If it can't tell the difference between $9999 and $10,000 then its not good enough in my book. Then again, I can't think of any good reason to limit the cash people can travel with. However, protecting people from unreasonable search is more important by far than anything they are otherwise triying to do...it is supposed to be, one of their highest priorities!
But less than 10k is not illegal and even quite common, as in, you can pretty much expect everyone is carrying some amount. As such, everyone should be expected to be putting off these gasses. So basically....this is just a prop that can be used to justify a search on anyone they want to search but don't want to give the real reason.
Problem here is they are not looking for anything that is evidence of a crime. It is legal to carry money over the border up to a certain amount so, the smell of money doesn't actually indicate any crime, and isn't evidence of any crime.
Sounds like a bunch of bullshit to justify expenditures on cool new technology which will be quickly mothballed after its found to be useless or ruled by the courts to not be justification for extra scrutiny.
Not sure why it matters where the end points are. If we live in the same state and do business and I call your cell phone while you are in another state, should that state's laws apply?
I am in my state, they do business in my state, they have offices in my state. I don't see why it should matter where the particular employee I talk to is located at the moment I talk to them.
The fact that they are in india or the call routes through several states seems like it should have no bearing since I, and the entity I am doing business with both do business within the same state.
You have to look at the specific law though. My state, MA is listed as a "two party state" but digging a little more finds: http://www.dmlp.org/legal-guid... " (3) Massachusetts bans "secret" recordings rather than requiring explicit consent from all parties.). "
So, informing someone that they are being recorded is really the requirement, not "consent" though, I would argue that continuing a conversation after being informed of the recording is, in fact, consent. (barring any extraordinary circumstances of course like would normally otherwise be considered as precluding consent, of course)
> The real problem is that firing an underling reflects poorly on his manager(s). This is also the truth everywhere, of > course, but in normal enterprises there is this dirty and otherwise reprehensible "profit" to think about, so a bad > employee can still be fired even if the manager's record gets hurt in the process.
I think you are looking at the wrong problem. Yes, this exists but, I look at it this way:
If there is an underperforming employee who just isn't doing the work, there is, most likely, a problem with THAT employee. It may be one you can work with or fix, but, very likely it is localized; and there is a chance, either way, that replacing him fixes it.
If many employees are not doing the work however, the problem is likely not the employees but a more general systemic issue relating to management or work structure; and replacing the employees will likely be about as effective as rotating your tires because the battery stopped charging.
Ever seems to be missing the point. Sure, nearly everybody goofs off occasionally. Have I ever spent most of a work from home day goofing off? Sure. Have I ever dialed into a meeting and played video games because the meeting was totally useless for me? Yup. Ever encompasses many many things.
The thing is, the article isn't about how this one time a guy at the Patent office spent a day goofing off. Its about how goofing off, not doing the work, and then rushing the report is standard operating procedure.
You do get that there is a difference between something that someone did or something that happened and... how business is normally conducted. Like, its one thing to go out for lunch with your coworkers and all get drunk one day....its quite another to do it every day as a matter of course.
> 2. Don't know what happens if they charge your card and you've signed the agreement.
I call them up and let them know that if they don't remove the charge they are going to find out just how effective this policy is at getting them notoriety. Pretty sure I have a lot less to lose in the court of public opinion than they do.
I mean, depending on how you want to call it, you may or may not call the customer a victim in this scenario but...the real victim is the public who are being denied honest opinions; I have no qualms about letting the public know what one group of scammers is trying to pull over on them.
Except "We pay for a license so we have someone to sue" really means "we want someone to blame". You are right, the idea of an actual lawsuit over anything anyone says that about is true.... however, they will use the someone to blame, both to their customers, and for employees to their managers, managers to their directors etc.
What its really comes down to is they want to be able to say "We are working with support right now" so they don't have to take the heat for not knowing what the issue is right away, even if its unreasonable for them to.
Thinking back it was local in Boston so you are probably right. If there is one thing I am sure of, its that the people I was working for would never send us anywhere to go for a conference or pay any reasonable amount for it either; so whatever it was was something they got tossed in for free on a contract. Must have been one of those events.
Prior to working for them I had been to Usenix. Need to start making some requests for next year, I bet I can get these guys to send me to a conference.
> lol Hackers have been doing this for a very long time, but this is nothing new or smart a script kiddie could do it
Sure but it isn't so much about the technology being used as that they are now using it and legitimizing their use of it by targeting a group that is so reviled as to taint any discussion of how they were targeted.
I hate to say it, but this is pretty smart. They seem to have realized that using their new techniques against child porn is the best way forward for them because the issue has stigma to spare that can help quell dissent, then, once the practice is firmly established, they can quietly expand it to everything else they desire.
well.... I don't like to get into the label game of whether I am or am not a libertarian, I do have many such symptahies though.
That said.... there is respected....and there is respected.
