The idea that the client or purchaser of a product should have access to repair or to modify a product is the foundation of the Gnu Public License, the software licensing model published by the Free Software Foundation, whose business offices are in Massachusetts. It's also a state where the legislature mandated that government documents be in open formats That was around 2005, and led to profound political hardball, such as the creation of the mislabeled "Open Office XML" format, created by Microsoft by get past the new laws and which, functionally, Microsoft ignores to continue with proprietary and unstable document formats in its flagship "Office" products..
It will be fascinating to see this play out in a state with that kind of legislative history.
Fraud can include work for which their is no intent to interview and hire, but merely collecting American resumes to reject and justify an H1B visa. Fraud can also include bulking out your candidate list, to get more names and more pay, by contacting completely unsuitable candidates. It can also include bait & switch, offering a lucrative job interview, getting the candidate to present resumes and commit to the interview, then offering a _much_ lower salary than was originally discussed, usually with a different title.
More profound fraud includes looking for personal information to commit identity theft. This is especially common when asking for passport photos and driver's licenses for a security check before a verifiable role is even identified.
I'm afraid the IT recruiters from India have also been out of control recently. Their poorly aimed and sometimes even fraudulent IT job calls have been interfering with normal recruiters, whom I refer to people in my fields who are looking for new work or promotions.
That has little, even nothing, to do with HTTPS. "Altered from the source" is occurring in such volume at the news agencies themselves that HTTP insertion is not even a significant issue.
It's business sites, where manipulation of order forms and prices can cause fraudulent orders, that man-in-the-middle abuse is the much larger risk.
Adderall is missing a methyl group that methamphetamine has. Perhaps I should have been more cautious with my language, and called it "chemically related" instead of a "variant". I'm also afraid that their medical effects are more similar than many wish to admit, resulting in their misuse.
> Adderall does not cause physical dependence, unlike drugs like nicotine or opioids or even alcohol. What does happen is psychological dependence and changes to the brain's dopamine system due to abuse
Addiction due to abuse is still physical addiction. Even used clinically, patients are weaned off of the drug when they stop using it. The physical addiction is one of the reasons not to discontinue it "cold turkey".
I've not done so. As I stated, it's a medically pure _variant_ of methamphetamine. They're very similar, chemically and clinically. And yes: mmethamphetamine has an extra methyl group that increases its potency, hence its name. In use, this is mostly made up for by the higher quality of medical grade Adderall compared to street meth. For juveniles and college age users, much of the supply is "diverted" from prescriptions.
> Under long-term medical use at therapeutic doses
I'm afraid that many patients, and physicians, cannot be relied on to follow clinical guidelines. And the tendency to misprescribe, to resell, and to share, Adderall is high.
> Abuse of these drugs is another matter entirely.
Neglecting the abuse of these variants, their addictive nature, and the results of their long-term use on performance and on quality of life is to ignore vital clinical data relevant to tests on Adderall itself.
Adderall, while increasingly popular, has long been familiar among college students. It's a medically pure variant of methamphetamine. Looking into the older tests on methamphetamine and the consequences of its long term use are not promising for the current popularity of the drug.
I'm afraid that many companies already do so, as a matter of course. Cisco has become infamous for the backdoors embedded in their hardware. The "Clipper Chip" of the 1990's was an attempt to do exactly this at a hardware level, and was discarded only when it was discovered that the "law enforcement agency field" checksum too short and people could generate their own, genuinely private keys without direct detection. The newer "Trusted Computing" technology for individual host encryption and software was designed to put all the signature keys, and the signature keys used to authenticate or obsolete other keys, are in Microsoft's private hands in an "escrow" which has no legal protection and which Microsoft has never acknowledged any binding standard of privacy for.
They were facing criminal liability, not only for fostering prostitution, but for injuries to both johns and prostitutes. There was at least one notorious prostitute murder, described at https://nypost.com/2016/11/25/... , and the "Craigslist Ripper" described at https://en.wikipedia.org/wiki/... . Standing up for the free speech and commercial rights of peaceful customers is one business strategy. Accepting the legal liability for deaths or injuries from illegal activity fostered by your advertising service is a much less attractive business, and I understand that at the time Craigslist ended its adult services, it was a strong motivation to do so.
