> isn't a statement about right and wrong, it's simply a statement about a poll result.
Like most moral standards, yes, it is. Morals can't be completely derived from axiomatic beliefs. Even the most rigid of mathematics now admits the possibility of completely distinct mathematical structures being consistent and reliable, but formed from different axioms. It doesn't mean that one is more "correct" or "mathematical" than the other. That was actually the problem with Euclid's Fifth Postulate, and the source of Gaussian and Riemannian geometries. when mathematicians realized that you could derive fundamentally distinct geometries from different postulates.
I'm afraid that moral conduct has _always_ been a matter largely of local opinion. Can you find any society or culture, or even people, where it is not?
On what basis do you form this opinion? Given the culturally determined morality of the following behavior, the idea that morality is some kind of axiomatically derivable system. Specific "moral" behavior includes:
* manumission and slavery. * death by exposure for weak infants and old people * religious proselytization * working or eating on a holy day * capital punishment * marital monogamy
It's very difficult to claim that any of these are not "culturally determined".
> The rightness or wrongness of an act is not dependent on what "the population in general" believes.
Oh? Is it alright to drink alcohol on a public street? Open a grocery store on a Sunday? Drive on the left side of the road? Pay a restaurant bill without leaving a tip?
What the population in general believes is a critical part of how morals or customs get made, and can vary profoundly from location to location.
The "Fittest" would set up a government within about 30 minutes of the Anarchic revolution, to stabilize and protect their immediate family, clan, city, state, etc.
> It's exactly the opposite PRISM used fisa warrants,
Except, I'm afraid, when they didn't bother with warrants or simply ignore the limitations of warrants or subpoenasTake a look at the rebuke by exactly the kind of judge who issues such warrents, at http://www.nytimes.com/2013/08....
The ongoing decryption efforts are tied to prism, and constitute hacking or "cracking" of the most basic nature. Examples include: the doucumented spying on embassies of allies, to quote from The Guardian.
One of the bugging methods mentioned is codenamed Dropmire, which, according to a 2007 document, is "implanted on the Cryptofax at the EU embassy, DC" – an apparent reference to a bug placed in a commercially available encrypted fax machine used at the mission. The NSA documents note the machine is used to send cables back to foreign affairs ministries in European capitals.
> I find it hard that anything but a corner case would require hacking to get to records held by third parties.
Then I urge you to look at the history of the "PRISM" program, I'd count that as wholesale cracking, precisely to avoid the need for telling anyone what they elect to monitor or to compelled to justify subpoenas. The NSA has traditionally, I'm sorry to say, engaged in wholesale monitoring of both domestic and international communications.
> To allow "hacking" to circumvent encryption, the FBI must have (direct or indirect) access to a suspect's device. For that, they must first have a suspect. Encryption can still prevent becoming a suspect in the first place.
Not at all. Hacking can include unauthorized access to online records, to email, to phone records or audio recording on devices of people who've been in contact or may hold records of the targtet, etc. Search warrants and subpoenas are theoretically to balance the privacy of individuals, and of innocent parties, against the needs to investigate the relevant authorized search target.
Encryption helps raise the bar for casual, unauthorized review, and is well worth doing in this age of easy computer access. But I'm afraid that using it often raises interest in your personal caase, much as refusing to permit a search of your person or your vehicle raises the interest of law enforcement. And sadly, most encryption does not protect against illegal or legal hacking of a determined attacker. The re-use of common keys or passphrases, relatively easily stolen from less secure systems, the frequency of back doors in business and personal systems, and the poor security of far too many encrypted systems make their protection often rather incomplete.
It's difficult to estimate the frequency of contamination of marijuana with other substances. But fairly frequent contamination is documented in "Cannabis and Cannabinoids: Pharmacology, Toxicology, and Therapeutic Potential", By Ethan B Russo
Ethan cites Johnson's old study of 8000 samples, with a wide array of contaminants, including tobacco and PCP. Johnson's study was from 30 years ago: an article in the Smithsonian magazine from March, 2015 cites the increasing levels of heavy metals and mold in modern marijuana:
So I'm afraid that the idea that pot is automatically uncontaminated and therefore safer than tobacco is ill-founded. It may be _less_ harmful, and have a _lower_ level of contamination. But it's apparently quite frequent to find things in actual testing that should not be in pot for human use.
