If you are going to get into active testing, then I think professional ethics demand you take precautions to avoid harming other users or their systems, even (or especially) by mistake.
If you have two computers, then set up a little testing lab for yourself. Take both machines off the Net but put them on the same LAN (preferably a wired LAN but wireless will do). Set up one box as the target with a Web server and the site of your design. Use the other to run your attacks, Kali Linux or whatever.
The reason to do all this on a LAN is quite simply to avoid accidentally scanning/attacking some unintended host, and to avoid violating any laws or terms of service that prevent you running attacks. If you test a target on the real Internet, you may accidentally hit something else by mistake, especially if you're a beginner. Whereas on your own LAN you can be as wild and experimental as you want and no one will complain.
It may sound like a lot of work to set up an isolated network, but explaining to an ISP or a judge that you really had perfectly innocent intentions is also a lot of work.
They're measuring re-arrest, not recidivism (committing new crimes). There is a difference: not all who commit crimes get arrested, and not all who get arrested have committed a crime. One of the key principles in _How to Lie with Statistics_ (excellent book) was the following:
Discover that you don't have data to support a desire finding (in this case, that we can predict who will re-commit crimes)
Provide data that supports some other finding instead (in this case, re-arrest rate)
Pretend there is no difference between your desired finding and your actual finding
It depends on whom you trust more -- a corporation or the US government.
I trust the government about as far as I can throw it. On the other hand, I trust corporations completely. I trust them to lie, cheat, steal, dump toxic waste, then get their government cronies to bail them out while the investors laugh all the way to the bank.
Our government is required to provide logical, reality-based legislation.
Is this an actual requirement written down somewhere, or one that you just made up?
Democracy includes irrational people. Do you really think they should be denied any representation or influence? Who decides who's rational "enough" for you?
How did we let it become the govts business what we do with our money?
We didn't. That was done by our ancestors (assuming you are also in the US) when they ratified the US Constitution, specifically Article 1, Section 8:
The Congress shall have Power... [t]o regulate Commerce with foreign Nations, and among the several States, and with the Indian Tribes;
That ship sailed more than 200 years ago and there is no point crying about it now. Perhaps you would be happier in some other country that has a weaker central government.
Technically, Federal authority wouldn't apply to cash or Bitcoin transactions by sneaker-net between two individuals who live in the same state, and where no goods or services from out-of-state are involved.
Actually, that breakdown is not in TFA, and is not linked from the summary. So while the article you cite is certainly relevant to the discussion and sheds a lot of light, I don't think it's fair for you to bitch about people not reading TFA when the key point you make didn't come from it, either.
I disagree. It took me a while to put my finger on it, but I finally worked it out.
You're right, there is nothing magical about 3D printing vs. a CNC mill or some unknown technology that may emerge 5 years from now. I think the point of the 3D printed AR-15 is a political one, to say that technology is irreversibly heading toward decentralized manufacturing. Is "gun control" even possible in this emerging world? Again, I think the point of the project to say "no!" So while you correctly point out that there's more than one decentralized manufacturing technology, I think my point still stands: regulation of guns as we knew it during the 20th century will not be effective in the 21st (whether it was effective in the 20th is now, as they say, overcome-by-events).
I expect an eventual overturning of this kind of state authority (and I say that as a big-government liberal), as the next generation of elected officials admits the futility of trying to regulate abundance as if it were scarcity. What will replace that authority is the central question of 21st-century democracy.
I just don't see how it matter what tech made the gun parts
Legally, it shouldn't matter. Practically, 3D printing has big implications for gun right/gun control.
The whole idea of gun control is based on a premise that making guns is hard, requiring precision equipment and expertise. Through the end of the 20th century, it required either a specially-tooled factory, an expert craftsman, or both. (Some guns like the AK series are easier to make than others.) So the approach to gun control was to regulate the factories and the sale of what the factories produce.
As you say, home manufacture is legal. It's not worth regulating: the expertise was rare, and the scale of production was low, and there were not any high-profile cases of homemade guns being used in heinous crimes.
3D printing changes the world so that making a gun no longer requires specialized equipment nor specialized skills. So from the gun-control point of view, there is a real risk of guns being made in secret, in a decentralized way that is hard to detect, and being trafficked outside the existing system of licensed dealers and background checks. So the old framework of gun-control laws won't work. A would-be criminal who can easily make his own gun neatly evades the whole system.
There big question is, what will replace the old legal model? There are many possible things the legislature could try, from giving up on gun control (unlikely) to trying to regulate the plans for gun parts (impractical, as we know from file sharing) to trying to clamp down on the printers themselves (scary).
