You haven't paid attention to the average income of Mac owners vs. Windows or Linux users, have you? Stealing THEIR (Mac owners' identities has GOT to be more efficient, profit-wise, than wading through an entire PLANET-ful of sad, broke Windows owners)
Let's be real here: 60 million MacOSX users worldwide vs 1,500 million Windows users. Big businesses have sensitive data you can get to via Windows exploits. We're talking about 1 MacOSX user for every 25 Windows users in the naive case, and that's an inflated comparison.
So $80k vs $50k? Even if Windows users made, on average, minimum wage ($16,500), MacOSX users would need an average income of $412,500 to be worth it. That ignores the value of ransoming big businesses, the high-speed spread across the Windows monoculture (MacOSX malware would have to find another OSX machine, so would spread slowly across the broad installation base due to target dilution), and the fact that OSX users are poor because they already spent all their income on Apple bullshit.
So how can your non-admin coworker snoop on your traffic if there's a self-signed cert being used?
Are you sure you understand the word "equivalent"?
Well, to be able to snoop on traffic, you have to be connected to a switched segment through which that traffic is passing. That is to say: you're plugged into the same switch through which the traffic is passing. There are some technical nuances here: if you're on the same switch but different VLAN, then the switch won't switch packets from one VLAN to the next; and if you're on a router with the same subnet on multiple ports (it happens), then it's acting as a switch spanning those ports, kind of. The point is the next device could be on the port you're plugged into.
So with a switched network, the router writes the MAC address for the next device on the frame, and the switches send it directly there. That means you can't snoop because you're on a switch; but that's okay, because switches and routers don't know all that shit by magic. You start advertising that you have the MAC address of the next device (either the next router or the endpoint, depending on what's immediately next) and get yourself put into the router's ARP table. Now you're 10.200.100.55, but the router will send packets for 10.200.100.40 to you.
Here's the best part: you can then resend those packets, altered or not, by changing the MAC in the frame header. They magically go to the correct place (the switch only looks at the MAC address, and sends the packet there; the endpoint accepts the frame because it's targeting its MAC address, and checks the IP etc. as relevant to it).
You don't need to do all that shit if you're using hubs, but you can. So, in any case that you can listen to a transmission, you can alter it. (Caveat: doesn't work if you're using a passive network tap, since it has no write lines to talk back.)
With a self-signed certificate, all you have to do is generate a self-signed certificate with the same parameters so it looks the same to the user. The warning box pops up, because it always does; it says all the right stuff to the user, except for a hex fingerprint of the certificate (SHA2 hash) which nobody memorizes; and the user has no idea you're intercepting, reading, and even altering his traffic!
like boolean algebra, implementations of logic gates and how to arrange those to create things like memory and a CPU.
"How to physically build a CPU out of gates" isn't an even lower-level of cruft than "how CPU architecture works".
If you knew what you're talking about, you would have mentioned way different things.
Operating systems do surprisingly-few things. They basically manage hardware and program execution. Hardware includes I/O hardware; program execution relies on loading the program, setting up its memory space, scheduling, and supplying all the functionality you get through syscalls these days. We can enumerate these upwards and downwards all day, and start a holy war over whether glibc's mmap()ing of shared objects counts as "the operating system" or not (Linux in particular doesn't actually handle shared objects at the kernel level; it does have an ELF executable loader, although it loads and executes glibc or the specified interpreter instead of the main executable when it loads any dynamically-linked ELF main binary). Hell, we could dig up old BSD mailing list posts and measure how many people think X11 is part of the OS or not. It doesn't matter.
I do not have a detailed understanding of the physics that makes transistors work
I'm pretty sure nobody does. Like, we know how transistors work, but then we get into electromagnetic theory and it's basically a bunch of Hawkings arguing over things none of them will actually claim to understand.
I've been hoping for a Raspberry-Pi-like thing including a Snapdragon 850 with 8GB RAM. The Snapdragon 850 is ~$45, although some volume discounters have gotten it for $25-$30. That's 2.45GHz ARMv8-A with GPU, DSP, and 802.11a/b/g/n.
That's a nice place to start. With 8GB RAM and that much CPU, plus an M.2 or mSATA port, plus a SATA controller with 4 ports, you can actually build something like a viable FreeNAS box. You'll need a secondary PSU to drive hard disks; an SSD draws up to 5 watts, which is 1 amp at 5V or 42mA at 120V. USB 3.0 supplies only up to 1.5A at 5V at charging downstream, although the USB Power Delivery Revision specifies 20V at 5A or a maximum 100W.
The Pi 2 used up to 6.25 watts, and the Pi 3 uses up to 3.7 watts at peak; those Snapdragon 800-series can pull 8-10 watts at full load. That means 2A off a 5V USB or 0.5A off the 20V high-speed power delivery revision. Alternately, the engineers can just stick a DC power supply on there, and you use a wall wart that can give 12V at 5 amps or about 60W.
So the Pi is already based on a SOC. We're looking at a $45 SOC plus a $12 SATA controller. The PSU to carry all this power will cost you $5. That's up to $62 on top of the Pi 3 (at $40), but their SOC costs $25; you're looking at a $77 board.
With a 60W carry capacity, you can run a 5W M.2 main disk and four 5W Samsung 850 EVO 1TB SSDs all pulling peak at 25W, leaving 35W to run everything else.
Now you have a peak-power-usage of about 45W-50W for a NAS. Thing is those drives usually run 0.030W, maybe up to 1.5W during brief operations; and the CPU consumes approximately nothing when idle. You're going to average under 10W, under 88kWh/year.
It won't run your enterprise VMWare server farm. That's not to say you can't use this thing for 10Gbit/s iSCSI to a pretty active Web server (primarily reading!) or even a desktop OS, both of which would cache most reads. You can serve an NFS/SMB file share to hold your movies and music. Hell, in the enterprise, this could be your Gitlab and Owncloud server.
That's what I'm waiting for: getting the hard drives out of my desktop PC, getting the music collection off one PC or another, getting my non-cloud files somewhere that doesn't rely on a machine whirring loudly and chugging 50W just to idle. They're thinking too small with these boards.
I know, right? There are entire chapters in books about Linux administration focused on managing ssh keys across your network. That's what the state-of-the-art looks like.
It's ridiculous.
I do understand, now, why you prefer running a blackbox toy like windows, as well as why you failed to use free software.
I'm actually a system engineer specialized in developing and deploying solutions with Linux operating systems and software in mixed environments, and have only a passing knowledge of Windows after taking the requisite training in managing Windows domains, Windows networks, and Windows security. My administration competency on Windows is... lacking, to say the least. With Linux systems, I frequently need to correct the work of long-senior engineers and educate them a bit on how the frigging thing works.
it wouldn't hurt to try and pick up a few basics about how computers, networks and operating systems work.
I'm not a networking engineer, and so can't get too deep into architecture, routing hardware, or protocol specifics. My expertise in that area only goes as far as understanding how TCP/IP routing works, mainly because some level of slight depth at that layer is required when I have to explain why self-signed certificates are equivalent to not using TLS at all on a corporate LAN. It also saves me the embarrassment of being that guy who wants to know if we can validate the MAC address of a device on the other side of a router (routing basically works by setting the MAC address in the frame to the next router's MAC address; gateway IPs are only used to do an ARP look-up on the nearest router).
There are no "basics about computers". Never ask anyone how a computer works. If you want to know how a computer actually works, you need to understand Von Neumann architecture, MESI and related cache coherency protocols, memory controllers, page table indirection, and other shit that happens at the CPU and MMU level. There are some wonderful discussions about getting exclusively read-and-execute (not writable) pages on i386 by marking non-writable pages as SUPERVISOR and then forcing a translation lookaside buffer cache load on read or execute (it's the same permission on i386 without PAE and the NX extension). I suspect you meant something like "operating system basics" or "microcomputing applications basics", although conjecturing someone's meaning is hazardous.
Still, I did almost have a secretarial degree from learning office administration applications front-to-back as part of my curriculum, so I sort of have the flow; and, again, I did study system administration for Microsoft systems enough to get a bit more than halfway to an MCSE, although I'm only slightly-competent there and mostly a Linux administrator. The whole system engineering thing stems from there: rather than ask me to configure servers, people started asking me to solve business problems by identifying what software, hardware, and integration we needed to meet a need.
