Oh, and my degree? Computer Engineering. Outside of those few years in IT (where I transferred from the warehouse) I have never had a job where I use the skills I learned, and that's certainly not because I'd rather ring up shirts or move tables.
I've been laid off twice, once from a STEM job, the first time I went to several dozen interviews and took the first job I was offered, it was in retail, my standards were not high and my degree gained me nothing. The second time, after changing jobs and gaining several years experience running a small IT department, it took two years and I lost count of the interviews, finally I ended up in a hotel setting up function rooms. After almost a year of 50+ hour weeks and job hunting in between shifts, I'm out of that but still not applying anything from my major. I spend most of my days off looking for something better, and one day I'll find it. Some people I've kept in touch with since graduating have fared better, so I know it isn't so bad for everyone, but a few have had it worse. Specific reasons aren't often given when turned down, but several times I was told I was "overqualified" for the simple tasks they could offer, something I've been told means they don't want to hire someone they think will leave for something better. If you've been handed this BS excuse, you know there's no talking them out of it, they have options and you do not. This tells me we don't have any sort of shortage of skilled workers, or they wouldn't be so picky.
Oh, and it might also be worth pointing out that the article you cite only suggests there are enough jobs for 6% of jobless working age Americans. Are you going to try and convince me less than 6% of the jobless are looking for work? Stop being foolish. People aren't up in arms about wages and unemployment because they just don't feel like working.
Nobody is forcing them to pack up their family and move here. What you're describing is the same for anyone who needs to relocate for a job, though I admit it's more difficult when relocating to another country. All of the potential consequences need to be factored in if they're going to move, the same as for anyone else who relocates for a job or any other reason. If they're living a good life, one of the two is well employed, and they don't want to pack up and leave, they're not being forced to. As it is, unemployment and underemployment are still serious issues in the US for everyone, and that's killing marriages for citizens as well! While I can see people making the argument it isn't fair to tell the H1B workers' spouses they can't work, the H1B worker has already been granted a special privilege to be able to work here and it's also unfair to grant that same privilege to the spouse just for being married to them.
There are a lot of problems with our immigration system, and I would never suggest we stop allowing people to come to this country and work toward improving their lives, but the fact is there already isn't enough work to go around and it isn't fair to those of us already here to keep willingly increasing the rate at which we add workers to the pool, not until jobs are added at the same rate. It sounds like you'd have to be a dick to say, "You can't work in the country you live in," but that only looks at half the story. It's still pretty damn generous to say, "If you want, you can take your family and move to this country so you can be employed here, but your spouse won't be able to work while they're here." If that doesn't sound like a sweet deal, simple solution, don't take it. It's up to them to decide what's best for them, it's not up to us to sweeten the deal until it is what's best for them.
My understanding was that part of it is to study the effects of life in space on people. You can't really do that remotely. I'd say it's rather important, too, but I'm also one of those crazies that thinks the earth is getting crowded and expanding would be a fantastic idea.
FTFY. There is a difference between being able to use something and understanding something. To continue the car analogy you're enjoying, nobody's trying to force people to learn to rebuild their engine, but you shouldn't need to call someone to change a tire.
Programming or not, they should be required to learn more of computers than they do. Having spent a good amount of my early life showing up to fix minor problems and getting paid a silly amount of money for how easy it is, I can tell you a little education would go a long way towards saving time, money, and effort. To be honest, most people could figure out everything they need to on their own with a little persistence, but most aren't willing to try without being forced. That's what school does, it forces you to learn things that will be useful even if you don't like it. Given how much more prominent a role computers play in our daily lives now versus a decade ago, it's easy to imagine why some education might be necessary by the time today's elementary school children grow up.
As for attempting programming being torture if your mind doesn't work the right way, this is utter nonsense. The same argument could be made for nearly any subject in school. "My boy isn't wired for english, he's acing math though! What's he need english for? Take him out!" It's just as wrong no matter what you're talking about. I'm a little shocked you don't think your daughter should have to learn something because it's difficult, I'd think as a parent you'd see the value in both exposing children to more options at an early age and teaching them to overcome challenges.
Let's face it, most children today will be required to take a multitude of courses we don't really think are necessary to get through life but offer exposure to other things. We teach cooking, sewing, art, music, and more subjects because they expose our children to things they might not otherwise explore, things they might fall in love with when they try it or they might move on without thinking much of it. Just giving them the option is enough to convince us these things are still necessary, yet you would argue that a basic course in programming is too much and should be reserved for children who are lucky enough to discover it on their own and will go out of their way to find out more? Why are you so afraid of programming?
Programming doesn't have to be the big scarey monster people make it out to be, children can learn to write simple programs with ease. I wasn't given the option to take a programming course until high school, the course was offered for one year only and almost didn't happen because we didn't have the required number of students. We were taught by a teacher who'd never taken a programming course herself, and by the end of the first week we'd all written a couple of programs using Visual C++, including her. By the end of the year, everyone in the course knew some basics and we all felt much more comfortable with computers. That class was an elective, and several students had signed up not knowing what C++ was or even much about the basics of computer usage, but nobody failed and everyone came out with a better understanding of something they've likely had to use nearly every day. I know, that's high school and C++ isn't necessarily what elementary school children would learn, but in that class were several fine examples of people who learned programming that don't fit your narrow criteria.
