.. is not the same as mounting an attack like "we can use MS Office to collect all stored passwords from all browsers and send them to us. And to spawn a keylogger".
Until MS integrated MS Office activities with your web browser and hooks in a key monitor for better grammar/spelling prediction--ie, bad design decisions that circumvent what should be necessary. Or your company starts using some software that reads from a database and the IT people just turn everything on (defeating the sandbox entirely). Or an exploit is found to bypass the sandbox. In any case, yes, such would likely be a lot more difficult. But, then, most exploits aren't interested in "collect all stored passwords from all browsers", anyways. Attacking MS Office is most likely to attack MS Office documents. So, the sandbox may be of little use even if it fully functions.
The MS Office should have no business accessing the sensible data of other applications or their memory space for that matter. I don't believe that the fact that Windows allows everything to stick its head where it does not belong is really an unsolvable problem.
Per se, no. Realistically, exploits keep being found which mean even good architecture design would still be having these sorts of problems--neither DEP nor architecture design is a panacea. Further, actually managing to sensitive data in a system (or, really, network) is a full-time job, and then you're beholden to IT Admins to do their job well. Even presuming they do their job well (and don't go rogue), their activities are almost invariably going to cause lots of strife from most office workers who are delayed or totally stopped from doing innocuous activities because some program or function demands greater authority than it really should and they have to deal with the issue (possibly with a test system to verify that it's okay). Yea, this won't be a daily thing, but it'll be enough that most people will try to bypass the draconian IT department and undo all the sandboxing.
The final point, probably, is that as much as plenty of people have looked into the problem and don't think it's unsolvable, things like sandboxing and least privilege have been recommended more as stop-gaps than any sort of actual solution. Depending on architecture designs, exploits that attack a specific security feature may require little to no rewriting between exploits and there may be little to nothing that can be done to fix the hole short of a significant rewrite of the architecture (perhaps breaking backwards compatibility)--which would likely include a year or two of R&D to make sure the new approach covers all the old problems and tries to fix the new ones. I don't see that happening anywhere. Or, more precisely, the only places I see that happening are in research OSs that are stuck in the R&D phase and don't have fully workable systems with a wide assortment of applications.
So, while I agree with you at some level that more work should be done to try to resolve these issues, I don't think we have actually fundamentally solved the problem at even a theoretical level. Honestly, I'm not even sure we're at the point of making a full cogent statement of the problem to really even begin to seriously address forming a solution.
Tldr. But your idea that a tiff could take over a well designed sandbox is ridiculous.
Perhaps you should have read it? The whole issue is that the TIFF was not well designed. So, why would you presume the sandbox is "well designed"? That just sounds like weasel words if ever the sandbox was compromised.
There isn't any reason a tiff library should be able to modify executable code. All the sandbox needs to do for this exploit (and most others) is mark all executable pages as read only.
Uh, no. As noted, In order to achieve code execution, the exploit combines multiple techniques to bypass DEP and ASLR protections. DEP is the "mark all executable pages as read-only". Perhaps you're not familiar with return to libc or other similar attacks? Honestly, if DEP was all it took, we wouldn't be seeing vulnerabilities (beyond DoS) in almost all programs on Windows after 2004 when Software/Hardware DEP was added.
PS - IE has for a long time run in a sandbox on Vista/7/etc systems. So, uh, no vulnerabilities there, right?
Instead of keeping track of million of apps that are evil, why not just apply some least privilege principles and sandboxing already so that we can run an application without granting it access to all our resources?
Probably because it won't help? As the xkcd comic demonstrates, once you've gained access to the sandbox, it makes little difference in most cases that you're unable to leave it. In the current Zero-Day Attack, the issue is an exploit in the TIFF library. Hence, any application that uses said library is potential vulnerable.
If we lived in a sandboxed world, all those MS Office applications that are now vulnerable would still be vulnerable. "Ah," you say. "But MS Office wouldn't have internet access so it couldn't do any real damage." And I retort, "The exploit would propagate through infected MS Office files, slurping up as much financial information as it could along the way, until either (a) the malicious agent got a document from you and could extract out the data or (b) wait until the one MS Office machine that *does* have internet access enabled and push all the data out then.
Or, maybe we could try to sandbox out the TIFF library in some fashion. Great idea there, but how do you actually pull that off? The actual broker for what is a TIFF file has to be invulnerable to a bug before it can be passed off to the TIFF encoder/decoder. And then the displayer has to be invulnerable as well. And the file loader. And any of the transfer agents. In short, any step along the way could just as well be buggy as it is now, so splitting it up into parts just means it's a separate cog still with most, if not all, of the same access to said data and with said ability to manipulate the data (stuffing data into TIFF comments, for example) for some malicious end.
This, of course, isn't say it's not worthwhile to try to have better sandboxing as appropriate. But, there's no real magic bullet to such problems when it all comes down to having program logic that's flawed. It reminds me of people scoffing at software designed to continue running properly on hardware that might, due to ever increasing die shrinking, be known to have defects. Well, sandboxing as you speak of it falls upon the same problem with software with known defects. In honest, the best thing that can be done is code audits and fixing bugs and releasing fixes ASAP. Oh, and avoiding things like writing in turing complete languages into things since, again, even if contained in a sandbox programs can do bad things.
PS - The real problem with UAC is (a) too many programs ask for (or require) Admin access when they really shouldn't and (b) it's too much of an all-or-nothing approach to addressing the question of security without providing remotely enough information to the user to make an informed choice on the matter. I don't think more piece-meal approaches really help--Android apps are too guilty of (a)--and sandboxing doesn't help much either--programs that refuse to run and don't infect you also don't do their job either. There's no magic fix and trust is a very high essential part of use of almost all programs.
No, it's clearly the new of the leaks that did it. Last week there wasn't a diplomatic crisis, then the leaks came, and now there is a diplomatic crisis.
You're absolutely right! It's not that the rapist, in his actions, ruined his life when he was brought to justice. It's all that damn eye-witness' fault! Oh, yea, and damn the justice system*!
Quiet diplomacy is only possible when confidentiality is possible.
And one side is entirely violating that confidentially with mass surveillance. Oh, right, oops. That's the issue at hand.
There will probably be more human smuggling and trafficking due to Snowden.
I think, in the biz, they call that "blow back". I guess mass surveillance *did* have an effect.
*In truth, as fucked up as Indonesia's response to the mass surveillance is, it's clear that to some extent they're doing it because part and parcel of dealing with Australia carries a now very clear risk. In the end, Australia now has to work to regain the trust it has lost from its acts. I still say it's wrong for Indonesia to react the way it has because human smuggling/trafficing is more important than that, but to that end it'd be more a point of Indonesia being better positioned to make reasonable (and possible a few unreasonable) demands to further guarantee that that's all that's happening. Sadly, I can only imagine a tit-for-tat from individuals even if Indonesia doesn't pursue activities beyond these goals.
In any case, Australia is the one who shot their own foot.
"Look, government policy is putting us [pedestrians] in harm's way[--sidewalks near streets]. We are now targets[--I don't doubt more pedestrians have been killed on sidewalks than TSA agents have even been shot at]. We think we should be protected from loonies[, which is just about everyone, if you're paranoid enough, which is more or less a requirement when motor vehicles are zooming by you at 30MPH]. Armed guards to shoot any such loonies is one method we might be protected [because nothing says safe like bullets flying]."
Assuming the TSA checkpoints remain, it is not a ridiculous idea and the union - nominally representing the screeners - are quite right to make this request since the welfare of those screeners is their business
Nah, their business is to get more union members or get extant members to pay more dues. Dead members? As long as the union doesn't have to pay anything to them (they'll structure all the costs of workers comp or whatever on the govt), they can always just hire a new person if one quits/dies/whatever. Protecting members looks like a good excuse, though.
The screeners themselves, however much they may be gaining advantage from the program, are not the ones who have created the policy that provides those jobs (and, from my limited experience with them, those I have met think the program is as stupid as we do, but one does not turn down a job these days). So I can hardly blame the screeners for making a fuss about the need for more protection.
As others have pointed out, if your job entails searching people for guns, bombs, etc, you're already at the point where you should be concerned for your own protection. That it took a shooting to do anything is like "Loss Prevention" guards at a bank to wise up to the danger they might be in; for TSA Agents to not notice until now is just stupidity on their part. That they want external guards with guns sounds more like *the union* wants external guards with guns. Honestly, I'd imagine most TSA Agents would rather have the gun themselves and hope that people would treat them with more respect^Wfear as a consequence, meaning less physical/mental/whatever harassment from people in line.
But, then people might realize that the TSA is more like "Loss Prevention" at Best Buy and giving them guns is ridiculous. That for all the fear mongering, even if people did bring guns regularly on planes, it likely wouldn't mean a lot--not that many people even do and most who do do so by accident or it's in their luggage and merely being shipped with them. So, it's little wonder they had so little fear until now. They're virtually useless--the old system of screeners before the TSA was more than enough. And then it's less that the TSA Agents were stupid but knew all along it was theater.
"But, 9/11!" some people might say. And I say, for the TSA to not even have guns to defend themselves until now, they were no real threat to another 9/11. What stopped another 9/11 was the incompetence of wanna-be terrorists and a lack of a real desire to succeed by those with a passion to try. After all, "9/11" is still terrorizing people to accept stupid things. Why waste the time/energy/effort to do more?
I wouldn't have thought it possible but this incident is a significant setback for any hope of meaningful reform...
The second you think that, you make it true. No, the only significant setback is the one you make for yourself. As you say, the climate 23 years ago was different. That people weren't ready for meaningful reform to the TSA before this incident is part of the current climate. Just like it wasn't a shooting 23 years ago that started malls being fulled of armed guards, 9/11 need not have been a catalyst and neither is there anything inherent in this shooting to make it a catalyst. But if it is to be made a catalyst, it will be in the hands of those who seize the opportunity who define what sort of catalyst it will be: to strike out with more armed guards or to radically reform/remove the TSA.
