. Too often we thrash back and forth generation by generation undoing things we find distasteful without ever really considering the underlying problems. Solving them takes careful thought, not just idealism.
Anything which acted to stabilize the produce market would keep prices at or above their current levels for the simple reason that raising food costs money. They are not "artificially high" since lower prices are not sustainable. If anything, they are artificially low, since food prices have been prevented from increasing even though production costs have expanded markedly, wiping out savings, increasing debt, and decreasing access to health care among farmers. Farmers are literally being forced to choose between going to the doctor to have recommended tests or buy seed. In fact, if you read any of the serious arguments against subsidies such as the arguments in the UN and WTO, it is that the *low* prices are destroying foreign markets.
More mechanized farming increases production, but is hitting diminishing returns regarding decreasing per unit cost, especially as it begins to degrade soil, increase pest resistance, diminish aquifer levels, increase fossil fuel usage and so forth. A lot of high production techniques are hitting the Red Queen Syndrome stage where they are fighting problems of their own making. You especially see that with cattle ranching here. So, agribusiness has the ability to break the market by flooding it with product, but not actually sustain lower prices, which leads us back to the point that if availability increases, the market collapses, unless some stabilizing force intervenes (which need not be subsidies). For US farmers, their biggest cost is simply that they live in the US.
If consumers don't pay for food, who does? Part of the current solution is to tax (ideally the rich, but we know how that works) to pay for farm programs to keep prices down for the poor. I don't think that is really the best approach, especially since assistance programs are usually based on a price index which accounts for food costs. Part of the rationale is to keep US produce competitive against foreign markets with lower costs of living, something which has both economic and strategic importance. Tariffs could accomplish a similar effect but still amount to market regulation and are forbidden by NAFTA, etc. I have serious issues with the meddling in the corn, rice, and sugar markets, which has encouraged monoculture, abused marginal cropland, and wasted fresh water here.
Depending on foreign markets for food would be disastrous for a number of reasons, including the fact that food is one of our principle exports right now and is one of the few things balancing our deficit. There is just not much that we have right now that the rest of the world wants. Farm land is a principle resource. Another reason is that the rest of the world does not like us very much right now and dependence offers political leverage especially since it also increases dependence on transport which further increases dependence on fossil fuels. Our food supply right now is uncomfortably dependent on foreign oil as it is. Yet another, is that food supply is volatile and foreign markets will feed themselves first. Insurance and futures help but have limited value. People cannot eat insurance. They can eat surplus production and food reserves. Warfare, disease, drought, flood, etc., can all disrupt supply, sometimes catastroph
This is not quite the first attempt of this sort, though the other example I know about is much lower-tech. In Carson's _Silent Spring_ she reports on an attempt to control japanese beetles which were responsible for massive crop damage by releasing huge numbers of sterile male beetles. The sterile beetles tried to mate with fertile females, which did not work, resulting in many fewer fertile eggs being laid and the population fell drastically. This was much more effective than more direct approaches involving DDT and other chemicals which were killing other insects (e.g. honey bees, mantises), but not affecting the beetles much.
The subsidies were created after the agricultural collapse of the '30s, so the scenario *did* happen. There may be other solutions besides subsidies, but they were put in place for a reason. Another reason for subsidies over tariffs is that subsidies can be revoked if the need for food suddenly increases (e.g. sudden crop losses, or decrease in foreign food markets).
As for people preferring to buy local, that has been shown false frequently. People rarely buy local food these days unless it is much cheaper, especially fruit which can be grown and ripened later or earlier in the season or vegetables mass produced elsewhere. Missouri is littered with farms, but the food is trucked out and non-local food is trucked in. For personal experience, in the local farmers' markets people balk at cucumbers sold 5-10 cents higher than the local supermarket even though they are locally grown, pesticide free, and vastly superior in quality. Same goes for heritage breed tomatoes (actual texture and flavor!) and so forth. Local peaches do well here for some reason, but orchards were devastated by an ice storm this winter.
A last factor is that poor-lower middle class people have no option. They buy the cheapest because that is what they can afford.
One of the underlying problems is that agribusiness allows us to produce so much food that those very businesses cannot afford to operate against the market prices they create. The technological genie is out of the bottle, however, and cannot be put back in. Foreign economies with developing agribusiness and no subsides (e.g. Ethiopia) suffer devastating price swings. In order to stabilize world coffee prices, US companies subsidize Ethiopian coffee in the form of the "Fair-Trade" system.