This is how the tech used to make the gun parts matters.
At least three thousand years of legal history and tradition.
Marriage is a legal arrangement: at its root, a contract that strongly determines property rights and inheritance. In my country (USA), marriage carries literally hundreds of legal benefits ranging from tax breaks to fast-track naturalization.
So while it's natural to think of marriage as a very personal part of life, living and sleeping with someone is the personal part, and there is also a big legal aspect that ultimately the state is responsible for interpreting and enforcing.
Oh, I should add that in some parts of the world, where law enforcement is weak, white-collar crime *does* pay. This is why, in my opinion, rings of computer criminals in Eastern Europe or (famously) Nigeria are hard to eradicate: financially there's more reward there for crime than honest work.
I've come to regard law enforcement as creating a climate where crime can't flourish. Not totally preventing it, but preventing escalation.
Sir Garlon is a villain from an obscure, early part of the King Arthur legend. He had the power of invisibility and used it to ambush and murder other knights, apparently just for the lulz. So really that choice of nick is a nod to my repressed impulses for mayhem and the way anonymity encourages snarkiness.:-)
Oh, BTW, crime did not pay for Sir Garlon, either. He got whacked, I believe by Sir Balan, to avenge one of Balan's kinsmen.
I considered crime as a career option when I was young, and decided that it was for losers. Concealing repeated crime would require so much hard work and attention to detail, that anyone qualified to do it is also qualified for a rather high-paying job.
If you think about it, the saying "crime doesn't pay" is just another way of saying the labor market works.
The government would only do the absolute bare minimum that is authorised by the Constitution.
If you actually read that document, you will see that the "absolute bare minimum" explicitly includes construction of "post roads" (Article 1, Section 8).
There shouldn't be any "public property", it's an oxymoron, but if there is such a thing, then nobody should be allowed to profit from it, to do business and use it for business.
You have a strangely restrictive idea of who should be allowed to have property rights. If the duly elected representatives of the people determine that is prudent to, for example, build a highway, why should they not be able to purchase the land on which to build it and to operate the highway as the think best for their constituents? You see, if the road were privatized, there is a strong possibility that the highway would never be built at all, and that the owner would seek to maximize his own profit rather than promote the welfare of the general population.
The idea of public property has existed since at least Roman times. To eliminate public property is as much a fantasy as to eliminate private property, and equally misguided.
On a related note, I wonder if we are doing the wrong thing by eating/killing the larger members of various fish species while leaving the smaller ones alive.
There is an exhibit at the New England Aquarium about exactly this. It claims that fishing has drastically reduced the size of Atlantic cod since the 17th century.
If a company has 53,000 employees, they can't all be geniuses. I've encountered 3 Google employees in a professional setting and heard one reliable first-hand story from my wife. Out of that sample of 4, all the Googlers impressed me: two with their brilliance, and two with their stupidity.
To be fair, this is "crowdfunding" idea comes from someone whom Google spat out...
Now that I think about it, in some places, creating a traffic jam is not that hard. Here in Boston, traffic jams happen whenever it snows, whenever it rains, when the sky is clear and the sun is low in the sky (the traffic report calls it "solar glare"), when there's an accident (even in the opposite direction on an interstate highway: "curiosity delays"), whenever there's a Red Sox game or other event at Fenway Park, and when there's road construction. So based on the frequency of traffic jams and the diversity of causes, it does not seem to take much to cause a traffic jam around here. Rural Nebraska might be another story.
Now, to use faked traffic data to *prevent* a traffic jam, that would be a truly noteworthy hack!
A telco operator... could probably nail down your ability to lie pretty hard.... Google, if they have to trust an app... has a more difficult problem.
I agree completely. The *provenance* of data and the *procedures* used to collect, filter, and process it, critically affect its reliability. Yet even intelligent people seem not to get that. I say "how do you know the data is any good?" to friends and colleagues and they give me blank looks. But this is exactly what you need to know in order to decide whether you trust the conclusions based on that data.
My wife was working at a major university library when a Googler came by to dish about how awesome the future was going to be with Google aggregating and mashing up all kinds of information from all kinds of sources. When the librarians asked "how do you know which of those pieces of information are credible?", the Google executive had no answer and rushed out of the meeting on some hasty excuse.
I really think evaluating the trustworthiness of information needs a lot more attention both in the industry and the general public.