As for how operating systems work, what part would you like to know? Would a discussion of the basics of memory management, spanning from lazy allocation, COW pages, and swapping interest you? What about a discussion of the various types of priority-based preemptive scheduling algorithms? We could extend a bit down into full software stack architecture from applications to middleware (Java, CLR) to the operating system, and even go on about nested page tables and modern virtualization. All of the modern exploit mitigation systems are fascinating, by the way, notably modified compiler toolchains for buffer overflow protection without breaking the ABI; operating system memory management techniques such as address space layout randomization to inflict probability of failure on exploits; and modifications to core libraries to provide protection from misuse of allocated memory.
and yet it's still not much of an attack surface (not all over the net) or a big target (not a lot of payoff). It gets its ass raped at Pwn2Own and had one dude releasing a brand new exploit every day in OSX operating system components for a while, but nobody really cares.
The point is that saying Windows was built with security in mind and Unix had it bolted on is... backwards. Windows was built like shit and came to this point through sweat, blood, terrible management politics, and enormous shifts in corporate strategy; Unix was designed in the 1970s to not have those basic problems from which UAC and such had to drag Windows and its application space away kicking and screaming.
XP was the first NT system most people actually used across all their workstations. It also lived for like ten years. We came into XP with the giant, festering rot of the legacy of Windows 98, and it didn't go away. That's where the bolt-on security really got started: XP as the direct successor to Windows 98 (ME was an abortion and never gained wide market adoption).
Has he been accused of being the stupidest person on earth yet?
You're going to pay for all this battery, and pay for the grid in case you run out of battery?... why not just stay hooked up to the grid? It's cheaper than having both.
The whole battery back-up idea is dumb anyway. There's a lot of waste, and you need to overbuild a hell of a lot. Staying connected lets you shuffle your excess off to where there's demand (probably right next door, or down the street), size your system to average load, and not handle expensive back-up systems on-site.
It would cost me more during off-peak hours for electricity than it does for the flat-rate all-renewable option. I pay the same electricity charge 24/7, and charge my EV during the day because I plug it in when I get home.
Coal is actually more-expensive than solar at this point. The range of costs to build and operate the facilities has overlapped for years, in favor of coal (some coal plants would have been cheaper than any possible solar plant per generation capacity); however, solar and wind power have hit parity, and slightly passed it.
Battery storage is stupid. You get a solar thing on your roof, you generate excess power, you waste 10% of it in batteries. You also have to periodically replace the batteries, which wastes additional power over that lost to heat in charging.
If you stay connected to the grid, then you have to pay a $7/month customer fee (this is why I want to switch to all-electric: $13/month gas and $7/month electric just to be hooked up? Fuck that, drop the $13 fee).
They charge you based on your balance at the end of a billing period. If you pull 1,000kWh off the grid but push back 800kWh, you get charged for 200kWh. That means you pay utility rate, transmission fees, and all kinds of taxes on that shit. For me, that's 8.79 cents all-renewable electricity, 15 cents in total.
If your balance is negative, then they pay you the utility rate. That means displacing electricity has an ROI of 15 cents for me, but over-generating has an ROI of 8.79 cents. Thus if I use about 400kWh/month, I want a big enough solar installation to push about 400kWh/month down, and no more.
That $7/month would pay for a Tesla PowerWall battery in 37 years, although the PowerWall won't last that long. It also allows me to handle the whole year without excess battery I'm never going to use: I might consume 900kWh some months and 450kWh other months, and so I need to be able to generate 900kWh at all times. I can't store all of that across the low-consumption months! That generation capacity goes to waste, or I pay for batteries to store shitloads of power and don't install as much solar--and the batteries are more-expensive and will entail even more waste energy in the charge-discharge cycle!
Over-generation with a grid connection means I get paid 8.79 cents (my utility rate is actually 9.34 cents; my full-renewable option is third-party, and cheaper!) for anything I don't call back. When I over-generate, the electricity goes up the pole, transmits across to the nearest houses, and comes back down the pole: the amount of electricity flowing to my transformer from the grid is reduced, and the total amount of electricity being pulled from generation facilities down through the grid is reduced.
That's damned efficient.
People have this fetish for batteries and this idea about doing a bunch of fragmented, unconsolidated, lossy work to somehow stick it to "The Man". The problem is breaking away like that puts you at-risk and costs you more money. Staying grid connected lets everyone who generates excess power reduce their costs, while reducing the cost of maintaining the larger grid as a whole. Even on a tiny townhouse with a 45x15 roof, I can fit an array big enough to charge a PHEV (12kWh) every day, run a heat pump, and run my entire house; using the grid to level out my generation is a hell of a lot better than batteries, and far cheaper.
Yep, it's hard to replicate such a complete POS infrastructure. Your mind is locked into the Windows world. This is like saying "Have you ever driven a car, with a steering wheel, seatbelts and all -- now try to replicate *that* on a motorcycle
I've used Puppet and Docker. I've managed SSH keys. I've integrated with LDAP.
The fact of the matter is all of this shit is greatly immature compared to a Windows enterprise environment. Patch management across an enterprise, security policy management across an enterprise, and system configuration management across an enterprise with a wide installation base of Linux servers and workstations takes a shitload more labor (thus cost) and is less-reliable and less-auditable than a Windows enterprise network.
You offer up some hyperbole, but no suggestions otherwise.
By the by, I drive a PHEV (2013 Volt) and a motorcycle (2006 EX-500). Replicating some of the stuff in cars on a motorcycle is difficult: small motorcycles have historically had trouble keeping enough battery power and enough sheer space to include things like fuel pumps and EFI, so they've been stuck with antiquated fuel systems like gravity-feed carburetors. This is changing as systems become lower-power and more-miniaturized, and even the modern Kawasaki Ninja 300 has EFI and ABS. Ginormous, heavy motorcycles have had all the luxury stuff like built-in stereo, ABS, EFI, and so forth for years now.
That means the engines in motorcycles haven't been getting the power-to-weight ratio that a car engine has up until now; and they've belched out worse emissions, to the point we don't even emissions-test them. Motorcycles don't even have a standardized diagnostic system like OBD2--it's not that there's a different kind of system, but rather that there's nothing at all like OBD2 but designed for motorcycles instead of cars (which, honestly, would just be OBD2 with a Motorcycle codex extension). If your new fuel-injected, highly-complex motorcycle engine goes out of whack, good luck troubleshooting it; they're almost like car engines now, and you can't pull codes to guess what might be wrong with them. At least those little 300cc bikes get a lot more power-to-weight than a carbureted model would--per the weight of the engine and the weight of the bike.
What the feds could do...is let everyone open a liberally funded HSA, one that is NOT use it or lose it (like a FSA)....that each person could fund pre-tax...and use for their routine medical needs.
Agreed. At the current rates (about $3,750 individual, $7,000 family), an HSA is a reasonable vehicle for improving our healthcare system. Currently, HSA is an IRA that you can spend on medical, with no income restrictions and with no taxation on disbursement for medical (no penalty and no taxes taken); this means you can fund $18,000 into your 401(k) and $7,000 into your HSA regardless of income, or fund $5,000 into a traditional IRA (and $0 in a 401(k)) and $7,000 into HSA regardless of income. The IRA is useless except for retirement, while the HSA allows you to withdraw from it just like a traditional IRA at retirement and lets you invest just like a traditional IRA.
I have argued before that we should make HSA an option in all cases, mutually-exclusive of FSA. FSA allows you and your employer to mutually put money at-risk: the employer fully-funds your FSA at the beginning of the year, and so you get to spend that in full even if you leave in three months; as you get paid, your employer deducts from your paycheck to cover the FSA. That means your employer fronts the money and doesn't get paid back for some of it in the year you're terminated; and you pay back that money, but don't receive it if you carry a balance larger than the $500 roll-over. FSA works out well if you don't have current savings to hedge against a short-term medical expense.
FSA and HSA are both tax-exempt. For those of us who would rather take the risk upon ourselves, an HSA is clearly-better. It would make sense to abolish the Traditional IRA, instead unifying it to the Health Savings and Retirement Account. An HSA not used for medical expenses is a traditional IRA; and an HSA is not mutually-exclusive with a 401(k), whereas any employer retirement account reduces and eventually eliminates tax deferral for Traditional IRA deposits if your income is above a certain IRS-published maximum. Because you can put way more into 401(k) than IRA, depositing into IRA and HSA in the same year makes little sense; thus we should replace the Traditional IRA with the HSRA.
Then, they buy individually what used to be called "Major medical"...real insurance that was for catastrophic needs.