Small farms on the "welfare system" as you call it, are the only thing which keeps food production from switching entirely to agribusiness and horrific farming practices which destroy cropland and affect human health (e.g. feedlots and over-use of antibiotics). Without them, there would be no consumer choice at all. Small farms cannot set fair prices due to the subsidies (when prices go up, subsidies are reduced), but all farming in the US would collapse without the subsidies. Would you be willing to pay three times as much for food so that farmers could charge a fair price and live without government support? How would you limit production to prevent economic collapse?
I do not like subsidies either, especially as farmers are continuing to get squeezed even with them, but I am at a loss for a better solution. Part of the solution *is* to get people to buy local and process local, which is why I am involved in trying to revitalize local markets and cottage industry, but it is a very hard battle.
While I am not entirely supportive of the agricultural subsidies, their rationale is a little better than that. By subsidizing farmers to not grow crops (but maintain the cropland), they stabilize prices. Without the subsidies, produce prices would plummet, farmers, even large scale agribusinness, would bankrupt, then food prices would skyrocket. For examples, look at the leadup to the Great Depression or current problems with unstable food and coffee export prices in Ethiopia. By maintaining surplus cropland, the subsidies can be revoked if food prices suddenly go up, such as because of crop disease or drought.
The bottom line is that efficiencies in farming brought about by hybridization, large scale irrigation, and farm automation created a situation where we can grow orders of magnitude more crops than the economy can actually consume. This is one of the biggest arguments against the companies that campaign against pesticide and gene mod restrictions. We just don't require greater efficiency and large scale organic growing would reduce the need for subsidies.
Great, so SCOTUS remands Constitutional issues (copyright extension) back to Congress, and then wrests legislative power away from them. Dubya sets up his own judicial system in Gitmo. Soldiers playing cop in Iraq. FBI playing "secret agent" at home. The Patent and Trademark Office weighing in on National Security. WTF? Next thing you know we'll have corporations determining foreign policy.
On second thought, scrap the frozen mammoth anecdote. See my journal for more info.
I was a very good coder when I was younger. As a team lead, in addition to handling overhead, I wrote as much code as the entire rest of the team (6-8 people) and wrote better code.
When I got older/more experienced, I noticed that by walking the beat and mentoring the other programmers I could multiply the productivity of each team member, resulting in more productivity than I could gain by merely writing better code myself. Of course, 1) there were hopeless programmers who would not improve, and 2) I had to do a minimum amount of coding to remain skilled. This is, arguably, one of the major benefits of XP, that pair programming spreads experience and great coders improve overall productivity, but it is still hard for the system to recognize and reward the best contributors.
What is needed is an in-between position of a technical team lead who manages peoples' technical skills and acts as a trouble-shooter and innovator. Often, though, these skills may be wasted on a single small team. As a consultant, I had great success on contract to a large company as a mentor, where I would develop some code and 'walk the beat' helping others, sit in on meetings and reviews, bring in outside techniques (not bleeding edge stuff but adapting proven techniques used elsewhere) and so forth. The departments I was involved with won awards for productivity and technical innovation.
As other posters note, however, in many businesses 'innovation' and 'creativity' per se are not what is needed. A real focus on using proven techniques and keeping solutions practical is always necessary, which requires business savvy. Extreme tact is often required as well, since, as you say, technical stumbling blocks are often symptoms of failed business processes. Building trust on the business side and finding out where the political land-mines are requires time and often the acquisition of bruises. In some businesses, politics is so hostile that there is simply nothing to be done but shrug and move on. It is often a convenient scape goat.
When management was destructively micromanaging and seemed determined to set up death marches. I would simply tell folks I could not be paid enough to do a bad job. I had my professional reputation to consider and would not put my name on unprofessional work. If you have a good enough reputation, this may make a difference, but use sparingly and be prepared to back it up. In some cases, this caused parts of management to go to bat for me. In some cases, I walked away with no regrets.
Increasing reliance on sole source contracts and large contracting houses made mentoring-type contracts increasingly difficult, and internal politics often ties the hands of an insider. You simply cannot say the same things as an employee and get away with it.