Correction: it was "don't *be* evil" (emphasis added). There is a subtle semantic distinction between doing some evil and actually being evil. Such hair-splitting is probably what lets Google managers sleep at night.
More from the link:
Our commitment to the highest standards helps us hire great people, build great products, and attract loyal users. Trust and mutual respect among employees and users are the foundation of our success, and they are something we need to earn every day.
Slashdot Mirror
If you are going to get into active testing, then I think professional ethics demand you take precautions to avoid harming other users or their systems, even (or especially) by mistake.
If you have two computers, then set up a little testing lab for yourself. Take both machines off the Net but put them on the same LAN (preferably a wired LAN but wireless will do). Set up one box as the target with a Web server and the site of your design. Use the other to run your attacks, Kali Linux or whatever.
The reason to do all this on a LAN is quite simply to avoid accidentally scanning/attacking some unintended host, and to avoid violating any laws or terms of service that prevent you running attacks. If you test a target on the real Internet, you may accidentally hit something else by mistake, especially if you're a beginner. Whereas on your own LAN you can be as wild and experimental as you want and no one will complain.
It may sound like a lot of work to set up an isolated network, but explaining to an ISP or a judge that you really had perfectly innocent intentions is also a lot of work.
They're measuring re-arrest, not recidivism (committing new crimes). There is a difference: not all who commit crimes get arrested, and not all who get arrested have committed a crime. One of the key principles in _How to Lie with Statistics_ (excellent book) was the following:
Does the more impulsive decision-making mean they're more likely to commit new crimes, or simply more likely to get caught?
And if he had gotten his wish, and crashed the aircraft, how long should we have locked him up then?
It depends on whom you trust more -- a corporation or the US government.
I trust the government about as far as I can throw it. On the other hand, I trust corporations completely. I trust them to lie, cheat, steal, dump toxic waste, then get their government cronies to bail them out while the investors laugh all the way to the bank.
Pshaw. Firearms are for pussies!
Is this an actual requirement written down somewhere, or one that you just made up?
Democracy includes irrational people. Do you really think they should be denied any representation or influence? Who decides who's rational "enough" for you?
Since you don't understand the anger, let me, or rather Charles Schulz, draw you a picture.
It's not about licensing cost, it's about migration cost.
We didn't. That was done by our ancestors (assuming you are also in the US) when they ratified the US Constitution, specifically Article 1, Section 8:
That ship sailed more than 200 years ago and there is no point crying about it now. Perhaps you would be happier in some other country that has a weaker central government.
Technically, Federal authority wouldn't apply to cash or Bitcoin transactions by sneaker-net between two individuals who live in the same state, and where no goods or services from out-of-state are involved.
Actually, that breakdown is not in TFA, and is not linked from the summary. So while the article you cite is certainly relevant to the discussion and sheds a lot of light, I don't think it's fair for you to bitch about people not reading TFA when the key point you make didn't come from it, either.
Does that include the Asian suppliers' and subcontractors' plants that actually manufacture all of Apple's products?
I didn't think so.
So perhaps Apple should not too their own horn very loudly on this.
You're right, there is nothing magical about 3D printing vs. a CNC mill or some unknown technology that may emerge 5 years from now. I think the point of the 3D printed AR-15 is a political one, to say that technology is irreversibly heading toward decentralized manufacturing. Is "gun control" even possible in this emerging world? Again, I think the point of the project to say "no!" So while you correctly point out that there's more than one decentralized manufacturing technology, I think my point still stands: regulation of guns as we knew it during the 20th century will not be effective in the 21st (whether it was effective in the 20th is now, as they say, overcome-by-events).
I expect an eventual overturning of this kind of state authority (and I say that as a big-government liberal), as the next generation of elected officials admits the futility of trying to regulate abundance as if it were scarcity. What will replace that authority is the central question of 21st-century democracy.
Legally, it shouldn't matter. Practically, 3D printing has big implications for gun right/gun control.
The whole idea of gun control is based on a premise that making guns is hard, requiring precision equipment and expertise. Through the end of the 20th century, it required either a specially-tooled factory, an expert craftsman, or both. (Some guns like the AK series are easier to make than others.) So the approach to gun control was to regulate the factories and the sale of what the factories produce.
As you say, home manufacture is legal. It's not worth regulating: the expertise was rare, and the scale of production was low, and there were not any high-profile cases of homemade guns being used in heinous crimes.
3D printing changes the world so that making a gun no longer requires specialized equipment nor specialized skills. So from the gun-control point of view, there is a real risk of guns being made in secret, in a decentralized way that is hard to detect, and being trafficked outside the existing system of licensed dealers and background checks. So the old framework of gun-control laws won't work. A would-be criminal who can easily make his own gun neatly evades the whole system.