Right. It's harmful like marijuana, which clearly causes no parallel effects to cigarettes like elevated pulse, vasoconstriction, altered state of consciosness, and has no chance of causing addiction or of introducing naturally carcinogenic chemicals to your mouth and other respiratory passages.
That belief is strange, because it causes _all_ of those according to the reliable medical research. It's even stranger when surveys of the purity of street grade consistently show adulteration with different filler substances and mood-altering substances: a great deal of street grade marijuna is very poor quality, may be pesticide or herbicide contaminated, and is very occasionally still laced with PCP in the US. Moreover, tobacco and nicotine are still used medicinally, and even as an effective toothpaste in some parts of the world.
It's important to keep the scale of risk and benefit in mind for both, but to assert that one is completely harmless and the other completely useless midically is to ignore history and well-executed research on both.
Actually, teaching basic typing at an early age is a godsend to programmers and to many other modern jobs. It requires hands-on time, and in this day and age it can and should replace a great deal of the handwriting lessons, and it will extend the worklife of many people by reducing the repetitive stress injuries and reducing work errors that become more common when one is tired or inattentive at the end of a long day.
The interactions of mathematics, science, and technology with human history are fascinating. For people who've not really thought about it, or who have thought about it and want to be entertained, I cannot help but recommend Terry Pratchett's "Science of Discworld" books for an understanding of scientific thought and scientific thought about human development, presented as fine satire of both fantasy and science.
And what makes people think he doesn't study history at all? The history of science, engineering, and mathematics, provide valuable insights to various software approaches, especially resource management, and they're interwoven with general history. Kids who are as amazingly gifted as this young man may be single minded in their skills and studies, but many do branch into a wide variety of intellectual and athletic and artistic endeavors because they're _interesting_. Intense focus on one field does not preclude interest and focus in other fields.
Speak with your work colleagues or fellow students: find out what they do. The "uber geeks" often have some fascinating skills and hobbies.
> True, but blackballing is very difficult to do with professionals
Oh, my. I'm tempted to say "you youngsters!", but blackballing is alive and well throughout the worlds. I've certainly had references that an interviewee cited try to blackball them. It caused me to dig further: in some cases, the blackballing was for good reasons, for employees were horrible and, for whatever reason, didn't reason their own personal references would blackball them. Those were people who were so foolish they didn't admit how awful they were.
I've also seen it where employees were let go for age or medical reasons, or for having kids, and their former company wanted to hide why they were _really_ discarded, and so invented other reasons. I can think of several job applicants I've interviewed who ran into this, and I was very fortunate indeed to look deeper and find the _real_ reasons. Sadly, I'm afraid that I may have been fooled a few times and missed out on some good people: my time to dig past the surface and poisoned references for really good engineers is limited.
Industry wide blackballing for illegal reasons is harder than it used to be as the web and online communities have grown. But it certainly still exists. It's also tied to the "glass ceiling" women and minorities encounter in many professions. Networking and word of mouth can sometimes work _against_ good people who are merely so honest or so responsible their current employers can't keep them, especially when a current unscrupulous manager or colleague is willing to lie about them.
Blackballing usually is not, because it can be very difficult to prove. Getting a new position, especially one that requires a visa, for an employee whose previous or current employer will not give positive recommendations can be very difficult.
> Where I work everything in code is documented with trouble ticket numbers,
For most such systems, I can pretty easily submit a code change as someone else. With many systems, i can submit a change as a "back door" modification that will only show up with the most meticulous monitoring of the changelogs. I have in fact done so to avoid a code review by someone who needed to not be informed of a security patch to reveal their misbehavior.
Keeping a job right now, when you've got children or other family to feed, or when finding a new job is very difficult, can be a strong incentive to keep your mouth shut. This is true even when there is a small risk of prison time.
I've been in workplaces where some recent movie is the chatting subject at the water color or the cafeteria, If everybody is talking about the flick, and your budget is tight or you lack the transportation and time to catch the movie in the theatres, you can feel left out and be happy to catch a pirated copy.
Believe me, when you have kids or expensive pastimes like family with medical expenses, movies in cinemas are a real luxury.
Of course they watch poor quality video. Not everyone has the time or money to catch the movie when it came out in the theatres, or when it's not released in their country yet, and many less wealthy fans of a franchise will grab and watch poor quality video because it's immediately available.