The situation is further complicated by the fact that the system in question is very complex and rather chaotic. The doomsday predictions are well within the range of outcomes of credible models. For instance, the film The Day After Tomorrow, stripped of the over-dramatization, actually presents a real possibility which is a better explanation for the frozen mammoth (with buttercups in teeth and stomach) than the original papers on the subject (hypothesizing volcanic eruption and rapidly expanding CO2). That does not mean the outcome is probable. But, the sum total of nasty, improbable outcomes, though still not overly likely, is worrisome.
Many models, though not being able to predict real outcomes with certainty, do show a high likelihood that the climate will become highly unstable for a least a period of time. Weather models have not gotten good at predicting long range weather, but studies of the mathematics of chaos have at least made it possible to say when the weather can be predicted accurately and when it cannot, essentially picking out singularities in the models and degrees of instability in the actual weather systems. As global warming is put into the climate models, they become increasingly chaotic and increasingly unpredictable.
I think saying "the sky is falling" is going a bit far, but saying that we are likely in for a bumpy ride and maybe some major turbulence (please remain seated and fasten your seat belts) is quite warranted.
Then the question becomes: OK, what do we do about it? We cannot evacuate the coastlines due to a non-zero probability of catastrophic sea-level rises and increasing hurricane threats, especially while evacuating other areas for other non-zero threats. What we can do is a little risk management. In our small farming operations, we are laying groundwork for water storage and collection in case of extended drought, for (at least short term) utility independence in case the massive ice storm we got hit by this year is not isolated, and looking at storing seeds for hardier varieties of plants in case of climate drift. We are also looking at working through the Agricultural Extension and other means to encourage farmers to be more versatile in the face of change. It was not long ago here that the Ag Extension would not talk to farmers unless you had at least 40 acres and were raising beef cattle. Extended droughts have hurt beef here immensely and caused them to shift their policy toward greater versatility.
Shoring up coastal areas, better storm preparation, some real thought on what to do if climate change causes an upsurge in disease carrying mosquitoes in currently quiet areas, and so forth, are also probably quite warranted. Recent events show we are not prepared for what is happening now, let alone for possible increases, so these actions are prudent in any case.
Yes, I caught the pregnancy thing, too. Way to slant coverage.
As I've been doing research related to homeschool laws and homeschooling my daughter, I've become very distrustful of child services overall. In many areas, they ignore the law, tromp all over parental rights (such as illegal search and seizure, due process, etc.), and, unless you can afford litigation, the only way to work with the system is to confess and "cooperate". They seize children or harass parents based on ideological differences and ignore subjects of real abuse. I have also directly seen cases where prejudice leaves children in foster care when close relatives are willing and able to care for children (children mixed race, white relatives). I know a woman who has been in and out of drug rehab and prison for years now and had abusive boyfriends and the system keeps trying to give her kid back to her, but they find time to harass parents who want to give their kids a good education. There are good people in the system, but they are extremely overworked and it doesn't take many zealots to drag things down.
That being said, Shell is an extremist and a freak who does much more harm than good. There are other advocacy groups who are better organized, less militant, and more effective, such as the Homeschool Legal Defense Association.
Children need to be protected, but parents need to be free to pursue differences in religion, ideology, parental practices, and so forth without reprisal and child protection needs to take children away from abusive drunks and drug addicts, not to mention cut down on abuse in schools (by other children and adults).
So now I don't know exactly what to think.
Well, unfortunately, I think the GP is not the only crazy that would think like this. There are a lot of extremists out there that think the Earth needs a good cleansing and are not afraid to die themselves. Whether they could ever get their hands on an asteroid steering system is another question.
Crazies aside, there is a good reason to steer an NEO closer to Earth. It would make a great resource if it could be coaxed into orbit, especially if it contained smeltable metals or was big enough to serve as a platform for a space station. Lifting materials into orbit is hellishly expensive. If we have to redirect an asteroid, figuring out how to do it with precision could be worth quite a lot. Start by forcing it into an elliptical orbit and adjust from there.
I worked a contract at a large company once where they had coated windows which blocked cell-phone use rather effectively. The problem was that I was there to teach QA techniques in a mobile and pervasive device development lab--- and it was behind two layers of such glass. Employees were constantly filing out to the loading dock to test devices.
My real problem with the lack of cell phone use in some large companies is not personal use. People survived without that at work for many years. I would generally forward my cell phone to the desk phone on arrival. My gripe is with the sprawling campuses where my *client* cannot get a hold of me because I am in another section of the building; it reduces their own efficiency. There is also the fact that as I was often an independent contractor rather than a 9-5 employee, I had other clients to think of as well.
