The cost of carrying out the sentence is about twice less in case of death penalty.
The same studies that look at these costs (http://www.ccfaj.org/rr-dp-official.html http://www.kslegislature.org/postaudit/audits_perform/04pa03a.pdf etc) give the reason why it is "more expensive" - the trial+appeal costs come out as far larger than the actual sentencing ($1m vs. $350t in one study).
The specially added due process criteria increase the appeals length and the court costs. And death sentence costs there include not only the final sentence, but keeping people for 10+ years average in deathrow, that's why the cost is even comparable, otherwise it would be completely insignificant compared to the court costs.
Life in prison is much more expensive and harming to the person than a quick death, IMHO. Let's just agree to disagree.
And skip the extremely violent types - there are cases of gunpoint-muggers, rapists and robbers going back to their ways after coming out of their x-th jail term at the age of 50 - death penalty for recidivists with 3-4 repeated convictions would solve the problem; otherwise any system & judge that lets him out after x years is just as guilty for any harm done to the next victim as the perpetrator himself.
Of course, the selectivity can also be done through admission - the very, very top universities have excellent graduation rates (up to 98%) by throwing out most of the sheeple before they even reach the doors.
A university that doesn't "destroy the lives" of at least 20-30% of it's initially admitted students by filtering them out during all the years and courses *IS* a diploma mill by definition. The value of courses is the education you get. The value of diploma is in it's selectivity, that not everybody has one. A respectable university must combine both.
Robots can be hacked and reprogrammed, soldiers cannot so easily.
In our current major conflicts, like Afganistan, the risk of rogue drones (which has happened) is insignificant to the huge number of cases where soldiers have turned on us - a noticeable percentage of troops, officers and demolitions experts trained by NATO forces have later went on to support the insurgents. If anything, I'd say that the drones will be more loyal in practice, simply their actions may have more PR-risk.
I'd not even focus on the specific cheating - if you are giving diplomas to unsuited people then naturally it reduces the reputation and worth of the university degree. In my area there are 3 large universities, the newest of which tends to not be so strict on the grading criteria and weeding out students who are really weak. It's quite a deliberate strategy, they keep the students and their fees, delay graduation and get paid for the repeated courses, etc. As a direct consequence, their diplomas are much less valued in the labor market - you may get a good education there, but their diploma doesn't really prove as much as those from the other 2 universities.
If a university is publicly stating that they will allow these idiots to pass, as in TFA; then the university is publicly saying that they have a general strategy that masses of idiots (30% of class is really a lot) will be eventually given diplomas. This public statement has immediately devalued the worth of their diploma already - it's pushing their reputation towards the one of a diploma mill.
If a university had publicly stated earlier that idiots won't ever get diplomas no matter as much they pay, stated it again on this occasion, and followed it up with action every time - then the degree would carry more weight. It takes decades, many years of strongly selected graduates to establish this reputation and much less to destroy it.
If cheaters get a diploma from your school instead of getting expelled then you are treated unjustly - as your education effort is devalued automatically by having your graduation "graded" with the same sheepskin as theirs.
It is non-trivial to produce something new and adequate, given how narrow&deep research areas are nowadays. In higher education it's typically considered that you would need a basic degree to reasonably understand the concepts that are discussed in some paper, and a masters degree + specialization in a sub-area to even understand if some idea that you have is new, done previously or rejected long ago. Developing and validating new concepts is generally the learning style of doctorate studies and post-doc research.
Heck, try doing something new in Optics 101 - if you can, then it's at least a patent-worthy concept, if not an ambition for a Nobel prize. Try doing something new in area such as interpretation of Shakespeare's plays, where every imaginable nuance has been covered probably a dozen times.
