> The government cannot break up a company because it doesn't like their message or news. That violates the 1st Amendment.
A government can try and it's occurred repeatedly. Please look into the history of the Washington Post publication of the Pentagon Papers, the publication of previously restricted details of thermonuclear weapons technolgies by Progressive, Inc., and the current bans on advertising cigarettes. "Doesn't like their message or news" is a very broad category: a government may not like the message because it is fraudulent, or treasonous, and many governments restrict such messages.
> This idea that a bunch of trolls can target a population and sway their ideas assumes people are really dumb animals.
It suggests that they are social creatures, and that ideas evolve much as biology evolves. It is also consistent with deceit, confusion, and imperfect information are built into every layer of social interaction, and many layers of physical and sensory interaction. "Trolls", scoundrels, and frauds have been part of human behavior and politics at every social level since group dynamics existed even in quite simple animals. Even intelligent, clever creatures can be and are fooled on a frequent basis. I suggest that fraud is unavoidable in complex social systems.
The _reaction_ to and exposure of fraud is also part of the social system. But let us not be surprised that fraud exists.
I'm not insisting that Amazon or Google has one on this case. I'm pointing out that "Any business has a right to choose what they do or do not sell" can break down in monopoly cases.
Google is not the primary content owner. The YouTube creators are the primary content owners, and they're _happy_ for YouTube to be a more broadly available publication tool.
> are certainly under no obligation to sell a competitors product.
It can be monopoly abuse to refuse to carry a competitor's separate product or service in your storefronts or block compatibility when you have an overwhelming monopoly used to shut them out of a separate line of business altogether. This was precisely the case with AT&T when it was split up, and was very much the case with Microsoft with Windows and Netscape.
Please, don't confuse the behavior of mishandling passwords for convenience with actual abuse of those mishandled passwords. The abuse was a separate, later behavior by the previous "Jeopardy" winner.
I've encountered this in environments claiming PCI, HIPAA, and FIRPAA compliance. The IT person asked to clear up lost passwords, en masse, is specifically told by their manager to send clear text one-time passwords, and may be told not to expire them, and is even told by their manager to use the same password for all one-time users. Objections are overridden as "wasting people'e time" and "interfering with the business". The result is that there may be dozens of accounts in even a small business where low-use email accounts are accessible for forged access for indefinite periods.
Part of Ronald Reagan's "Star Wars" program was satellite based ballistic missile defense. I've seen little sign that its various researched programs ever worked, but there were several theoretical programs, such as the nuclear device triggered orbital X-ray lasyers, that might theoretically have been effective against such an attack. Part of the difficulty is that such a "defensive" technology is far easier to target against ground targets than against moving ballistic missiles: it would have constituted a direct violation of the "Outer Space Treaty". That treaty is now over 50 years old, and has helped prevent the deployment of weapons of mass destruction in orbit.
Other powerful orbital weapons also run into some treaty limitations. The nuclear pumped X-ray laser may be the most notorious.
Clearing up fungus in extremities is nonetheless a very useful treatment, especially for people with poor circulation or those recovering from poor foot care.
The idea that it "doesn't matter if you cover your skin with poison" is in conflict with issues of absorption, and the kinds of skin cracks or even ulcers associated with very bad fungal infections.
> where Yitzhak Rabin, Yasser Arafat and Bill Clinton ended the Middle East conflict
Norway has been a good example of a stable and peaceful nation. But let's not over-estimate their accomplishments. If Norway develops aircraft as safe and reliable as the borders between Israel and Palestine set in the Oslo accords, would you consider that a success as well? I most certainly would not.
Those are not passenger craft. A very expensive-to-fly proof of concept aircraft is not the same as flying thousands of passangers a day from a commercial airport.
It's close enough for "lies to children", which is how Terry Pratchett and his co-authors of "Science of Discworld" described educational simplifications.
I've explained some aspects by walking children, and physics students, through the "ladder paradox" described at https://en.wikipedia.org/wiki/....The principle of simultaneity which is key to understanding it is often glossed over by many people trying to understand the event. The idea that the time of events depends on the observer so deeply is _enormously_ confusing to students who've been poorly educated. It also lays open extremely critical concepts to a child to understand that the same event will _always_ look different to different frames of reference, or different points of view.
Amazon has to deal with extensive licensing and legal requests for data from many nations, some of whom have far more extensive monitoring than the USA. I'm particularly thinking of the "Great Firewall of China". There is also very little reason to think that AWS does not have the cloud equivalent of "Room 641A" formerly active in one of AT&T's hubs. See https://www.wired.com/2013/06/... for a news reports with links to more history about the system.