Not everyone will come out ahead, mind you, students can fail a programming course just as easily as math, science, and English. That doesn't mean the subject failed, that means the student failed. It happens, and programming won't be easy for everyone, but everyone would benefit from being exposed to it.
This is a huge problem for me in exactly those types of levels. I do want to open every door, every single one, and I very rarely can. Admittedly, my favorite games are open world games which shouldn't have many areas inaccessible to the player, but I also play shooters and want the same thing. Battlefield 4 is full of elevators that only go from the lobby to the top floor or roof, I want to get out on the 32nd floor and kick the door in to the corner suite and set up my rifle where I won't immediately be spotted, taking that option away never makes sense from an immersion point of view. It only makes sense from a technological point of view. Does it create the possibility that 64 players will be roaming room to room with silencers in a hotel while ignoring the rest of a large map? Yes, and that's perfect. The previous post is entirely correct, while doors are important these questions are easy to answer.
Don't get me wrong, I believe game design to be rather difficult, but this is a poor attempt at explaining why. "The Door Problem" is not nearly as difficult as budget problems, working within technological limitations, or keeping a coherent storyline while letting the player make meaningful decisions. I speak from years of experience, in unrelated fields but experience none the less!
they lost $2.4 million yet the fine for one accomplice is is only $66,825???
You want to know the definition of pointless? Fining someone more money than they actually possess. You could demand $2.4 million if it makes you feel better, but you ain't getting it.
Probably worth pointing out that they charged 5,790 customers $75-$150 for this, at the low end that puts their profits around half a million dollars. At the high end, over $800k. The fine is entirely insufficient, which I'm still alright with because fining them enough would mean they're treated worse than corporations, and that's never fun to see.
I believe the $2.4 million number, it does say that 5,790 customers saved an average of $414 which puts it around $2.4 million, and savings like that wouldn't be difficult to achieve over maybe six months time without Comcast noticing the difference. As to the excuse, yeah it's nothing but. They have about 21 million customers, so this cost them a little over a dime per customer. I'm for fining the guys who did it, but jail time is completely ridiculous for how little this affected Comcast, as is suggesting they'd have to charge the rest of us more to make up for it.
Except it was the post he responded to that suggested to stop using one in favor of the other. Yeah, he's on Slashdot, saying please stop using Slashdot. As opposed to the post you responded to, where he doesn't even suggest you can't go to one if you go to the other but instead asks why the guy who's telling us to stop using Slashdot is commenting here instead of there.
I'm not sure I understand the issue here. Russia has a seriously limited press, yes, but how does that lead to believing he shouldn't have asked the question at all. Wasn't this broadcast live? Even if many Russians couldn't watch it, many could and did. When a country has such a restricted press, the solution is not to stop trying to get the truth out. Sure, there are bigger issues, in Russia and elsewhere. But Snowden is now famous for revealing his home country's mass surveillance program, wouldn't it make sense for him to try and continue down that path? Would it have made more sense to you if he went to Russia and then started fighting for freedom for homosexuals and forgot all about mass surveillance?
Even in the US, we haven't done much about what he exposed, we haven't thrown anyone in jail for lying through their teeth about the program, instead we (and you, right now) have been focusing on discrediting the person who gave up everything in order to tell the truth. How can you sit there and say he should stop trying to expose corruption because the corrupt are too corrupt to care? Why don't we tell everyone under an oppressive government they should just give up and live with it?
Maybe instead of complaining that Snowden should've known better than to ask, you should be complaining that Putin is lying yet again, considering that's the actual problem. I can't understand why people think he should've just not bothered asking when he had the opportunity.
After watching a man sacrifice his chances of living a normal life, fleeing the country he grew up in after doing what he felt was right, why did so many readily believe he was willing to give up his principals so easily? Obviously Putin wasn't going to give a straight answer, whether in the US or Russia or anywhere else politicians lie when it suits them. How often do we go after reporters, attacking them for asking questions they don't receive truthful answers to? The entire incident seemed a clear attempt at discrediting Snowden, something that should have been exceedingly obvious to everyone. I applaud him for having the courage to put his own safety on the line and ask Putin about mass surveillance. I'm sure he fully expected the dodgy answer he got, he may have even expected further consequences from Putin and his lackeys, but I doubt he expected people to turn around and say he shouldn't have asked the question to begin with. He shows more courage still coming out and challenging Putin's answer in this article. We owe him our gratitude, respect, and an apology.
In that case, they deserve as much credit for supporting every other organization that doesn't agree with this view. Google's program would be just as helpful to a non-profit that advocates for psychiatrists, should we run a story about that and act like it makes them heroes to the community? How about we dig up a list of everyone they support so we can all blame them for supporting and opposing every controversial subject there is?
For that matter, why don't why all take the blame for allowing these organizations to exist? After all, we aren't stopping them, and we're funding a government that gives them tax breaks and benefits just for being non profits.
A commenter on the linked blog sums up how, even if this is true, it's not news in the way the headline makes it seem.
FOTF2012 says
April 18, 2014 at 11:26 am
The Boris letter is misleading. Makes it sound like CCHR applied for and got a grant from Google in the sense of a monetary gift.
Pretty much anyone can set up a Google ad words account (https://support.google.com/adwords/answer/1704354?hl=en) and then learn how to manage the details (https://www.google.com/grants/details.html). Here are the basic qualifications: https://www.google.com/grants/....