We have that now. The problem is the premiums are often some $200/month, and then you need to front 20% of the money after a $1,500 deductible per incident up to a $4,500/year out-of-pocket maximum (all out-of-pocket expenses included--regular medical plans exclude deductibles from out-of-pocket maximums). That means you need to keep at least $9,000 on-hand in case you have multiple major claims in December and January, plus you need to pay $2,400 (or more!) per year just to have coverage.
In other words: Full medical costs a minimum of $2,400/year (if you have zero medical expenses) and a maximum of $6,700/year. Covering for it reliably requires having about $9,000 on-hand at any one time. Without a prescription plan, my drugs would actually cost $8,400/year.
Regular insurance takes the gap between these (that $4,500) and spreads it across the insured. So maybe your premiums are $350/month and your medical costs $4,200/year. Maintenance drugs tend to impact this pretty heavily, although it's hit-or-miss: Eszopiclone (please no) costs $16/month out-of-pocket with no insurance, while my $700/month Atomoxetine HCl (Teva-Barr generic, baby! Nice and cheap!) costs $35 for 180 pill supply on a 3-month BID. Some drugs are hard to make, tactically-relevant to the military, or procedurally-complex due to regulation, and so cost a lot. There are $100/month generic non-controlled substances that have 37-step synthesis processes; there's a really easy-to-synthesize drug that's $224/3month (I've been on it) because the military
OSX is riddled with tons of security holes due to really bad programming.
Unix was designed with security in mind, hence why it had a functional DAC system which extended quite well to ACL (although the standard for ACLs was rescinded; Linux implements it anyway), and took Capabilities-based security equally-well.
Windows, on the other hand, was designed with no filesystem access control and didn't even segment userspace and kernelspace contexts, so any program could write to RAM above 3GB and mess with kernel memory. Windows NT brought a DAC on NTFS, proper memory segmentation, and...... a lot of legacy applications which wanted to write to protected system locations, so needed administrator access.
With Windows, it was so bad that XP in its 10-year lifetime was not only run as Administrator by default, but also allowed you to run programs in "Compatibility Mode" where they ran with administrative privileges. A lot of programs wrote their configuration to C:\Program Files\MyApplication\, unlike in a Unix system where you could pretty much write to $HOME or/tmp and so all applications were designed to write to locations not requiring administrative privileges.
It was so bad that XP got security features like a DLL cache that undid writes to C:\Windows\System32\ files--except you could delete the DLL cache or overwrite the file there, and it would propagate. They figured malware wouldn't be able to alter System32 because they'd undo any changes there that didn't go through the proper channels.
Windows 7 and, especially, Windows 10 are pretty air-tight. Linux and Windows have stack exploitation protection built into the compiler; they separate writable and executable RAM; they use address space layout randomization. A whole host of effective exploit mitigation technologies have gone into both.
There's a persistent myth that chroot() is a security tool on Unix. It's not. BSD jail() is a tightened chroot() because root can escape chroot() otherwise; and Linux has container groups, which Docker leverages to do its stuff, effectively isolating things the same way Virtuozzo and other OS-level virtualization softwares did. Nobody ever said Unix wasn't designed from the ground-up with security in mind (although they made some pretty bad blunders--re: finger); they did say chroot() wasn't a security tool, but nobody listened.
You're baffled by Windows. Let's see you set up a corporate network with active directory domains using an all-Microsoft environment, complete with patch management, group policy, and the like. Then replicate that in linux.
You can't.
I run DevOps software on Linux. We develop stuff here, we deploy it, we run it in Docker containers, we put it on Linux. I got Linux to connect to the Active Directory domain via Samba--it's rickety, fickle, and hard to debug, as well as basically-independent because it doesn't do any of the actual active directory stuff. You can't push configurations down through Samba. Samba isn't Puppet.
I've been fighting that battle for 10 years. I tell people we need robust, integrated enterprise network and configuration management like a Microsoft Domain; they tell me nobody wants that, and that Samba can already provide single sign-on. The freaking Social Security Administration investigated replacing much of their workstation deployments with Linux and deemed it unacceptable because you can't do anything like SCCM or GPO. Oh, you can now, if you want to develop Puppet or Chef modules in-house, with no standards to work from.
The operational risk of running Linux, the sheer cost of administrating and securing a giant network of dumb workstations, is just ridiculous. Your network will never be in a known state. This is an easy problem to fix, except the people who want it fixed are either unable to do it themselves (yeah I'm not any form of programmer you want writing production code) or able to get a better, faster result by just buying COTS like Microsoft Active Directory and SCCM.
Oh, and many business applications only run on Windows. That's not really a big deal today--not with O365 and all--and a mixed environment is acceptable if you can manage it sanely.
The Linux ecosystem is filled with people who manage isolated servers or somehow got LDAP working for single sign-on and think that's acceptable. There's a nebulous push for things like Puppet and Pulp, in its isolated world, learning no lessons from large enterprise deployments of Novell (in the past), Windows, and so forth. People think that some rickety, slap-dash work that's not even up Windows NT 3.51 standards is somehow ready to take over the world, except that the applications aren't ported to it; in reality, the applications are hardly a barrier at all, and the complete lack of support for wide enterprise deployments is the big killer.
Right. I'm only concerned with moving OASDI (6.2%); Medicare (HI) is also social security, and I'm not going anywhere near state services. Keeping OASDI running requires a 5.3% payroll tax in the short term (this shrinks over time), so it's a 0.9% marginal discount in payroll taxes.
I guess the 0.2% HI is on your paycheck. Unemployment taxes aren't on the paycheck.
And uh. The model I use actually counts total income taxes collecting including OASDI (even the payroll part) and measures Federal welfare et al out of that. I move the OASDI payroll into the paycheck income tax, then cut out the part of income taxes that represent Federal welfare. Unemployment is included in the part I cut out.
That has the odd implication that the 6% Federal unemployment tax stays on payroll, but has to be marked as just... payroll tax, to the general fund. I never computed it out, anyway, so it doesn't alter my model; in practice, the CBO will need to figure out how to adjust tax brackets and payroll taxes to create a more-level progressive tax instead of the ugly bump we have now (which my rough model inherits because of how it's crudely calculated--it's intended to be correct and deployable, but not necessarily the optimal form).
State unemployment can go away. That's not recommended as part of my model; the simple fact is it's no longer necessary or useful, and can go away. Since I don't touch state taxes at all, any state reaching that conclusion after careful analysis can simply repeal their unemployment tax.
so they could convert obamacare to socialist single federal govt payer system.
Actually, the ACA as current puts a break in the market chain. Low-income individuals purchasing health insurance on the exchange are shielded from the cost by subsidy, and higher-income individuals... tend to have jobs that provide insurance, due to the full-time employee insurance mandate.
If the government went to a single-payer system and mandated employers provide insurance for all employees, two things would happen.
First, there'd be less underemployment, simply because hiring two 20-hour workers gets you two insurance costs instead of one, whereas today it gets you zero instead of one.
Second, consumers want low prices, employers want to compete and make a profit, and insurers want to compete and make a profit. Because of this, employers would seek lower health insurance premiums to help keep their prices at or below competitors's prices; insurers would seek low-cost deals with healthcare providers so as to keep premiums low and outcompete other insurers; and healthcare providers would try to negotiate for the highest price they can get, but also try to capture the big markets of millions of insured by each provider so as to maximize profits, thus reaching the market equilibrium via upwards and downwards price pressures.
With that robust market to set prices, the government could require insurers and healthcare providers to disclose their deals, giving a market benchmark from which the government can demand fair standards for the Single Payer Healthcare Plan. Taxpayer money expenditure would follow the behavior of the private market, tied to market forces rather than divided from those forces as is the case with the current ACA.
That's an association we don't currently have with the ACA exchange: premiums are covered with taxpayer money, yet the people spending that money don't appear to have a direct stake in how much money is spent. They want insurance and somebody else is going to pay for it. There isn't a mechanism to make sure that the "somebody else" is paying only what any free market player would pay. Plans on the exchange are expected to compete, but who can afford those plans if they don't have a job that supplies healthcare already? Those below the income requiring filing don't even have to report if they have insurance, so any ineligibility for subsidies at that level just means people go without insurance.
A single-payer system as such would be a better free-market system.
