Walmart also serves to illustrate the GP's point--they're not the #1 music retailer anymore, in part because they did not carry the products their customers wanted to buy.
Last night/b/ went to light blue text on yellow bg and an endless loop of "Cotton Eye Joe" playing. Today it's been DDOS'd into oblivion. Coincidence? I think not.
I'm no fan of spam but it's not clear to me how spam e-mail uses resources any more than banner ads do. When I visit WashingtonPost.com, I'm there to read news, not see an iPad ad. So the ad is unwanted.
The SWF of the ad is downloaded by my browser over my Internet connection, for which I pay. It's downloaded into my into my RAM and onto my harddrive, for which I paid. And the Flash plugin executing the SWF is using my processor time (i.e. electricity, for which I pay) to do so.
In most cases, I'd guess than an unwanted Flash banner ad actually uses more resources than a spam e-mail, which are usually text (since most e-mail clients now block images by default).
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses (x ) Mailing lists and other legitimate email uses would be affected ( ) No one will be able to find the guy or collect the money ( ) It is defenseless against brute force attacks (x ) It will stop spam for two weeks and then we'll be stuck with it (x ) Users of email will not put up with it ( ) Microsoft will not put up with it ( ) The police will not put up with it ( ) Requires too much cooperation from spammers (x ) Requires immediate total cooperation from everybody at once ( ) Many email users cannot afford to lose business or alienate potential employers ( ) Spammers don't care about invalid addresses in their lists ( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it (x ) Lack of centrally controlling authority for email ( ) Open relays in foreign countries ( ) Ease of searching tiny alphanumeric address space of all email addresses ( ) Asshats ( ) Jurisdictional problems ( ) Unpopularity of weird new taxes ( ) Public reluctance to accept weird new forms of money ( ) Huge existing software investment in SMTP ( ) Susceptibility of protocols other than SMTP to attack ( ) Willingness of users to install OS patches received by email ( ) Armies of worm riddled broadband-connected Windows boxes ( ) Eternal arms race involved in all filtering approaches ( ) Extreme profitability of spam ( ) Joe jobs and/or identity theft ( ) Technically illiterate politicians (x ) Extreme stupidity on the part of people who do business with spammers ( ) Dishonesty on the part of spammers themselves ( ) Bandwidth costs that are unaffected by client filtering ( ) Outlook (x ) E-mails from people you don't know
and the following philosophical objections may also apply:
(x ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical ( ) Any scheme based on opt-out is unacceptable ( ) SMTP headers should not be the subject of legislation ( ) Blacklists suck (x ) Whitelists suck ( ) We should be able to talk about Viagra without being censored ( ) Countermeasures should not involve wire fraud or credit card fraud ( ) Countermeasures should not involve sabotage of public networks ( ) Countermeasures must work if phased in gradually ( ) Sending email should be free ( ) Why should we have to trust you and your servers? ( ) Incompatiblity with open source or open source licenses ( ) Feel-good measures do nothing to solve the problem ( ) Temporary/one-time email addresses are cumbersome ( ) I don't want the government reading my email ( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x ) Sorry dude, but I don't think it would work. ( ) This is a stupid idea, and you're a stupid person for suggesting it. ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Commercial support corrupts. Look at the history at Game Spot, for example. Or the fact that the financial assistance by the government (and tax payers) to GE were not covered by GE owned news agencies.
It does not take money to corrupt an organization. But it does take money to run an organization--over $5 million per year for Wikipedia. So whether we like it or not, commerce is already playing a part and always will. IMO the big question is whether Wikipedia runs fairly and objectively, and answer is already no.
Commerce is not the only thing that can warp information. It can also be warped by individuals willing to spend their time pushing their own opinions, and excluding others.
Wikipedia editing has become increasingly bureaucratic and exclusive, which IMO is one reason that they are having trouble raising money. Personally, I'm not going to give to Wikipedia as it exists now: the personal playground of Jimmy Wales and his anointed administrative minions.
Wikipedia is already serving ads--they feature Jimmy's puppy-dog eyes begging for money. Broadening the ad base would do a lot to make the organization grow up and break out of the near-cult it has become.