There are even plenty of $5 DVD vendors, in chap Asian markets, who will sell them burned to DVD from carts or backbacks. It's a very real market: visit some poor neighborhoods some day to see the sales.
The "Rocket City Rednecks" are a wonderful mix of genuine scientific research on a budget, and the sort of project some of us tried on long weekends when we were much younger.
And the entire native population of the the Caribbean islands and of Carthage would like to know exactly how they didn't lose. Oh, wait, they were completely exterminated, so we can't ask them.
And the CA's have proven to be more interested in the sales part of the business than in the security part of the business. Thawte requires more checks than most systems, but the middleman certificate authorities such as DigiNotar have proven incompetent and apparently had their _signing_ keys stolen. And for many signature authorities, it's quite simple to request, pay for, and be issued a fraudulent new corporate SSL certificate for another company due to poor verification of the client identity. That's social engineering, not a technical engineering hack, and it's embarrassingly common place. I do it as a matter of course when the original purchaser of the SSL certificate is long gone and my company's ticket, or a partner's ticket, is expiring and I'm contacted at the last minute. It's with the cooperation of the actual owner of the website, but it's unsurprisingly easy to get passwords changed to the company's SSL account.
It's not that Google or Thawte have failed to correctly revoke certificates: it's that far too many people, at far too many sites and with far too many technologies, do not actually keep their signature authorities up-to-date. Because these people don't update signature authorities, they are unable to verify numerous valid certificates. These people then simply set their automated procedures, or make it their personal practice, to accept invalid certificates.
The notable case of this I saw recently is RHEL 5, where the signature authority information in the/etc/pki files managed inside the openssl packages, and updating openssl on a live server is likely to cause fascinating problems for an old, stable, production server. RHEL 6 sensibly put the root SSL keys in a separate package, but it's certainly not an unusual problem.
Slashdot Mirror
> isn't a statement about right and wrong, it's simply a statement about a poll result.
Like most moral standards, yes, it is. Morals can't be completely derived from axiomatic beliefs. Even the most rigid of mathematics now admits the possibility of completely distinct mathematical structures being consistent and reliable, but formed from different axioms. It doesn't mean that one is more "correct" or "mathematical" than the other. That was actually the problem with Euclid's Fifth Postulate, and the source of Gaussian and Riemannian geometries. when mathematicians realized that you could derive fundamentally distinct geometries from different postulates.
I'm afraid that moral conduct has _always_ been a matter largely of local opinion. Can you find any society or culture, or even people, where it is not?
> Customs depend on society, morality does not.
On what basis do you form this opinion? Given the culturally determined morality of the following behavior, the idea that morality is some kind of axiomatically derivable system. Specific "moral" behavior includes:
* manumission and slavery.
* death by exposure for weak infants and old people
* religious proselytization
* working or eating on a holy day
* capital punishment
* marital monogamy
It's very difficult to claim that any of these are not "culturally determined".
History is written by the people who _show up to do the work_.
> The rightness or wrongness of an act is not dependent on what "the population in general" believes.
Oh? Is it alright to drink alcohol on a public street? Open a grocery store on a Sunday? Drive on the left side of the road? Pay a restaurant bill without leaving a tip?
What the population in general believes is a critical part of how morals or customs get made, and can vary profoundly from location to location.
The "Fittest" would set up a government within about 30 minutes of the Anarchic revolution, to stabilize and protect their immediate family, clan, city, state, etc.
> He just needed to tell them "stop snooping on Americans inside America" and done.
Or better yet "stop burning so many billions for what is such amazingly poor quality results.
> It's exactly the opposite PRISM used fisa warrants,
Except, I'm afraid, when they didn't bother with warrants or simply ignore the limitations of warrants or subpoenasTake a look at the rebuke by exactly the kind of judge who issues such warrents, at http://www.nytimes.com/2013/08....
The ongoing decryption efforts are tied to prism, and constitute hacking or "cracking" of the most basic nature. Examples include: the doucumented spying on embassies of allies, to quote from The Guardian.
One of the bugging methods mentioned is codenamed Dropmire, which, according to a 2007 document, is "implanted on the Cryptofax at the EU embassy, DC" – an apparent reference to a bug placed in a commercially available encrypted fax machine used at the mission. The NSA documents note the machine is used to send cables back to foreign affairs ministries in European capitals.
> I find it hard that anything but a corner case would require hacking to get to records held by third parties.
