> Every mammal on this planet instinctively develops a natural equilibrium with the surrounding environment; but you humans do not. Y
"Instinctively develops" such a relationship? I'd say "no". Many mammals, introduced to new environment, have no means to make such accommodation and devastate ecosystems. A very classic example is the introduction of rabbits to Australia's ecosystem: others include the introduction of goats almost anywhere, since goats are notorious for cropping plants much closer to the root and destroying the plant parts of ecosystems.
The idea that all mammals "develop a natural equilibrium" ignores the cycles of population growth and decline of simple predator/prey relationships, like the well analyzed one between wolves and rabbits described at https://stanford.edu/~ajspakow... . These equilibria don't require instinct, nor does there seem to be "insinct" involved. They only require negative feedback from the environment.
You cannot allocate the space to save the state from which a function is called, nor allocate new space to copy in specified function with space for its local variables, without access to the kernel. Nor can you read the end state of the called function and return its generated information or status to the working environment or connect its results to other programs without kernel level functions. It's true that many libraries efectively abstract away this operation at the library level, including libc or glibc themselves. It's also true that I have, on occasion, appalled colleagues by insisting on looking beneath a layer of abstraction to note the resource issues at a separate layer.
Learning to actually _look_ at the underlying cost and behavior of software at its lowest levels was a lesson I learned using Multics. I'm afraid it cost me popularity with some of my colleagues, but it was vital to protecting performance and avoiding errors on such a constrained operating system and on such resource constrained hardware shared by a working group.
I used it myself. Your analysis is correct. It was also prone to oversubscription. Students and computer scientists were programming it with the beginnings of "object oriented programming" with languages like LISP, and taught to use self-reference and recursion as part of their philosophically preferred approach rather than as resource expensive tools to use only when needed. The result was _profoundly_ expensive in system resources: calling a function is a much more expensive operation at the kernel level than running a loop. It led to code with no reporting on its current state and no well defined checkpoints, because that was handlined inside of another recursively called function which was actively discouraged from looking inside. The failures of recursion to terminate led to runaway resource consumption by many different less skilled programmers. Given the age of Multics, there was little resource management: the servers became extremely overwhelmed when homework was due on student systems, and when projects were due for business or research use.
UNIX learned many lessons from Multics: more effective multi-tasking and resource control were some of the more important lessons.
> The little "green" label or "locked" icon continues to indicate that the certificate is valid
I need to revise this. Some browsers provide additional indicators that a certificate has "extended validation". But the ordinary user simply does not care nor will they notice.
I'm afraid that to the average user, there is no difference. The little "green" label or "locked" icon continues to indicate that the certificate is valid and the user has little reason, and not many resources, to verify that they are dealing with a validated but fraudulent, SSL certificate. Even automated tools that mirror content, such as for git repositories or software repositories, can be fooled by such certificates.
Few civil court judges are willing to overrule federal law and the US Supreme Court ruling that the federal law overruled more local, plaintiff friendly policies. Examine the Federal Arbitration Act. It may not apply in many cases, but deciding when it does and does not prevent a company from forcing arbitration is one of those legal questions that costs hours of expensive lawyer time to decide before even proceeding to court.
I'm afraid that there are too many cases where "just get another job!" has been an excuse for systemic Gender abuse, racism, and homophobia in the workplace are merely examples. It's also included unpaid overtime, nepotism, sexual harassment, and employment fraud. Forced arbitration, which is what this inherently is for all employees, provides much stronger benefit to the larger legal entity, who is typically the entity that selects the arbitrator. These arbitrations are also typically sealed: the evidence submitted to them is not available to any other possible plaintiffs.
From my experience with corporate lawsuits, they're workable for modest cases where the cost of a lawsuit would outweigh the cost of any reasonable settlement. But they have no legally binding force for anyone but the plaintiff and that company's relationship with that particular plaintiff. For widespread workplace abuse, they're not helpful at stopping or preventing the abuse as a matter of policy.
Get a coffee thermos. Refill it from the tap, at a tiny fraction of the price, and protect the environment and our wallet. Or save a soda bottle, which tend to be much tougher than those stupid "spring water" bottles, and rinse it out, and fill it from the tap. Lasts months, even years.
Explaining to people that, instead of buying a Starbucks coffee, they can just buy the cheapest, worst coffee and drop a Milky Way bar in it for much less money and the same nutritional value is also fun to do to the hipsters.
China has hundreds of millions of XP systems still live and Internet exposed, even if only through home routers. It's still a very fertile ground for infection.