The Senate is sluggish to vote on the AHCA. Obamacare is Obamacare, and Obama is evil. If you repeal the evil Obamacare and suddenly have a recession and terrible access to healthcare, you prove that Obama was sent by God to fix America and should definitely be crowned Emperor but we can't. It would be fatal for the Republicans, at least for about 20 years. Maybe they should have thought about that before campaigning so hard they had to label it with Obama's name.
by the way, that's coming in a few months. I'm thinking circa Jan 2018 give or take 4 months, but it's easier to see when we're heading toward one instead of away from the last one than it is to pinpoint the exact date the economy will start shitting itself. It is, however, damned easy to see the economy start shitting itself well before anyone notices. It hasn't started yet; the last one ended almost two years ago. We're in the lull.
So you're saying that if you can eliminate an expense (tax) for free (i.e. without it being a tradeoff that comes with a downside) then it's all upside. I don't think any person would argue against you on that.
Perhaps not; I was more trying to claim that policy is a form of technology, and policy that's more-efficient is high technology. If you dictate a welfare system that does exactly the same thing but costs less, that's technology. I imagine many people wouldn't like the stretch, although people who understand manufacturing (re: cellular manufacture, assembly lines) would probably think long and hard before opening their mouths to say anything in response because they're used to "technology" involving better processes instead of just better tools.
You solved one of the hardest government policy problems of the modern world? I'd think a polymath would want to expand on that, even if just for the bragging rights.
It wasn't a hard problem. You want to see hard, try working out the politics. I guess I can walk through it instead of just dumping "Do X and it works, trust me," but it's long and boring. Seriously, I don't have a spreadsheet; I have an enormous pile of spreadsheets.
So, let's talk about some current welfare problems.
SNAP and WIC don't always provide for everyone who needs assistance. These are, however, some of our most-successful programs, along with OASDI and Medicare/Medicaid.
TANF and unemployment are basically playing a juggling game. There are fewer jobs than jobseekers, and the time restrictions (6 months unemployment, 2 years TANF) essentially mean we provide the same amount of welfare regardless (in theory) so long as everyone way down at the bottom takes turns having a job. We aren't a Communist state, so we don't pick out the unemployed and dictate whose turn it is; if you're unlucky enough to be in the wrong locale, you might be unemployed for 2-3 years in a recession. It's pretty common to be unemployed for 8 months or so.
75% of qualified HUD housing assistance applicants go on a waiting list and never receive benefits. They become ineligible by some mechanism by the time HUD gets them on the benefits schedule. Some households are on HUD waiting lists as long as seven years with no aid, at all. HUD pays up to the lesser of 1/3 of your monthly rent or 1/3 of your monthly income, so it's worse the worse-off you are.
At the same time, our welfare system has one major success: abuse. Our welfare system shows a significant amount of inappropriate disbursal of benefits, and nearly 100% of that is in the bureaucracy. That is to say: our welfare programs are broken in such a way that many applicants clearly are poor and need aid, but somehow don't technically qualify... and then their caseworker nudges their application a tiny bit over into the "approved" pile. The biggest source of abuse is doctors claiming things in medicaid that the bureaucracy later reviews and suggests were probably not necessary--bean counters disagree with the doctors about necessary medical care. Outright fraud is almost non-existent, thanks to an aggressive and highly-effective office of inspector general.
So, bad at getting benefits out to the needy, good at keeping people from bullshitting their way to benefits.
Welfare models are notoriously... discretionary. It's pretty easy to make a welfare model say anything you want by picking and choosing your cases. Some of the most-egregious claim that a single mother in Wisconsin can get $35,000/year in benefits. A deep examination of this assertion suggests maybe 200 Wisconsinites are actually getting that; that's not the issue.
Of that $35,000, around $15,000 are state-funded benefits. The analysis includes some $5,000 of Federal tax breaks. Education benefits (Pell Grants) is included. Medicaid actually wasn't included in that claim, last
Actually what we really need is a president that will try to remain impartial to the party and try to find a fine balance between socialism and capitalism.
A strong grasp of economics would help with that. If you don't understand the domain at all, how do you deal with people telling you things? Just nod and say, "... so what do I do?"
The United States is a Social Democracy. That means we operate within a capitalist framework, and intervene to promote social justice.
The Universal Social Security I designed fits with this framework: its ultimate, but ultimately tangential, goal is to provide people with no job and no income the means to survive through a mechanism of making them a profits source upon which the supply market can capitalize. They won't live well, and any employment (and attached wage) will greatly increase their standard-of-living, leading to the mechanism of economization: people economize--they seek to maximize their ends while minimizing the expenditure of means.
Rather than a welfare trap (getting a job means losing some of your income while expending labor for replacement income), Americans would have a more-direct causal relationship between expending means (labor) to gain ends (income, which is more means in this case, leading to a greater standard of living i.e. ends). The risk of losing your welfare and then being subsequently denied for new welfare is reduced, as the scope of welfare services replaced by the social security benefit no longer carries said risks.
Again: that reduces the total tax burden on every single American, on every business, entirely.
People with no grasp of economics shout "socialism!" at anything that looks like it involves government and money. You also have failures like the two large blights on the ACA: businesses are mandated only to supply healthcare to full-time employees, and people buy their health insurance with a subsidy on the exchange. That puts two huge breaks in the market, disrupting the effects of market capitalism in destructive ways.
A mandate that all employees must supply healthcare would reduce underemployment by discouraging part-time work; a mandate to supply it to only full-time employees encourages businesses to cut hours and hire more workers. The mandate in place cause a spread of poverty by spreading underemployment, the taproot of unemployment and of poverty itself.
Meanwhile, the exchange system creates breaks in the market. An employer wants to outcompete his competition, and so wants to minimize excess costs so as to avoid inflating his prices. Health insurance providers want to outcompete the competition, and so want to minimize their costs so that employers negotiate large group benefits accounts with them. Healthcare providers are pressured by health insurance providers to negotiate the slimmest margins they'll tolerate, because the insurer represents millions of customers bringing tiny bits of profit that all add up. A single-payer system can benchmark this and use the negotiated rates as a fair standard, piggybacking on the market effect to imitate a market interest which has to compete; whereas the exchange system with subsidies doesn't do this, and so exchange plans aren't put under that kind of pressure, and can get easy taxpayer money.
Single-payer with an absolute employer benefit mandate enforces all the benefits of market capitalism. What we have now starts to amplify the negative effects of socialism. Frequently, when I explain this to raving conservatives, they start to look at the ACA and consider if it could use a little tweaking instead of a solid repeal.
We handle that by having staff and committees. Politicians tend to become de-facto experts in certain areas of interest by forming committees, to which they attach themselves, to investigate issues. They have staff with knowledge beyond their own to help inform them and explain shit. This gets you diversity in local governments (city council) and in Congress.
The President is a diplomat, and has an enormous impact on what Congress can achieve. He needs to know what efforts to support and what to hinder, and how to speak to the nation about these things. That means he needs to be less of a policymaker and more of the guy who comforts us in times of crisis, tells us why it will be okay, and speaks loudly on important topics so that we pressure Congress to work for our interests. Most of that is economics, because the things that terrify our citizens range largely through high unemployment, financial instability, and poverty. Even war brings little more than the concern of the upheaval of your livelihood--hence why we generally see politicians comfort the nation about the threat of war by waging the war way the hell over there where we don't have to experience it, and why people freaked out about the prospect of a draft when GWBush was in office.
Payroll costs include benefits (~39.1%? I hear numbers ranging from 18% to 65%), OASDI (6.2%), Hospital Insurance (0.2%, 2% for higher incomes), and a few other things, plus wages. Barely more than half of the cost of employing a full-time worker is wages.
I got some good drugs and want to do this soon (CompSci, Math, Economics), but I'm still not sleeping consistently. If I do begin sleeping consistently, I tend to burn myself out--it's a habitual thing, or maybe an addiction, I can't tell. Psychosis is weird; the drug I'm on acts like an atypical antipsychotic due to high norepinephrine load in the prefrontal cortex agonizing D2 (the psychiatrists don't know this--yet), and so I'm trying to get the dose lowered just a touch because the unadulterated real world is... uh... really, really boring. The pattern looks like addiction from my end.
Being able to sleep is better, though. I spent 15 years on nothing and the last 4 were a slow decay into severe insomnia; sleep is critical. I'll get used to the world being too... real... eventually, if I must. Then I can finally accomplish things. A touch of something way weaker than Wellbutrin will at least set the motivation without triggering some kind of twisted euphoria bullshit I don't need.
Nothing can stop me now. I have no friends and way more free time than anyone else around me. This is really going to happen.