It seems to me as a (conscious?) distraction effort by various media. The real issue is mass surveillance on the general population.
The people, long ago, accepted their role as serfs. They have accepted that to spy on them is meaningless because they have nothing of value and nothing to hide. But to spy on their kings^Wpolitical leaders? Why, that could have a real effect!
Polticial leaders are the most standard targets of all, and that relevation can be shrugged off with all kinds of rhetorics a while from now, when the biggest public outrage has subsided.
Where's that public outrage you speak of? Seriously, it's political leaders who are crying about being spied on. The media can try to rile up the public, but it's clearly not working. Even if the public were being abused by leaders, foreign or domestic, in a more physical sense, people would just shrug it off. "One bad apple spoils the barrel", they'd say, so to gas millions to catch a few "terrorists" must be okay.
The real thing 9/11 showed was just how little backbone most people have. I mean, for fuck sake, the American Revolution started over (from a public support perspective) pretty pathetic tax increases on tea, sugar, and legal documents and some pretty irrelevant, to the people, hassling of the British King of colonial political leaders. But, in the end, it could be said it was because the people saw that the very framework of which they live was being violated so wholly (for them, that the taxed were to have representation in Parliament). Well, we're well past that point. So, where is the outrage?
Why does there have to be only extremes? Comcast contributed a reasonable sum to support a candidate who thinks like they do. Is it a sure bet? No. Is it a sure failure? no.
Comcast isn't a person. Comcast doesn't "support a candidate who thinks like they do". Comcast's executive(s) *does* try to invest into candidates that *do* the things that are beneficial to Comcast's owners. No need to put "[thoughts] in their [head]" and be unreasonable. As for "is it a sure bet/is it a sure failure", I'd say it's a sure bet that they gave them the money. Wanting or expecting more goes beyond "support a candidate" and leads into some goal of (a) trying to buy an election or (b) influencing a candidate.
I don't care about hypotheticals. Lets deal with what actually happened. Campaign contributions are there to support candidates and calling reasonable contributions "heavy" is an exaggeration.
Fine, that's your opinion. And I and others believe that $10,000 is a heavy donation when total donations are in the $120,000 range. Hell, I think $10,000 is a heavy donation, period. If your problem is that the headline contains opinion instead of pure fact...
Your opinion of most people is pretty low. It would take a lot more than $10,000 in campaign contributions that I can not personally spend to induce me to do something I did not agree with.
Funny, you just put words in *my* mouth. I spoke of "buy the ear of most people". That doesn't mean "induce me to do something I did not agree with". It does mean, "give them the time to allow them to convince me, possibly on a subject I don't even have a particularly firm opinion on". You see, without the donation, they might not be given the time of day. With the money and the prospect of more money the next election cycle, I'd be less likely to snub them after the, usually brief, one-on-one time I'd allow most people or companies within a busy schedule.
There are also problems with the "buy the mayor" theory;
1. Council makes more decisions than the mayor.
Seattle Mayoral Race Sounds like even if the Council makes more decisions, the mayor still has a lot of power (unless, you know, $4 billion isn't a lot of money to you).
2. Any mayor who was obviously biased would not get elected again.
That is remarkable laughable. I'd even say it's naive. To be honest, most politicians are elected precisely on their biases. It's just a question of if one bias is bad enough, his major opponent's bias is worse, or if he has any particular important, to the voters, biases. There's also the whole point that unless such biases are brought up at election time, people tend to forget about them or other "more important" issues are used to ignore whatever perceived misdeeds are done. In short, no, you're very wrong.
My point is that $10,700 is not "heavily" for a company the size of Comcast.
Consider how many cities Comcast donates to. Consider just how big the donation pool is. Consider the demographics of Seattle that might well oppose a Comcast support on its face. But, of course, yes, it's invariably an opinion and not a wrong number to state "heavily".
Can we have truth in reporting rather that op ed pieces disguised as reporting? Lets deal with facts rather than exaggeration designed to get advertisement views/clicks.
Or to lead up to how such is corruption... Because no amount of raw numbers can show corruption. So, any attempt to show it as such is just an op-ed and a grab of ad clicks. Well, it probably was that too, but then Slashdot, The Washington Post, etc aren't saints there, either.
PS - Perhaps you're search for "facts in reporting" rather than "truth in reporting"?
According to the numbers in the article a Comcat executive contributed $700 and the company contributed $10,000 to PACs. Sorry buit I doubt that $10,700 will buy an election.
So, what you're saying is, Comcast and it's executive are morons, then? Or they just love throwing money away, perhaps?
Look at all contribution to People for Ed Murray. The total contribution are $122,800 making Comcast's contribution 8.7%.
Now, are you saying if Comcast had contributed $122,800, then it'd be possible to call it a legal bribe and then disband Comcast? Because you're obvious entertaining the idea that that $122,800 is in fact some sort of bribe money meant to buy the election. And if it wasn't meant to per se buy the election or be a bribe, it would seem to be implied to buy the Mayor's ear--something that would likely influence, if not outright control, policy.
To that end, I think $10,000 would probably be enough to buy the ear of most people, especially when they need "experts" in an area anyways.
HE stole and released all sorts of documents. Some showing bad things the NSA was doing, but many just showing the NSA doing their job and containing information that ruined all sorts of operations.
You mean all those operations where the NSA was spying on allies and enlisting other allies to their aid? Yea, I guess technically that's the NSA's "job". But, you know, perhaps it shouldn't be?
You can't trust that he won't do the same again. Sure, he might find and tell people about something one of your accountants was doing wrong... but thats only by accident and in the process, he'll have told the world your business strategy for the next 3 years.
Great analogy there. Because God knows that people knowing your business strategy for the next 3 years will ruin you. Oh, right, that'll come out in 3 years time anyways. Meanwhile, back in NSA land, operations that are decades old remain classified because the NSA doesn't want to acknowledge its past "job" activities--ie, that we spy on heads of state today is because we did in the past so to show we did in the past confirms we do it today. Any way you spin it, the NSA never wants to let anyone in the public know what it does because it fears to do so would "[ruin] all sorts of operations".
Well, golly, if we let the NSA follow through with that, then they can be wholly corrupt and we have to rely upon the few safeguards, those in Congress or the President, to do their job and actually stop the NSA. And what did we find out from Snowden? The Congress and the President are complicit in letting the NSA run amuck because, presumably, they care too much about letting the NSA do it's job that it'll forgo pointing out any one of its misdeeds. In effect, the NSA holds the rest of the US Government hostage and is above inspection. If the only sort of way to in any fashion resolve this hostage situation is to "[ruin] all sorts of operations" run by the NSA, then it's worth it. That Congress nor the President were willing to do that shows them to be spineless. That you should decry Snowden's acts doesn't speak too highly of you, either.
PS - Beyond the grandstanding by our allies, have there been any actual harmful effects from "[ruining] all sorts of operations"? Because, you know, NSA operations are not meant to be an end unto themselves. So, their ruin isn't inherently a bad thing. And, honestly, if neither Congress nor the President will reign in the NSA and the only way to punish the US (through the NSA) for its actions are through some sort of international sanction, then truth be told it's the NSA, not Snowden, and Congress and the President that has brought to bare those sanctions upon us (and to an extent the international community). Really, though, I'd like to see some specific point that could level actual blame upon Snowden rather than vague details. But, then, I imagine you don't have any because, as above, only the journalists are the ones with any details so only they would know and honestly that only they know almost assures that your claim couldn't be true.
Yet the only words out of that stubborn president's mouth are "more taxes".
So stubborn he's repeatedly signed various bills for spending cuts and the only "more taxes" that have been passed are (a) allowing the Bush-era tax breaks to expire on some tax brackets, (b) allowing the economic recovery tax cuts (you know, the ones Obama signed) to expire, and (c) the whole ACA-fine as a tax. I wouldn't call Obama a champion of calling for less spending. But then I wouldn't call him a champion of calling for more taxes either.
Soooo...what you're advocating is that because it would take a long time to undo the ridiculous level of spending we're at, we should not even try?
Thanks for entirely twisting what I said. *You* are the one who speak in such hopeless terms. *I* am the one suggest we cut spending and raise taxes.
I'm in no hurry to pay down the debt. I'd settle for a balanced budget. GDP growth, revenue increases from a recovering economy, and inflation would pick up the slack just fine. We're not in dire need of new revenue.
In other words, you live in fairy world where you believe that a balanced budget being a high mark goal will magic start paying off the debt; but that mentality is precisely what you accuse me of and is the basis for the "well, we're already massively in debt, so why not spend some more". Yet the fact that Democrats, of all groups, were responsible for a balanced budget quickly lead way to Republican tax cuts. Honestly, the "no hurry to pay down the debt" is the very mindset that will never pay down the debt because in good economic years there will be (a) groups who don't want higher taxes because it could "hurt" the economy and (b) groups who see "good times" lasting forever. If we can't get a solid, real commitment to balancing the budget from anyone for any length of time, the goal post should be to have a negative deficit and hope that it raises to a balanced budget as a worst case. And yea, you should be honest with people about the goal post and your compromise from the start.
The deficit is just over 700 billion. If we simply returned the government to the size it was in 2002, we'd have an annual surplus of 500 billion right now.
Would that be with or without the "Emergency" spending on the Afghanistan War? If we simply had a few angels and the head of a pin... You see, it may be simple but it's not easy. And beyond a few individuals, no one has actually tried to do such a "return the government to the size it was in 2002" beyond the simple math rhetoric. Actually figuring out *how* to get to those levels is the hard part and getting buy-in is the even harder part.