So you are saying that US domestic flights are more international than Israeli flights (as far as ethnicity of passengers), and that the only reason their system works in Israel is because they only screen Arab-looking individuals rather than randomly picking people out of line, and those two reasons are why a system won't work in the US?
Ethnicities are not "international," (nationality and ethnicity are unrelated), but you've got the basic idea. At Iraeli checkpoints they want to see if you are a citizen and what you look and dress like. These are big factors in who they decide to question or screen more closely.
On U.S. domestic flights, pretty much everyone is a citizen and they all look and dress differently. There are fewer common criteria to use to narrow the field. So we have to rely more on the deterrence of random screening, and profiling based on data rather than appearance and citizenship.
We don't have a single point of failure. Scanners are in the news, but that doesn't mean it is the only thing in the TSA security stack. Haven't you heard of the "no fly list?" It's a form of profiling. They also try to flag people who do things like buy one-way tickets with cash. I've personally been pulled aside at security screening because I did not have any carry-on baggage--that is a form of behavioral profiling.
We all go through magnetometers now, and the obvious next step is to have us all go through more advanced scanners. They just haven't solved the technological and societal issues of doing so yet.
I certainly would never claim that the U.S. system works well, but it is a mistake to think that a system deeply rooted in one national situation (Israel) can be just as successful in another, very different, very much larger nation (the U.S.).
No, and this is my point. Just because the numbers add up a certain way, that does not imply that ANY individual person will ever be killed by the doses of radiation from the backscatter machine. You cannot treat epidemiological risk factors as direct causes.
Why does there have to be limits? If we could imagine a system of security that absolutely prevented the possibility of someone blowing up a plane, but was not unacceptably invasive, I think that is something we would all appreciate.
I think there are numerous problems with our security system, including unacceptable invasiveness and privacy violations. I just disagree with the premise that since other things are more dangerous, we should just stop improving our security.
Consider the invasiveness as one of many bugs to be solved.
The Israeli system achieves what efficiency it does by preferentially allowing white Israeli citizens to be screened lightly. The Israeli system is not fast, efficient, or pleasant if you are an Arab or a non-citizen. Most flights through Israeli airports are international, and most passengers are Israeli citizens--so the system works.
On most domestic U.S. flights, almost all passengers are U.S. citizens and yet there are likely people of every race and ethnicity. There are not easy criteria for profiling the way there are in Israel.
You can still profile by identity (no fly list) and actions (one-way flight bought with cash), and TSA is already trying to do those things. They are surprisingly hard to do because the airline ticketing system has evolved over decades as a bunch of isolated and incompatible airline-specific systems, in some cases still running old software and hardware.
Some people can be titilated by some really grotesque images. There's porn of old women, fat women, etc.
Which makes me wonder why anyone would go through the trouble of getting hired by TSA, hoping that they will be one of the few people assigned to these machines. I mean, it's not like it's hard to find naked (and hardcore pornographic) pictures of pretty much any body type, doing pretty much anything, on the Internet.
Using only empirical evidence: pre-9/11 a plane would never be purposely used for a missile to blow up buildings
You can't use a lack of empirical evidence to prove a negative. Empirical evidence can only disprove a claim. In this case you claim that terrorists would not want to blow up planes since there are better targets. I provided evidence that, in fact, they do want to blow up planes. If you need more proof, including some actual deaths:
The few leadership positions with security details (because of the line of presidential succession) skip all security checkpoints. Other members of Congress flying commercial are subject to the same screening as anyone else. Last year I was behind Ron Paul and his wife in line at National Airport in DC; both got pulled aside for pat-downs. I did not.
Both bombs failed because of incompetence. By the time the passengers were aware of them (from the fire, smoke, and smell), the bombs had already failed.
It's one thing to dislike the scanners, it's another to lie about events that actually happened.
Radiation exposure risk is cumulative over your life.
But not over multiple lives, which is why the "kill more people than terrorists" conclusion is a laughable abuse of statistics. The deaths are not the same. If a terrorist blows up a plane, the bomb is the direct causal (and therefore preventable) cause of death. Aggregated epidemiological statistics are not causal. The number one killer of Americans is heart disease; does that imply that serving someone a steak is as bad as shooting them in the heart?