> Again, why would they go through the public rulemaking/lawmaking if they wanted to nefariously track people?
Expense and scale. If the monitoring is already built in, they can use it wholesale as a matter of course, rather than exert the effort to harvest any particular device's data. We see this today with the FBI's objections to iPhone security.
> Why do you believe that a nefarious government agency out to track all citizens would require notifying you or a law to install their software?
The US certaomlyhas nefarious organizations who do install illegal monitoring software as a matter of course. The word "require" that you've used is an important distinction. The FCC could require such tracking tools as a matter of course to approve cell phones for use in the USA. The "nefarious agencies" could require that not only do 911 calls have data recorded and turned over without a court order, but that the location and owner information of telephones _near_ the 911 call be made available to them, automatically, without a court order.
The range of potential abuses of automatically recorded location information is large, and the potential already inherent. It would be very reasonable to think cautiously about the consequences and legal limitations _before_ investing in the technology and design changes.
Uber and Lyft get your location information, tied to your cell phone, when you look at the map to get the price of the ride. This is _before_ you order anything. They may protect it via anonymizing their records, but it _is_ tired to your individual cell phone client installation. So is information about access points near your cell phone, if you have wi-fi enabled, since that's one of the technologies used to enhance your location information.
> If the government starts proposing a law to track you at all times then by all means get worked up about it.
I'd like to point out the "First they came" message, about creeping government power and abuses?
> Large organizations will end up paying more by using open source because ultimately you STILL need to pay (a lot) for someone to provide service and support for that software.
I've been involved in a number of such migrations for more than 20 years. It's been very successful when the benefits are clear to the users of the software, especially when the closed source upgrade path is extremely poor. In many cases the Linux or UNIX support has been vastly less expensive, especially to configure and migrate to new operating system releases, or to link to other tools. Those are not free tasks, but they tend to scale much better across a company's production servers than they do with closed source tools.
> I can manage 10, 100, 10000 desktop using the same armchair tools. Hell, I don't even need to leave my desk to remote wipe and clean image a desktop/server...or 10, 100, 10000, etc.
I've done these sorts of tasks for much of my career. And no, there are many tasks you _cannot_ scale this easily. They include system and network performance performance monitoring, backup, high availability., and remote console access.
Citibank was deeply involved in the subprime morgage crisis, and had to pay fines of roughly 7 billion dollars. If you think that major banks are immune from large scale theft, I'm afraid you'll need to rethink that.
Not all environments allow access to boot menue screens. In particular, virtualized hosts do not allow access unless the owner of the virtual server elects to allow graphical access to the hypervisor. This is technologically feasible but proscribed for basic security reasons by various virtualization providers, such as AWS and many locally administered virtualiztion toolkits.
Failing to use a particular new kernel is not "bricking". Bricking, as commonly used, means the physical hardware is unrecoverable and needs to be replaced. Recovering a failed Ubuntu kernel means being able to select a different kernel to boot with. This means console access or access to the disk image. These are problematic and can disable production servers. But it's much less destructive than ruining the physical hardware.
> Why would you give a kid a fantastic way to communicate easily and then disable it ever?
Because it tends not to be used for effective communication. "Like" on a Facebook page is not effective. Playing "Pokemon Go" is not visiting a neighborhood and experiencing life it. The ability to write or read a thoughtful message is profoundly hindered by cell phones with their small screens and resulting shortened sentence structure, especially when the screen is cluttered with extraneous graphics.
Because cryptocurrency trading requires significant computational resources to occur quickly, expect the same developers and traders who created hi-frequency trading to invest their time and money in cryptocurrency arbitrage. With the current wildly fluctuating currency prices, it leaves them opportunities similar to those in hi-frequency trading on the NASDAQ and other stock exchanges to engage in precisely the same draining of consumer profit out of cryptocurrency arbitrage that these companies perform in more standard currencies and stocks.
> No one imagined trying an exploit like these until recently.
I'm afraid that this is not true. I'm following an intriguing discussion of similar side-channel attacks on Multics systems on GE hardware in roughly 1970. It's not a new problem. I've been trying to explain repeatedly to some colleagues while reviewing these attacks that doing "speculative compilation" is very appealing at first glance, but the work involved in doing it is not free. Security risks and maintenance of the resources are critical and related costs of such optimization.
Slashdot Mirror
> The government cannot break up a company because it doesn't like their message or news. That violates the 1st Amendment.