This was a real problem early on with the Clean Air Act and Air Quality Monitoring regulations as well and still is depending on what state agencies you have to work with. Like, SOX, company officials must affirm that the data they submit is true and accurate and that they are in compliance when there is often significant disagreement over the meanings of terms, measurements, calibration practices, data collection, fraud prevention, and "compliance". Over time, standards for behavior develop and give companies some cover. From what I have seen, showing attempts to work with the regulatory agencies and seek clarification, whether successful or not, shows good faith, and beyond that, adhering to industry standards or seeking independent certification. Sometimes regulatory agency refusal to play nicely and provide guidance goes badly for them in court and forces them to change, but it takes time and persistence on the part of regulatees.
HIPAA seems to be similarly vague in many places and I would imagine fault will most likely be decided by a jury after-the-fact with "benefit" of hindsight.
It is an interesting process to watch but no fun to be a part of. What is distressing in the AQM industry from what I have seen/been told is the number of company officials who depend on contractors to work the process for them and sign on the bottom line without understanding the process or doing any checking themselves even when advised by the contractors that they are personally liable. Managers do not want to understand scientific process, regulations, or data security, they just want it "taken care of".
In relatively early versions of TCL, they had the ability to create a sub-interpreter. The controlling interpreter could then populate the sub-interpreter with whatever commands and environment were deemed safe and create limited connections between the interpreters. Scripts running in the sub-interpreter simply did not have access to anything else. We used this to execute user scripts and configuration files in secure setups where anything coming in from the outside could be considered suspect. This could easily be done with javascript where untrusted pages/scripts would run in a limited sandbox. It was not terribly inefficient, either (against the interpreter overhead) and could even be nested. The page itself could even request such treatment, or an otherwise trusted page could request it for certain blocks of code. This pushes the actual security responsibility to the interpreter where it arguably belongs anyway. The client could decide it doesn't like the whole page and run it all in a sandbox.
Overall, I think javascript is much overused and abused for what should be simple content.
And I suppose solar output changes fully explain the surface temperature of Venus as well? The truth is that the planets are very different. Saying we fully understand the mechanisms on extraterrestrial planets and can extrapolate to climate changes on Earth is a stretch--- which is not to say the attempt is not useful, just premature to draw conclusions. We have barely begun to figure out how the climate works here, but we have learned some useful things, such is that the system is *much* more complex than energy in, energy out. There is a high correlation between past CO2 levels and past climate and our (inadequate) studies of solar output and mechanisms (mostly) do not suggest that the Sun is the primary or even a major culprit. Whether the CO2 correlation is strictly causal is open to debate, but good models certainly show that the idea is more than reasonable.
Even if the Sun is causing the warming, higher levels of green house gases will only accelerate the process, and the likely response by humans should likely be the same --- an attempt to at least slow the warming to a rate at which we can adapt adequately. If, in fact, the Sun is the culprit, we will not be able to avoid effects long term, but at least we can likely slow it down or keep from speeding it up.
Now, an admitted and serious problem with warming-related climate models, and this goes for greenhouse or solar induced ones, is that they are not locally accurate. We have good date from ice-cap cores and other sources showing long-term climate changes which we can correlate to both CO2 levels and our understanding of Sun cycles. The problem is that this tells us little of what the weather was like on a particular Tuesday near Whiteface Mountain or Barnaget Bay ten thousand years ago. Our models are limited in complexity by computing power, data precision, and creeping chaos. We can show likely results, but all we really *know* is that climate mechanisms will change markedly. We have not been watching the weather in detail long enough to know more. We can have some success in columnar models which show, for instance, ozone creation in areas where horizontal mixing is minimal, but we cannot model local effects over wide areas very well. This, in turn, means we cannot model the precise effects of local inputs either. Power plants in one state, for instance, often do not effect air quality in the same state. Weather patterns move the output large distances. The effects of potential changes in jet streams and ocean currents have a real potential to hose any models we can put together.
Technically, the offense was moving data between the networks *at all* without authorization. Someone has to sanitize data which is transferred. For binary formats, that means going through it with a hex editor. There were very good reasons to stick to text formats. The people who wrote the rule new about the possible problems with binary data; the person who broke it did not know enough to understand the consequences--- and therefore should not have done it.