The Republicans had plenty of ideas that involved govt involvement in healthcare. Vouchers were one. Malpractice reform was another. They even had common ground on a few things that were passed in ACA. Point is, when the Democrats controlled all 3 branches of govt in the founding days of ACA, they didn't even give a nod in the direction of the Republicans.
Vouchers are stupid, to be honest. They're also inherently inconsistent with supposed Republican ideals and involve *more* government involvement than ACA exchanges. Malpractice reform, aka capping malpractice suits, are no sort of answer to the problem either; they're just a buy-in to further legal limited liability which corporations have shown to be heavily abused--and you can imagine how that'd work when lives are on the line. You're right that Democrats didn't give even a nod in the direction of the Republicans, and that wasn't good at all. But that doesn't justify the continued childish behavior requesting *complete* repeal.
You expect a different response from them when the opposition party pretty much gives them the finger during the entire process? I'm sure they're still pissed about it.
Umm, why? The entire point of their argument is that the government is larger than it has ever been, continues to grow, and is tasked way beyond its constitutional reach already. Higher taxes has no place in that argument unless you want to maintain the level of bloat.
Congratulations. You're yet another person who clearly doesn't understand the current situation. The Federal government has consistently been spending substantially more than it takes it. Consequentially, he has accrued a substantial debt (some significant percentage of that debt to itself*) and consequently even if we were to take a massive cut to our spending, we'd still be decades away from paying off the debt. Yet, inherently, that large debt is part of what makes a government big and so any attempt to pay down the debt at a decent rate would invariably require a tax increase along with the substantial spending cuts.
You do know that governance is more than about just voting for "whatever gets you the most stuff", and that putting others before yourself is a valid method of voting?
I know that. Most voters don't act that way. If they did, they wouldn't be asking for lower taxes. Inherently good governance is striving to pay for your spending. One can argue all one wants about spending cuts, but it is a substantial failing to consistent push for tax cuts while failing to pay for current spending.
Both sides are to blame here -- we live in hyperpartisan times. Perhaps had the Obama administration worked alongside Republicans when designing ACA instead of giving mere lip service, we wouldn't have had all this fighting over it to date (and maybe it would have actually turned out a decent piece of legislation).
No. Really, no. Republicans, likely under sway from the Tea Party, were decidedly anti-big government. Republican buy-in to a program that would mandate health insurance or any other way make government somehow further involved in health care was a non-starter. Further, consider the consistent, lock-step voting by Republicans against ACA. As was repeatedly stated at the time (and later on), Democrats had a majority so didn't need any Republican support. Yet the very fact that *no* Republican supported it is very telling to the idea that their opposition was more hyperpartisan than any real complaint about the merit of the ACA.
Now, this doesn't excuse the fact that Obama didn't try to work with the Republicans until late in the game, at a point when it seemed at some Republican support would be necessary. Nor does the fact that Obama didn't provide much more than "lip service" justify the childish, consistent fighting against the ACA by Republicans; to be excluded in constructing a major act doesn't begin to justify repealing it on its face.
Finally, it was rather clear from the above that Republicans were not interested in molding the ACA into something that would actually work--except the one suggestion to be allowed to buy insurance across state lines which, unless there's some legitimate reason I'm unaware of, would have been good policy to include. The rest, though, was consistent mud-slinging and a House that shifted Republican has moderate Democrats that voted for the ACA were replaced with Republicans.
Seriously, as much as the ACA could have been improved, Republicans were almost entirely uninterested in trying because to succeed in any fashion would only bolster Obama, and that's the last think hyperpartisanism supports--helping the other team.
*As I understand it, the Social Security Fund was borrowed from to pay for things in the General Fund to cut down on Teasury Bond borrowing. So, hypothetically, as the money is owed to itself, the government could absolve itself of this debt. But to do so would be to effectively bankrupt Social Security and end the program as a whole for a lot of people who spent a lifetime paying into it for a retirement check. So, that's heavily a non-starter.
It's very nice of you to take the time and sit down and try to explain your actions. It's clear that you believe that the NSA has a set of duties and those duties require or even demand the sort of wide-spread surveillance that has, willfully or not, broached a very core aspect of your own self-worth. In trying to defend your actions, you make it patently clear that you know you've done something wrong. Unfortunately, the position you are in does not inherently give you the perspective on why so many people are upset with your actions. So, let me try to walk you through exactly why people take issue with the NSA and other members of the US Federal Government in their course of action against the people of the world.
To put in bluntly, the people of the world have various rights. One of those very core rights is the right to privacy. That is, a large part of the dignity, self-respect, and general humanity of a person comes from their ability to be alone and unique in their thoughts and beliefs and often even actions. Yet the very notion of the NSA and other such government bodies is to do away with privacy in the name of some higher purpose. The argument invariably degenerates into a black and white question of which right must be given up: a right to life or a right to privacy. The very fact that such a position is taken is the very problem.
You see, the world is not black and white. The world isn't even greyscale. It's a lush and beautiful world that expands well outside the visible spectrum. Yet as much as humans are blind to the ultraviolet and the infrared, you have set yourself up to believe in the most perverse of visions that leaves you nearly blind. You denigrate the people you are entrusted to protect and in doing so demonstrate that you are actually worse, in many ways, to the actual enemies of those people. For the enemies of the people actually see them as people. Your actions treat them as little more than sheep or fodder. The former may slaughter hundreds of people, but your actions pave the way in justifying the slaughter of millions.
Now, I say all the above with the hope that you don't take it the wrong way. I do think you started out with noble intentions. But the road to hell is paved with noble/good intentions. What you need to measure your actions by are what you actually are doing. You cannot turn to the ends to justify the means. You cannot argue that the violations that do occur are infrequent so are acceptable. In the end, as cliche as it may seem, you need to look at these words and really think behind the meaning behind them. And maybe, if you can muster a little privacy of your own, while you try to deny it to us, you can look upon your own life when you retire and how your actions will affect you once you are no longer the one in command of these forces that you have taken part in unleashing upon the world.
In the end, as much as I wish you well as a person, the question you should be asking in presenting such a statement to the public isn't "How can I live with myself?" but "How can the people of the world live with what I've done to them?". I don't really know the answer to that question. I do know that of all the people who do exist, you are the best position to be the forefront of actually fulfulling your actual duty and not merely the letters of the memos or reports presented to you that have been used to justify your actions. Instead of changing the American people, your time would be better spent in changing the Agency you're entrusted to be in charge of and are actually able to change.
PS - The sad fact is, thanks to the likes of Edward Snowden, I have a good deal of confidence that you, the NSA, will receive this comment even though it was never sent to you because you will not be certain with 51% accuracy that I'm American. That is, put simply, beyond distasteful and horribly disrespectful of the 95%+ of humanity that is not American that you treat with contempt in your actions.
The Tea Party movement seemed promising, until it was hijacked by the religious right.
The Tea Party, to take their name from the Boston Tea Party who acted upon high taxes on tea.... Perhaps if the Tea Party was actually responding to a tax increase instead of preemptive presuming Obama being elected == higher taxes? Or perhaps if they had formed during Bush's years and had given a shit then instead of waiting until Obama, seeing what a spoiled kid^W President could do, went from hand to forearm in the cookie jar? Perhaps if they called for higher taxes along with less spending instead of less taxes and less spending--without much qualifier on what exactly to spend less on. And do I begin to point out the absurdity of people who clearly champion less spending even though it could hurt them but are so afraid of tax increases without any thought that if spending can be hypothetically targeted to not hurt them, then so could tax increases?
It's no wonder that talks about secession and revolution are kicking up again.
Because they're proud to be an American, until they're fickle and want to secede or start a revolution. Perhaps if less time was spent on decrying the evil of government and electing people who seemed determine to prove them right and more time was spent on actually fixing government and holding politicians accountable? Nah, let's just go for all the extremes we can. That's why we need to chew down our diet pills with our triple-decker burgers and large fries. Maybe the real reason so many people are against Obamacare is that liposuction isn't considered a base feature of health insurance policies.
Not every search requires a warrant, for example. That is long settled law.
No doubt. The problem is the long settled law invariably deals with (a) border searches or (b) searching of individuals outside the US. One could argue that wiretapping of a foreigner abroad is somewhere between (a) and (b). The problem is obviously that invariably to wiretap a person abroad nearly mandates that the other party *in* the United States be searched too. Otherwise, the foreigner abroad answering in "yes" and "no" would provide no useful information. Well, that obviously degenerates back to the point of having reason to specifically target the person in the US--and as much as we like to pretend otherwise, guilt by association is not enough for a lot of even very lenient courts to grant effectively roaming warrants to whoever said foreigner speaks to.
Well, except that FISA apparently somewhat, sort of allowed such a warrant--which is a clear violation of the 4th Amendment--but then reversed their position (with no effect as they have no teeth) when it was clear it was being abused. Of course before that point, the Fed didn't bother trying to get a warrant. And even after the whole warrantless wiretapping scandal that invoked the Fed to try to get said general warrant--which strikes me as a clear bill of attainder as enacted under the FISA Amendment Act of 2008--and the revocation of said warrant, there's little sign they'll stop. The only thing the Supreme Court ruling against them would do is mean the Executive Branch will just continue to hold indefinitely some people without trial to avoid the invariably dismissal of a court case for lack of admissible evidence.
Hopefully this won't be another case of the Obama administration in effect "taking a dive" to move the law in a direction desired by its more radical members.