A government can try and it's occurred repeatedly. Please look into the history of the Washington Post publication of the Pentagon Papers, the publication of previously restricted details of thermonuclear weapons technolgies by Progressive, Inc., and the current bans on advertising cigarettes. "Doesn't like their message or news" is a very broad category: a government may not like the message because it is fraudulent, or treasonous, and many governments restrict such messages.
> This idea that a bunch of trolls can target a population and sway their ideas assumes people are really dumb animals.
It suggests that they are social creatures, and that ideas evolve much as biology evolves. It is also consistent with deceit, confusion, and imperfect information are built into every layer of social interaction, and many layers of physical and sensory interaction. "Trolls", scoundrels, and frauds have been part of human behavior and politics at every social level since group dynamics existed even in quite simple animals. Even intelligent, clever creatures can be and are fooled on a frequent basis. I suggest that fraud is unavoidable in complex social systems.
The _reaction_ to and exposure of fraud is also part of the social system. But let us not be surprised that fraud exists.
I'm not insisting that Amazon or Google has one on this case. I'm pointing out that "Any business has a right to choose what they do or do not sell" can break down in monopoly cases.
Google is not the primary content owner. The YouTube creators are the primary content owners, and they're _happy_ for YouTube to be a more broadly available publication tool.
> are certainly under no obligation to sell a competitors product.
It can be monopoly abuse to refuse to carry a competitor's separate product or service in your storefronts or block compatibility when you have an overwhelming monopoly used to shut them out of a separate line of business altogether. This was precisely the case with AT&T when it was split up, and was very much the case with Microsoft with Windows and Netscape.
Please, don't confuse the behavior of mishandling passwords for convenience with actual abuse of those mishandled passwords. The abuse was a separate, later behavior by the previous "Jeopardy" winner.
I've encountered this in environments claiming PCI, HIPAA, and FIRPAA compliance. The IT person asked to clear up lost passwords, en masse, is specifically told by their manager to send clear text one-time passwords, and may be told not to expire them, and is even told by their manager to use the same password for all one-time users. Objections are overridden as "wasting people'e time" and "interfering with the business". The result is that there may be dozens of accounts in even a small business where low-use email accounts are accessible for forged access for indefinite periods.
Part of Ronald Reagan's "Star Wars" program was satellite based ballistic missile defense. I've seen little sign that its various researched programs ever worked, but there were several theoretical programs, such as the nuclear device triggered orbital X-ray lasyers, that might theoretically have been effective against such an attack. Part of the difficulty is that such a "defensive" technology is far easier to target against ground targets than against moving ballistic missiles: it would have constituted a direct violation of the "Outer Space Treaty". That treaty is now over 50 years old, and has helped prevent the deployment of weapons of mass destruction in orbit.
Other powerful orbital weapons also run into some treaty limitations. The nuclear pumped X-ray laser may be the most notorious.
Clearing up fungus in extremities is nonetheless a very useful treatment, especially for people with poor circulation or those recovering from poor foot care.
The idea that it "doesn't matter if you cover your skin with poison" is in conflict with issues of absorption, and the kinds of skin cracks or even ulcers associated with very bad fungal infections.
> where Yitzhak Rabin, Yasser Arafat and Bill Clinton ended the Middle East conflict
Norway has been a good example of a stable and peaceful nation. But let's not over-estimate their accomplishments. If Norway develops aircraft as safe and reliable as the borders between Israel and Palestine set in the Oslo accords, would you consider that a success as well? I most certainly would not.
Those are not passenger craft. A very expensive-to-fly proof of concept aircraft is not the same as flying thousands of passangers a day from a commercial airport.
It's close enough for "lies to children", which is how Terry Pratchett and his co-authors of "Science of Discworld" described educational simplifications.
I've explained some aspects by walking children, and physics students, through the "ladder paradox" described at https://en.wikipedia.org/wiki/... .The principle of simultaneity which is key to understanding it is often glossed over by many people trying to understand the event. The idea that the time of events depends on the observer so deeply is _enormously_ confusing to students who've been poorly educated. It also lays open extremely critical concepts to a child to understand that the same event will _always_ look different to different frames of reference, or different points of view.
Amazon has to deal with extensive licensing and legal requests for data from many nations, some of whom have far more extensive monitoring than the USA. I'm particularly thinking of the "Great Firewall of China". There is also very little reason to think that AWS does not have the cloud equivalent of "Room 641A" formerly active in one of AT&T's hubs. See https://www.wired.com/2013/06/... for a news reports with links to more history about the system.