This is not always this easy. Even 3 year old versions of OpenSSL have eal compatibility issues with the most recent releases, and the most basic software compiled with the old dependency can be broken by breaking change in the library. Even such robust software as OpenSSH, curl, wget, and apt have had issues with encryption library updates.
I'm afraid that the idea that private companies upgrade regularly or reliably is not well founded in corporate experience.
I'm up right now tuning and helping run disk backups to virtualize obsolete software on obsolete hardware because many private companies _do not_ upgrade. Getting proper backups of them before replacing or upgrading them can be quite tricky when the backup software is the policy mandated corporate licensed software, and it's old, buggy, and the upgrade version does not run on the out of date operating system.
Do you actually submit them to Sci-Hub? Then in such a case, I'd completely agree that they are not engaging in theft. Do you transfer copyright ownership or full publication rights to subscription venues when you published there, if you ever did so? In which case, Sci-Hub would still be acting illegally, but without your personal objection. That's a position I'd quite understand.
If you're willing to discuss it, I'd quite welcome an explanation of why you elect not publish with Elsevier.
I'm also afraid that the more I think about Sci-Hub, the more I'm concerned about scientific fraud published there. Sci-hub has no reliable editing or review process that I can see. This lack of quality control is a real risk to scientific research. Exciting, but mistaken or even fraudulent research can displace less exciting that shows that magnetic monopoles were _not_ discovered, or that transplanting animal kidneys into humans does not end well, or that new herbal preparatons do not actually help with obesity, can be overwhelmed by poorly researched work with no editing or peer review. A critical part of the work of scientific journals is to review the work for authenticity before it's published. That would seem to be lost at Sci-Hub.
> Injunctions and special damages are different in large part because injunctions directly prevent or impair further tortious actions, where special damages have only indirect effects, and are meant as a disincentive to offend further.
That is a fascinating point. Thank you for raising it. I'm unconvinced that I completely agree with it. Even pure "damages" awards can be, and sometimes are, pressed that are beyond a direct measurable amount, and _granted_ under legal pretexts to provide punishment. The definition of "punishment" you're raising may have a real legal meaning, and is worth some review. But I suggest it's not the common English one, and seizure of assets or court ordered payment would seem to be "punishment" of a civil defendant in common language.
I'm forced to refer back to your earlier note:
> In this case, there is no punishment, because it was not a criminal case. There are damages and injunctions, and so far the defendant has avoided almost all of those. That unwillingness to face the consequences makes it hard to call it civil disobedience, much less to argue that it was morally justified civil disobedience.
This makes better sense with your clarification of what you meant by "punishment". Thank you for that clarification.
> In this case, there is no punishment, because it was not a criminal case.
That seems very confusing, or perhaps confused. How is a successful conviction against a defendant, with fines and property seized, not a punishment of a defendant?
I'm afraid that it's called "theft", and is treated as such by the courts and by most people who actually _write_ and publish such papers. For most standards of civil disobedience, accepting the legal consequences is part of what makes it "civil" disobedience.
I'm also afraid there is an even more severe problem for scientific work. As best I can tell Sci-Hub makes _no_ effort to verify the content or authenticity of what they host. Such a loss of verification or of provenance of the data published endangers even the best of professional journals. and contributes to problems like this:
The result is that via unchecked content at places like Sci-Hub, the fake journals rise in search engine ranking and reinforce fraudulent or actively dangerous dangerous scientific claims. Similar problems exist for trade websites, such as https://www.stackoverflow.com/. Good answers get copied from elsewhere, edited down for simplicity or shortness by the copier, and vital safety steps are left out of the most popular answers. The results can be very dangerous when the shortened answers get applied in the field.
Sourceforge had occasionally proven useful if developers insisted on using Subversion rather than Git based source control. I'm aware of several projects that use it in order be able to sync single directories of upstream project code, rather than having to mirror an entire project locally. But the much cleaner and less overwhelmingly ad based interface to the github or gitlab web interfaces is an enormous timesaver over Sourceforge's pages where over 90% of the screen space is pure advertising. I'm also afraid that the "download" pages for source code or binaries are deliberately cluttered with misleading links designed to install adware on your system.
Sourceforge used to be a very good repository for open source projects, but I'm afraid became quite unsafe and even unusable for most developers or software users due to the deliberately misleading download links.
The article you cite seems to be based on ignoring _local_ law and its interaction with federal and international law. In the USA, extortion is normally considered a state matter, not a federal or international one. But as soon as the offence crosses state or international lines, it can easily become one.