I thought there might be related cases. There certainly have been. See https://www.documentcloud.org/... , where police were allowed to place defendants' fingers on phones or pads to unlock them..The judge basically allowed the state to gain access to existing, stored communications, and to compel the assistance of the defendant to access those communications.
If the defendant has made calls from their cell phone, or sent email or pictures from it in the recent past, there will be records that _can_ be subpoenaed effectively. That would provide good grounds for saying this defendant is lying , It would also be sensible that the judge has no desire to spend the time and effort to issue additional subpoenas.
> Once you start hiring people you can't run a business like a frat house.
It's worked for many businesses throughout history. There have also been slavery, child labor, embezzlement, and genocide. Whether these have been effective for a business in the long term, they've existed throughout history. It does not necessarily contribute to the long-term success of the company, or to the lives of most employees. But please, don't assume that simply because there is a business that it will automatically behave well, or in a politically sensitive way.
Most of us consider the DRM a bug in the media and in the vendor, not a bug in the required customized drivers. Those customized drivers and supporting the constant arms race between DRM manufacturers and anyone who wishes to unlock the content take system resources and developer time that could be spent far more efficiently elsewhere.
Also, let us be plain that this "in-line" encryption simply delays the release of the decrypted content on a modern bittorrent or streaming service. The field is experiencing what XKCD described as the "$5 wrench" problem: sophisticated technological limitations are overwhelmed with low cost, common place, physical tools. Some hackers simply record video with a camera from their terminal output, others run it through a virtualization host with a screen capture feature enabled. And most home viewers _do not care_ about the high resolution possible if only the DRM were completely broken. They've no need or desire for those features, and they are _delighted_ that the image they found on Bittorrent is without the forced copyright warnings and previews for shows they have no with to see. The illegal downloads are thus often _better_ than the commercial downloads. They're smaller because they don't contain undesired features, languages, and advertisements.
You would need to define "server". Downloading patches and running reporting toolkits to find precisely what hardware or software revisions is something I've seen available only via some browsers. I've also seen companies require the local scan to report to the vendor on the web page to select the correct patches for local application. It's as confusing and annoying as Sun's, now Oracle's, practice of forcing you through a web form to sign the latest license agreement for the latest Java toolkit.
This has been threatened for decades. I'll be only slightly surprised if this occurs now. The larger credit unions have been approaching the size, and behavior, of the increasingly rare midsize banks.
I'm sorry to say that I've seen the type of accounting you describe, before. It's.... optimistic.
> Or, if you're an organisation that has those skills already in house
Those skills need to be funded. Given the sensitivity and need for high availability of this service, and the potentially lethal cost of unplanned downtime, I suggest that it needs a full time skilled engineer to support the distinct services unique needs and requirements. If that task can be spread out among a team with other tasks and responsibilities to help them stay trained and alert, that would be a desirable practice. But for the database integration with the basic front end web servers, backup requirements, security updates, etc., I'm claiming that the net responsibilities are a minimum of a full-time engineer. Spreading out the load among the rest of a larger organization doesn't eliminate the cost, it simply funds it from a different budget. The company may be willing to fund that as an overhead cost, but it still comes from _somewhere_.
I suggest a similar cost for the front end support. Web protocols and web browsers change. It's unlikely that the current service supports the very latest protocols, and there is very likely to be technical debt on the front end. This is why you factor in support costs _early_ in the budget process, to be able to handle next years changes in web standards.
> I call bullshit on it needing to be encrypted. It's information on a specific condition, not patient identifiable information. There is no requirement for it to be encrypted.