One requirement is to be a 501(c)3, which CCHR is. You can search for them on GuideStar (http://www.guidestar.org/?gclid=CKDF0e2q6r0CFVKFfgodPrMAHA) and you get 38 results. Apparently CCHR sets up separate entities in each state — maybe they have to as a charity.
One of the Google Ads program restrictions is that you can only link to one legitimate website. So I imagine they will link to http://www.cchr.org/.
Anyway, this “grant” is something that any “non-profit” can use. It is nothing significant Google has given CCHR specifically. It is part of a program that no doubt profits Google while they can say they are helping non-profits. Further, given the eligibility criteria (which CCHR meet), if Google were to deny CCHR use of the program, they would be in a lawsuit and would probably lose.
I know Slashdot editors like to sleep on the job, but where does this story even come from? Is it really all based on a blog some supposed letter with no explanation behind it? Is this even true? Searching for it turns up some other articles (blogs) from sources I've never heard of, and nothing seems to point to this being real. Can somebody help me out here? Is the future of Slashdot fictional stories and Bennett's Blog?
I know he isn't, that's one of the reasons I was asking, his opinion on everything is about as worthwhile to hear as my own, and I know very little about the topic.
Given these answers, even though they're not from Bennett, it seems his argument is an impossible one to make, as it supposes money spent on research won't turn up multiple bugs (or the benefits of research can't be measured by any individual bug), that vulnerabilities are the only bugs worth fixing (otherwise black market value would have no effect on whether they continue looking for bugs) and that people are motivated only by the money. Your answers are roughly what I expected, and I'd imagine Bennett's answer for #3 would be the same which is what I was really aiming for. So what I gather is that people will spend time finding flaws in software because it's something to do, what the bug bounty program does is provide motivation to hand it over to the people who can fix it for everyone. That being the case, it's a safe bet the value of the efforts that go toward finding these flaws varies widely, some folks will get lucky and stumble across bugs quickly and some may not find anything for years. One major benefit of a bug bounty program is that, since there's no guarantee any given approach will yield worthwhile results, the company gets more results without a much larger investment. By paying out based on the severity of the bug and not the effort that goes into finding it, they're ensuring they never go over budget in finding any of those bugs, where as investigating themselves there is no guarantee they'll find anything after spending any amount of money.
How about some straight answers now, Bennett? What's your affiliation with Slashdot and why are you able to blog on their front page?
Okay, I'm obviously missing some important details not being a security expert. Clear a couple things up for me.
1. Do security researchers spend their efforts actively searching for one particular bug using one particular method, or do they try a lot of different things and expect to find a lot of different bugs of varying levels of importance?
2. Do companies looking at their own code for bugs only concern themselves with bugs that would be worth selling on the black market, or is every bug a concern for them?
3. Bit of an opinion question, how much would you consider spending to find a bug to sell for $100k considering the potential failure of the endeavor?
4. Do you think bug bounties are the primary motivation for white hats to research bugs, and if not what effect do they have?
Alright firstly, your posts are not to a news aggregate what chicken burgers are to McDonalds, especially considering McD's has never been a "beef hamburger joint" or anything so limited. Your posts are not some small deviation from the usual, they're not even always particularly "nerdy" in nature. A more apt comparison would be if McDonalds started selling coffee tables, it's completely unrelated and not what anyone goes to McDonalds for. In fact, it's like Slashdot selling coffee tables, except I bet they'd gain more visitors than they drive away with that one. As for this being the direction Slashdot wants to go in, are you affiliated with Slashdot and can you speak officially to this? Otherwise, I think even you need to admit it's very far out of place from everything else Slashdot consists of and arguably does not belong.
I think it's clear from the responses you receive here that the worth of your posts is debated about as much as the topics themselves. You'd get as much interesting discussion were the topic, "Should Numbnuts be allowed to blog on Slashdot's front page?" Beyond that, you may find your individual reasoning steps hard to argue against, but the rest of us don't. That's not to say you're not smart enough, but you probably already know that it's far easier to pick apart an argument coming from someone else than see the holes in your own. I still don't see why your opinion deserves to be on Slashdot any more than any other fool's opinion.
Now here's an easy question to give me a straight answer to: What's the process you follow for submitting these? Are you just filling out the submission form like anyone else and for some mysterious reason the editors post it?
Firstly, not infinite, stop using that word, nothing in this BS argument is infinite. There is a limited number of bugs, and a limited amount of time for anyone to find them. Second, you can not act as if the optimum black market price of an exploit is how much someone will spend to find it, nobody smart enough to find anything is dumb enough to ignore the high potential for failure. It's possible that someone else will have found it first, they might go over budget, there's even a chance they'll never find anything. You're also ignoring the possibility that many people don't care about the black market value because they have morals, but knowing there's a legitimate bug bounty program is enough motivation to keep chipping away in their spare time because it's more interesting than television and has the potential to yield a cash bonus sometimes. You make too many assumptions, your entire argument is based on them.
There you go spouting nonsense and not actually answering my question. I'd bet most of us who post on Slashdot could come up with an interesting post a week, something that will be interesting to a number of other people on the site. I think you'd have a hard time disagreeing with that, you'd have to have an ego the size of the moon to think you're the only one of us with anything interesting to say. Actually, given the size of the Slashdot audience, I'd wager anything that doesn't amount to mere gibberish will spark some discussion. So, if you accept your previous reasoning that articles which can potentially start an interesting discussion are beneficial with no cost, and you accept that many (any) of us could write something that would do the same, then you believe we should all be allowed to post on Slashdot's front page. After all, you can't disagree with the conclusion if you agree with the reasoning, right Bennet?