> Again, why would they go through the public rulemaking/lawmaking if they wanted to nefariously track people?
Expense and scale. If the monitoring is already built in, they can use it wholesale as a matter of course, rather than exert the effort to harvest any particular device's data. We see this today with the FBI's objections to iPhone security.
> Why do you believe that a nefarious government agency out to track all citizens would require notifying you or a law to install their software?
The US certaomlyhas nefarious organizations who do install illegal monitoring software as a matter of course. The word "require" that you've used is an important distinction. The FCC could require such tracking tools as a matter of course to approve cell phones for use in the USA. The "nefarious agencies" could require that not only do 911 calls have data recorded and turned over without a court order, but that the location and owner information of telephones _near_ the 911 call be made available to them, automatically, without a court order.
The range of potential abuses of automatically recorded location information is large, and the potential already inherent. It would be very reasonable to think cautiously about the consequences and legal limitations _before_ investing in the technology and design changes.
Uber and Lyft get your location information, tied to your cell phone, when you look at the map to get the price of the ride. This is _before_ you order anything. They may protect it via anonymizing their records, but it _is_ tired to your individual cell phone client installation. So is information about access points near your cell phone, if you have wi-fi enabled, since that's one of the technologies used to enhance your location information.
> If the government starts proposing a law to track you at all times then by all means get worked up about it.
I'd like to point out the "First they came" message, about creeping government power and abuses?
https://en.wikipedia.org/wiki/......
> Large organizations will end up paying more by using open source because ultimately you STILL need to pay (a lot) for someone to provide service and support for that software.
I've been involved in a number of such migrations for more than 20 years. It's been very successful when the benefits are clear to the users of the software, especially when the closed source upgrade path is extremely poor. In many cases the Linux or UNIX support has been vastly less expensive, especially to configure and migrate to new operating system releases, or to link to other tools. Those are not free tasks, but they tend to scale much better across a company's production servers than they do with closed source tools.
> I can manage 10, 100, 10000 desktop using the same armchair tools. Hell, I don't even need to leave my desk to remote wipe and clean image a desktop/server...or 10, 100, 10000, etc.
I've done these sorts of tasks for much of my career. And no, there are many tasks you _cannot_ scale this easily. They include system and network performance performance monitoring, backup, high availability., and remote console access.
Citibank was deeply involved in the subprime morgage crisis, and had to pay fines of roughly 7 billion dollars. If you think that major banks are immune from large scale theft, I'm afraid you'll need to rethink that.
South Park made this joke, in more detail:
https://www.youtube.com/watch?...
Not all environments allow access to boot menue screens. In particular, virtualized hosts do not allow access unless the owner of the virtual server elects to allow graphical access to the hypervisor. This is technologically feasible but proscribed for basic security reasons by various virtualization providers, such as AWS and many locally administered virtualiztion toolkits.
Failing to use a particular new kernel is not "bricking". Bricking, as commonly used, means the physical hardware is unrecoverable and needs to be replaced. Recovering a failed Ubuntu kernel means being able to select a different kernel to boot with. This means console access or access to the disk image. These are problematic and can disable production servers. But it's much less destructive than ruining the physical hardware.
> Why would you give a kid a fantastic way to communicate easily and then disable it ever?
Because it tends not to be used for effective communication. "Like" on a Facebook page is not effective. Playing "Pokemon Go" is not visiting a neighborhood and experiencing life it. The ability to write or read a thoughtful message is profoundly hindered by cell phones with their small screens and resulting shortened sentence structure, especially when the screen is cluttered with extraneous graphics.
Because cryptocurrency trading requires significant computational resources to occur quickly, expect the same developers and traders who created hi-frequency trading to invest their time and money in cryptocurrency arbitrage. With the current wildly fluctuating currency prices, it leaves them opportunities similar to those in hi-frequency trading on the NASDAQ and other stock exchanges to engage in precisely the same draining of consumer profit out of cryptocurrency arbitrage that these companies perform in more standard currencies and stocks.
> No one imagined trying an exploit like these until recently.
I'm afraid that this is not true. I'm following an intriguing discussion of similar side-channel attacks on Multics systems on GE hardware in roughly 1970. It's not a new problem. I've been trying to explain repeatedly to some colleagues while reviewing these attacks that doing "speculative compilation" is very appealing at first glance, but the work involved in doing it is not free. Security risks and maintenance of the resources are critical and related costs of such optimization.