The data needs to have search requests and transmissions encrypted because it can be packet sniffed anywhere along the way from the physician's office to the upstream storage center, and tied to separate information about the patient present in the office. A search for AIDS treatment, pregnancy, or diseases involving mental acuity has especial value for a private physician's office who treats the wealthy: knowledge that Steve Jobs's physician was looking up liver cancer treatment could have profoundly affected Apple's stock prices.
> Cached at border proxy in each of the organisations where it is used,
These proxies are not free. One can "Akamaize" the content, at a cost. This particular service is likely to be variable on a daily basis, with some very interesting trends on a seasonal or news-sensitive basis.
> When each of the large series started up, internationally there was huge demand. As in millions of pages per day
You're referring to fundamentally static content, served at a large scale but not really that much unique content. It will proxy well. This content is likely to involve a lot of searching and exploring of less predictable content. It's not clear how much churn the proxies would see, I suspect it would be large. It is an interesting question.
> but nothing that can't be handled by very small servers.
These "small servers" are not free, and the optimistic steps taken for an optimistic small startup do not necessarily scale well for a health service. I've worked with smaller, and considerably larger, clusters of "small scale servers". There is a minimum engineering cost per server: it used to be roughly one hour/week/server, and has gotten much better with good automation tools and practices. But the engineering cost for this would include database, backup, backup, front end web service, and security support, none of which are free. That's why I estimate roughly two full time engineers.
One hundred thousand dollars a year is enough to fund roughly one full-time senior engineer with the the broad skills to automate heavily and keep a bulky site with critical data alive. Anohter hundred thousand for one broadly skilled developer to keep the front end working and compatible with new browsers and new standards is also conservative. If we assume servers in AWS, at roughly $1/hour to support the necessary storage, backups, and web traffic for such a bulky system, hat is roughly $17,500/server per year. If we assume roughly 4 servers to allow one host to be down while others are supporting the load, that is also almost $100,000/year.
This is not a service that can run from someone's laptop. The fact that a physician is looking up specific information about a specific disorder at a specific moment is sensitive, so it has to be encrypted, which adds computational requirements which translate to fiscal requirements. Hardening it with a commercially supported load balancer, say an AWS load balancer, is another expense.
Aaron Swartz tried to do that to JSTOR, seeking to create a freely accessible copy. He kept downloading so aggressively he interfered with its legitimate functions, which is partly why JSTORE cooperated in the investigation and partly how he was caught. Part of the difficulty is that creating and organizing the indices and the databases to store and to link that information is not easy or free. Those indices and the cross-references will not show up in a casual download of the content.
Rat poiison is not specific to rats. Laying down that much rat poison, near human food supplies, is likely to cause many other local ecological disasters, especially for any rat predators.
Rats are rapacious omnivores, much like the humans who bring them across oceans in their cargo ships and the humans who concentrate food and waste that the rats can grow their population with. So I'm afraid the rats are a logical result of the much higher human population density near reefs: the local ecology near the reefs fed a much smaller human population without modern agriculture and food imports And I'm afraid that humans do not tolerate the carnivores of rats: they tend to be big enough to threaten our young and our livestock, and many make attractive trophies.
Rats have been co-evolving with humans very successfully. They're going to be very difficult to alter our ecological balance with.
It's designed to screw copyright violators out of as much revenue as possible, to protect the copyrights of the people who pay YouTube's advertising bills. I think that you'll find that the abuse of legitimate creators or posters are a byproduct, not the intent, of the 48 hour review process. It's the abusive "let me put up the new Infinity Gauntlet movie the weekend it's published!" posters that they wish to block, before they get views.
Real people cost money. I've seen a shift, throughout my long career, from bug systems and reporting sytems that involve personnel taking the call to automated systems that solve the problem the company wishes you had and knows how to solve. Too often they do not solve the actual problem encountered, nor is there any option to get to a human. The knowledge of how to get to a human is valuable tribal knowledge, retained by your own support people who have mastered their craft, and there has been real "cost-saving" efforts in many businesses to shut down those back channels.