There is no way that even a third of third-year students in say, compsci or physics would be able to generate new knowledge. 90% of students wouldn't even understand the concepts and components in which to learn about the 'new thing' if it was repeatedly taught to them, let alone develop it themselves and explain it to others. You have to learn to stand up before you can run a marathon, and it generally takes a few years = a college degree to learn the basics of some area. In medicine, it takes years to just get a reasonable understanding of what exactly you are talking about when you mention body part X - and of course, you learn it and prove that you've learned it
In summary - your idea is not new, it has been done and is done, but not for the masses - that was how people got their degrees in middle ages (when PhD was pretty much the only degree that was given), and that's how people get their narrowly specialised advanced degrees nowadays. With very few exceptions, even the most advanced people would NOT be able to do a new thing for every first year course that they had; if a comp-sci PhD student is doing his thesis on new algorithms for quantum computing, my money is that he wouldn't really be able to create any new knowledge (without investing a few years into it) in, say, OS concepts or digital signal processing, which he had studied earlier but which are different subspecializations. Just as you wouldn't expect most heart surgeons to be able create any new knowledge at all in biochemistry.
In any normal business company, most of it's business needs lie outside the web, and so the software and any automation for human tasks lies outside their web domain. Even for companies with decent web presence - say, a bank which offers all of it's services from bill payments to loan applications and stock portfolio management also online, this web app is at most 5% of the code that they develop/use/maintain.
The only thing that would make a difference is these cases where a company is able to use off-shelf software for all it's core business needs and generic functions such as POS/invoicing/accounting/CRM, but somehow has decided to hold web-developers inhouse... graphics design shops come into mind, for example, but in general if a company doesn't have it's own IT development staff for other uses, then it would outsource the web part as well.
Such debug features circumvent any lower-level security completely. Even if the debug features can only be enabled from hardware (avoiding the obvious malware risk), then existence of such features is fundamentally incompatible with existence of such issues as secure drivers (like HDMI encryption or copy checks on DVD's, securom style), DRM even by use of hardware dongles, etc.
Banks generally do need to go above and beyond 'have a photo ID' to protect your money - they store the copy of your official ID to compare against the ID you (or "you") show next time, and to compare signatures, and to have a photo of the bad guy and solid evidence that it wasn't you if a forgery was presented the first time.
If you don't do this, then some shmuck with a forged ID can do stuff in your name. Oh - and that's the choice that most USA banks have made, so you suffer from identity theft much more than other nations do, as elsewhere just knowing your data is not that harmful to you.
It's just the classical saying 'a fool and his money are soon parted', just in different words.
The meaning is, that people who have shown their wits/intellect/ruthlessness/whatever by earning lots of money fall for such scams much more rarely than people who have 'found' the money by inheritance or lotteries - they seem particularly vulnerable statistically.
If a partner company isn't needed, then even in the most liberal first world countries the company would be closed down without question - only there the laws would ensure that the employees get decent termination compensation and the owners take the most of the loss for the failing business model.
If your business model is 'reselling adwords', then it's your bet with your capital that reselling adwords is something useful that people want to pay for. Well, it isn't - the link-sites border on spam and aren't useful to the market in the end.
Windows registry does not really have a secure concept of "app's own settings" - apps are encouraged to limit their settings to registry tree with the vendor and app name, but there's no secure mapping that would allow to check if virus.exe is or isn't really 'Microsoft\Internet Explorer'.
And it's the same with unix config files - what's stopping an exploit in linux firefox from writing not to FF settings file in your home directory, but to some other applications configfile?
Some connection to the internet is inevitable - SCADA's are usually used for distributed data, and having separate long-distance physical lines everywhere is not cost-efficient at all.
So there is often some connection to the internet required, even if it's just VPN piggybacking over a hundred standard net connections in different places.
A flat fine in case of non-commercial infringement, like this family; say 5-10 times more than the local jaywalking fine?
In case of for-profit infringement (like selling the stuff to others) the illegal gains + punitive multiplier (IIRC punitive damages as triple of the gains is usual)
Shopping in Walmart is definitely not a right, but I *do* have a right to not have my balls scanned or grabbed by Walmart staff when using their services.