So why can't we all post our rants on the front page, Bennet?
The fact is your reasoning is BS, and you know it, because the same could be said about any junk you want to plaster on the front page. It's an opinion, Bennett, they're like assholes, and while I'm sure there's someone who could make the case that a picture of your asshole could spark an interesting discussion, I don't think we need to put one up, let alone a new one every week.
Slashdot is not a blog, yet you are able to use it as such when you think you have something interesting to say. Slashdot is a news aggregate, as I said before. Now please stop dodging this and give me straight answers to my questions:
What makes you think Slashdot, a technology news aggregate, is the place for you to plaster your obviously unpopular opinions and argue that you're right? And why is it that you get this special treatment, being allowed to post all your rants on the front page of Slashdot, while the rest of us are stuck in the comments section unless we write some popular, interesting article on our own site?
Come on, Bennet, prove to me (and maybe yourself) that you deserve your spot on the front page and the rest of us don't. Convince me you deserve so much as the time it takes to realize it's one of your posts and keep scrolling from everyone who reads Slashdot, and convince me I don't.
I'll get this. There's nothing to suggest anyone would ever pay so much for a vulnerability, and no guarantee you would find one first spending any amount of money. The "dubious premises" are that anyone would ever pay that much for a vulnerability, or spend that much on the assumption it will yield one. Your real world where there isn't infinite amount of time to scrutinize the code goes both ways, as long as you believe it would take devs to find a bug is how long it's reasonable to believe it would take malicious outsiders to find them. You can not pick and choose unrealistic conditions to make your case.
No, the problem is you didn't answer either of my questions at all. I'm not interested in knowing why you think this makes an interesting topic to debate, I'm interested in why you think this deserves to be on the front page of Slashdot, and why you are allowed to post it there.
As to your largely irrelevant post above, you yourself are arguing based on how you "feel." This is not some logically infallible argument, it's your opinion, and you need to get that through your skull. Your post is full of assumptions and estimations. I don't believe you have the expertise to fully analyze Microsoft's best decision from either a profit-motive standpoint or a security standpoint, certainly not without understanding the details of the bug first. I do believe Microsoft has employees with the expertise to determine such a thing, and I imagine they put them to use, so I'll trust they're already doing what's in their best interests. You are free to disagree, but that will only be how you "feel."
Moreover, your basic argument assumes that because another vulnerability will eventually be found, it isn't worth fixing what's known about today. This is an opinion, one I don't agree with and I don't see how you can reasonably feel this way either. If given a choice between stalling criminals at every turn, and letting them do as they please because they might eventually be able to anyway, I will always choose to stall them. Individual cases of identity theft can be far more costly than $50,000, and that's just the tip of the iceberg when it comes to security. I know you said "bug" and I said "vulnerability," but I don't imagine there's much of a black market value for any bug that can't be exploited.
Now that I've address your senseless ranting you can answer my questions, Bennett, no need to dodge.
What makes you think Slashdot, a technology news aggregate, is the place for you to plaster your obviously unpopular opinions and argue that you're right? And why is it that you get this special treatment, being allowed to post all your rants on the front page of Slashdot, while the rest of us are stuck in the comments section unless we write some popular, interesting article on our own site?
Is this really your response to people who don't agree with you? It's all going to come down to a matter of opinion, even if most of us don't share yours it's impossible to say any are right or wrong. This is the problem with the BS rants you post, it's all like that, you take some stance you KNOW will be unpopular, and you try to insist that you're right, when it's an impossible thing to prove. You are trolling, you are always trolling, you know it even if you don't want to admit it. This is why every time you post something there is an increasing number of complaints in the comments below. I'll admit, Slashdot is a great place to troll because most everyone will take the bait, but you're still only trolling.
It's time for you to respond to us, Bennett. What makes you think Slashdot, a technology news aggregate, is the place for you to plaster your obviously unpopular opinions and argue that you're right? And why is it that you get this special treatment, being allowed to post all your rants on the front page of Slashdot, while the rest of us are stuck in the comments section unless we write some popular, interesting article on our own site?
If you opt not to respond, I'll take it as an admission you know you don't deserve your front page spots on Slashdot and can't justify any of it, which I suspect to be the case.
It's time to put this idea to rest. The US military forces are not going to mindlessly follow orders that consist of deploying in their home country and shooting at the people they signed up to protect. This is not some oppressive regime that's been raising propaganda-fed zombies for generations. The US military consists almost entirely of good people, there may be some bad eggs (as with any group) but we do not need to fear our military the way you seem to. The same goes for the police, the FBI, anyone you can think of. There is no scenario I can imagine that would cause my brother in law, my cousins, and my friends to assist in herding my family and theirs into railroad cars or anything else as outlandish, nor would they stand idly by while someone else does it. There would surely be some who would follow, but the rest would stop them.