Slashdot Mirror
The idea that the client or purchaser of a product should have access to repair or to modify a product is the foundation of the Gnu Public License, the software licensing model published by the Free Software Foundation, whose business offices are in Massachusetts. It's also a state where the legislature mandated that government documents be in open formats That was around 2005, and led to profound political hardball, such as the creation of the mislabeled "Open Office XML" format, created by Microsoft by get past the new laws and which, functionally, Microsoft ignores to continue with proprietary and unstable document formats in its flagship "Office" products..
It will be fascinating to see this play out in a state with that kind of legislative history.
Fraud can include work for which their is no intent to interview and hire, but merely collecting American resumes to reject and justify an H1B visa. Fraud can also include bulking out your candidate list, to get more names and more pay, by contacting completely unsuitable candidates. It can also include bait & switch, offering a lucrative job interview, getting the candidate to present resumes and commit to the interview, then offering a _much_ lower salary than was originally discussed, usually with a different title.
More profound fraud includes looking for personal information to commit identity theft. This is especially common when asking for passport photos and driver's licenses for a security check before a verifiable role is even identified.
I'm afraid the IT recruiters from India have also been out of control recently. Their poorly aimed and sometimes even fraudulent IT job calls have been interfering with normal recruiters, whom I refer to people in my fields who are looking for new work or promotions.
That has little, even nothing, to do with HTTPS. "Altered from the source" is occurring in such volume at the news agencies themselves that HTTP insertion is not even a significant issue.
It's business sites, where manipulation of order forms and prices can cause fraudulent orders, that man-in-the-middle abuse is the much larger risk.
Adderall is missing a methyl group that methamphetamine has. Perhaps I should have been more cautious with my language, and called it "chemically related" instead of a "variant". I'm also afraid that their medical effects are more similar than many wish to admit, resulting in their misuse.
> Adderall does not cause physical dependence, unlike drugs like nicotine or opioids or even alcohol. What does happen is psychological dependence and changes to the brain's dopamine system due to abuse
Addiction due to abuse is still physical addiction. Even used clinically, patients are weaned off of the drug when they stop using it. The physical addiction is one of the reasons not to discontinue it "cold turkey".
> That's completely incorrect. Don't spread misinformation.
I've not done so. As I stated, it's a medically pure _variant_ of methamphetamine. They're very similar, chemically and clinically. And yes: mmethamphetamine has an extra methyl group that increases its potency, hence its name. In use, this is mostly made up for by the higher quality of medical grade Adderall compared to street meth. For juveniles and college age users, much of the supply is "diverted" from prescriptions.
> Under long-term medical use at therapeutic doses
I'm afraid that many patients, and physicians, cannot be relied on to follow clinical guidelines. And the tendency to misprescribe, to resell, and to share, Adderall is high.
> Abuse of these drugs is another matter entirely.
Neglecting the abuse of these variants, their addictive nature, and the results of their long-term use on performance and on quality of life is to ignore vital clinical data relevant to tests on Adderall itself.
Adderall, while increasingly popular, has long been familiar among college students. It's a medically pure variant of methamphetamine. Looking into the older tests on methamphetamine and the consequences of its long term use are not promising for the current popularity of the drug.
I'm afraid that many companies already do so, as a matter of course. Cisco has become infamous for the backdoors embedded in their hardware. The "Clipper Chip" of the 1990's was an attempt to do exactly this at a hardware level, and was discarded only when it was discovered that the "law enforcement agency field" checksum too short and people could generate their own, genuinely private keys without direct detection. The newer "Trusted Computing" technology for individual host encryption and software was designed to put all the signature keys, and the signature keys used to authenticate or obsolete other keys, are in Microsoft's private hands in an "escrow" which has no legal protection and which Microsoft has never acknowledged any binding standard of privacy for.
They were facing criminal liability, not only for fostering prostitution, but for injuries to both johns and prostitutes. There was at least one notorious prostitute murder, described at https://nypost.com/2016/11/25/... , and the "Craigslist Ripper" described at https://en.wikipedia.org/wiki/... . Standing up for the free speech and commercial rights of peaceful customers is one business strategy. Accepting the legal liability for deaths or injuries from illegal activity fostered by your advertising service is a much less attractive business, and I understand that at the time Craigslist ended its adult services, it was a strong motivation to do so.