Slashdot Mirror
You haven't paid attention to the average income of Mac owners vs. Windows or Linux users, have you? Stealing THEIR (Mac owners' identities has GOT to be more efficient, profit-wise, than wading through an entire PLANET-ful of sad, broke Windows owners)
Let's be real here: 60 million MacOSX users worldwide vs 1,500 million Windows users. Big businesses have sensitive data you can get to via Windows exploits. We're talking about 1 MacOSX user for every 25 Windows users in the naive case, and that's an inflated comparison.
So $80k vs $50k? Even if Windows users made, on average, minimum wage ($16,500), MacOSX users would need an average income of $412,500 to be worth it. That ignores the value of ransoming big businesses, the high-speed spread across the Windows monoculture (MacOSX malware would have to find another OSX machine, so would spread slowly across the broad installation base due to target dilution), and the fact that OSX users are poor because they already spent all their income on Apple bullshit.
So how can your non-admin coworker snoop on your traffic if there's a self-signed cert being used? Are you sure you understand the word "equivalent"?
Well, to be able to snoop on traffic, you have to be connected to a switched segment through which that traffic is passing. That is to say: you're plugged into the same switch through which the traffic is passing. There are some technical nuances here: if you're on the same switch but different VLAN, then the switch won't switch packets from one VLAN to the next; and if you're on a router with the same subnet on multiple ports (it happens), then it's acting as a switch spanning those ports, kind of. The point is the next device could be on the port you're plugged into.
So with a switched network, the router writes the MAC address for the next device on the frame, and the switches send it directly there. That means you can't snoop because you're on a switch; but that's okay, because switches and routers don't know all that shit by magic. You start advertising that you have the MAC address of the next device (either the next router or the endpoint, depending on what's immediately next) and get yourself put into the router's ARP table. Now you're 10.200.100.55, but the router will send packets for 10.200.100.40 to you.
Here's the best part: you can then resend those packets, altered or not, by changing the MAC in the frame header. They magically go to the correct place (the switch only looks at the MAC address, and sends the packet there; the endpoint accepts the frame because it's targeting its MAC address, and checks the IP etc. as relevant to it).
You don't need to do all that shit if you're using hubs, but you can. So, in any case that you can listen to a transmission, you can alter it. (Caveat: doesn't work if you're using a passive network tap, since it has no write lines to talk back.)
With a self-signed certificate, all you have to do is generate a self-signed certificate with the same parameters so it looks the same to the user. The warning box pops up, because it always does; it says all the right stuff to the user, except for a hex fingerprint of the certificate (SHA2 hash) which nobody memorizes; and the user has no idea you're intercepting, reading, and even altering his traffic!
like boolean algebra, implementations of logic gates and how to arrange those to create things like memory and a CPU.
"How to physically build a CPU out of gates" isn't an even lower-level of cruft than "how CPU architecture works".
If you knew what you're talking about, you would have mentioned way different things.
Operating systems do surprisingly-few things. They basically manage hardware and program execution. Hardware includes I/O hardware; program execution relies on loading the program, setting up its memory space, scheduling, and supplying all the functionality you get through syscalls these days. We can enumerate these upwards and downwards all day, and start a holy war over whether glibc's mmap()ing of shared objects counts as "the operating system" or not (Linux in particular doesn't actually handle shared objects at the kernel level; it does have an ELF executable loader, although it loads and executes glibc or the specified interpreter instead of the main executable when it loads any dynamically-linked ELF main binary). Hell, we could dig up old BSD mailing list posts and measure how many people think X11 is part of the OS or not. It doesn't matter.
I do not have a detailed understanding of the physics that makes transistors work
I'm pretty sure nobody does. Like, we know how transistors work, but then we get into electromagnetic theory and it's basically a bunch of Hawkings arguing over things none of them will actually claim to understand.
I have a couple dozen patches against
I've been hoping for a Raspberry-Pi-like thing including a Snapdragon 850 with 8GB RAM. The Snapdragon 850 is ~$45, although some volume discounters have gotten it for $25-$30. That's 2.45GHz ARMv8-A with GPU, DSP, and 802.11a/b/g/n.
That's a nice place to start. With 8GB RAM and that much CPU, plus an M.2 or mSATA port, plus a SATA controller with 4 ports, you can actually build something like a viable FreeNAS box. You'll need a secondary PSU to drive hard disks; an SSD draws up to 5 watts, which is 1 amp at 5V or 42mA at 120V. USB 3.0 supplies only up to 1.5A at 5V at charging downstream, although the USB Power Delivery Revision specifies 20V at 5A or a maximum 100W.
The Pi 2 used up to 6.25 watts, and the Pi 3 uses up to 3.7 watts at peak; those Snapdragon 800-series can pull 8-10 watts at full load. That means 2A off a 5V USB or 0.5A off the 20V high-speed power delivery revision. Alternately, the engineers can just stick a DC power supply on there, and you use a wall wart that can give 12V at 5 amps or about 60W.
So the Pi is already based on a SOC. We're looking at a $45 SOC plus a $12 SATA controller. The PSU to carry all this power will cost you $5. That's up to $62 on top of the Pi 3 (at $40), but their SOC costs $25; you're looking at a $77 board.
With a 60W carry capacity, you can run a 5W M.2 main disk and four 5W Samsung 850 EVO 1TB SSDs all pulling peak at 25W, leaving 35W to run everything else.
Now you have a peak-power-usage of about 45W-50W for a NAS. Thing is those drives usually run 0.030W, maybe up to 1.5W during brief operations; and the CPU consumes approximately nothing when idle. You're going to average under 10W, under 88kWh/year.
It won't run your enterprise VMWare server farm. That's not to say you can't use this thing for 10Gbit/s iSCSI to a pretty active Web server (primarily reading!) or even a desktop OS, both of which would cache most reads. You can serve an NFS/SMB file share to hold your movies and music. Hell, in the enterprise, this could be your Gitlab and Owncloud server.
That's what I'm waiting for: getting the hard drives out of my desktop PC, getting the music collection off one PC or another, getting my non-cloud files somewhere that doesn't rely on a machine whirring loudly and chugging 50W just to idle. They're thinking too small with these boards.
but I got a hearty laugh out of this.
I know, right? There are entire chapters in books about Linux administration focused on managing ssh keys across your network. That's what the state-of-the-art looks like.
It's ridiculous.
I do understand, now, why you prefer running a blackbox toy like windows, as well as why you failed to use free software.
I'm actually a system engineer specialized in developing and deploying solutions with Linux operating systems and software in mixed environments, and have only a passing knowledge of Windows after taking the requisite training in managing Windows domains, Windows networks, and Windows security. My administration competency on Windows is... lacking, to say the least. With Linux systems, I frequently need to correct the work of long-senior engineers and educate them a bit on how the frigging thing works.
it wouldn't hurt to try and pick up a few basics about how computers, networks and operating systems work.
I'm not a networking engineer, and so can't get too deep into architecture, routing hardware, or protocol specifics. My expertise in that area only goes as far as understanding how TCP/IP routing works, mainly because some level of slight depth at that layer is required when I have to explain why self-signed certificates are equivalent to not using TLS at all on a corporate LAN. It also saves me the embarrassment of being that guy who wants to know if we can validate the MAC address of a device on the other side of a router (routing basically works by setting the MAC address in the frame to the next router's MAC address; gateway IPs are only used to do an ARP look-up on the nearest router).
There are no "basics about computers". Never ask anyone how a computer works. If you want to know how a computer actually works, you need to understand Von Neumann architecture, MESI and related cache coherency protocols, memory controllers, page table indirection, and other shit that happens at the CPU and MMU level. There are some wonderful discussions about getting exclusively read-and-execute (not writable) pages on i386 by marking non-writable pages as SUPERVISOR and then forcing a translation lookaside buffer cache load on read or execute (it's the same permission on i386 without PAE and the NX extension). I suspect you meant something like "operating system basics" or "microcomputing applications basics", although conjecturing someone's meaning is hazardous.
Still, I did almost have a secretarial degree from learning office administration applications front-to-back as part of my curriculum, so I sort of have the flow; and, again, I did study system administration for Microsoft systems enough to get a bit more than halfway to an MCSE, although I'm only slightly-competent there and mostly a Linux administrator. The whole system engineering thing stems from there: rather than ask me to configure servers, people started asking me to solve business problems by identifying what software, hardware, and integration we needed to meet a need.