How can you "launder" information on a mass scale if opt-in is required and companies are required to inform customers about the data source, if they ask? It would fall apart after the first or second complaint.
And if it is found out to be intentional or gross negligence, then the relevant company officers get personal administrative liability as well; and the fines would add up greatly if a dozen or more individuals complain, so I'd really doubt the laundering scenarios as realistic.
If it's stolen (conveniently or inconveniently), the original company has full financial liability for any consequences as it has failed in it's duty to safeguard the data; I'm not well informed of the enforcement details, though.
However, this essentially means that the data can be used for illegal purposes only, not for reasonable commerce; as if the 'acquiring' company wants to do some business in the EU it wouldn't even be allowed to legally use such data for e-mail spam.
There's no need to reinvent the wheel, the current EU legislation seems to cover all the border cases [maybe that's why the laws are so frigging huge] and no glaring loopholes have been published at the moment.
The main point is that even the original company is not allowed to do "bad" things, so any issues about others getting the data in whatever way (sale, acquisitions, mergers, theft, datamining, whatever) don't create a major problem, as the new company is bound by the same rules in any case. The only strict restriction in the law is about giving customer private data to companies outside EU jurisdiction, where the protections might not apply any more.
You can claim or blame all the exact same factors for infected flash-memory on a motherboard that you can blame for an infected flash-memory on an USB stick.
You don't need to "design a physical circuit", TFA refers to code in the chips sitting on PCI bus (i.e., any addon card and many parts of motherboard), and there is almost zero difference in the process to change what code is written on them and what code is written on a cd that you ship - whatever file an employee uploads, it's put there; and if the code works, then the QA process succeeds. And many of the chips are re-flashable by software afterwards, so a single targeted device can be infected deliberately as well.
Slashdot Mirror
The cost of carrying out the sentence is about twice less in case of death penalty.
The same studies that look at these costs (http://www.ccfaj.org/rr-dp-official.html http://www.kslegislature.org/postaudit/audits_perform/04pa03a.pdf etc) give the reason why it is "more expensive" - the trial+appeal costs come out as far larger than the actual sentencing ($1m vs. $350t in one study).
The specially added due process criteria increase the appeals length and the court costs. And death sentence costs there include not only the final sentence, but keeping people for 10+ years average in deathrow, that's why the cost is even comparable, otherwise it would be completely insignificant compared to the court costs.
Life in prison is much more expensive and harming to the person than a quick death, IMHO. Let's just agree to disagree.
And skip the extremely violent types - there are cases of gunpoint-muggers, rapists and robbers going back to their ways after coming out of their x-th jail term at the age of 50 - death penalty for recidivists with 3-4 repeated convictions would solve the problem; otherwise any system & judge that lets him out after x years is just as guilty for any harm done to the next victim as the perpetrator himself.
Of course, the selectivity can also be done through admission - the very, very top universities have excellent graduation rates (up to 98%) by throwing out most of the sheeple before they even reach the doors.
A university that doesn't "destroy the lives" of at least 20-30% of it's initially admitted students by filtering them out during all the years and courses *IS* a diploma mill by definition.
The value of courses is the education you get. The value of diploma is in it's selectivity, that not everybody has one. A respectable university must combine both.
Not US soldiers - the Afgan and Iraqi army troops trained by us.
http://www.lmgtfy.com/?q=afghan+army+defect+insurgents - the top link refers to an unit defecting just two weeks ago.
Robots can be hacked and reprogrammed, soldiers cannot so easily.
In our current major conflicts, like Afganistan, the risk of rogue drones (which has happened) is insignificant to the huge number of cases where soldiers have turned on us - a noticeable percentage of troops, officers and demolitions experts trained by NATO forces have later went on to support the insurgents. If anything, I'd say that the drones will be more loyal in practice, simply their actions may have more PR-risk.