I thought there might be related cases. There certainly have been. See https://www.documentcloud.org/... , where police were allowed to place defendants' fingers on phones or pads to unlock them..The judge basically allowed the state to gain access to existing, stored communications, and to compel the assistance of the defendant to access those communications.
If the defendant has made calls from their cell phone, or sent email or pictures from it in the recent past, there will be records that _can_ be subpoenaed effectively. That would provide good grounds for saying this defendant is lying , It would also be sensible that the judge has no desire to spend the time and effort to issue additional subpoenas.
> Once you start hiring people you can't run a business like a frat house.
It's worked for many businesses throughout history. There have also been slavery, child labor, embezzlement, and genocide. Whether these have been effective for a business in the long term, they've existed throughout history. It does not necessarily contribute to the long-term success of the company, or to the lives of most employees. But please, don't assume that simply because there is a business that it will automatically behave well, or in a politically sensitive way.
Most of us consider the DRM a bug in the media and in the vendor, not a bug in the required customized drivers. Those customized drivers and supporting the constant arms race between DRM manufacturers and anyone who wishes to unlock the content take system resources and developer time that could be spent far more efficiently elsewhere.
Also, let us be plain that this "in-line" encryption simply delays the release of the decrypted content on a modern bittorrent or streaming service. The field is experiencing what XKCD described as the "$5 wrench" problem: sophisticated technological limitations are overwhelmed with low cost, common place, physical tools. Some hackers simply record video with a camera from their terminal output, others run it through a virtualization host with a screen capture feature enabled. And most home viewers _do not care_ about the high resolution possible if only the DRM were completely broken. They've no need or desire for those features, and they are _delighted_ that the image they found on Bittorrent is without the forced copyright warnings and previews for shows they have no with to see. The illegal downloads are thus often _better_ than the commercial downloads. They're smaller because they don't contain undesired features, languages, and advertisements.
You would need to define "server". Downloading patches and running reporting toolkits to find precisely what hardware or software revisions is something I've seen available only via some browsers. I've also seen companies require the local scan to report to the vendor on the web page to select the correct patches for local application. It's as confusing and annoying as Sun's, now Oracle's, practice of forcing you through a web form to sign the latest license agreement for the latest Java toolkit.
This has been threatened for decades. I'll be only slightly surprised if this occurs now. The larger credit unions have been approaching the size, and behavior, of the increasingly rare midsize banks.
I'm sorry to say that I've seen the type of accounting you describe, before. It's.... optimistic.
> Or, if you're an organisation that has those skills already in house
Those skills need to be funded. Given the sensitivity and need for high availability of this service, and the potentially lethal cost of unplanned downtime, I suggest that it needs a full time skilled engineer to support the distinct services unique needs and requirements. If that task can be spread out among a team with other tasks and responsibilities to help them stay trained and alert, that would be a desirable practice. But for the database integration with the basic front end web servers, backup requirements, security updates, etc., I'm claiming that the net responsibilities are a minimum of a full-time engineer. Spreading out the load among the rest of a larger organization doesn't eliminate the cost, it simply funds it from a different budget. The company may be willing to fund that as an overhead cost, but it still comes from _somewhere_.
I suggest a similar cost for the front end support. Web protocols and web browsers change. It's unlikely that the current service supports the very latest protocols, and there is very likely to be technical debt on the front end. This is why you factor in support costs _early_ in the budget process, to be able to handle next years changes in web standards.
> I call bullshit on it needing to be encrypted. It's information on a specific condition, not patient identifiable information. There is no requirement for it to be encrypted.