There is still the matter of the cosmic ray exposure at 37,000 feet, which is hundreds to thousands of times greater amounts of ionizing radiation than you receive from the backscatter x-ray machine.
In other words if you're that concerned about ionizing radiation, why are you flying in the first place.
The chances of dying in a car accident are also quite low--you're much more likely to die of heart disease than a car accident.
And yet, safety is a major selling point for cars, and the government puts a lot of effort into designing safe roads and regulating safe cars. Why don't we all just call it "good enough" and focus our resources on nutrition, exercise, and Lipitor??
Maybe because if it's my family that is killed, I doubt the statistics of relative safety will comfort me. I'm guessing you would probably feel the same way.
Your question can be framed to question any effort of human improvement at all. "Linux is already more secure than Windows--why do we need to keep patching it?" See how silly that sounds?
Now that the threat to the general public is diminished the only thing a terrorist can do to a plane now is blow it up, and to that I say: so what? It's a waste of a terrorist organization's resources, they can accomplish much better kill and terror rates on other vectors.
You're making theoretical argument about whether terrorists would try to blow up a plane. But we have numerous, recent examples of actual terrorists trying to blow up planes--the underwear bomber less than a year ago, and the printer bombs more recently.
You're right that terrorists could choose to target airport security checkpoints, but do you understand that terrorism is not a zero-sum game? Just because terrorists could target other gatherings of people, that has no logical connection to the need to secure planes--especially since we have solid empirical evidence that planes are targets.
Well, DUH. Unless you prevent it
on
USB 'Dead Drops'
·
· Score: 1
The security risk is pretty obvious to people with some computer knowledge. And let's face it, people without some computer knowledge are never going to hear about these things--or bother to find them.
If I'm going to use a dead drop, obviously I'm not just going to log into my home account and then plug in. I'm going to boot off a CD or another USB, and then plug in to drop off or pick up. Or I'm going to use a sacrificial machine (netbooks or old laptops are cheap).
Settling a lawsuit does not create a legal precedent. When you settle a suit, what actually happens, legally, is that the plaintiff withdraws their complaint. As far as the court is concerned, the legitimacy of the claims was never examined and the case was never decided. So no precedent.
We use Flash on some of the sites I run, and we sniff for the plugin. If it's not present, or a version too old, we serve a link to the Flash player page on Adobe's site. Anyone who uses Flash and cares about UX is already doing this. Consumers can choose to download the plugin or not, but we make it easy to do so if they want.
The runtimes just won't be provided as part of the Mac OS distribution anymore. That is a good thing because Mac OS used to always ship out-of-date versions of both runtimes, so they lacked features and/or were insecure.
On iOS you cannot load them if you want to. In Mac OS X you just have to go get the latest version straight from the source. That is a good thing IMO.
Slashdot Mirror
Walmart also serves to illustrate the GP's point--they're not the #1 music retailer anymore, in part because they did not carry the products their customers wanted to buy.
Although maybe it had more to do with OLEV than the colors and music... :-)
Last night /b/ went to light blue text on yellow bg and an endless loop of "Cotton Eye Joe" playing. Today it's been DDOS'd into oblivion. Coincidence? I think not.
I'm no fan of spam but it's not clear to me how spam e-mail uses resources any more than banner ads do. When I visit WashingtonPost.com, I'm there to read news, not see an iPad ad. So the ad is unwanted.
The SWF of the ad is downloaded by my browser over my Internet connection, for which I pay. It's downloaded into my into my RAM and onto my harddrive, for which I paid. And the Flash plugin executing the SWF is using my processor time (i.e. electricity, for which I pay) to do so.
In most cases, I'd guess than an unwanted Flash banner ad actually uses more resources than a spam e-mail, which are usually text (since most e-mail clients now block images by default).
Your post advocates a
(x ) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
(x ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x ) It will stop spam for two weeks and then we'll be stuck with it
(x ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(x ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(x ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
(x ) E-mails from people you don't know
and the following philosophical objections may also apply:
(x ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
(x ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x ) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
Commercial support corrupts. Look at the history at Game Spot, for example. Or the fact that the financial assistance by the government (and tax payers) to GE were not covered by GE owned news agencies.