As for how operating systems work, what part would you like to know? Would a discussion of the basics of memory management, spanning from lazy allocation, COW pages, and swapping interest you? What about a discussion of the various types of priority-based preemptive scheduling algorithms? We could extend a bit down into full software stack architecture from applications to middleware (Java, CLR) to the operating system, and even go on about nested page tables and modern virtualization. All of the modern exploit mitigation systems are fascinating, by the way, notably modified compiler toolchains for buffer overflow protection without breaking the ABI; operating system memory management techniques such as address space layout randomization to inflict probability of failure on exploits; and modifications to core libraries to provide protection from misuse of allocated memory.
and yet it's still not much of an attack surface (not all over the net) or a big target (not a lot of payoff). It gets its ass raped at Pwn2Own and had one dude releasing a brand new exploit every day in OSX operating system components for a while, but nobody really cares.
The point is that saying Windows was built with security in mind and Unix had it bolted on is ... backwards. Windows was built like shit and came to this point through sweat, blood, terrible management politics, and enormous shifts in corporate strategy; Unix was designed in the 1970s to not have those basic problems from which UAC and such had to drag Windows and its application space away kicking and screaming.
XP was the first NT system most people actually used across all their workstations. It also lived for like ten years. We came into XP with the giant, festering rot of the legacy of Windows 98, and it didn't go away. That's where the bolt-on security really got started: XP as the direct successor to Windows 98 (ME was an abortion and never gained wide market adoption).
Has he been accused of being the stupidest person on earth yet?
You're going to pay for all this battery, and pay for the grid in case you run out of battery? ... why not just stay hooked up to the grid? It's cheaper than having both.
The whole battery back-up idea is dumb anyway. There's a lot of waste, and you need to overbuild a hell of a lot. Staying connected lets you shuffle your excess off to where there's demand (probably right next door, or down the street), size your system to average load, and not handle expensive back-up systems on-site.
It would cost me more during off-peak hours for electricity than it does for the flat-rate all-renewable option. I pay the same electricity charge 24/7, and charge my EV during the day because I plug it in when I get home.
Coal is actually more-expensive than solar at this point. The range of costs to build and operate the facilities has overlapped for years, in favor of coal (some coal plants would have been cheaper than any possible solar plant per generation capacity); however, solar and wind power have hit parity, and slightly passed it.
It's battery masturbation.
Battery storage is stupid. You get a solar thing on your roof, you generate excess power, you waste 10% of it in batteries. You also have to periodically replace the batteries, which wastes additional power over that lost to heat in charging.
If you stay connected to the grid, then you have to pay a $7/month customer fee (this is why I want to switch to all-electric: $13/month gas and $7/month electric just to be hooked up? Fuck that, drop the $13 fee).
They charge you based on your balance at the end of a billing period. If you pull 1,000kWh off the grid but push back 800kWh, you get charged for 200kWh. That means you pay utility rate, transmission fees, and all kinds of taxes on that shit. For me, that's 8.79 cents all-renewable electricity, 15 cents in total.
If your balance is negative, then they pay you the utility rate. That means displacing electricity has an ROI of 15 cents for me, but over-generating has an ROI of 8.79 cents. Thus if I use about 400kWh/month, I want a big enough solar installation to push about 400kWh/month down, and no more.
That $7/month would pay for a Tesla PowerWall battery in 37 years, although the PowerWall won't last that long. It also allows me to handle the whole year without excess battery I'm never going to use: I might consume 900kWh some months and 450kWh other months, and so I need to be able to generate 900kWh at all times. I can't store all of that across the low-consumption months! That generation capacity goes to waste, or I pay for batteries to store shitloads of power and don't install as much solar--and the batteries are more-expensive and will entail even more waste energy in the charge-discharge cycle!
Over-generation with a grid connection means I get paid 8.79 cents (my utility rate is actually 9.34 cents; my full-renewable option is third-party, and cheaper!) for anything I don't call back. When I over-generate, the electricity goes up the pole, transmits across to the nearest houses, and comes back down the pole: the amount of electricity flowing to my transformer from the grid is reduced, and the total amount of electricity being pulled from generation facilities down through the grid is reduced.
That's damned efficient.
People have this fetish for batteries and this idea about doing a bunch of fragmented, unconsolidated, lossy work to somehow stick it to "The Man". The problem is breaking away like that puts you at-risk and costs you more money. Staying grid connected lets everyone who generates excess power reduce their costs, while reducing the cost of maintaining the larger grid as a whole. Even on a tiny townhouse with a 45x15 roof, I can fit an array big enough to charge a PHEV (12kWh) every day, run a heat pump, and run my entire house; using the grid to level out my generation is a hell of a lot better than batteries, and far cheaper.
Yep, it's hard to replicate such a complete POS infrastructure. Your mind is locked into the Windows world. This is like saying "Have you ever driven a car, with a steering wheel, seatbelts and all -- now try to replicate *that* on a motorcycle
I've used Puppet and Docker. I've managed SSH keys. I've integrated with LDAP.
The fact of the matter is all of this shit is greatly immature compared to a Windows enterprise environment. Patch management across an enterprise, security policy management across an enterprise, and system configuration management across an enterprise with a wide installation base of Linux servers and workstations takes a shitload more labor (thus cost) and is less-reliable and less-auditable than a Windows enterprise network.
You offer up some hyperbole, but no suggestions otherwise.
By the by, I drive a PHEV (2013 Volt) and a motorcycle (2006 EX-500). Replicating some of the stuff in cars on a motorcycle is difficult: small motorcycles have historically had trouble keeping enough battery power and enough sheer space to include things like fuel pumps and EFI, so they've been stuck with antiquated fuel systems like gravity-feed carburetors. This is changing as systems become lower-power and more-miniaturized, and even the modern Kawasaki Ninja 300 has EFI and ABS. Ginormous, heavy motorcycles have had all the luxury stuff like built-in stereo, ABS, EFI, and so forth for years now.
That means the engines in motorcycles haven't been getting the power-to-weight ratio that a car engine has up until now; and they've belched out worse emissions, to the point we don't even emissions-test them. Motorcycles don't even have a standardized diagnostic system like OBD2--it's not that there's a different kind of system, but rather that there's nothing at all like OBD2 but designed for motorcycles instead of cars (which, honestly, would just be OBD2 with a Motorcycle codex extension). If your new fuel-injected, highly-complex motorcycle engine goes out of whack, good luck troubleshooting it; they're almost like car engines now, and you can't pull codes to guess what might be wrong with them. At least those little 300cc bikes get a lot more power-to-weight than a carbureted model would--per the weight of the engine and the weight of the bike.
Even your analogy fails.
What the feds could do...is let everyone open a liberally funded HSA, one that is NOT use it or lose it (like a FSA)....that each person could fund pre-tax...and use for their routine medical needs.
Agreed. At the current rates (about $3,750 individual, $7,000 family), an HSA is a reasonable vehicle for improving our healthcare system. Currently, HSA is an IRA that you can spend on medical, with no income restrictions and with no taxation on disbursement for medical (no penalty and no taxes taken); this means you can fund $18,000 into your 401(k) and $7,000 into your HSA regardless of income, or fund $5,000 into a traditional IRA (and $0 in a 401(k)) and $7,000 into HSA regardless of income. The IRA is useless except for retirement, while the HSA allows you to withdraw from it just like a traditional IRA at retirement and lets you invest just like a traditional IRA.
I have argued before that we should make HSA an option in all cases, mutually-exclusive of FSA. FSA allows you and your employer to mutually put money at-risk: the employer fully-funds your FSA at the beginning of the year, and so you get to spend that in full even if you leave in three months; as you get paid, your employer deducts from your paycheck to cover the FSA. That means your employer fronts the money and doesn't get paid back for some of it in the year you're terminated; and you pay back that money, but don't receive it if you carry a balance larger than the $500 roll-over. FSA works out well if you don't have current savings to hedge against a short-term medical expense.
FSA and HSA are both tax-exempt. For those of us who would rather take the risk upon ourselves, an HSA is clearly-better. It would make sense to abolish the Traditional IRA, instead unifying it to the Health Savings and Retirement Account. An HSA not used for medical expenses is a traditional IRA; and an HSA is not mutually-exclusive with a 401(k), whereas any employer retirement account reduces and eventually eliminates tax deferral for Traditional IRA deposits if your income is above a certain IRS-published maximum. Because you can put way more into 401(k) than IRA, depositing into IRA and HSA in the same year makes little sense; thus we should replace the Traditional IRA with the HSRA.
Then, they buy individually what used to be called "Major medical"...real insurance that was for catastrophic needs.