Most of the time, they don't, and generally when they do it's because they're not just trying to survive, they're trying to apprehend criminals. You can afford to let someone go if they don't intend to cause you bodily harm, they can not. And even police carry pepper spray and tasers, and they are trained to use them first in any case other than facing a suspect armed with a firearm and appearing intent on using it. Also, I didn't say you would never need a firearm, I said for anything short of killing. Officers are trained to fire only when it's necessary, when lives are on the line, they are ready to kill even if it isn't the preferred outcome. It's also worth noting that even officers make mistakes, I don't think anyone hasn't heard of at least one case of questionable use of force by an officer, if they're not 100% reliable then how can we argue the general population would be anything but worse?
Slashdot Mirror
Oh, and my degree? Computer Engineering. Outside of those few years in IT (where I transferred from the warehouse) I have never had a job where I use the skills I learned, and that's certainly not because I'd rather ring up shirts or move tables.
I've been laid off twice, once from a STEM job, the first time I went to several dozen interviews and took the first job I was offered, it was in retail, my standards were not high and my degree gained me nothing. The second time, after changing jobs and gaining several years experience running a small IT department, it took two years and I lost count of the interviews, finally I ended up in a hotel setting up function rooms. After almost a year of 50+ hour weeks and job hunting in between shifts, I'm out of that but still not applying anything from my major. I spend most of my days off looking for something better, and one day I'll find it. Some people I've kept in touch with since graduating have fared better, so I know it isn't so bad for everyone, but a few have had it worse. Specific reasons aren't often given when turned down, but several times I was told I was "overqualified" for the simple tasks they could offer, something I've been told means they don't want to hire someone they think will leave for something better. If you've been handed this BS excuse, you know there's no talking them out of it, they have options and you do not. This tells me we don't have any sort of shortage of skilled workers, or they wouldn't be so picky.
Oh, and it might also be worth pointing out that the article you cite only suggests there are enough jobs for 6% of jobless working age Americans. Are you going to try and convince me less than 6% of the jobless are looking for work? Stop being foolish. People aren't up in arms about wages and unemployment because they just don't feel like working.
Nobody is forcing them to pack up their family and move here. What you're describing is the same for anyone who needs to relocate for a job, though I admit it's more difficult when relocating to another country. All of the potential consequences need to be factored in if they're going to move, the same as for anyone else who relocates for a job or any other reason. If they're living a good life, one of the two is well employed, and they don't want to pack up and leave, they're not being forced to. As it is, unemployment and underemployment are still serious issues in the US for everyone, and that's killing marriages for citizens as well! While I can see people making the argument it isn't fair to tell the H1B workers' spouses they can't work, the H1B worker has already been granted a special privilege to be able to work here and it's also unfair to grant that same privilege to the spouse just for being married to them.
There are a lot of problems with our immigration system, and I would never suggest we stop allowing people to come to this country and work toward improving their lives, but the fact is there already isn't enough work to go around and it isn't fair to those of us already here to keep willingly increasing the rate at which we add workers to the pool, not until jobs are added at the same rate. It sounds like you'd have to be a dick to say, "You can't work in the country you live in," but that only looks at half the story. It's still pretty damn generous to say, "If you want, you can take your family and move to this country so you can be employed here, but your spouse won't be able to work while they're here." If that doesn't sound like a sweet deal, simple solution, don't take it. It's up to them to decide what's best for them, it's not up to us to sweeten the deal until it is what's best for them.
My understanding was that part of it is to study the effects of life in space on people. You can't really do that remotely. I'd say it's rather important, too, but I'm also one of those crazies that thinks the earth is getting crowded and expanding would be a fantastic idea.
My 17 month old can use my iPad,
FTFY. There is a difference between being able to use something and understanding something. To continue the car analogy you're enjoying, nobody's trying to force people to learn to rebuild their engine, but you shouldn't need to call someone to change a tire.
Programming or not, they should be required to learn more of computers than they do. Having spent a good amount of my early life showing up to fix minor problems and getting paid a silly amount of money for how easy it is, I can tell you a little education would go a long way towards saving time, money, and effort. To be honest, most people could figure out everything they need to on their own with a little persistence, but most aren't willing to try without being forced. That's what school does, it forces you to learn things that will be useful even if you don't like it. Given how much more prominent a role computers play in our daily lives now versus a decade ago, it's easy to imagine why some education might be necessary by the time today's elementary school children grow up.
As for attempting programming being torture if your mind doesn't work the right way, this is utter nonsense. The same argument could be made for nearly any subject in school. "My boy isn't wired for english, he's acing math though! What's he need english for? Take him out!" It's just as wrong no matter what you're talking about. I'm a little shocked you don't think your daughter should have to learn something because it's difficult, I'd think as a parent you'd see the value in both exposing children to more options at an early age and teaching them to overcome challenges.
Let's face it, most children today will be required to take a multitude of courses we don't really think are necessary to get through life but offer exposure to other things. We teach cooking, sewing, art, music, and more subjects because they expose our children to things they might not otherwise explore, things they might fall in love with when they try it or they might move on without thinking much of it. Just giving them the option is enough to convince us these things are still necessary, yet you would argue that a basic course in programming is too much and should be reserved for children who are lucky enough to discover it on their own and will go out of their way to find out more? Why are you so afraid of programming?