You mean like the time Wikimedia Foundation Chairman Jimmy Wales edited his own bio, in direct contravention of Wikipedia COI guidelines, to make himself look like the sole founder?
Or how Wikipedia editors increasingly invent new rules and revert new content, which serves to depress new authorship, and bias the material toward the preferred point of view of those editors?
It does not take money to corrupt an organization. But it does take money to run an organization--over $5 million per year for Wikipedia. So whether we like it or not, commerce is already playing a part and always will. IMO the big question is whether Wikipedia runs fairly and objectively, and answer is already no.
Commerce is not the only thing that can warp information. It can also be warped by individuals willing to spend their time pushing their own opinions, and excluding others.
Wikipedia editing has become increasingly bureaucratic and exclusive, which IMO is one reason that they are having trouble raising money. Personally, I'm not going to give to Wikipedia as it exists now: the personal playground of Jimmy Wales and his anointed administrative minions.
Wikipedia is already serving ads--they feature Jimmy's puppy-dog eyes begging for money. Broadening the ad base would do a lot to make the organization grow up and break out of the near-cult it has become.
So you are saying that US domestic flights are more international than Israeli flights (as far as ethnicity of passengers), and that the only reason their system works in Israel is because they only screen Arab-looking individuals rather than randomly picking people out of line, and those two reasons are why a system won't work in the US?
Ethnicities are not "international," (nationality and ethnicity are unrelated), but you've got the basic idea. At Iraeli checkpoints they want to see if you are a citizen and what you look and dress like. These are big factors in who they decide to question or screen more closely.
On U.S. domestic flights, pretty much everyone is a citizen and they all look and dress differently. There are fewer common criteria to use to narrow the field. So we have to rely more on the deterrence of random screening, and profiling based on data rather than appearance and citizenship.
We don't have a single point of failure. Scanners are in the news, but that doesn't mean it is the only thing in the TSA security stack. Haven't you heard of the "no fly list?" It's a form of profiling. They also try to flag people who do things like buy one-way tickets with cash. I've personally been pulled aside at security screening because I did not have any carry-on baggage--that is a form of behavioral profiling.
We all go through magnetometers now, and the obvious next step is to have us all go through more advanced scanners. They just haven't solved the technological and societal issues of doing so yet.
I certainly would never claim that the U.S. system works well, but it is a mistake to think that a system deeply rooted in one national situation (Israel) can be just as successful in another, very different, very much larger nation (the U.S.).
No, and this is my point. Just because the numbers add up a certain way, that does not imply that ANY individual person will ever be killed by the doses of radiation from the backscatter machine. You cannot treat epidemiological risk factors as direct causes.
Why does there have to be limits? If we could imagine a system of security that absolutely prevented the possibility of someone blowing up a plane, but was not unacceptably invasive, I think that is something we would all appreciate.
I think there are numerous problems with our security system, including unacceptable invasiveness and privacy violations. I just disagree with the premise that since other things are more dangerous, we should just stop improving our security.
Consider the invasiveness as one of many bugs to be solved.
The Israeli system achieves what efficiency it does by preferentially allowing white Israeli citizens to be screened lightly. The Israeli system is not fast, efficient, or pleasant if you are an Arab or a non-citizen. Most flights through Israeli airports are international, and most passengers are Israeli citizens--so the system works.
On most domestic U.S. flights, almost all passengers are U.S. citizens and yet there are likely people of every race and ethnicity. There are not easy criteria for profiling the way there are in Israel.
You can still profile by identity (no fly list) and actions (one-way flight bought with cash), and TSA is already trying to do those things. They are surprisingly hard to do because the airline ticketing system has evolved over decades as a bunch of isolated and incompatible airline-specific systems, in some cases still running old software and hardware.
Some people can be titilated by some really grotesque images. There's porn of old women, fat women, etc.
Which makes me wonder why anyone would go through the trouble of getting hired by TSA, hoping that they will be one of the few people assigned to these machines. I mean, it's not like it's hard to find naked (and hardcore pornographic) pictures of pretty much any body type, doing pretty much anything, on the Internet.