We have that now. The problem is the premiums are often some $200/month, and then you need to front 20% of the money after a $1,500 deductible per incident up to a $4,500/year out-of-pocket maximum (all out-of-pocket expenses included--regular medical plans exclude deductibles from out-of-pocket maximums). That means you need to keep at least $9,000 on-hand in case you have multiple major claims in December and January, plus you need to pay $2,400 (or more!) per year just to have coverage.
In other words: Full medical costs a minimum of $2,400/year (if you have zero medical expenses) and a maximum of $6,700/year. Covering for it reliably requires having about $9,000 on-hand at any one time. Without a prescription plan, my drugs would actually cost $8,400/year.
Regular insurance takes the gap between these (that $4,500) and spreads it across the insured. So maybe your premiums are $350/month and your medical costs $4,200/year. Maintenance drugs tend to impact this pretty heavily, although it's hit-or-miss: Eszopiclone (please no) costs $16/month out-of-pocket with no insurance, while my $700/month Atomoxetine HCl (Teva-Barr generic, baby! Nice and cheap!) costs $35 for 180 pill supply on a 3-month BID. Some drugs are hard to make, tactically-relevant to the military, or procedurally-complex due to regulation, and so cost a lot. There are $100/month generic non-controlled substances that have 37-step synthesis processes; there's a really easy-to-synthesize drug that's $224/3month (I've been on it) because the military
OSX is riddled with tons of security holes due to really bad programming.
Unix was designed with security in mind, hence why it had a functional DAC system which extended quite well to ACL (although the standard for ACLs was rescinded; Linux implements it anyway), and took Capabilities-based security equally-well.
Windows, on the other hand, was designed with no filesystem access control and didn't even segment userspace and kernelspace contexts, so any program could write to RAM above 3GB and mess with kernel memory. Windows NT brought a DAC on NTFS, proper memory segmentation, and ... ... a lot of legacy applications which wanted to write to protected system locations, so needed administrator access.
With Windows, it was so bad that XP in its 10-year lifetime was not only run as Administrator by default, but also allowed you to run programs in "Compatibility Mode" where they ran with administrative privileges. A lot of programs wrote their configuration to C:\Program Files\MyApplication\, unlike in a Unix system where you could pretty much write to $HOME or /tmp and so all applications were designed to write to locations not requiring administrative privileges.
It was so bad that XP got security features like a DLL cache that undid writes to C:\Windows\System32\ files--except you could delete the DLL cache or overwrite the file there, and it would propagate. They figured malware wouldn't be able to alter System32 because they'd undo any changes there that didn't go through the proper channels.
Windows 7 and, especially, Windows 10 are pretty air-tight. Linux and Windows have stack exploitation protection built into the compiler; they separate writable and executable RAM; they use address space layout randomization. A whole host of effective exploit mitigation technologies have gone into both.
There's a persistent myth that chroot() is a security tool on Unix. It's not. BSD jail() is a tightened chroot() because root can escape chroot() otherwise; and Linux has container groups, which Docker leverages to do its stuff, effectively isolating things the same way Virtuozzo and other OS-level virtualization softwares did. Nobody ever said Unix wasn't designed from the ground-up with security in mind (although they made some pretty bad blunders--re: finger); they did say chroot() wasn't a security tool, but nobody listened.
You're baffled by Windows. Let's see you set up a corporate network with active directory domains using an all-Microsoft environment, complete with patch management, group policy, and the like. Then replicate that in linux.
You can't.
I run DevOps software on Linux. We develop stuff here, we deploy it, we run it in Docker containers, we put it on Linux. I got Linux to connect to the Active Directory domain via Samba--it's rickety, fickle, and hard to debug, as well as basically-independent because it doesn't do any of the actual active directory stuff. You can't push configurations down through Samba. Samba isn't Puppet.
I've been fighting that battle for 10 years. I tell people we need robust, integrated enterprise network and configuration management like a Microsoft Domain; they tell me nobody wants that, and that Samba can already provide single sign-on. The freaking Social Security Administration investigated replacing much of their workstation deployments with Linux and deemed it unacceptable because you can't do anything like SCCM or GPO. Oh, you can now, if you want to develop Puppet or Chef modules in-house, with no standards to work from.
The operational risk of running Linux, the sheer cost of administrating and securing a giant network of dumb workstations, is just ridiculous. Your network will never be in a known state. This is an easy problem to fix, except the people who want it fixed are either unable to do it themselves (yeah I'm not any form of programmer you want writing production code) or able to get a better, faster result by just buying COTS like Microsoft Active Directory and SCCM.
Oh, and many business applications only run on Windows. That's not really a big deal today--not with O365 and all--and a mixed environment is acceptable if you can manage it sanely.
The Linux ecosystem is filled with people who manage isolated servers or somehow got LDAP working for single sign-on and think that's acceptable. There's a nebulous push for things like Puppet and Pulp, in its isolated world, learning no lessons from large enterprise deployments of Novell (in the past), Windows, and so forth. People think that some rickety, slap-dash work that's not even up Windows NT 3.51 standards is somehow ready to take over the world, except that the applications aren't ported to it; in reality, the applications are hardly a barrier at all, and the complete lack of support for wide enterprise deployments is the big killer.
Get some perspective.
Right. I'm only concerned with moving OASDI (6.2%); Medicare (HI) is also social security, and I'm not going anywhere near state services. Keeping OASDI running requires a 5.3% payroll tax in the short term (this shrinks over time), so it's a 0.9% marginal discount in payroll taxes.
I guess the 0.2% HI is on your paycheck. Unemployment taxes aren't on the paycheck.
And uh. The model I use actually counts total income taxes collecting including OASDI (even the payroll part) and measures Federal welfare et al out of that. I move the OASDI payroll into the paycheck income tax, then cut out the part of income taxes that represent Federal welfare. Unemployment is included in the part I cut out.
That has the odd implication that the 6% Federal unemployment tax stays on payroll, but has to be marked as just ... payroll tax, to the general fund. I never computed it out, anyway, so it doesn't alter my model; in practice, the CBO will need to figure out how to adjust tax brackets and payroll taxes to create a more-level progressive tax instead of the ugly bump we have now (which my rough model inherits because of how it's crudely calculated--it's intended to be correct and deployable, but not necessarily the optimal form).
State unemployment can go away. That's not recommended as part of my model; the simple fact is it's no longer necessary or useful, and can go away. Since I don't touch state taxes at all, any state reaching that conclusion after careful analysis can simply repeal their unemployment tax.
so they could convert obamacare to socialist single federal govt payer system.
Actually, the ACA as current puts a break in the market chain. Low-income individuals purchasing health insurance on the exchange are shielded from the cost by subsidy, and higher-income individuals ... tend to have jobs that provide insurance, due to the full-time employee insurance mandate.
If the government went to a single-payer system and mandated employers provide insurance for all employees, two things would happen.
First, there'd be less underemployment, simply because hiring two 20-hour workers gets you two insurance costs instead of one, whereas today it gets you zero instead of one.
Second, consumers want low prices, employers want to compete and make a profit, and insurers want to compete and make a profit. Because of this, employers would seek lower health insurance premiums to help keep their prices at or below competitors's prices; insurers would seek low-cost deals with healthcare providers so as to keep premiums low and outcompete other insurers; and healthcare providers would try to negotiate for the highest price they can get, but also try to capture the big markets of millions of insured by each provider so as to maximize profits, thus reaching the market equilibrium via upwards and downwards price pressures.
With that robust market to set prices, the government could require insurers and healthcare providers to disclose their deals, giving a market benchmark from which the government can demand fair standards for the Single Payer Healthcare Plan. Taxpayer money expenditure would follow the behavior of the private market, tied to market forces rather than divided from those forces as is the case with the current ACA.
That's an association we don't currently have with the ACA exchange: premiums are covered with taxpayer money, yet the people spending that money don't appear to have a direct stake in how much money is spent. They want insurance and somebody else is going to pay for it. There isn't a mechanism to make sure that the "somebody else" is paying only what any free market player would pay. Plans on the exchange are expected to compete, but who can afford those plans if they don't have a job that supplies healthcare already? Those below the income requiring filing don't even have to report if they have insurance, so any ineligibility for subsidies at that level just means people go without insurance.
A single-payer system as such would be a better free-market system.
Congress won't fix it so you can get into the U.S.? Microsoft knows what to do: Better call Saul.