Programming doesn't have to be the big scarey monster people make it out to be, children can learn to write simple programs with ease. I wasn't given the option to take a programming course until high school, the course was offered for one year only and almost didn't happen because we didn't have the required number of students. We were taught by a teacher who'd never taken a programming course herself, and by the end of the first week we'd all written a couple of programs using Visual C++, including her. By the end of the year, everyone in the course knew some basics and we all felt much more comfortable with computers. That class was an elective, and several students had signed up not knowing what C++ was or even much about the basics of computer usage, but nobody failed and everyone came out with a better understanding of something they've likely had to use nearly every day. I know, that's high school and C++ isn't necessarily what elementary school children would learn, but in that class were several fine examples of people who learned programming that don't fit your narrow criteria.
Not everyone will come out ahead, mind you, students can fail a programming course just as easily as math, science, and English. That doesn't mean the subject failed, that means the student failed. It happens, and programming won't be easy for everyone, but everyone would benefit from being exposed to it.
This is a huge problem for me in exactly those types of levels. I do want to open every door, every single one, and I very rarely can. Admittedly, my favorite games are open world games which shouldn't have many areas inaccessible to the player, but I also play shooters and want the same thing. Battlefield 4 is full of elevators that only go from the lobby to the top floor or roof, I want to get out on the 32nd floor and kick the door in to the corner suite and set up my rifle where I won't immediately be spotted, taking that option away never makes sense from an immersion point of view. It only makes sense from a technological point of view. Does it create the possibility that 64 players will be roaming room to room with silencers in a hotel while ignoring the rest of a large map? Yes, and that's perfect. The previous post is entirely correct, while doors are important these questions are easy to answer.
Don't get me wrong, I believe game design to be rather difficult, but this is a poor attempt at explaining why. "The Door Problem" is not nearly as difficult as budget problems, working within technological limitations, or keeping a coherent storyline while letting the player make meaningful decisions. I speak from years of experience, in unrelated fields but experience none the less!
they lost $2.4 million yet the fine for one accomplice is is only $66,825???
You want to know the definition of pointless? Fining someone more money than they actually possess. You could demand $2.4 million if it makes you feel better, but you ain't getting it.
Probably worth pointing out that they charged 5,790 customers $75-$150 for this, at the low end that puts their profits around half a million dollars. At the high end, over $800k. The fine is entirely insufficient, which I'm still alright with because fining them enough would mean they're treated worse than corporations, and that's never fun to see.
I believe the $2.4 million number, it does say that 5,790 customers saved an average of $414 which puts it around $2.4 million, and savings like that wouldn't be difficult to achieve over maybe six months time without Comcast noticing the difference. As to the excuse, yeah it's nothing but. They have about 21 million customers, so this cost them a little over a dime per customer. I'm for fining the guys who did it, but jail time is completely ridiculous for how little this affected Comcast, as is suggesting they'd have to charge the rest of us more to make up for it.
Except it was the post he responded to that suggested to stop using one in favor of the other. Yeah, he's on Slashdot, saying please stop using Slashdot. As opposed to the post you responded to, where he doesn't even suggest you can't go to one if you go to the other but instead asks why the guy who's telling us to stop using Slashdot is commenting here instead of there.
Who looks stupid now, dumbass?
I'm not sure I understand the issue here. Russia has a seriously limited press, yes, but how does that lead to believing he shouldn't have asked the question at all. Wasn't this broadcast live? Even if many Russians couldn't watch it, many could and did. When a country has such a restricted press, the solution is not to stop trying to get the truth out. Sure, there are bigger issues, in Russia and elsewhere. But Snowden is now famous for revealing his home country's mass surveillance program, wouldn't it make sense for him to try and continue down that path? Would it have made more sense to you if he went to Russia and then started fighting for freedom for homosexuals and forgot all about mass surveillance?
Even in the US, we haven't done much about what he exposed, we haven't thrown anyone in jail for lying through their teeth about the program, instead we (and you, right now) have been focusing on discrediting the person who gave up everything in order to tell the truth. How can you sit there and say he should stop trying to expose corruption because the corrupt are too corrupt to care? Why don't we tell everyone under an oppressive government they should just give up and live with it?
Maybe instead of complaining that Snowden should've known better than to ask, you should be complaining that Putin is lying yet again, considering that's the actual problem. I can't understand why people think he should've just not bothered asking when he had the opportunity.
After watching a man sacrifice his chances of living a normal life, fleeing the country he grew up in after doing what he felt was right, why did so many readily believe he was willing to give up his principals so easily? Obviously Putin wasn't going to give a straight answer, whether in the US or Russia or anywhere else politicians lie when it suits them. How often do we go after reporters, attacking them for asking questions they don't receive truthful answers to? The entire incident seemed a clear attempt at discrediting Snowden, something that should have been exceedingly obvious to everyone. I applaud him for having the courage to put his own safety on the line and ask Putin about mass surveillance. I'm sure he fully expected the dodgy answer he got, he may have even expected further consequences from Putin and his lackeys, but I doubt he expected people to turn around and say he shouldn't have asked the question to begin with. He shows more courage still coming out and challenging Putin's answer in this article. We owe him our gratitude, respect, and an apology.
In that case, they deserve as much credit for supporting every other organization that doesn't agree with this view. Google's program would be just as helpful to a non-profit that advocates for psychiatrists, should we run a story about that and act like it makes them heroes to the community? How about we dig up a list of everyone they support so we can all blame them for supporting and opposing every controversial subject there is?
For that matter, why don't why all take the blame for allowing these organizations to exist? After all, we aren't stopping them, and we're funding a government that gives them tax breaks and benefits just for being non profits.