When it's considered radical to have a conscience and actually abide by the required rules of disclosure on what all and where all evidence was obtained or that to do so is little more than 'in effect "taking a dive"', I really weep for your actual considerations of what sort of judicial system we should have. But, then, perhaps you'd prefer it if the Obama administration just cut out the middle-man and started summary execution of Tea Party members, Islamic Fundamentalists, and whoever else they don't particularly like? Because it seems clear you have a disdain for the very few people who actually want to follow the law and not hide the wrongdoings of this and previous Administrations who seem to believe their job as Executive Branch is quickly marching to be quite literally the executive branch.
PS - What's with your signature? What are "ordinary opposing views" and how do you begin to define "punish... in debate"? The former seems loaded to justify your willingness to contradict the latter because you see the opposing view as unordinary, and the latter seems loaded to qualify any strongly worded disagreement as punishment to what you see as your own ordinary opposing views. It would seem clear that your statement is purely subjective, then, which leave it as unproveable.
You know, I think it's actually much worse than that. Lavabit was inherently being asked to engage in fraud. That is, as you state, it's prime selling point was precisely that it wouldn't in some hidden act be complicit in complying with whatever orders from whatever government demanding to undermine its secure e-mail service*. Look at how Google, Microsoft, etc are putting up a good song and dance about the "outrage" of what they complied with. Yet one could believe that corporations of their size would inherently be undermined, be it through official sanction from the CEO or through mole(s). But, a small-time company wouldn't have that sort of implicit property.
In any case, the part that's really bad isn't per se that Lavabit was asked to engage in fraud but that inherently that means the judiciary and executive branches were both co-conspirators directing this fraud. To me, that's a much worse offense than one company/person lying for profit.
*I guess one could argue that inherent to the fact that China, Russia, America, etc all have very conflicting and rival views and how each are quite willing to pretend they have global jurisdiction when it suits them--America is just more public about it--, that it's almost a given that one government would invariably be demanding that such a service hand over keys at some point and hence there's no way that such a service could ever be secure in the sense implied. That would either stand to undermine the implied level of security--which undermines Lavabit's case--or implies a certain level of intentional or incidental misleading/fraudulent claims of security. Of course, that Lavabit would shut its doors instead of giving away keys actually stopped the situation from carrying through to the end as actual fraud, which shows the only one with any character in this situation seems to be Lavabit.
The really galling part to me? That Lavabit can't seemingly do what most every company does in a similar circumstance: take a slap on the wrist, shut its doors, then open again with virtually the same operation under a new name. It's okay to play shell games with the IRS but not the NSA, it seems.
What makes you think the government is so powerful that they can stop everything bad from happening?
That's not what's been suggested. While the examples given may not be perfect, the point would be generally that a government that does such massive surveillance would seem to collect enough evidence to stop at least *some* terrorist attacks before they occur. And I don't mean the "and now that people question why we have so much surveillance power, let's make up some cases because obviously until now we didn't feel any need to justify ourselves and we'd never toot our own horn prematurely or exaggeratedly".
Even things dreamed up between two mates in a coffee shop without using a phone?
Inherently, no. But if two said mates are already listed as suspects in previous attacks or are believed to be close associates to terrorist elements, then perhaps an agent should be there to overhear their conversation?
The power of the government is vaster in potential than what it actually is. They are limited by time, space, and resources. They have a limited number of staff, and must prioritize their efforts like any other organization. Computers are both helpful and powerful in their work, but they can only do what computers do. Computers are not yet omniscient. I think your explanation has more "all knowing, all seeing, all powerful, super competent" government conspiracy theory to it than insight.
Except what you spell out is precisely the Catch-22 of it all. The organizations demand more monitoring abilities, yet it clearly isn't helping them. And if we try to curtail the intelligence monitoring by computers, then conveniently the blame is left on not monitoring enough. Clearly, though, we were already (back before the mass surveillance) at a point where too much information was coming in and not enough analysis was producing useful results, either in the list of suspects wasn't made narrow enough to devote resources or there simply wasn't enough follow-through even when there, at least in hindsight, appeared just cause for specific further monitoring.
Whether that's more of a conspiracy to not act or simply overly CYOA analysis that makes every potential suspect look like a possible terrorist, it's impossible to know because we're never given any real insight into the files that are possessed on people.
But if you disagree, then I would like to hear your thoughts on the train wreck that is the rollout of the "Affordable Care Act" (AKA Obamacare) in the US? They could avoid it, but just didn't want to? There is no incompetence or poor planning there? Is all of the super competence limited to the intelligence agencies that can prevent anything and everything bad from happening, but "just don't want to"? Or is it a deeper level conspiracy to have as many of the sick poor die off in the coming months before it is fixed so that the gap between their losing their existing coverage and gaining their new coverage both boosts corporate profits by limiting insurance payouts and limits the costs to government? Super competence blended with amoral or immoral behavior, or is it typical human competence with the usual limits of resources, or is it outright incompetence? (Exactly how many of these super competent people have you ever met that never made a mistake?)
That's SOP in the government, though. When a large project needs to be done and it's deemed as something the government isn't allowed to do internally, it's outsourced to a private firm and generally is a clusterfuck because (1) the private firm almost always overestimates how well they can deliver and (2) the government (like most managers) doesn't have a fixed design spec early enough that budget and time overruns nearly invariably occur--being in-house doesn't magically solve the problem, but it can allow for more rapid collaboration to resolve issues sooner, rather than lat
If what you propose were the case it may sway someone to vote not guilty even when it's been proven beyond a reasonable doubt the person is guilty simply because they don't want to execute the sentence. I think that would be a miscarriage of justice.
So, it's a miscarriage of justice to let a guilty man go free because the punishment that would be imposed is unjust? Really? And let's not forget that in most States the sentence of death is kept separate from the question of guilt probably for the above reason--that is, the jury votes separately on whether to impose the death penalty and a non-unanimous vote after a guilty verdict results in a non-lethal sentence.
The jury's disposition to the punishment is irrelevant when determining guilt unless they're doing jury nullification, then they're just not following the law but for a different reason.
It'd seem to be for the same reason: justice and the law are not necessarily equivalent and justice is what the jury's job is to seek (so is it the Prosecutor's job, but then they also have a clear motive outside that scope).
Besides, isn't it ultimately the Judge who determines the sentence, not the jury? Maybe it varies on the type of case and such but my point is the same.
As stated above, it depends. And in the specific case, your point doesn't stand precisely because the jury is the one declaring sentence.
I don't see any logical reasoning as to why someone who is determining guilt should have to be the one who executes the sentence. It's almost as if you're trying to punish the judge / jury for making a decision of guilty. It wouldn't have any positive impact that I can see and only negative ones.
It's a question of character. If you believe someone is worthy of death, you should be willing to care through the act to cause their death and not merely through a third party. No, this doesn't mean *every* execution would need to be done this way, but it's like the point stated about butchering animals. We as a society don't do it commonly because it's more efficient to have livestock mass-butchered than to leave it to every home to do--in the past, it was common for most people to do it because most people farmed and grew their own livestock. But an outright unwillingness to butcher an animal ever (for those who eat meat) indicates a willful divorce from the reality of the situation. For animals, you might say it's not such a big deal. But, how is it not a miscarriage of justice when juries are divorced from reality when sentencing a person to death?
The fact that it hasn't happened in the past 12 years is the best evidence that there really isn't a legion of Bad Guys out there just waiting for the chance to attack.
Or it's exactly what the legion of Bad Guys want. They've felt the groping touching of the the US government for decades. Now US travelers get to feel it too. And the only way it goes away is if the very core parts the fuel it--the TSA, NSA, etc all thrive on a government ecosystem that values "owning" the world in some fashion--which can only reasonably happen by a US uprising, peaceful or violent, against it.
Is it any wonder that those is the government ecosystem think the terrorists have done the very opposite of winning while so many American citizens feel the terrorists did win?
So putting up an advertisement on a free service is 'evil' now?
Non-sequtiur. The entire issue is *banner* ads.
Google makes their money by advertising. They provide a free service for you and pay for it by selling advertising space to others.
And for a long time they did it without banner ads. In fact, a major reason why Google became the search engine of choice for so many people were their non-intrusive ads. You see, when advertisers are given a small image bar to advertise in, many try to be as loud and obnoxious as possible to get your attention. You say, "but then I'd not buy from them". Yet very few ads are geared towards informing people or convincing people of the worth of a product. Instead, usually the focus is try to create a strong emotional connection of any kind with a brand to make people remember the brand--be it humor, drama, shock, or whatever.
In short, the text-only ads that Google really pioneered removed the ability to push the sort of shock/humor banner ads that, even if they were infrequent, were a very large eyesore for many. Further, the removal of banner ads made it a lot harder to run all sorts of con ads--those that look like legitimate OS-generated messages--which itself was a really blessing. And let's not even get into flash ads or javascript ads...
Really, Google can do whatever they want when it comes to their advertising space. But Google built a brand on "Don't be evil". You may not consider banner ads evil. And even plenty that do may (a) already use ad blocking for the rest of the net and/or (b) not really switch because they're "hooked" on using the service. Further, I doubt it'll result in them losing much traffic overall as there'd have to be some new Google-like company to start up and start over again with them.
In any case, you obviously have missed the point--which is sort of ironic as Google's advertising didn't work on you.
I think you're forgetting something big: the media. No doubt if Microsoft could be taken to court for anti-competitive practices over bundling IE, they'd be in a much worse situation if most the internet that relies on ads was pushing for them to be smacked down for such arrogance. And I don't think they'd get off with a slap on the wrist, either. More importantly, even if absolutely nothing was or could be done legally, you can imagine the effective investigative reporting^W^W smear campaign that would be ran against Microsoft by the media.
You're basically claiming that the unix way is less efficient, but this isn't the 80s; there is no debate left about it.