I'd not even focus on the specific cheating - if you are giving diplomas to unsuited people then naturally it reduces the reputation and worth of the university degree. In my area there are 3 large universities, the newest of which tends to not be so strict on the grading criteria and weeding out students who are really weak. It's quite a deliberate strategy, they keep the students and their fees, delay graduation and get paid for the repeated courses, etc. As a direct consequence, their diplomas are much less valued in the labor market - you may get a good education there, but their diploma doesn't really prove as much as those from the other 2 universities.
If a university is publicly stating that they will allow these idiots to pass, as in TFA; then the university is publicly saying that they have a general strategy that masses of idiots (30% of class is really a lot) will be eventually given diplomas. This public statement has immediately devalued the worth of their diploma already - it's pushing their reputation towards the one of a diploma mill.
If a university had publicly stated earlier that idiots won't ever get diplomas no matter as much they pay, stated it again on this occasion, and followed it up with action every time - then the degree would carry more weight. It takes decades, many years of strongly selected graduates to establish this reputation and much less to destroy it.
If cheaters get a diploma from your school instead of getting expelled then you are treated unjustly - as your education effort is devalued automatically by having your graduation "graded" with the same sheepskin as theirs.
It is non-trivial to produce something new and adequate, given how narrow&deep research areas are nowadays.
In higher education it's typically considered that you would need a basic degree to reasonably understand the concepts that are discussed in some paper, and a masters degree + specialization in a sub-area to even understand if some idea that you have is new, done previously or rejected long ago. Developing and validating new concepts is generally the learning style of doctorate studies and post-doc research.
Heck, try doing something new in Optics 101 - if you can, then it's at least a patent-worthy concept, if not an ambition for a Nobel prize. Try doing something new in area such as interpretation of Shakespeare's plays, where every imaginable nuance has been covered probably a dozen times.
There is no way that even a third of third-year students in say, compsci or physics would be able to generate new knowledge. 90% of students wouldn't even understand the concepts and components in which to learn about the 'new thing' if it was repeatedly taught to them, let alone develop it themselves and explain it to others. You have to learn to stand up before you can run a marathon, and it generally takes a few years = a college degree to learn the basics of some area. In medicine, it takes years to just get a reasonable understanding of what exactly you are talking about when you mention body part X - and of course, you learn it and prove that you've learned it
In summary - your idea is not new, it has been done and is done, but not for the masses - that was how people got their degrees in middle ages (when PhD was pretty much the only degree that was given), and that's how people get their narrowly specialised advanced degrees nowadays. With very few exceptions, even the most advanced people would NOT be able to do a new thing for every first year course that they had; if a comp-sci PhD student is doing his thesis on new algorithms for quantum computing, my money is that he wouldn't really be able to create any new knowledge (without investing a few years into it) in, say, OS concepts or digital signal processing, which he had studied earlier but which are different subspecializations. Just as you wouldn't expect most heart surgeons to be able create any new knowledge at all in biochemistry.
In any normal business company, most of it's business needs lie outside the web, and so the software and any automation for human tasks lies outside their web domain. Even for companies with decent web presence - say, a bank which offers all of it's services from bill payments to loan applications and stock portfolio management also online, this web app is at most 5% of the code that they develop/use/maintain.
The only thing that would make a difference is these cases where a company is able to use off-shelf software for all it's core business needs and generic functions such as POS/invoicing/accounting/CRM, but somehow has decided to hold web-developers inhouse... graphics design shops come into mind, for example, but in general if a company doesn't have it's own IT development staff for other uses, then it would outsource the web part as well.
Such debug features circumvent any lower-level security completely.
Even if the debug features can only be enabled from hardware (avoiding the obvious malware risk), then existence of such features is fundamentally incompatible with existence of such issues as secure drivers (like HDMI encryption or copy checks on DVD's, securom style), DRM even by use of hardware dongles, etc.
Playing RB is much more fun than practicing guitar, even if you have one and play in some tiny band every week.