Then I urge you to look at the history of the "PRISM" program, I'd count that as wholesale cracking, precisely to avoid the need for telling anyone what they elect to monitor or to compelled to justify subpoenas. The NSA has traditionally, I'm sorry to say, engaged in wholesale monitoring of both domestic and international communications.
> To allow "hacking" to circumvent encryption, the FBI must have (direct or indirect) access to a suspect's device.
For that, they must first have a suspect. Encryption can still prevent becoming a suspect in the first place.
Not at all. Hacking can include unauthorized access to online records, to email, to phone records or audio recording on devices of people who've been in contact or may hold records of the targtet, etc. Search warrants and subpoenas are theoretically to balance the privacy of individuals, and of innocent parties, against the needs to investigate the relevant authorized search target.
Encryption helps raise the bar for casual, unauthorized review, and is well worth doing in this age of easy computer access. But I'm afraid that using it often raises interest in your personal caase, much as refusing to permit a search of your person or your vehicle raises the interest of law enforcement. And sadly, most encryption does not protect against illegal or legal hacking of a determined attacker. The re-use of common keys or passphrases, relatively easily stolen from less secure systems, the frequency of back doors in business and personal systems, and the poor security of far too many encrypted systems make their protection often rather incomplete.
According to the National Institute on Drug Abuse, it can be mildly addictive. Their claims are modest, and credible.
http://www.drugabuse.gov/publi...
It's difficult to estimate the frequency of contamination of marijuana with other substances. But fairly frequent contamination is documented in "Cannabis and Cannabinoids: Pharmacology, Toxicology, and Therapeutic Potential", By Ethan B Russo
https://books.google.com/books...
Ethan cites Johnson's old study of 8000 samples, with a wide array of contaminants, including tobacco and PCP. Johnson's study was from 30 years ago: an article in the Smithsonian magazine from March, 2015 cites the increasing levels of heavy metals and mold in modern marijuana:
http://www.smithsonianmag.com/...
So I'm afraid that the idea that pot is automatically uncontaminated and therefore safer than tobacco is ill-founded. It may be _less_ harmful, and have a _lower_ level of contamination. But it's apparently quite frequent to find things in actual testing that should not be in pot for human use.
> Marijuana is not at all harmful like cigarettes
Right. It's harmful like marijuana, which clearly causes no parallel effects to cigarettes like elevated pulse, vasoconstriction, altered state of consciosness, and has no chance of causing addiction or of introducing naturally carcinogenic chemicals to your mouth and other respiratory passages.
That belief is strange, because it causes _all_ of those according to the reliable medical research. It's even stranger when surveys of the purity of street grade consistently show adulteration with different filler substances and mood-altering substances: a great deal of street grade marijuna is very poor quality, may be pesticide or herbicide contaminated, and is very occasionally still laced with PCP in the US. Moreover, tobacco and nicotine are still used medicinally, and even as an effective toothpaste in some parts of the world.
It's important to keep the scale of risk and benefit in mind for both, but to assert that one is completely harmless and the other completely useless midically is to ignore history and well-executed research on both.
Actually, teaching basic typing at an early age is a godsend to programmers and to many other modern jobs. It requires hands-on time, and in this day and age it can and should replace a great deal of the handwriting lessons, and it will extend the worklife of many people by reducing the repetitive stress injuries and reducing work errors that become more common when one is tired or inattentive at the end of a long day.
The interactions of mathematics, science, and technology with human history are fascinating. For people who've not really thought about it, or who have thought about it and want to be entertained, I cannot help but recommend Terry Pratchett's "Science of Discworld" books for an understanding of scientific thought and scientific thought about human development, presented as fine satire of both fantasy and science.
And what makes people think he doesn't study history at all? The history of science, engineering, and mathematics, provide valuable insights to various software approaches, especially resource management, and they're interwoven with general history. Kids who are as amazingly gifted as this young man may be single minded in their skills and studies, but many do branch into a wide variety of intellectual and athletic and artistic endeavors because they're _interesting_. Intense focus on one field does not preclude interest and focus in other fields.
Speak with your work colleagues or fellow students: find out what they do. The "uber geeks" often have some fascinating skills and hobbies.