No, the unix way* is to have a lot of small programs that are executed on demand, not have a lot of load of small processes that queue and poll for requests. Or, as you note, to have the function as a syscall in the kernel and executed in one monolithic service provider, the kernel. My very premise is the paradigm of having many processes constantly running (even if most aren't running most the time but a few must infrequently to poll for servicing requests) is the overreaching issue. Programs on disk don't use CPU resources but processes in memory can use CPU resources and often do.
*A small point, but the "unix way" is true to the extent that most Unix/Unix-like systems have a monolithic kernel that encapsulates almost all system level functions in the kernel. Hence my comment about "one monolithic service provider". While most kernel services can then be heavily event driven, the ones that can't can be joined together at a few points and optimized to wake up the minimal amount necessary to service requests. Having said that, Minix is an example that strives for more encapsulation of functions into separate user processes and is very much the anti-thesis of "the unix way" in many ways. Yet, it's still very much a Unix in functionality. But I imagine it has the same performance issues as Windows NT because of its architecture.
You have that exactly backwards. Doing more than one thing is what causes the problem; you have whole packages of related things that have to be turned on just to use the simplest feature. If it was more spread out, then simple things would only need simple services.
What I meant was function X and Y that are needed are in services A and B, so hypothetically them being organized in just one service meant only the overhead of one service. The idea that doing more than one thing as the cause of the problem I think is backwards because, as I was saying, each background service has its own overhead. Many smaller services would just mean that many processes and that much more overhead.
So yeah, if you just shift code around, if you're shifting it into its own service, you change the architecture in a way that makes optimization even possible. Compared to these giant bundles of tightly coupled features.
Except the size of the code per se is not the issue. 99% of the code isn't executed most the time anyways. It's the 1% that every background service needs to function that's sucking up all the CPU time--and more importantly preventing a deep sleep. Shifting code around could possibly move most common functions together (ie a monolithic design), but simply encapsulating more wouldn't help things much because there's still a heavy hierarchy of services which does nothing to cut down on the number of context switches or I/O transfers on tasks.
They aren't going to code their way out of a broken architectural ideology, though.
I wouldn't call it broken, exactly. It's simply not designed with power management in mind. The only way I'd say it's broken is in that tending towards a more user land collection of services to provide basic functions--be it in a microkernel or hybrid design--can tend towards a lot more processes that are vulnerable to timing attacks or authentication attacks. Most of that may be fixable through consistent macro use and boilerplate code. But clearly there's enough debate on the subject to not have a clear consensus on what's best.
pulseaudio is feature-rich. Perhaps a poor choice for some/most people.
I don't think it's merely about being feature-rich. I think it's also a factor that the designers behind it take what might be considered poor choices for the average user. For example, pavucontrol uses low latency monitoring for volume levels. The problem there isn't that low latency is an option but that it's the hard-baked default and recompiling is the only seeming answer around it. In the name of "sensible defaults" and "just works", pulseaudio is obviously in the same sort of boat as Windows designers. But that still seems a poor excuse for the atrocious performance of pulseaudio.:(
Tribunal And, yea, it's been done plenty of times before in various ways. But it's always so chilling to see how often the US behaves so much like Cardassia, especially the "patriots" who in one breathe speak of their loyalty to the state and in the next speak of their guns to protect their family from the state. In any case, there's plenty of DS9 episodes are much more accessible ways to demonstrate the evil of what we see today. I just don't think enough people are willing to see the obvious parallels.:/
There are women who prefer bald men, but there are also women who will only date guys with nice hair.
And to both groups of women, I'm tempted to say "avoid them". I can sort of understand the "prefer" part. But, the whole notion that your hair or lack there of may be a deciding factor is a good sign to avoid dating a person. Going out of your way to try to ingratiate yourself to such a person is a sure path to show your willingness to cower to their whim for the rest of your life. Unless that's something you're aiming for...well, you know.:)
Slashdot Mirror
Until MS integrated MS Office activities with your web browser and hooks in a key monitor for better grammar/spelling prediction--ie, bad design decisions that circumvent what should be necessary. Or your company starts using some software that reads from a database and the IT people just turn everything on (defeating the sandbox entirely). Or an exploit is found to bypass the sandbox. In any case, yes, such would likely be a lot more difficult. But, then, most exploits aren't interested in "collect all stored passwords from all browsers", anyways. Attacking MS Office is most likely to attack MS Office documents. So, the sandbox may be of little use even if it fully functions.
Per se, no. Realistically, exploits keep being found which mean even good architecture design would still be having these sorts of problems--neither DEP nor architecture design is a panacea. Further, actually managing to sensitive data in a system (or, really, network) is a full-time job, and then you're beholden to IT Admins to do their job well. Even presuming they do their job well (and don't go rogue), their activities are almost invariably going to cause lots of strife from most office workers who are delayed or totally stopped from doing innocuous activities because some program or function demands greater authority than it really should and they have to deal with the issue (possibly with a test system to verify that it's okay). Yea, this won't be a daily thing, but it'll be enough that most people will try to bypass the draconian IT department and undo all the sandboxing.
The final point, probably, is that as much as plenty of people have looked into the problem and don't think it's unsolvable, things like sandboxing and least privilege have been recommended more as stop-gaps than any sort of actual solution. Depending on architecture designs, exploits that attack a specific security feature may require little to no rewriting between exploits and there may be little to nothing that can be done to fix the hole short of a significant rewrite of the architecture (perhaps breaking backwards compatibility)--which would likely include a year or two of R&D to make sure the new approach covers all the old problems and tries to fix the new ones. I don't see that happening anywhere. Or, more precisely, the only places I see that happening are in research OSs that are stuck in the R&D phase and don't have fully workable systems with a wide assortment of applications.
So, while I agree with you at some level that more work should be done to try to resolve these issues, I don't think we have actually fundamentally solved the problem at even a theoretical level. Honestly, I'm not even sure we're at the point of making a full cogent statement of the problem to really even begin to seriously address forming a solution.
Perhaps you should have read it? The whole issue is that the TIFF was not well designed. So, why would you presume the sandbox is "well designed"? That just sounds like weasel words if ever the sandbox was compromised.
Uh, no. As noted, In order to achieve code execution, the exploit combines multiple techniques to bypass DEP and ASLR protections. DEP is the "mark all executable pages as read-only". Perhaps you're not familiar with return to libc or other similar attacks? Honestly, if DEP was all it took, we wouldn't be seeing vulnerabilities (beyond DoS) in almost all programs on Windows after 2004 when Software/Hardware DEP was added.
PS - IE has for a long time run in a sandbox on Vista/7/etc systems. So, uh, no vulnerabilities there, right?
Probably because it won't help? As the xkcd comic demonstrates, once you've gained access to the sandbox, it makes little difference in most cases that you're unable to leave it. In the current Zero-Day Attack, the issue is an exploit in the TIFF library. Hence, any application that uses said library is potential vulnerable.
If we lived in a sandboxed world, all those MS Office applications that are now vulnerable would still be vulnerable. "Ah," you say. "But MS Office wouldn't have internet access so it couldn't do any real damage." And I retort, "The exploit would propagate through infected MS Office files, slurping up as much financial information as it could along the way, until either (a) the malicious agent got a document from you and could extract out the data or (b) wait until the one MS Office machine that *does* have internet access enabled and push all the data out then.
Or, maybe we could try to sandbox out the TIFF library in some fashion. Great idea there, but how do you actually pull that off? The actual broker for what is a TIFF file has to be invulnerable to a bug before it can be passed off to the TIFF encoder/decoder. And then the displayer has to be invulnerable as well. And the file loader. And any of the transfer agents. In short, any step along the way could just as well be buggy as it is now, so splitting it up into parts just means it's a separate cog still with most, if not all, of the same access to said data and with said ability to manipulate the data (stuffing data into TIFF comments, for example) for some malicious end.
This, of course, isn't say it's not worthwhile to try to have better sandboxing as appropriate. But, there's no real magic bullet to such problems when it all comes down to having program logic that's flawed. It reminds me of people scoffing at software designed to continue running properly on hardware that might, due to ever increasing die shrinking, be known to have defects. Well, sandboxing as you speak of it falls upon the same problem with software with known defects. In honest, the best thing that can be done is code audits and fixing bugs and releasing fixes ASAP. Oh, and avoiding things like writing in turing complete languages into things since, again, even if contained in a sandbox programs can do bad things.
PS - The real problem with UAC is (a) too many programs ask for (or require) Admin access when they really shouldn't and (b) it's too much of an all-or-nothing approach to addressing the question of security without providing remotely enough information to the user to make an informed choice on the matter. I don't think more piece-meal approaches really help--Android apps are too guilty of (a)--and sandboxing doesn't help much either--programs that refuse to run and don't infect you also don't do their job either. There's no magic fix and trust is a very high essential part of use of almost all programs.
You're absolutely right! It's not that the rapist, in his actions, ruined his life when he was brought to justice. It's all that damn eye-witness' fault! Oh, yea, and damn the justice system*!
And one side is entirely violating that confidentially with mass surveillance. Oh, right, oops. That's the issue at hand.
I think, in the biz, they call that "blow back". I guess mass surveillance *did* have an effect.
*In truth, as fucked up as Indonesia's response to the mass surveillance is, it's clear that to some extent they're doing it because part and parcel of dealing with Australia carries a now very clear risk. In the end, Australia now has to work to regain the trust it has lost from its acts. I still say it's wrong for Indonesia to react the way it has because human smuggling/trafficing is more important than that, but to that end it'd be more a point of Indonesia being better positioned to make reasonable (and possible a few unreasonable) demands to further guarantee that that's all that's happening. Sadly, I can only imagine a tit-for-tat from individuals even if Indonesia doesn't pursue activities beyond these goals.