The Senate is sluggish to vote on the AHCA. Obamacare is Obamacare, and Obama is evil. If you repeal the evil Obamacare and suddenly have a recession and terrible access to healthcare, you prove that Obama was sent by God to fix America and should definitely be crowned Emperor but we can't. It would be fatal for the Republicans, at least for about 20 years. Maybe they should have thought about that before campaigning so hard they had to label it with Obama's name.
by the way, that's coming in a few months. I'm thinking circa Jan 2018 give or take 4 months, but it's easier to see when we're heading toward one instead of away from the last one than it is to pinpoint the exact date the economy will start shitting itself. It is, however, damned easy to see the economy start shitting itself well before anyone notices. It hasn't started yet; the last one ended almost two years ago. We're in the lull.
So you're saying that if you can eliminate an expense (tax) for free (i.e. without it being a tradeoff that comes with a downside) then it's all upside. I don't think any person would argue against you on that.
Perhaps not; I was more trying to claim that policy is a form of technology, and policy that's more-efficient is high technology. If you dictate a welfare system that does exactly the same thing but costs less, that's technology. I imagine many people wouldn't like the stretch, although people who understand manufacturing (re: cellular manufacture, assembly lines) would probably think long and hard before opening their mouths to say anything in response because they're used to "technology" involving better processes instead of just better tools.
You solved one of the hardest government policy problems of the modern world? I'd think a polymath would want to expand on that, even if just for the bragging rights.
It wasn't a hard problem. You want to see hard, try working out the politics. I guess I can walk through it instead of just dumping "Do X and it works, trust me," but it's long and boring. Seriously, I don't have a spreadsheet; I have an enormous pile of spreadsheets.
So, let's talk about some current welfare problems.
SNAP and WIC don't always provide for everyone who needs assistance. These are, however, some of our most-successful programs, along with OASDI and Medicare/Medicaid.
TANF and unemployment are basically playing a juggling game. There are fewer jobs than jobseekers, and the time restrictions (6 months unemployment, 2 years TANF) essentially mean we provide the same amount of welfare regardless (in theory) so long as everyone way down at the bottom takes turns having a job. We aren't a Communist state, so we don't pick out the unemployed and dictate whose turn it is; if you're unlucky enough to be in the wrong locale, you might be unemployed for 2-3 years in a recession. It's pretty common to be unemployed for 8 months or so.
75% of qualified HUD housing assistance applicants go on a waiting list and never receive benefits. They become ineligible by some mechanism by the time HUD gets them on the benefits schedule. Some households are on HUD waiting lists as long as seven years with no aid, at all. HUD pays up to the lesser of 1/3 of your monthly rent or 1/3 of your monthly income, so it's worse the worse-off you are.
At the same time, our welfare system has one major success: abuse. Our welfare system shows a significant amount of inappropriate disbursal of benefits, and nearly 100% of that is in the bureaucracy. That is to say: our welfare programs are broken in such a way that many applicants clearly are poor and need aid, but somehow don't technically qualify... and then their caseworker nudges their application a tiny bit over into the "approved" pile. The biggest source of abuse is doctors claiming things in medicaid that the bureaucracy later reviews and suggests were probably not necessary--bean counters disagree with the doctors about necessary medical care. Outright fraud is almost non-existent, thanks to an aggressive and highly-effective office of inspector general.
So, bad at getting benefits out to the needy, good at keeping people from bullshitting their way to benefits.
Welfare models are notoriously ... discretionary. It's pretty easy to make a welfare model say anything you want by picking and choosing your cases. Some of the most-egregious claim that a single mother in Wisconsin can get $35,000/year in benefits. A deep examination of this assertion suggests maybe 200 Wisconsinites are actually getting that; that's not the issue.
Of that $35,000, around $15,000 are state-funded benefits. The analysis includes some $5,000 of Federal tax breaks. Education benefits (Pell Grants) is included. Medicaid actually wasn't included in that claim, last
Actually what we really need is a president that will try to remain impartial to the party and try to find a fine balance between socialism and capitalism.
A strong grasp of economics would help with that. If you don't understand the domain at all, how do you deal with people telling you things? Just nod and say, "... so what do I do?"
The United States is a Social Democracy. That means we operate within a capitalist framework, and intervene to promote social justice.
The Universal Social Security I designed fits with this framework: its ultimate, but ultimately tangential, goal is to provide people with no job and no income the means to survive through a mechanism of making them a profits source upon which the supply market can capitalize. They won't live well, and any employment (and attached wage) will greatly increase their standard-of-living, leading to the mechanism of economization: people economize--they seek to maximize their ends while minimizing the expenditure of means.
Rather than a welfare trap (getting a job means losing some of your income while expending labor for replacement income), Americans would have a more-direct causal relationship between expending means (labor) to gain ends (income, which is more means in this case, leading to a greater standard of living i.e. ends). The risk of losing your welfare and then being subsequently denied for new welfare is reduced, as the scope of welfare services replaced by the social security benefit no longer carries said risks.
Again: that reduces the total tax burden on every single American, on every business, entirely.
People with no grasp of economics shout "socialism!" at anything that looks like it involves government and money. You also have failures like the two large blights on the ACA: businesses are mandated only to supply healthcare to full-time employees, and people buy their health insurance with a subsidy on the exchange. That puts two huge breaks in the market, disrupting the effects of market capitalism in destructive ways.
A mandate that all employees must supply healthcare would reduce underemployment by discouraging part-time work; a mandate to supply it to only full-time employees encourages businesses to cut hours and hire more workers. The mandate in place cause a spread of poverty by spreading underemployment, the taproot of unemployment and of poverty itself.
Meanwhile, the exchange system creates breaks in the market. An employer wants to outcompete his competition, and so wants to minimize excess costs so as to avoid inflating his prices. Health insurance providers want to outcompete the competition, and so want to minimize their costs so that employers negotiate large group benefits accounts with them. Healthcare providers are pressured by health insurance providers to negotiate the slimmest margins they'll tolerate, because the insurer represents millions of customers bringing tiny bits of profit that all add up. A single-payer system can benchmark this and use the negotiated rates as a fair standard, piggybacking on the market effect to imitate a market interest which has to compete; whereas the exchange system with subsidies doesn't do this, and so exchange plans aren't put under that kind of pressure, and can get easy taxpayer money.
Single-payer with an absolute employer benefit mandate enforces all the benefits of market capitalism. What we have now starts to amplify the negative effects of socialism. Frequently, when I explain this to raving conservatives, they start to look at the ACA and consider if it could use a little tweaking instead of a solid repeal.
We handle that by having staff and committees. Politicians tend to become de-facto experts in certain areas of interest by forming committees, to which they attach themselves, to investigate issues. They have staff with knowledge beyond their own to help inform them and explain shit. This gets you diversity in local governments (city council) and in Congress.
The President is a diplomat, and has an enormous impact on what Congress can achieve. He needs to know what efforts to support and what to hinder, and how to speak to the nation about these things. That means he needs to be less of a policymaker and more of the guy who comforts us in times of crisis, tells us why it will be okay, and speaks loudly on important topics so that we pressure Congress to work for our interests. Most of that is economics, because the things that terrify our citizens range largely through high unemployment, financial instability, and poverty. Even war brings little more than the concern of the upheaval of your livelihood--hence why we generally see politicians comfort the nation about the threat of war by waging the war way the hell over there where we don't have to experience it, and why people freaked out about the prospect of a draft when GWBush was in office.
Payroll costs include benefits (~39.1%? I hear numbers ranging from 18% to 65%), OASDI (6.2%), Hospital Insurance (0.2%, 2% for higher incomes), and a few other things, plus wages. Barely more than half of the cost of employing a full-time worker is wages.
I got some good drugs and want to do this soon (CompSci, Math, Economics), but I'm still not sleeping consistently. If I do begin sleeping consistently, I tend to burn myself out--it's a habitual thing, or maybe an addiction, I can't tell. Psychosis is weird; the drug I'm on acts like an atypical antipsychotic due to high norepinephrine load in the prefrontal cortex agonizing D2 (the psychiatrists don't know this--yet), and so I'm trying to get the dose lowered just a touch because the unadulterated real world is... uh... really, really boring. The pattern looks like addiction from my end.
Being able to sleep is better, though. I spent 15 years on nothing and the last 4 were a slow decay into severe insomnia; sleep is critical. I'll get used to the world being too... real... eventually, if I must. Then I can finally accomplish things. A touch of something way weaker than Wellbutrin will at least set the motivation without triggering some kind of twisted euphoria bullshit I don't need.
Nothing can stop me now. I have no friends and way more free time than anyone else around me. This is really going to happen.
How do you know they're your top developers?
Functional managers write PRDs and interview candidates. HR gets the paperwork later.