There big question is, what will replace the old legal model? There are many possible things the legislature could try, from giving up on gun control (unlikely) to trying to regulate the plans for gun parts (impractical, as we know from file sharing) to trying to clamp down on the printers themselves (scary).
This is how the tech used to make the gun parts matters.
At least three thousand years of legal history and tradition.
Marriage is a legal arrangement: at its root, a contract that strongly determines property rights and inheritance. In my country (USA), marriage carries literally hundreds of legal benefits ranging from tax breaks to fast-track naturalization.
So while it's natural to think of marriage as a very personal part of life, living and sleeping with someone is the personal part, and there is also a big legal aspect that ultimately the state is responsible for interpreting and enforcing.
Oh, I should add that in some parts of the world, where law enforcement is weak, white-collar crime *does* pay. This is why, in my opinion, rings of computer criminals in Eastern Europe or (famously) Nigeria are hard to eradicate: financially there's more reward there for crime than honest work.
I've come to regard law enforcement as creating a climate where crime can't flourish. Not totally preventing it, but preventing escalation.
Sir Garlon is a villain from an obscure, early part of the King Arthur legend. He had the power of invisibility and used it to ambush and murder other knights, apparently just for the lulz. So really that choice of nick is a nod to my repressed impulses for mayhem and the way anonymity encourages snarkiness. :-)
Oh, BTW, crime did not pay for Sir Garlon, either. He got whacked, I believe by Sir Balan, to avenge one of Balan's kinsmen.
I considered crime as a career option when I was young, and decided that it was for losers. Concealing repeated crime would require so much hard work and attention to detail, that anyone qualified to do it is also qualified for a rather high-paying job.
If you think about it, the saying "crime doesn't pay" is just another way of saying the labor market works.
If you actually read that document, you will see that the "absolute bare minimum" explicitly includes construction of "post roads" (Article 1, Section 8).
You have a strangely restrictive idea of who should be allowed to have property rights. If the duly elected representatives of the people determine that is prudent to, for example, build a highway, why should they not be able to purchase the land on which to build it and to operate the highway as the think best for their constituents? You see, if the road were privatized, there is a strong possibility that the highway would never be built at all, and that the owner would seek to maximize his own profit rather than promote the welfare of the general population.
The idea of public property has existed since at least Roman times. To eliminate public property is as much a fantasy as to eliminate private property, and equally misguided.
There is an exhibit at the New England Aquarium about exactly this. It claims that fishing has drastically reduced the size of Atlantic cod since the 17th century.
If a company has 53,000 employees, they can't all be geniuses. I've encountered 3 Google employees in a professional setting and heard one reliable first-hand story from my wife. Out of that sample of 4, all the Googlers impressed me: two with their brilliance, and two with their stupidity.
To be fair, this is "crowdfunding" idea comes from someone whom Google spat out ...
Now that I think about it, in some places, creating a traffic jam is not that hard. Here in Boston, traffic jams happen whenever it snows, whenever it rains, when the sky is clear and the sun is low in the sky (the traffic report calls it "solar glare"), when there's an accident (even in the opposite direction on an interstate highway: "curiosity delays"), whenever there's a Red Sox game or other event at Fenway Park, and when there's road construction. So based on the frequency of traffic jams and the diversity of causes, it does not seem to take much to cause a traffic jam around here. Rural Nebraska might be another story.
Now, to use faked traffic data to *prevent* a traffic jam, that would be a truly noteworthy hack!
I agree completely. The *provenance* of data and the *procedures* used to collect, filter, and process it, critically affect its reliability. Yet even intelligent people seem not to get that. I say "how do you know the data is any good?" to friends and colleagues and they give me blank looks. But this is exactly what you need to know in order to decide whether you trust the conclusions based on that data.
My wife was working at a major university library when a Googler came by to dish about how awesome the future was going to be with Google aggregating and mashing up all kinds of information from all kinds of sources. When the librarians asked "how do you know which of those pieces of information are credible?", the Google executive had no answer and rushed out of the meeting on some hasty excuse.
I really think evaluating the trustworthiness of information needs a lot more attention both in the industry and the general public.
Correction: it was "don't *be* evil" (emphasis added). There is a subtle semantic distinction between doing some evil and actually being evil. Such hair-splitting is probably what lets Google managers sleep at night.
More from the link:
Nice words they've got there.