On its face, it is hard to argue with such terms without also arguing with other kinds of NDAs which, while I tend to not be a fan of, I am not really dead set against either. In fact, I can only find one reason split that hair, but I do think its a decent reason.... bad reviews are a form of consumer protection and so they are actually asking you to cover up their quality so as to reduce other people's ability to make an informed decision. As such, I would generally be ok with saying.
That said, I should also point out that one has generally already paid by the time one writes a bad review. If they wanted to charge you, they would have to do it after the fact.
As such, I would say, I am ok with them having this policy and not ok with the force of the state being used to enforce its terms. So feel free to charge me $500, I am not going to pay, and i will never come to your establishment again, you can grow old and die thinking I owe you $500 for all I care. Enjoy your policy.
If VMWorld is the one I am thinking of, then I actually would recomend against it. It was a few years ago but I went to a "conference" put on by VMWare that was one of the most useless experiences of my career. Maybe my standards were set high by Usenix, but, I was not expecting every single "talk" to be some salesman in a suit giving me the dog and pony show on his product.
Wasn't a single presentation on anything useful, nothing on research projects, nothing but dogs and ponies.
Maybe I am mistaken and this was some event other than VMWorld that they held, but, if it is, then I can't recomend it at all.
Actually, in fairness, I don't believe Silk Road did allow this.
More what he is accused of is trying to hire a hitman after being blackmailed, threatening both him and his customers.
Although, from the looks of things, what he really did was get scammed by a blackmailer and a fake hitman.
I find it hard to be so black and white about a situation where threats are actually potentially putting lives on the line, its not like he had other recourse. The blackmailer was a former conspirator of his....honestly.... I have trouble applying normal morality to such a case..... a person entering into illegal business who then attempts to blackmail his former boss knows what he is getting into.... for his former boss to then kill him I don't put quite as much moral weight on as if it was pretty much anyone else in just about any other situation.
I almost put it more in the category of a boxer who kills his opponent in the ring. They both knew what they were getting into, what the stakes were. If a child walks up to a bear and gets mauled it is a tragedy. If a man walks into the path of a bear he didn't see, it is likewise. If a full grown adult tosses food around his own campsite to attrack the bears because he wants to see one, then punches it in the face..... maybe on some level its tragic but, its not nearly as tragic.
Um.... me too, and still never been even asked. In fact my last employer was basically a hospital (or rather if them and the hospital were facebook friends, their relationship status would be 'its complicated'). Now the actual insurance industry, that I could understand....they seem more um.... uptight.
Hospitals themselves I am pretty sure have the same issue as IT given what I have heard from the horses mouthes about doctors and drug habbits
nah its easier to just shrug it off when I get one wrong. As far as off topic comments go, it hardly even registers compared to the gay nigger brigade still trying to cover natilie portmans hot grits in pants; so overall.... could be worst.
Really? because its been my experience that most of the people subjected to employment drug testing are the lower salary employees. Then again, I work in IT where most companies don't drug test because they know what the results will be.
I have never, and will never, submit to a drug test. In fact, in the past decade, every single time I have been on the hunt for a new job and on the phone with an HR person, I have been silently practicing my vitriolic rant should they ask.
As of yet, nobody has asked, so nobody has gotten my rant.
People who get paid to piss in a cup for someone elses amusement are called prostitutes, and honstly, I have nothing against honest prostitutes; its only the ones who delude themselves into thinking they are something else that I take issue with.
> I have never been a fan of the quantum "weirdness" either. Everyone gets caught up in the Copenhagen > interpretation and Schroedingers' cat and all, and ignores a simpler explanation.
Ignores? I am a lay observer but I have yet to see one that actually explains.
> when single particles are allowed thru, we see only single points on the detector. > It is only when a flood of electrons are allowed that we see an interference pattern similar to that of a wave.
Wrong. when single particles are allowed through a single path yes. However, if multiple paths are available even a single particle interferes with itself. Take enough samples of a single particle going through with multiple paths, and you get an interference pattern: http://en.wikipedia.org/wiki/D...
The problem with the simple explanations is, we already know they are wrong. Between the double slit and the bell inequality, classical theories are pretty sunk. I would love to see a simpler model that actually predicts things like single particle interference and the violation of the bell inequality!
Well thanks for that. I was actually wondering recently why it was so hard to shop for pants. I have a hard size anyway, as I am built for a much smaller inseam than my waist (or rest of my torso) would seem to indicate. In fact, I would say if you look at my torso vs legs, I have the torso of someone several inches taller than me, and the legs of someone an inch or two shorter.
Looking back, I think this is why my childhood doctor was always suggesting my weight should be unreasonably low based on her height charts. I mean, she was right, I was overweight, but, not nearly by as much as she made it out, once I got into HS sports I found out her "ideal weight" for me based on height was about 10 lbs less than my lean body mass!