Banks generally do need to go above and beyond 'have a photo ID' to protect your money - they store the copy of your official ID to compare against the ID you (or "you") show next time, and to compare signatures, and to have a photo of the bad guy and solid evidence that it wasn't you if a forgery was presented the first time.
If you don't do this, then some shmuck with a forged ID can do stuff in your name. Oh - and that's the choice that most USA banks have made, so you suffer from identity theft much more than other nations do, as elsewhere just knowing your data is not that harmful to you.
It's just the classical saying 'a fool and his money are soon parted', just in different words.
The meaning is, that people who have shown their wits/intellect/ruthlessness/whatever by earning lots of money fall for such scams much more rarely than people who have 'found' the money by inheritance or lotteries - they seem particularly vulnerable statistically.
If a partner company isn't needed, then even in the most liberal first world countries the company would be closed down without question - only there the laws would ensure that the employees get decent termination compensation and the owners take the most of the loss for the failing business model.
If your business model is 'reselling adwords', then it's your bet with your capital that reselling adwords is something useful that people want to pay for. Well, it isn't - the link-sites border on spam and aren't useful to the market in the end.
Windows registry does not really have a secure concept of "app's own settings" - apps are encouraged to limit their settings to registry tree with the vendor and app name, but there's no secure mapping that would allow to check if virus.exe is or isn't really 'Microsoft\Internet Explorer'.
And it's the same with unix config files - what's stopping an exploit in linux firefox from writing not to FF settings file in your home directory, but to some other applications configfile?
Scotsmen have a solution that should also help with the laptop-caused problem.
Some connection to the internet is inevitable - SCADA's are usually used for distributed data, and having separate long-distance physical lines everywhere is not cost-efficient at all.
So there is often some connection to the internet required, even if it's just VPN piggybacking over a hundred standard net connections in different places.
Quite likely that's the point.
Though in any case that's just their reason to be sad about it, not their legal or moral right to prevent it.
A flat fine in case of non-commercial infringement, like this family; say 5-10 times more than the local jaywalking fine?
In case of for-profit infringement (like selling the stuff to others) the illegal gains + punitive multiplier (IIRC punitive damages as triple of the gains is usual)
Shopping in Walmart is definitely not a right, but I *do* have a right to not have my balls scanned or grabbed by Walmart staff when using their services.
How can you "launder" information on a mass scale if opt-in is required and companies are required to inform customers about the data source, if they ask? It would fall apart after the first or second complaint.
And if it is found out to be intentional or gross negligence, then the relevant company officers get personal administrative liability as well; and the fines would add up greatly if a dozen or more individuals complain, so I'd really doubt the laundering scenarios as realistic.
If it's stolen (conveniently or inconveniently), the original company has full financial liability for any consequences as it has failed in it's duty to safeguard the data; I'm not well informed of the enforcement details, though.
However, this essentially means that the data can be used for illegal purposes only, not for reasonable commerce; as if the 'acquiring' company wants to do some business in the EU it wouldn't even be allowed to legally use such data for e-mail spam.
There's no need to reinvent the wheel, the current EU legislation seems to cover all the border cases [maybe that's why the laws are so frigging huge] and no glaring loopholes have been published at the moment.
The main point is that even the original company is not allowed to do "bad" things, so any issues about others getting the data in whatever way (sale, acquisitions, mergers, theft, datamining, whatever) don't create a major problem, as the new company is bound by the same rules in any case. The only strict restriction in the law is about giving customer private data to companies outside EU jurisdiction, where the protections might not apply any more.
You can claim or blame all the exact same factors for infected flash-memory on a motherboard that you can blame for an infected flash-memory on an USB stick.
You don't need to "design a physical circuit", TFA refers to code in the chips sitting on PCI bus (i.e., any addon card and many parts of motherboard), and there is almost zero difference in the process to change what code is written on them and what code is written on a cd that you ship - whatever file an employee uploads, it's put there; and if the code works, then the QA process succeeds. And many of the chips are re-flashable by software afterwards, so a single targeted device can be infected deliberately as well.