Please, be careful what you read from such an article. At least in the USA, there is considerable _state_ law about extortion. Much of it is easily discoverable at http://statelaws.findlaw.com/c.... While not every state has specifically mentioned computer extortion, the older extortion statutes should still apply with little confusion. As soon as money or goods cross state lines, it becomes a matter of federal interest to US law enforcement. If it crosses international lines, it becomes of interest the the UN FACT, which is concerned with money laundering.
It's completely understandable that an exchange like Coinbase would not want state or federal investigators involved in their operations in any way.
> The real motive by Coinbase is probably a fear that they'll be accused of helping facilitate criminal activity. Bitcoin exchanges are on the narrow edge of falling under regulation,
I suspect that, since many exchanges do facilitate quasi-legal and illegal activity, it's important in business terms for them to avoid any involvement in clearly illegal activity that has the kind of paper trail or provenance that a security firm such as Control Risk might provide. An exchange for an illegal activity, such as laundering money paid for extortion, would seem to make a company ripe for examination by the FCC, the IRS, the FBI for participating in extortion, and the CIA for exchanging in wire fraud helping conceal the identity of the extortionists, and the UN Financial Action Task Force
Or vehicles which already carry a quite large lead-acid battery, or homes that did not need land lines or for whom running copper landlines was quite expensive or even dangerous, or for whom landlines have proven vulnerable. The technology has proven useful, especially for disaster recovery where well protected, reliable cell towers have proven lifesaving for isolated people needing, or offering, help.
> This means a potentially unlimited number of people can be watchin
The number is large, but not unlimited. Enough TV receivers, and the effects of their antennas and even their bodies on the radio passing through them, would tend to block out the signal further away. But the effect is modest and it would take a quite large number of antennas to achieve something like a Faraday cage to block the transmission completely.
It's less than 5% in a system that easily varies 20% in the course of an hour, and than vary nearly 50% in moments under stress. It's also easily affected by flexing the arm sitting in a different chair.
Slashdot Mirror
> Every mammal on this planet instinctively develops a natural equilibrium with the surrounding environment; but you humans do not. Y
"Instinctively develops" such a relationship? I'd say "no". Many mammals, introduced to new environment, have no means to make such accommodation and devastate ecosystems. A very classic example is the introduction of rabbits to Australia's ecosystem: others include the introduction of goats almost anywhere, since goats are notorious for cropping plants much closer to the root and destroying the plant parts of ecosystems.
The idea that all mammals "develop a natural equilibrium" ignores the cycles of population growth and decline of simple predator/prey relationships, like the well analyzed one between wolves and rabbits described at https://stanford.edu/~ajspakow... . These equilibria don't require instinct, nor does there seem to be "insinct" involved. They only require negative feedback from the environment.
Sigh. Thank you, it's been a long week. My apologies for hitting the wrong layer.
You cannot allocate the space to save the state from which a function is called, nor allocate new space to copy in specified function with space for its local variables, without access to the kernel. Nor can you read the end state of the called function and return its generated information or status to the working environment or connect its results to other programs without kernel level functions. It's true that many libraries efectively abstract away this operation at the library level, including libc or glibc themselves. It's also true that I have, on occasion, appalled colleagues by insisting on looking beneath a layer of abstraction to note the resource issues at a separate layer.
Learning to actually _look_ at the underlying cost and behavior of software at its lowest levels was a lesson I learned using Multics. I'm afraid it cost me popularity with some of my colleagues, but it was vital to protecting performance and avoiding errors on such a constrained operating system and on such resource constrained hardware shared by a working group.
XKCD should receive "first post" for this. Or possibly claim an infringement of copyright for the story?
https://xkcd.com/1807/
I used it myself. Your analysis is correct. It was also prone to oversubscription. Students and computer scientists were programming it with the beginnings of "object oriented programming" with languages like LISP, and taught to use self-reference and recursion as part of their philosophically preferred approach rather than as resource expensive tools to use only when needed. The result was _profoundly_ expensive in system resources: calling a function is a much more expensive operation at the kernel level than running a loop. It led to code with no reporting on its current state and no well defined checkpoints, because that was handlined inside of another recursively called function which was actively discouraged from looking inside. The failures of recursion to terminate led to runaway resource consumption by many different less skilled programmers. Given the age of Multics, there was little resource management: the servers became extremely overwhelmed when homework was due on student systems, and when projects were due for business or research use.