Using only empirical evidence: pre-9/11 a plane would never be purposely used for a missile to blow up buildings
You can't use a lack of empirical evidence to prove a negative. Empirical evidence can only disprove a claim. In this case you claim that terrorists would not want to blow up planes since there are better targets. I provided evidence that, in fact, they do want to blow up planes. If you need more proof, including some actual deaths:
http://www.nydailynews.com/news/national/2009/12/26/2009-12-26_long_history_of_horror_taking_to_skies.html
The few leadership positions with security details (because of the line of presidential succession) skip all security checkpoints. Other members of Congress flying commercial are subject to the same screening as anyone else. Last year I was behind Ron Paul and his wife in line at National Airport in DC; both got pulled aside for pat-downs. I did not.
Both bombs failed because of incompetence. By the time the passengers were aware of them (from the fire, smoke, and smell), the bombs had already failed.
It's one thing to dislike the scanners, it's another to lie about events that actually happened.
Radiation exposure risk is cumulative over your life.
But not over multiple lives, which is why the "kill more people than terrorists" conclusion is a laughable abuse of statistics. The deaths are not the same. If a terrorist blows up a plane, the bomb is the direct causal (and therefore preventable) cause of death. Aggregated epidemiological statistics are not causal. The number one killer of Americans is heart disease; does that imply that serving someone a steak is as bad as shooting them in the heart?
Disappointing to see such innumeracy on Slashdot.
There is still the matter of the cosmic ray exposure at 37,000 feet, which is hundreds to thousands of times greater amounts of ionizing radiation than you receive from the backscatter x-ray machine.
In other words if you're that concerned about ionizing radiation, why are you flying in the first place.
The chances of dying in a car accident are also quite low--you're much more likely to die of heart disease than a car accident.
And yet, safety is a major selling point for cars, and the government puts a lot of effort into designing safe roads and regulating safe cars. Why don't we all just call it "good enough" and focus our resources on nutrition, exercise, and Lipitor??
Maybe because if it's my family that is killed, I doubt the statistics of relative safety will comfort me. I'm guessing you would probably feel the same way.
Your question can be framed to question any effort of human improvement at all. "Linux is already more secure than Windows--why do we need to keep patching it?" See how silly that sounds?
Now that the threat to the general public is diminished the only thing a terrorist can do to a plane now is blow it up, and to that I say: so what? It's a waste of a terrorist organization's resources, they can accomplish much better kill and terror rates on other vectors.
You're making theoretical argument about whether terrorists would try to blow up a plane. But we have numerous, recent examples of actual terrorists trying to blow up planes--the underwear bomber less than a year ago, and the printer bombs more recently.
You're right that terrorists could choose to target airport security checkpoints, but do you understand that terrorism is not a zero-sum game? Just because terrorists could target other gatherings of people, that has no logical connection to the need to secure planes--especially since we have solid empirical evidence that planes are targets.
And the only reason he failed to put a hole in that plane was his own incompetence. Maybe not the best model for how we should do things.
Like most big physics done at CERN, ALPHA is a broad collaboration between many nations.
http://alpha.web.cern.ch/alpha/
The security risk is pretty obvious to people with some computer knowledge. And let's face it, people without some computer knowledge are never going to hear about these things--or bother to find them.
If I'm going to use a dead drop, obviously I'm not just going to log into my home account and then plug in. I'm going to boot off a CD or another USB, and then plug in to drop off or pick up. Or I'm going to use a sacrificial machine (netbooks or old laptops are cheap).
Settling a lawsuit does not create a legal precedent. When you settle a suit, what actually happens, legally, is that the plaintiff withdraws their complaint. As far as the court is concerned, the legitimacy of the claims was never examined and the case was never decided. So no precedent.
We use Flash on some of the sites I run, and we sniff for the plugin. If it's not present, or a version too old, we serve a link to the Flash player page on Adobe's site. Anyone who uses Flash and cares about UX is already doing this. Consumers can choose to download the plugin or not, but we make it easy to do so if they want.
The runtimes just won't be provided as part of the Mac OS distribution anymore. That is a good thing because Mac OS used to always ship out-of-date versions of both runtimes, so they lacked features and/or were insecure.
On iOS you cannot load them if you want to. In Mac OS X you just have to go get the latest version straight from the source. That is a good thing IMO.