We had a blast when we declassified the source code to the system we were working on. The program handled highly classified data, but there was no reason the algorithms themselves had to be controlled. The Air Force stood to save money by maintaining the code off-site in a non-classified facility. But every line of every file had to be gone through by an authorized person before it could be cleared and it was a large system.
We handled WINTEL data, which meant that it could be used to identify people in the field, people who could die (or worse) if their identities were compromised. Stupid mistakes like moving data without authorization undo all of the precautions we went to to protect that data and the people who collected it. I took my job very seriously and so did many of the people there.
And yes, when people brazenly break protocol when handling sensitive data, I think they should go to jail, the exception being protection for whistle-blowers.
Contrast that with the casual treatment of Valerie Plame.
Indeed, where I used to work (Pentagon), an Air Force officer used a floppy to transfer an unclassified Word Document from the isolated classified network to the open unclassified network. The Word document had scooped up random classified data from the hard drive in its buffers.
When DISA was done, they had scrubbed half a dozen "contaminated" systems, carted the guy off to Leavenworth, and left a mark on the section's record (too many of those and its *very* bad for everyone working in the section).
In these cases, I do not know why:
Requirements when we set up an off-site Secret test facility were no less strict and a single violation would have cost the right to operate it. I really have to wonder how lax things have gotten. It also makes me very nervous about the government's insistence of late on creating large integrated databases. Even if I trusted them to use the data ethically (I don't) I do not have confidence that they could secure it adequately.
According to 2005 FBI Internet Crime Report, almost all surveyed companies used antivirus, antispyware, firewalls and antispam software. The article also says that many victims in this case were as well. I have also had a Win2K box compromised that was very well protected; malware detectors and updates do not work against new exploits. I generally run Linux and Mac systems, and, although there are many fewer threats, I have them protected to the nines. In this case, as others mention, it is the human element: innocent looking attachments are sent from trusted individuals. This is a very good case for PGP and other systems, not to mention rampant paranoia when receiving any attachment.
This has actually been discussed to some extent for years. One method is to only allow domains to be registered or displayed in a single language character set, such that a domain name can use latin characters or greek characters, but not both. This can be enforced at registration or when displayed in the browser (the browser can highlight improper URLs). This does not prevent attacks where the entire spelling of the domain is available in an alternate character set. One solution is for the browser to somehow tell the user what language a URL is written in.
Here is a detailed description of how IE handles this, and also a w3c page discussing general techniques and different browsers. An interesting note is the possible use of the fraction slash to add fake urls to a domain name. Of course, at the end of the day, standard phishing protection applies to domains which slip through the net.
I got my Internet access cut off by a local DSL provider a little while back because of a sudden bandwidth spike. They had noticed that my account had suddenly gone to the top of their bandwidth-usage chart and stayed there. They informed me that the account had been suspended because of a "probable virus infection". At first I thought that they were just having problems with (legitimate) torrent use, but I did have a Win2K box up at that point to run some software my wife needed for work. Lo and behold, despite patches and security, the box had been owned. I told them I had taken the 2K box off-line (booted it back into Linux and the other box was a Mac) and they immediately reactivated the account.
Another very serious problem is that it is so difficult to maintain a chain of evidence in an electronic world. Will the ISPs take proper precautions to secure their data and logs from attackers and forgeries? If the DoJ drags you into court claiming you uploaded an illegal file two years ago, how do you defend yourself? Logs are just data, data is easily edited. Without electronic signatures on every log entry, it is easy to just add a new one or modify an existing entry. Who would be able to tell?
A digital timestamping service like stamper lets me prove I did something at a particular time, but how do I prove a negative?
Why would the government do something like this? Silencing political enemies, dealing with "inconvenient" people, chilling free speech, and stopping investigations into corruption when they do not have any real charges to use. (corrupt) Police now will sometimes follow and harass individuals looking for dirt; how much easier when it can be created, complete with convincing audit trail. Hand a jury an "exploited child" and they won't listen to a defense.
Another thing to consider is the reverse: audience may vary by browser. For instance, some studies have shown that Mac users spend more on software and peripherals per capita. Certain categories of users may have different amounts of disposable income and different amounts of interest in your product and that may be correlated to browser use, so alienating certain categories of users may have more (or less) effect than the raw percentages suggest. I would suggest being very careful before considering a business strategy which includes standing at the door to your store and telling one in ten or even one in twenty of your customers that their business is simply not wanted. Consider a bank drive up which did not do business with customers who drive up in a Mercury.