UNIX learned many lessons from Multics: more effective multi-tasking and resource control were some of the more important lessons.
> The little "green" label or "locked" icon continues to indicate that the certificate is valid
I need to revise this. Some browsers provide additional indicators that a certificate has "extended validation". But the ordinary user simply does not care nor will they notice.
I'm afraid that to the average user, there is no difference. The little "green" label or "locked" icon continues to indicate that the certificate is valid and the user has little reason, and not many resources, to verify that they are dealing with a validated but fraudulent, SSL certificate. Even automated tools that mirror content, such as for git repositories or software repositories, can be fooled by such certificates.
Few civil court judges are willing to overrule federal law and the US Supreme Court ruling that the federal law overruled more local, plaintiff friendly policies. Examine the Federal Arbitration Act. It may not apply in many cases, but deciding when it does and does not prevent a company from forcing arbitration is one of those legal questions that costs hours of expensive lawyer time to decide before even proceeding to court.
I'm afraid that there are too many cases where "just get another job!" has been an excuse for systemic Gender abuse, racism, and homophobia in the workplace are merely examples. It's also included unpaid overtime, nepotism, sexual harassment, and employment fraud. Forced arbitration, which is what this inherently is for all employees, provides much stronger benefit to the larger legal entity, who is typically the entity that selects the arbitrator. These arbitrations are also typically sealed: the evidence submitted to them is not available to any other possible plaintiffs.
From my experience with corporate lawsuits, they're workable for modest cases where the cost of a lawsuit would outweigh the cost of any reasonable settlement. But they have no legally binding force for anyone but the plaintiff and that company's relationship with that particular plaintiff. For widespread workplace abuse, they're not helpful at stopping or preventing the abuse as a matter of policy.
Get a coffee thermos. Refill it from the tap, at a tiny fraction of the price, and protect the environment and our wallet. Or save a soda bottle, which tend to be much tougher than those stupid "spring water" bottles, and rinse it out, and fill it from the tap. Lasts months, even years.
Explaining to people that, instead of buying a Starbucks coffee, they can just buy the cheapest, worst coffee and drop a Milky Way bar in it for much less money and the same nutritional value is also fun to do to the hipsters.
China has hundreds of millions of XP systems still live and Internet exposed, even if only through home routers. It's still a very fertile ground for infection.
And this great new mouse!!!
http://hackaday.com/2010/09/30...
> You upgrade the SSL libraries,
This is not always this easy. Even 3 year old versions of OpenSSL have eal compatibility issues with the most recent releases, and the most basic software compiled with the old dependency can be broken by breaking change in the library. Even such robust software as OpenSSH, curl, wget, and apt have had issues with encryption library updates.
I'm afraid that the idea that private companies upgrade regularly or reliably is not well founded in corporate experience.
I'm up right now tuning and helping run disk backups to virtualize obsolete software on obsolete hardware because many private companies _do not_ upgrade. Getting proper backups of them before replacing or upgrading them can be quite tricky when the backup software is the policy mandated corporate licensed software, and it's old, buggy, and the upgrade version does not run on the out of date operating system.
Do you actually submit them to Sci-Hub? Then in such a case, I'd completely agree that they are not engaging in theft. Do you transfer copyright ownership or full publication rights to subscription venues when you published there, if you ever did so? In which case, Sci-Hub would still be acting illegally, but without your personal objection. That's a position I'd quite understand.
If you're willing to discuss it, I'd quite welcome an explanation of why you elect not publish with Elsevier.
I'm also afraid that the more I think about Sci-Hub, the more I'm concerned about scientific fraud published there. Sci-hub has no reliable editing or review process that I can see. This lack of quality control is a real risk to scientific research. Exciting, but mistaken or even fraudulent research can displace less exciting that shows that magnetic monopoles were _not_ discovered, or that transplanting animal kidneys into humans does not end well, or that new herbal preparatons do not actually help with obesity, can be overwhelmed by poorly researched work with no editing or peer review. A critical part of the work of scientific journals is to review the work for authenticity before it's published. That would seem to be lost at Sci-Hub.
> Injunctions and special damages are different in large part because injunctions directly prevent or impair further tortious actions, where special damages have only indirect effects, and are meant as a disincentive to offend further.
That is a fascinating point. Thank you for raising it. I'm unconvinced that I completely agree with it. Even pure "damages" awards can be, and sometimes are, pressed that are beyond a direct measurable amount, and _granted_ under legal pretexts to provide punishment. The definition of "punishment" you're raising may have a real legal meaning, and is worth some review. But I suggest it's not the common English one, and seizure of assets or court ordered payment would seem to be "punishment" of a civil defendant in common language.