In any case, Australia is the one who shot their own foot.
"Look, government policy is putting us [pedestrians] in harm's way[--sidewalks near streets]. We are now targets[--I don't doubt more pedestrians have been killed on sidewalks than TSA agents have even been shot at]. We think we should be protected from loonies[, which is just about everyone, if you're paranoid enough, which is more or less a requirement when motor vehicles are zooming by you at 30MPH]. Armed guards to shoot any such loonies is one method we might be protected [because nothing says safe like bullets flying]."
Nah, their business is to get more union members or get extant members to pay more dues. Dead members? As long as the union doesn't have to pay anything to them (they'll structure all the costs of workers comp or whatever on the govt), they can always just hire a new person if one quits/dies/whatever. Protecting members looks like a good excuse, though.
As others have pointed out, if your job entails searching people for guns, bombs, etc, you're already at the point where you should be concerned for your own protection. That it took a shooting to do anything is like "Loss Prevention" guards at a bank to wise up to the danger they might be in; for TSA Agents to not notice until now is just stupidity on their part. That they want external guards with guns sounds more like *the union* wants external guards with guns. Honestly, I'd imagine most TSA Agents would rather have the gun themselves and hope that people would treat them with more respect^Wfear as a consequence, meaning less physical/mental/whatever harassment from people in line.
But, then people might realize that the TSA is more like "Loss Prevention" at Best Buy and giving them guns is ridiculous. That for all the fear mongering, even if people did bring guns regularly on planes, it likely wouldn't mean a lot--not that many people even do and most who do do so by accident or it's in their luggage and merely being shipped with them. So, it's little wonder they had so little fear until now. They're virtually useless--the old system of screeners before the TSA was more than enough. And then it's less that the TSA Agents were stupid but knew all along it was theater.
"But, 9/11!" some people might say. And I say, for the TSA to not even have guns to defend themselves until now, they were no real threat to another 9/11. What stopped another 9/11 was the incompetence of wanna-be terrorists and a lack of a real desire to succeed by those with a passion to try. After all, "9/11" is still terrorizing people to accept stupid things. Why waste the time/energy/effort to do more?
The second you think that, you make it true. No, the only significant setback is the one you make for yourself. As you say, the climate 23 years ago was different. That people weren't ready for meaningful reform to the TSA before this incident is part of the current climate. Just like it wasn't a shooting 23 years ago that started malls being fulled of armed guards, 9/11 need not have been a catalyst and neither is there anything inherent in this shooting to make it a catalyst. But if it is to be made a catalyst, it will be in the hands of those who seize the opportunity who define what sort of catalyst it will be: to strike out with more armed guards or to radically reform/remove the TSA.
So, please don't give up hope.
The people, long ago, accepted their role as serfs. They have accepted that to spy on them is meaningless because they have nothing of value and nothing to hide. But to spy on their kings^Wpolitical leaders? Why, that could have a real effect!
Where's that public outrage you speak of? Seriously, it's political leaders who are crying about being spied on. The media can try to rile up the public, but it's clearly not working. Even if the public were being abused by leaders, foreign or domestic, in a more physical sense, people would just shrug it off. "One bad apple spoils the barrel", they'd say, so to gas millions to catch a few "terrorists" must be okay.
The real thing 9/11 showed was just how little backbone most people have. I mean, for fuck sake, the American Revolution started over (from a public support perspective) pretty pathetic tax increases on tea, sugar, and legal documents and some pretty irrelevant, to the people, hassling of the British King of colonial political leaders. But, in the end, it could be said it was because the people saw that the very framework of which they live was being violated so wholly (for them, that the taxed were to have representation in Parliament). Well, we're well past that point. So, where is the outrage?
Comcast isn't a person. Comcast doesn't "support a candidate who thinks like they do". Comcast's executive(s) *does* try to invest into candidates that *do* the things that are beneficial to Comcast's owners. No need to put "[thoughts] in their [head]" and be unreasonable. As for "is it a sure bet/is it a sure failure", I'd say it's a sure bet that they gave them the money. Wanting or expecting more goes beyond "support a candidate" and leads into some goal of (a) trying to buy an election or (b) influencing a candidate.
Fine, that's your opinion. And I and others believe that $10,000 is a heavy donation when total donations are in the $120,000 range. Hell, I think $10,000 is a heavy donation, period. If your problem is that the headline contains opinion instead of pure fact...
Funny, you just put words in *my* mouth. I spoke of "buy the ear of most people". That doesn't mean "induce me to do something I did not agree with". It does mean, "give them the time to allow them to convince me, possibly on a subject I don't even have a particularly firm opinion on". You see, without the donation, they might not be given the time of day. With the money and the prospect of more money the next election cycle, I'd be less likely to snub them after the, usually brief, one-on-one time I'd allow most people or companies within a busy schedule.
Seattle Mayoral Race Sounds like even if the Council makes more decisions, the mayor still has a lot of power (unless, you know, $4 billion isn't a lot of money to you).
That is remarkable laughable. I'd even say it's naive. To be honest, most politicians are elected precisely on their biases. It's just a question of if one bias is bad enough, his major opponent's bias is worse, or if he has any particular important, to the voters, biases. There's also the whole point that unless such biases are brought up at election time, people tend to forget about them or other "more important" issues are used to ignore whatever perceived misdeeds are done. In short, no, you're very wrong.
Consider how many cities Comcast donates to. Consider just how big the donation pool is. Consider the demographics of Seattle that might well oppose a Comcast support on its face. But, of course, yes, it's invariably an opinion and not a wrong number to state "heavily".
Or to lead up to how such is corruption... Because no amount of raw numbers can show corruption. So, any attempt to show it as such is just an op-ed and a grab of ad clicks. Well, it probably was that too, but then Slashdot, The Washington Post, etc aren't saints there, either.
PS - Perhaps you're search for "facts in reporting" rather than "truth in reporting"?
So, what you're saying is, Comcast and it's executive are morons, then? Or they just love throwing money away, perhaps?
Now, are you saying if Comcast had contributed $122,800, then it'd be possible to call it a legal bribe and then disband Comcast? Because you're obvious entertaining the idea that that $122,800 is in fact some sort of bribe money meant to buy the election. And if it wasn't meant to per se buy the election or be a bribe, it would seem to be implied to buy the Mayor's ear--something that would likely influence, if not outright control, policy.
To that end, I think $10,000 would probably be enough to buy the ear of most people, especially when they need "experts" in an area anyways.
You mean all those operations where the NSA was spying on allies and enlisting other allies to their aid? Yea, I guess technically that's the NSA's "job". But, you know, perhaps it shouldn't be?
Great analogy there. Because God knows that people knowing your business strategy for the next 3 years will ruin you. Oh, right, that'll come out in 3 years time anyways. Meanwhile, back in NSA land, operations that are decades old remain classified because the NSA doesn't want to acknowledge its past "job" activities--ie, that we spy on heads of state today is because we did in the past so to show we did in the past confirms we do it today. Any way you spin it, the NSA never wants to let anyone in the public know what it does because it fears to do so would "[ruin] all sorts of operations".
Well, golly, if we let the NSA follow through with that, then they can be wholly corrupt and we have to rely upon the few safeguards, those in Congress or the President, to do their job and actually stop the NSA. And what did we find out from Snowden? The Congress and the President are complicit in letting the NSA run amuck because, presumably, they care too much about letting the NSA do it's job that it'll forgo pointing out any one of its misdeeds. In effect, the NSA holds the rest of the US Government hostage and is above inspection. If the only sort of way to in any fashion resolve this hostage situation is to "[ruin] all sorts of operations" run by the NSA, then it's worth it. That Congress nor the President were willing to do that shows them to be spineless. That you should decry Snowden's acts doesn't speak too highly of you, either.
PS - Beyond the grandstanding by our allies, have there been any actual harmful effects from "[ruining] all sorts of operations"? Because, you know, NSA operations are not meant to be an end unto themselves. So, their ruin isn't inherently a bad thing. And, honestly, if neither Congress nor the President will reign in the NSA and the only way to punish the US (through the NSA) for its actions are through some sort of international sanction, then truth be told it's the NSA, not Snowden, and Congress and the President that has brought to bare those sanctions upon us (and to an extent the international community). Really, though, I'd like to see some specific point that could level actual blame upon Snowden rather than vague details. But, then, I imagine you don't have any because, as above, only the journalists are the ones with any details so only they would know and honestly that only they know almost assures that your claim couldn't be true.
So stubborn he's repeatedly signed various bills for spending cuts and the only "more taxes" that have been passed are (a) allowing the Bush-era tax breaks to expire on some tax brackets, (b) allowing the economic recovery tax cuts (you know, the ones Obama signed) to expire, and (c) the whole ACA-fine as a tax. I wouldn't call Obama a champion of calling for less spending. But then I wouldn't call him a champion of calling for more taxes either.
Thanks for entirely twisting what I said. *You* are the one who speak in such hopeless terms. *I* am the one suggest we cut spending and raise taxes.
In other words, you live in fairy world where you believe that a balanced budget being a high mark goal will magic start paying off the debt; but that mentality is precisely what you accuse me of and is the basis for the "well, we're already massively in debt, so why not spend some more". Yet the fact that Democrats, of all groups, were responsible for a balanced budget quickly lead way to Republican tax cuts. Honestly, the "no hurry to pay down the debt" is the very mindset that will never pay down the debt because in good economic years there will be (a) groups who don't want higher taxes because it could "hurt" the economy and (b) groups who see "good times" lasting forever. If we can't get a solid, real commitment to balancing the budget from anyone for any length of time, the goal post should be to have a negative deficit and hope that it raises to a balanced budget as a worst case. And yea, you should be honest with people about the goal post and your compromise from the start.