FOTF2012 says
April 18, 2014 at 11:26 am
The Boris letter is misleading. Makes it sound like CCHR applied for and got a grant from Google in the sense of a monetary gift.
Pretty much anyone can set up a Google ad words account (https://support.google.com/adwords/answer/1704354?hl=en) and then learn how to manage the details (https://www.google.com/grants/details.html). Here are the basic qualifications: https://www.google.com/grants/....
One requirement is to be a 501(c)3, which CCHR is. You can search for them on GuideStar (http://www.guidestar.org/?gclid=CKDF0e2q6r0CFVKFfgodPrMAHA) and you get 38 results. Apparently CCHR sets up separate entities in each state — maybe they have to as a charity.
One of the Google Ads program restrictions is that you can only link to one legitimate website. So I imagine they will link to http://www.cchr.org/.
Anyway, this “grant” is something that any “non-profit” can use. It is nothing significant Google has given CCHR specifically. It is part of a program that no doubt profits Google while they can say they are helping non-profits. Further, given the eligibility criteria (which CCHR meet), if Google were to deny CCHR use of the program, they would be in a lawsuit and would probably lose.
I know Slashdot editors like to sleep on the job, but where does this story even come from? Is it really all based on a blog some supposed letter with no explanation behind it? Is this even true? Searching for it turns up some other articles (blogs) from sources I've never heard of, and nothing seems to point to this being real. Can somebody help me out here? Is the future of Slashdot fictional stories and Bennett's Blog?
I know he isn't, that's one of the reasons I was asking, his opinion on everything is about as worthwhile to hear as my own, and I know very little about the topic.
Given these answers, even though they're not from Bennett, it seems his argument is an impossible one to make, as it supposes money spent on research won't turn up multiple bugs (or the benefits of research can't be measured by any individual bug), that vulnerabilities are the only bugs worth fixing (otherwise black market value would have no effect on whether they continue looking for bugs) and that people are motivated only by the money. Your answers are roughly what I expected, and I'd imagine Bennett's answer for #3 would be the same which is what I was really aiming for. So what I gather is that people will spend time finding flaws in software because it's something to do, what the bug bounty program does is provide motivation to hand it over to the people who can fix it for everyone. That being the case, it's a safe bet the value of the efforts that go toward finding these flaws varies widely, some folks will get lucky and stumble across bugs quickly and some may not find anything for years. One major benefit of a bug bounty program is that, since there's no guarantee any given approach will yield worthwhile results, the company gets more results without a much larger investment. By paying out based on the severity of the bug and not the effort that goes into finding it, they're ensuring they never go over budget in finding any of those bugs, where as investigating themselves there is no guarantee they'll find anything after spending any amount of money.
How about some straight answers now, Bennett? What's your affiliation with Slashdot and why are you able to blog on their front page?
Okay, I'm obviously missing some important details not being a security expert. Clear a couple things up for me.
1. Do security researchers spend their efforts actively searching for one particular bug using one particular method, or do they try a lot of different things and expect to find a lot of different bugs of varying levels of importance?
2. Do companies looking at their own code for bugs only concern themselves with bugs that would be worth selling on the black market, or is every bug a concern for them?
3. Bit of an opinion question, how much would you consider spending to find a bug to sell for $100k considering the potential failure of the endeavor?
4. Do you think bug bounties are the primary motivation for white hats to research bugs, and if not what effect do they have?
How about I just call you numbnuts instead?
Alright firstly, your posts are not to a news aggregate what chicken burgers are to McDonalds, especially considering McD's has never been a "beef hamburger joint" or anything so limited. Your posts are not some small deviation from the usual, they're not even always particularly "nerdy" in nature. A more apt comparison would be if McDonalds started selling coffee tables, it's completely unrelated and not what anyone goes to McDonalds for. In fact, it's like Slashdot selling coffee tables, except I bet they'd gain more visitors than they drive away with that one. As for this being the direction Slashdot wants to go in, are you affiliated with Slashdot and can you speak officially to this? Otherwise, I think even you need to admit it's very far out of place from everything else Slashdot consists of and arguably does not belong.
I think it's clear from the responses you receive here that the worth of your posts is debated about as much as the topics themselves. You'd get as much interesting discussion were the topic, "Should Numbnuts be allowed to blog on Slashdot's front page?" Beyond that, you may find your individual reasoning steps hard to argue against, but the rest of us don't. That's not to say you're not smart enough, but you probably already know that it's far easier to pick apart an argument coming from someone else than see the holes in your own. I still don't see why your opinion deserves to be on Slashdot any more than any other fool's opinion.
Now here's an easy question to give me a straight answer to: What's the process you follow for submitting these? Are you just filling out the submission form like anyone else and for some mysterious reason the editors post it?
Firstly, not infinite, stop using that word, nothing in this BS argument is infinite. There is a limited number of bugs, and a limited amount of time for anyone to find them. Second, you can not act as if the optimum black market price of an exploit is how much someone will spend to find it, nobody smart enough to find anything is dumb enough to ignore the high potential for failure. It's possible that someone else will have found it first, they might go over budget, there's even a chance they'll never find anything. You're also ignoring the possibility that many people don't care about the black market value because they have morals, but knowing there's a legitimate bug bounty program is enough motivation to keep chipping away in their spare time because it's more interesting than television and has the potential to yield a cash bonus sometimes. You make too many assumptions, your entire argument is based on them.