The data needs to have search requests and transmissions encrypted because it can be packet sniffed anywhere along the way from the physician's office to the upstream storage center, and tied to separate information about the patient present in the office. A search for AIDS treatment, pregnancy, or diseases involving mental acuity has especial value for a private physician's office who treats the wealthy: knowledge that Steve Jobs's physician was looking up liver cancer treatment could have profoundly affected Apple's stock prices.
> Cached at border proxy in each of the organisations where it is used,
These proxies are not free. One can "Akamaize" the content, at a cost. This particular service is likely to be variable on a daily basis, with some very interesting trends on a seasonal or news-sensitive basis.
> When each of the large series started up, internationally there was huge demand. As in millions of pages per day
You're referring to fundamentally static content, served at a large scale but not really that much unique content. It will proxy well. This content is likely to involve a lot of searching and exploring of less predictable content. It's not clear how much churn the proxies would see, I suspect it would be large. It is an interesting question.
> but nothing that can't be handled by very small servers.
These "small servers" are not free, and the optimistic steps taken for an optimistic small startup do not necessarily scale well for a health service. I've worked with smaller, and considerably larger, clusters of "small scale servers". There is a minimum engineering cost per server: it used to be roughly one hour/week/server, and has gotten much better with good automation tools and practices. But the engineering cost for this would include database, backup, backup, front end web service, and security support, none of which are free. That's why I estimate roughly two full time engineers.
One hundred thousand dollars a year is enough to fund roughly one full-time senior engineer with the the broad skills to automate heavily and keep a bulky site with critical data alive. Anohter hundred thousand for one broadly skilled developer to keep the front end working and compatible with new browsers and new standards is also conservative. If we assume servers in AWS, at roughly $1/hour to support the necessary storage, backups, and web traffic for such a bulky system, hat is roughly $17,500/server per year. If we assume roughly 4 servers to allow one host to be down while others are supporting the load, that is also almost $100,000/year.
This is not a service that can run from someone's laptop. The fact that a physician is looking up specific information about a specific disorder at a specific moment is sensitive, so it has to be encrypted, which adds computational requirements which translate to fiscal requirements. Hardening it with a commercially supported load balancer, say an AWS load balancer, is another expense.
Aaron Swartz tried to do that to JSTOR, seeking to create a freely accessible copy. He kept downloading so aggressively he interfered with its legitimate functions, which is partly why JSTORE cooperated in the investigation and partly how he was caught. Part of the difficulty is that creating and organizing the indices and the databases to store and to link that information is not easy or free. Those indices and the cross-references will not show up in a casual download of the content.
Rat poiison is not specific to rats. Laying down that much rat poison, near human food supplies, is likely to cause many other local ecological disasters, especially for any rat predators.
Rats are rapacious omnivores, much like the humans who bring them across oceans in their cargo ships and the humans who concentrate food and waste that the rats can grow their population with. So I'm afraid the rats are a logical result of the much higher human population density near reefs: the local ecology near the reefs fed a much smaller human population without modern agriculture and food imports And I'm afraid that humans do not tolerate the carnivores of rats: they tend to be big enough to threaten our young and our livestock, and many make attractive trophies.
Rats have been co-evolving with humans very successfully. They're going to be very difficult to alter our ecological balance with.
It's designed to screw copyright violators out of as much revenue as possible, to protect the copyrights of the people who pay YouTube's advertising bills. I think that you'll find that the abuse of legitimate creators or posters are a byproduct, not the intent, of the 48 hour review process. It's the abusive "let me put up the new Infinity Gauntlet movie the weekend it's published!" posters that they wish to block, before they get views.
Real people cost money. I've seen a shift, throughout my long career, from bug systems and reporting sytems that involve personnel taking the call to automated systems that solve the problem the company wishes you had and knows how to solve. Too often they do not solve the actual problem encountered, nor is there any option to get to a human. The knowledge of how to get to a human is valuable tribal knowledge, retained by your own support people who have mastered their craft, and there has been real "cost-saving" efforts in many businesses to shut down those back channels.
You add features "to complete sprints".
As best I can tell, he's been granted a permanent visa. He is not a New Zealand citizen.