> True, but blackballing is very difficult to do with professionals
Oh, my. I'm tempted to say "you youngsters!", but blackballing is alive and well throughout the worlds. I've certainly had references that an interviewee cited try to blackball them. It caused me to dig further: in some cases, the blackballing was for good reasons, for employees were horrible and, for whatever reason, didn't reason their own personal references would blackball them. Those were people who were so foolish they didn't admit how awful they were.
I've also seen it where employees were let go for age or medical reasons, or for having kids, and their former company wanted to hide why they were _really_ discarded, and so invented other reasons. I can think of several job applicants I've interviewed who ran into this, and I was very fortunate indeed to look deeper and find the _real_ reasons. Sadly, I'm afraid that I may have been fooled a few times and missed out on some good people: my time to dig past the surface and poisoned references for really good engineers is limited.
Industry wide blackballing for illegal reasons is harder than it used to be as the web and online communities have grown. But it certainly still exists. It's also tied to the "glass ceiling" women and minorities encounter in many professions. Networking and word of mouth can sometimes work _against_ good people who are merely so honest or so responsible their current employers can't keep them, especially when a current unscrupulous manager or colleague is willing to lie about them.
It _is_ a good idea. It's invaluable data for tracking individuals and identifying valuable marketing and personal information.
> In the UK, non-competes are illegal
Blackballing usually is not, because it can be very difficult to prove. Getting a new position, especially one that requires a visa, for an employee whose previous or current employer will not give positive recommendations can be very difficult.
> Where I work everything in code is documented with trouble ticket numbers,
For most such systems, I can pretty easily submit a code change as someone else. With many systems, i can submit a change as a "back door" modification that will only show up with the most meticulous monitoring of the changelogs. I have in fact done so to avoid a code review by someone who needed to not be informed of a security patch to reveal their misbehavior.
> Beats going to prison.
Keeping a job right now, when you've got children or other family to feed, or when finding a new job is very difficult, can be a strong incentive to keep your mouth shut. This is true even when there is a small risk of prison time.
I've been in workplaces where some recent movie is the chatting subject at the water color or the cafeteria, If everybody is talking about the flick, and your budget is tight or you lack the transportation and time to catch the movie in the theatres, you can feel left out and be happy to catch a pirated copy.
Believe me, when you have kids or expensive pastimes like family with medical expenses, movies in cinemas are a real luxury.
Of course they watch poor quality video. Not everyone has the time or money to catch the movie when it came out in the theatres, or when it's not released in their country yet, and many less wealthy fans of a franchise will grab and watch poor quality video because it's immediately available.
There are even plenty of $5 DVD vendors, in chap Asian markets, who will sell them burned to DVD from carts or backbacks. It's a very real market: visit some poor neighborhoods some day to see the sales.
These men actually tried some of the privations of a trip to Mars, on a budget:
http://channel.nationalgeograp...
The "Rocket City Rednecks" are a wonderful mix of genuine scientific research on a budget, and the sort of project some of us tried on long weekends when we were much younger.
And the entire native population of the the Caribbean islands and of Carthage would like to know exactly how they didn't lose. Oh, wait, they were completely exterminated, so we can't ask them.
And the CA's have proven to be more interested in the sales part of the business than in the security part of the business. Thawte requires more checks than most systems, but the middleman certificate authorities such as DigiNotar have proven incompetent and apparently had their _signing_ keys stolen. And for many signature authorities, it's quite simple to request, pay for, and be issued a fraudulent new corporate SSL certificate for another company due to poor verification of the client identity. That's social engineering, not a technical engineering hack, and it's embarrassingly common place. I do it as a matter of course when the original purchaser of the SSL certificate is long gone and my company's ticket, or a partner's ticket, is expiring and I'm contacted at the last minute. It's with the cooperation of the actual owner of the website, but it's unsurprisingly easy to get passwords changed to the company's SSL account.
It's not that Google or Thawte have failed to correctly revoke certificates: it's that far too many people, at far too many sites and with far too many technologies, do not actually keep their signature authorities up-to-date. Because these people don't update signature authorities, they are unable to verify numerous valid certificates. These people then simply set their automated procedures, or make it their personal practice, to accept invalid certificates.
The notable case of this I saw recently is RHEL 5, where the signature authority information in the /etc/pki files managed inside the openssl packages, and updating openssl on a live server is likely to cause fascinating problems for an old, stable, production server. RHEL 6 sensibly put the root SSL keys in a separate package, but it's certainly not an unusual problem.