I'm forced to refer back to your earlier note:
> In this case, there is no punishment, because it was not a criminal case. There are damages and injunctions, and so far the defendant has avoided almost all of those. That unwillingness to face the consequences makes it hard to call it civil disobedience, much less to argue that it was morally justified civil disobedience.
This makes better sense with your clarification of what you meant by "punishment". Thank you for that clarification.
That is a good point, thank you. It is still "punishment".
> In this case, there is no punishment, because it was not a criminal case.
That seems very confusing, or perhaps confused. How is a successful conviction against a defendant, with fines and property seized, not a punishment of a defendant?
I'm afraid that it's called "theft", and is treated as such by the courts and by most people who actually _write_ and publish such papers. For most standards of civil disobedience, accepting the legal consequences is part of what makes it "civil" disobedience.
I'm also afraid there is an even more severe problem for scientific work. As best I can tell Sci-Hub makes _no_ effort to verify the content or authenticity of what they host. Such a loss of verification or of provenance of the data published endangers even the best of professional journals. and contributes to problems like this:
https://www.nytimes.com/2017/0...
The result is that via unchecked content at places like Sci-Hub, the fake journals rise in search engine ranking and reinforce fraudulent or actively dangerous dangerous scientific claims. Similar problems exist for trade websites, such as https://www.stackoverflow.com/. Good answers get copied from elsewhere, edited down for simplicity or shortness by the copier, and vital safety steps are left out of the most popular answers. The results can be very dangerous when the shortened answers get applied in the field.
Sourceforge had occasionally proven useful if developers insisted on using Subversion rather than Git based source control. I'm aware of several projects that use it in order be able to sync single directories of upstream project code, rather than having to mirror an entire project locally. But the much cleaner and less overwhelmingly ad based interface to the github or gitlab web interfaces is an enormous timesaver over Sourceforge's pages where over 90% of the screen space is pure advertising. I'm also afraid that the "download" pages for source code or binaries are deliberately cluttered with misleading links designed to install adware on your system.
Sourceforge used to be a very good repository for open source projects, but I'm afraid became quite unsafe and even unusable for most developers or software users due to the deliberately misleading download links.
The article you cite seems to be based on ignoring _local_ law and its interaction with federal and international law. In the USA, extortion is normally considered a state matter, not a federal or international one. But as soon as the offence crosses state or international lines, it can easily become one.
Please, be careful what you read from such an article. At least in the USA, there is considerable _state_ law about extortion. Much of it is easily discoverable at http://statelaws.findlaw.com/c.... While not every state has specifically mentioned computer extortion, the older extortion statutes should still apply with little confusion. As soon as money or goods cross state lines, it becomes a matter of federal interest to US law enforcement. If it crosses international lines, it becomes of interest the the UN FACT, which is concerned with money laundering.
It's completely understandable that an exchange like Coinbase would not want state or federal investigators involved in their operations in any way.
> The real motive by Coinbase is probably a fear that they'll be accused of helping facilitate criminal activity. Bitcoin exchanges are on the narrow edge of falling under regulation,
I suspect that, since many exchanges do facilitate quasi-legal and illegal activity, it's important in business terms for them to avoid any involvement in clearly illegal activity that has the kind of paper trail or provenance that a security firm such as Control Risk might provide. An exchange for an illegal activity, such as laundering money paid for extortion, would seem to make a company ripe for examination by the FCC, the IRS, the FBI for participating in extortion, and the CIA for exchanging in wire fraud helping conceal the identity of the extortionists, and the UN Financial Action Task Force
Or vehicles which already carry a quite large lead-acid battery, or homes that did not need land lines or for whom running copper landlines was quite expensive or even dangerous, or for whom landlines have proven vulnerable. The technology has proven useful, especially for disaster recovery where well protected, reliable cell towers have proven lifesaving for isolated people needing, or offering, help.
> This means a potentially unlimited number of people can be watchin
The number is large, but not unlimited. Enough TV receivers, and the effects of their antennas and even their bodies on the radio passing through them, would tend to block out the signal further away. But the effect is modest and it would take a quite large number of antennas to achieve something like a Faraday cage to block the transmission completely.
It's less than 5% in a system that easily varies 20% in the course of an hour, and than vary nearly 50% in moments under stress. It's also easily affected by flexing the arm sitting in a different chair.