Would that be with or without the "Emergency" spending on the Afghanistan War? If we simply had a few angels and the head of a pin... You see, it may be simple but it's not easy. And beyond a few individuals, no one has actually tried to do such a "return the government to the size it was in 2002" beyond the simple math rhetoric. Actually figuring out *how* to get to those levels is the hard part and getting buy-in is the even harder part.
Vouchers are stupid, to be honest. They're also inherently inconsistent with supposed Republican ideals and involve *more* government involvement than ACA exchanges. Malpractice reform, aka capping malpractice suits, are no sort of answer to the problem either; they're just a buy-in to further legal limited liability which corporations have shown to be heavily abused--and you can imagine how that'd work when lives are on the line. You're right that Democrats didn't give even a nod in the direction of the Republicans, and that wasn't good at all. But that doesn't justify the continued childish behavior requesting *complete* repeal.
Congratulations. You're yet another person who clearly doesn't understand the current situation. The Federal government has consistently been spending substantially more than it takes it. Consequentially, he has accrued a substantial debt (some significant percentage of that debt to itself*) and consequently even if we were to take a massive cut to our spending, we'd still be decades away from paying off the debt. Yet, inherently, that large debt is part of what makes a government big and so any attempt to pay down the debt at a decent rate would invariably require a tax increase along with the substantial spending cuts.
I know that. Most voters don't act that way. If they did, they wouldn't be asking for lower taxes. Inherently good governance is striving to pay for your spending. One can argue all one wants about spending cuts, but it is a substantial failing to consistent push for tax cuts while failing to pay for current spending.
No. Really, no. Republicans, likely under sway from the Tea Party, were decidedly anti-big government. Republican buy-in to a program that would mandate health insurance or any other way make government somehow further involved in health care was a non-starter. Further, consider the consistent, lock-step voting by Republicans against ACA. As was repeatedly stated at the time (and later on), Democrats had a majority so didn't need any Republican support. Yet the very fact that *no* Republican supported it is very telling to the idea that their opposition was more hyperpartisan than any real complaint about the merit of the ACA.
Now, this doesn't excuse the fact that Obama didn't try to work with the Republicans until late in the game, at a point when it seemed at some Republican support would be necessary. Nor does the fact that Obama didn't provide much more than "lip service" justify the childish, consistent fighting against the ACA by Republicans; to be excluded in constructing a major act doesn't begin to justify repealing it on its face.
Finally, it was rather clear from the above that Republicans were not interested in molding the ACA into something that would actually work--except the one suggestion to be allowed to buy insurance across state lines which, unless there's some legitimate reason I'm unaware of, would have been good policy to include. The rest, though, was consistent mud-slinging and a House that shifted Republican has moderate Democrats that voted for the ACA were replaced with Republicans.
Seriously, as much as the ACA could have been improved, Republicans were almost entirely uninterested in trying because to succeed in any fashion would only bolster Obama, and that's the last think hyperpartisanism supports--helping the other team.
*As I understand it, the Social Security Fund was borrowed from to pay for things in the General Fund to cut down on Teasury Bond borrowing. So, hypothetically, as the money is owed to itself, the government could absolve itself of this debt. But to do so would be to effectively bankrupt Social Security and end the program as a whole for a lot of people who spent a lifetime paying into it for a retirement check. So, that's heavily a non-starter.
It's very nice of you to take the time and sit down and try to explain your actions. It's clear that you believe that the NSA has a set of duties and those duties require or even demand the sort of wide-spread surveillance that has, willfully or not, broached a very core aspect of your own self-worth. In trying to defend your actions, you make it patently clear that you know you've done something wrong. Unfortunately, the position you are in does not inherently give you the perspective on why so many people are upset with your actions. So, let me try to walk you through exactly why people take issue with the NSA and other members of the US Federal Government in their course of action against the people of the world.
To put in bluntly, the people of the world have various rights. One of those very core rights is the right to privacy. That is, a large part of the dignity, self-respect, and general humanity of a person comes from their ability to be alone and unique in their thoughts and beliefs and often even actions. Yet the very notion of the NSA and other such government bodies is to do away with privacy in the name of some higher purpose. The argument invariably degenerates into a black and white question of which right must be given up: a right to life or a right to privacy. The very fact that such a position is taken is the very problem.
You see, the world is not black and white. The world isn't even greyscale. It's a lush and beautiful world that expands well outside the visible spectrum. Yet as much as humans are blind to the ultraviolet and the infrared, you have set yourself up to believe in the most perverse of visions that leaves you nearly blind. You denigrate the people you are entrusted to protect and in doing so demonstrate that you are actually worse, in many ways, to the actual enemies of those people. For the enemies of the people actually see them as people. Your actions treat them as little more than sheep or fodder. The former may slaughter hundreds of people, but your actions pave the way in justifying the slaughter of millions.
Now, I say all the above with the hope that you don't take it the wrong way. I do think you started out with noble intentions. But the road to hell is paved with noble/good intentions. What you need to measure your actions by are what you actually are doing. You cannot turn to the ends to justify the means. You cannot argue that the violations that do occur are infrequent so are acceptable. In the end, as cliche as it may seem, you need to look at these words and really think behind the meaning behind them. And maybe, if you can muster a little privacy of your own, while you try to deny it to us, you can look upon your own life when you retire and how your actions will affect you once you are no longer the one in command of these forces that you have taken part in unleashing upon the world.
In the end, as much as I wish you well as a person, the question you should be asking in presenting such a statement to the public isn't "How can I live with myself?" but "How can the people of the world live with what I've done to them?". I don't really know the answer to that question. I do know that of all the people who do exist, you are the best position to be the forefront of actually fulfulling your actual duty and not merely the letters of the memos or reports presented to you that have been used to justify your actions. Instead of changing the American people, your time would be better spent in changing the Agency you're entrusted to be in charge of and are actually able to change.
PS - The sad fact is, thanks to the likes of Edward Snowden, I have a good deal of confidence that you, the NSA, will receive this comment even though it was never sent to you because you will not be certain with 51% accuracy that I'm American. That is, put simply, beyond distasteful and horribly disrespectful of the 95%+ of humanity that is not American that you treat with contempt in your actions.
The Tea Party, to take their name from the Boston Tea Party who acted upon high taxes on tea.... Perhaps if the Tea Party was actually responding to a tax increase instead of preemptive presuming Obama being elected == higher taxes? Or perhaps if they had formed during Bush's years and had given a shit then instead of waiting until Obama, seeing what a spoiled kid^W President could do, went from hand to forearm in the cookie jar? Perhaps if they called for higher taxes along with less spending instead of less taxes and less spending--without much qualifier on what exactly to spend less on. And do I begin to point out the absurdity of people who clearly champion less spending even though it could hurt them but are so afraid of tax increases without any thought that if spending can be hypothetically targeted to not hurt them, then so could tax increases?
Because they're proud to be an American, until they're fickle and want to secede or start a revolution. Perhaps if less time was spent on decrying the evil of government and electing people who seemed determine to prove them right and more time was spent on actually fixing government and holding politicians accountable? Nah, let's just go for all the extremes we can. That's why we need to chew down our diet pills with our triple-decker burgers and large fries. Maybe the real reason so many people are against Obamacare is that liposuction isn't considered a base feature of health insurance policies.
No doubt. The problem is the long settled law invariably deals with (a) border searches or (b) searching of individuals outside the US. One could argue that wiretapping of a foreigner abroad is somewhere between (a) and (b). The problem is obviously that invariably to wiretap a person abroad nearly mandates that the other party *in* the United States be searched too. Otherwise, the foreigner abroad answering in "yes" and "no" would provide no useful information. Well, that obviously degenerates back to the point of having reason to specifically target the person in the US--and as much as we like to pretend otherwise, guilt by association is not enough for a lot of even very lenient courts to grant effectively roaming warrants to whoever said foreigner speaks to.
Well, except that FISA apparently somewhat, sort of allowed such a warrant--which is a clear violation of the 4th Amendment--but then reversed their position (with no effect as they have no teeth) when it was clear it was being abused. Of course before that point, the Fed didn't bother trying to get a warrant. And even after the whole warrantless wiretapping scandal that invoked the Fed to try to get said general warrant--which strikes me as a clear bill of attainder as enacted under the FISA Amendment Act of 2008--and the revocation of said warrant, there's little sign they'll stop. The only thing the Supreme Court ruling against them would do is mean the Executive Branch will just continue to hold indefinitely some people without trial to avoid the invariably dismissal of a court case for lack of admissible evidence.
When it's considered radical to have a conscience and actually abide by the required rules of disclosure on what all and where all evidence was obtained or that to do so is little more than 'in effect "taking a dive"', I really weep for your actual considerations of what sort of judicial system we should have. But, then, perhaps you'd prefer it if the Obama administration just cut out the middle-man and started summary execution of Tea Party members, Islamic Fundamentalists, and whoever else they don't particularly like? Because it seems clear you have a disdain for the very few people who actually want to follow the law and not hide the wrongdoings of this and previous Administrations who seem to believe their job as Executive Branch is quickly marching to be quite literally the executive branch.
PS - What's with your signature? What are "ordinary opposing views" and how do you begin to define "punish ... in debate"? The former seems loaded to justify your willingness to contradict the latter because you see the opposing view as unordinary, and the latter seems loaded to qualify any strongly worded disagreement as punishment to what you see as your own ordinary opposing views. It would seem clear that your statement is purely subjective, then, which leave it as unproveable.