So why can't we all post our rants on the front page, Bennet?
The fact is your reasoning is BS, and you know it, because the same could be said about any junk you want to plaster on the front page. It's an opinion, Bennett, they're like assholes, and while I'm sure there's someone who could make the case that a picture of your asshole could spark an interesting discussion, I don't think we need to put one up, let alone a new one every week.
Slashdot is not a blog, yet you are able to use it as such when you think you have something interesting to say. Slashdot is a news aggregate, as I said before. Now please stop dodging this and give me straight answers to my questions:
What makes you think Slashdot, a technology news aggregate, is the place for you to plaster your obviously unpopular opinions and argue that you're right? And why is it that you get this special treatment, being allowed to post all your rants on the front page of Slashdot, while the rest of us are stuck in the comments section unless we write some popular, interesting article on our own site?
Come on, Bennet, prove to me (and maybe yourself) that you deserve your spot on the front page and the rest of us don't. Convince me you deserve so much as the time it takes to realize it's one of your posts and keep scrolling from everyone who reads Slashdot, and convince me I don't.
I'll get this. There's nothing to suggest anyone would ever pay so much for a vulnerability, and no guarantee you would find one first spending any amount of money. The "dubious premises" are that anyone would ever pay that much for a vulnerability, or spend that much on the assumption it will yield one. Your real world where there isn't infinite amount of time to scrutinize the code goes both ways, as long as you believe it would take devs to find a bug is how long it's reasonable to believe it would take malicious outsiders to find them. You can not pick and choose unrealistic conditions to make your case.
As to your largely irrelevant post above, you yourself are arguing based on how you "feel." This is not some logically infallible argument, it's your opinion, and you need to get that through your skull. Your post is full of assumptions and estimations. I don't believe you have the expertise to fully analyze Microsoft's best decision from either a profit-motive standpoint or a security standpoint, certainly not without understanding the details of the bug first. I do believe Microsoft has employees with the expertise to determine such a thing, and I imagine they put them to use, so I'll trust they're already doing what's in their best interests. You are free to disagree, but that will only be how you "feel."
Moreover, your basic argument assumes that because another vulnerability will eventually be found, it isn't worth fixing what's known about today. This is an opinion, one I don't agree with and I don't see how you can reasonably feel this way either. If given a choice between stalling criminals at every turn, and letting them do as they please because they might eventually be able to anyway, I will always choose to stall them. Individual cases of identity theft can be far more costly than $50,000, and that's just the tip of the iceberg when it comes to security. I know you said "bug" and I said "vulnerability," but I don't imagine there's much of a black market value for any bug that can't be exploited.
Now that I've address your senseless ranting you can answer my questions, Bennett, no need to dodge.
What makes you think Slashdot, a technology news aggregate, is the place for you to plaster your obviously unpopular opinions and argue that you're right? And why is it that you get this special treatment, being allowed to post all your rants on the front page of Slashdot, while the rest of us are stuck in the comments section unless we write some popular, interesting article on our own site?
Is this really your response to people who don't agree with you? It's all going to come down to a matter of opinion, even if most of us don't share yours it's impossible to say any are right or wrong. This is the problem with the BS rants you post, it's all like that, you take some stance you KNOW will be unpopular, and you try to insist that you're right, when it's an impossible thing to prove. You are trolling, you are always trolling, you know it even if you don't want to admit it. This is why every time you post something there is an increasing number of complaints in the comments below. I'll admit, Slashdot is a great place to troll because most everyone will take the bait, but you're still only trolling.
It's time for you to respond to us, Bennett. What makes you think Slashdot, a technology news aggregate, is the place for you to plaster your obviously unpopular opinions and argue that you're right? And why is it that you get this special treatment, being allowed to post all your rants on the front page of Slashdot, while the rest of us are stuck in the comments section unless we write some popular, interesting article on our own site?
If you opt not to respond, I'll take it as an admission you know you don't deserve your front page spots on Slashdot and can't justify any of it, which I suspect to be the case.
I did read far enough to realize that this person is an idiot.
So you only got to "Bennett Haselton writes:" then?
It's time to put this idea to rest. The US military forces are not going to mindlessly follow orders that consist of deploying in their home country and shooting at the people they signed up to protect. This is not some oppressive regime that's been raising propaganda-fed zombies for generations. The US military consists almost entirely of good people, there may be some bad eggs (as with any group) but we do not need to fear our military the way you seem to. The same goes for the police, the FBI, anyone you can think of. There is no scenario I can imagine that would cause my brother in law, my cousins, and my friends to assist in herding my family and theirs into railroad cars or anything else as outlandish, nor would they stand idly by while someone else does it. There would surely be some who would follow, but the rest would stop them.
Most of the time, they don't, and generally when they do it's because they're not just trying to survive, they're trying to apprehend criminals. You can afford to let someone go if they don't intend to cause you bodily harm, they can not. And even police carry pepper spray and tasers, and they are trained to use them first in any case other than facing a suspect armed with a firearm and appearing intent on using it. Also, I didn't say you would never need a firearm, I said for anything short of killing. Officers are trained to fire only when it's necessary, when lives are on the line, they are ready to kill even if it isn't the preferred outcome. It's also worth noting that even officers make mistakes, I don't think anyone hasn't heard of at least one case of questionable use of force by an officer, if they're not 100% reliable then how can we argue the general population would be anything but worse?