You know, I think it's actually much worse than that. Lavabit was inherently being asked to engage in fraud. That is, as you state, it's prime selling point was precisely that it wouldn't in some hidden act be complicit in complying with whatever orders from whatever government demanding to undermine its secure e-mail service*. Look at how Google, Microsoft, etc are putting up a good song and dance about the "outrage" of what they complied with. Yet one could believe that corporations of their size would inherently be undermined, be it through official sanction from the CEO or through mole(s). But, a small-time company wouldn't have that sort of implicit property.
In any case, the part that's really bad isn't per se that Lavabit was asked to engage in fraud but that inherently that means the judiciary and executive branches were both co-conspirators directing this fraud. To me, that's a much worse offense than one company/person lying for profit.
*I guess one could argue that inherent to the fact that China, Russia, America, etc all have very conflicting and rival views and how each are quite willing to pretend they have global jurisdiction when it suits them--America is just more public about it--, that it's almost a given that one government would invariably be demanding that such a service hand over keys at some point and hence there's no way that such a service could ever be secure in the sense implied. That would either stand to undermine the implied level of security--which undermines Lavabit's case--or implies a certain level of intentional or incidental misleading/fraudulent claims of security. Of course, that Lavabit would shut its doors instead of giving away keys actually stopped the situation from carrying through to the end as actual fraud, which shows the only one with any character in this situation seems to be Lavabit.
The really galling part to me? That Lavabit can't seemingly do what most every company does in a similar circumstance: take a slap on the wrist, shut its doors, then open again with virtually the same operation under a new name. It's okay to play shell games with the IRS but not the NSA, it seems.
That's not what's been suggested. While the examples given may not be perfect, the point would be generally that a government that does such massive surveillance would seem to collect enough evidence to stop at least *some* terrorist attacks before they occur. And I don't mean the "and now that people question why we have so much surveillance power, let's make up some cases because obviously until now we didn't feel any need to justify ourselves and we'd never toot our own horn prematurely or exaggeratedly".
Inherently, no. But if two said mates are already listed as suspects in previous attacks or are believed to be close associates to terrorist elements, then perhaps an agent should be there to overhear their conversation?
Except what you spell out is precisely the Catch-22 of it all. The organizations demand more monitoring abilities, yet it clearly isn't helping them. And if we try to curtail the intelligence monitoring by computers, then conveniently the blame is left on not monitoring enough. Clearly, though, we were already (back before the mass surveillance) at a point where too much information was coming in and not enough analysis was producing useful results, either in the list of suspects wasn't made narrow enough to devote resources or there simply wasn't enough follow-through even when there, at least in hindsight, appeared just cause for specific further monitoring.
Whether that's more of a conspiracy to not act or simply overly CYOA analysis that makes every potential suspect look like a possible terrorist, it's impossible to know because we're never given any real insight into the files that are possessed on people.
That's SOP in the government, though. When a large project needs to be done and it's deemed as something the government isn't allowed to do internally, it's outsourced to a private firm and generally is a clusterfuck because (1) the private firm almost always overestimates how well they can deliver and (2) the government (like most managers) doesn't have a fixed design spec early enough that budget and time overruns nearly invariably occur--being in-house doesn't magically solve the problem, but it can allow for more rapid collaboration to resolve issues sooner, rather than lat
So, it's a miscarriage of justice to let a guilty man go free because the punishment that would be imposed is unjust? Really? And let's not forget that in most States the sentence of death is kept separate from the question of guilt probably for the above reason--that is, the jury votes separately on whether to impose the death penalty and a non-unanimous vote after a guilty verdict results in a non-lethal sentence.
It'd seem to be for the same reason: justice and the law are not necessarily equivalent and justice is what the jury's job is to seek (so is it the Prosecutor's job, but then they also have a clear motive outside that scope).
As stated above, it depends. And in the specific case, your point doesn't stand precisely because the jury is the one declaring sentence.
It's a question of character. If you believe someone is worthy of death, you should be willing to care through the act to cause their death and not merely through a third party. No, this doesn't mean *every* execution would need to be done this way, but it's like the point stated about butchering animals. We as a society don't do it commonly because it's more efficient to have livestock mass-butchered than to leave it to every home to do--in the past, it was common for most people to do it because most people farmed and grew their own livestock. But an outright unwillingness to butcher an animal ever (for those who eat meat) indicates a willful divorce from the reality of the situation. For animals, you might say it's not such a big deal. But, how is it not a miscarriage of justice when juries are divorced from reality when sentencing a person to death?
Or it's exactly what the legion of Bad Guys want. They've felt the groping touching of the the US government for decades. Now US travelers get to feel it too. And the only way it goes away is if the very core parts the fuel it--the TSA, NSA, etc all thrive on a government ecosystem that values "owning" the world in some fashion--which can only reasonably happen by a US uprising, peaceful or violent, against it.
Is it any wonder that those is the government ecosystem think the terrorists have done the very opposite of winning while so many American citizens feel the terrorists did win?
Non-sequtiur. The entire issue is *banner* ads.
And for a long time they did it without banner ads. In fact, a major reason why Google became the search engine of choice for so many people were their non-intrusive ads. You see, when advertisers are given a small image bar to advertise in, many try to be as loud and obnoxious as possible to get your attention. You say, "but then I'd not buy from them". Yet very few ads are geared towards informing people or convincing people of the worth of a product. Instead, usually the focus is try to create a strong emotional connection of any kind with a brand to make people remember the brand--be it humor, drama, shock, or whatever.
In short, the text-only ads that Google really pioneered removed the ability to push the sort of shock/humor banner ads that, even if they were infrequent, were a very large eyesore for many. Further, the removal of banner ads made it a lot harder to run all sorts of con ads--those that look like legitimate OS-generated messages--which itself was a really blessing. And let's not even get into flash ads or javascript ads...
Really, Google can do whatever they want when it comes to their advertising space. But Google built a brand on "Don't be evil". You may not consider banner ads evil. And even plenty that do may (a) already use ad blocking for the rest of the net and/or (b) not really switch because they're "hooked" on using the service. Further, I doubt it'll result in them losing much traffic overall as there'd have to be some new Google-like company to start up and start over again with them.
In any case, you obviously have missed the point--which is sort of ironic as Google's advertising didn't work on you.
I think you're forgetting something big: the media. No doubt if Microsoft could be taken to court for anti-competitive practices over bundling IE, they'd be in a much worse situation if most the internet that relies on ads was pushing for them to be smacked down for such arrogance. And I don't think they'd get off with a slap on the wrist, either. More importantly, even if absolutely nothing was or could be done legally, you can imagine the effective investigative reporting^W^W smear campaign that would be ran against Microsoft by the media.
No, the unix way* is to have a lot of small programs that are executed on demand, not have a lot of load of small processes that queue and poll for requests. Or, as you note, to have the function as a syscall in the kernel and executed in one monolithic service provider, the kernel. My very premise is the paradigm of having many processes constantly running (even if most aren't running most the time but a few must infrequently to poll for servicing requests) is the overreaching issue. Programs on disk don't use CPU resources but processes in memory can use CPU resources and often do.
*A small point, but the "unix way" is true to the extent that most Unix/Unix-like systems have a monolithic kernel that encapsulates almost all system level functions in the kernel. Hence my comment about "one monolithic service provider". While most kernel services can then be heavily event driven, the ones that can't can be joined together at a few points and optimized to wake up the minimal amount necessary to service requests. Having said that, Minix is an example that strives for more encapsulation of functions into separate user processes and is very much the anti-thesis of "the unix way" in many ways. Yet, it's still very much a Unix in functionality. But I imagine it has the same performance issues as Windows NT because of its architecture.
What I meant was function X and Y that are needed are in services A and B, so hypothetically them being organized in just one service meant only the overhead of one service. The idea that doing more than one thing as the cause of the problem I think is backwards because, as I was saying, each background service has its own overhead. Many smaller services would just mean that many processes and that much more overhead.
Except the size of the code per se is not the issue. 99% of the code isn't executed most the time anyways. It's the 1% that every background service needs to function that's sucking up all the CPU time--and more importantly preventing a deep sleep. Shifting code around could possibly move most common functions together (ie a monolithic design), but simply encapsulating more wouldn't help things much because there's still a heavy hierarchy of services which does nothing to cut down on the number of context switches or I/O transfers on tasks.
I wouldn't call it broken, exactly. It's simply not designed with power management in mind. The only way I'd say it's broken is in that tending towards a more user land collection of services to provide basic functions--be it in a microkernel or hybrid design--can tend towards a lot more processes that are vulnerable to timing attacks or authentication attacks. Most of that may be fixable through consistent macro use and boilerplate code. But clearly there's enough debate on the subject to not have a clear consensus on what's best.
I don't think it's merely about being feature-rich. I think it's also a factor that the designers behind it take what might be considered poor choices for the average user. For example, pavucontrol uses low latency monitoring for volume levels. The problem there isn't that low latency is an option but that it's the hard-baked default and recompiling is the only seeming answer around it. In the name of "sensible defaults" and "just works", pulseaudio is obviously in the same sort of boat as Windows designers. But that still seems a poor excuse for the atrocious performance of pulseaudio. :(
Tribunal And, yea, it's been done plenty of times before in various ways. But it's always so chilling to see how often the US behaves so much like Cardassia, especially the "patriots" who in one breathe speak of their loyalty to the state and in the next speak of their guns to protect their family from the state. In any case, there's plenty of DS9 episodes are much more accessible ways to demonstrate the evil of what we see today. I just don't think enough people are willing to see the obvious parallels. :/
And to both groups of women, I'm tempted to say "avoid them". I can sort of understand the "prefer" part. But, the whole notion that your hair or lack there of may be a deciding factor is a good sign to avoid dating a person. Going out of your way to try to ingratiate yourself to such a person is a sure path to show your willingness to cower to their whim for the rest of your life. Unless that's something you're aiming for...well, you know. :)