In any case, I find this makes pants shopping hard. Often over the years I have had to buy pants that were too long and then have the legs shortened, which is no help for inseam issues at all.
I am sorry that the advice I give for free on slashdot doesn't live up to the impossibly high standard of being unassailable by major national governments with deeper pockets than the vicar of christ.
Every system has weaknesses; if you have to worry about directed attacks by dedicated actors with the resources (time and skills, or money to hire them) to focus on your systems.... then by all means, don't take the free advice you get on slashdot and feel free to raise the bar high.
However, for everyone else, raising the bar even a little bit is enough. You have to understand there is a gulf in threats between "at risk of having data casually scraped or stolen by a trojan" and "the target of a directed attack" and then again "targeted by a group with resources". Each step you can take away from the first category of risk is huge, whereas every step away from the others, really only helps a little bit....unless you have good reason to fear it.
All true and yet, I don't see how any of that matters. The point of using the phone is it is something you have, and its not tied to the device you are connecting with. Yes, you may lose the phone more often, BUT...that just means you replace the phone and reload the software with a new key....BFD.
Stealing your phone doesn't reveal what systems you would connect to. Getting access to your laptop, doesn't provide the authentication token. Its about using two factors that are not tied to eachother in a way that a remote attacker can discern that improves the security of such a system.
which is why I strongly disagree that an app on the laptop is better.... because an app on the laptop is on the laptop, one device which connects to it all. Or another way to think of it...where is the safest place for the key to your safe.... in an unmarked envelope in your house....or in an unmarked envelope at your friend's house?
Even if your friend's house is less secure than your own, its still the better place because.... there is no way for the attacker to make the association needed to find it....even if it is your friend's house that he robs, even if he finds the key there!
Sure its not protection from specific kinds of attackers, but, if your security measures need to stand up to NSA levels of scrutiny, I have no problem declaring your requirements out of scope for this level of discussion, and far beyond most people who could benefit from simple tokens.
So this would: > prohibit the government from collecting all information from a particular service provider or a broad geographic > area, such as a city or area code
Sounds rather specific. My bet is this was very carefully crafted, with help of the NSA to specifically and publically ban a slice of activities so narrow and specific as to stop NOTHING that they are currently doing.
> For fans of software scheme: you must tell how your soft tokens resist attack by malware.
A solution doesn't have to be a panacea for all attacks. A soft token could be on your phone, assuming you do not also use the phone to directly access the service, that is pretty decent protection. I would consider needing to also find and gain access to your phone, in addition to whatever access they may otherwise be able to get, as a pretty decent addition to the resistence.
> Remember that to get pay-tv signals, folks were willing and able to design special ICs.
Remember that people were willing to pay for those ICs to decode signals they already otherwise had access to, meaning there was a rather large potential market for those ICs before they were produced, especially since it is decently hard to justify how you are doing anything wrong by simply recieving and manipulating a signal...you aren't even stealing a service, you are just, not using their descrabling service, just providing your own instead; for a signal you could already recieve.....
Slashdot Mirror
If it can't tell the difference between $9999 and $10,000 then its not good enough in my book. Then again, I can't think of any good reason to limit the cash people can travel with. However, protecting people from unreasonable search is more important by far than anything they are otherwise triying to do...it is supposed to be, one of their highest priorities!
But less than 10k is not illegal and even quite common, as in, you can pretty much expect everyone is carrying some amount. As such, everyone should be expected to be putting off these gasses. So basically....this is just a prop that can be used to justify a search on anyone they want to search but don't want to give the real reason.
Problem here is they are not looking for anything that is evidence of a crime. It is legal to carry money over the border up to a certain amount so, the smell of money doesn't actually indicate any crime, and isn't evidence of any crime.
Sounds like a bunch of bullshit to justify expenditures on cool new technology which will be quickly mothballed after its found to be useless or ruled by the courts to not be justification for extra scrutiny.
Not sure why it matters where the end points are. If we live in the same state and do business and I call your cell phone while you are in another state, should that state's laws apply?
I am in my state, they do business in my state, they have offices in my state. I don't see why it should matter where the particular employee I talk to is located at the moment I talk to them.
The fact that they are in india or the call routes through several states seems like it should have no bearing since I, and the entity I am doing business with both do business within the same state.
You have to look at the specific law though. My state, MA is listed as a "two party state" but digging a little more finds: http://www.dmlp.org/legal-guid...
" (3) Massachusetts bans "secret" recordings rather than requiring explicit consent from all parties.). "
So, informing someone that they are being recorded is really the requirement, not "consent" though, I would argue that continuing a conversation after being informed of the recording is, in fact, consent. (barring any extraordinary circumstances of course like would normally otherwise be considered as precluding consent, of course)
> The real problem is that firing an underling reflects poorly on his manager(s). This is also the truth everywhere, of
> course, but in normal enterprises there is this dirty and otherwise reprehensible "profit" to think about, so a bad
> employee can still be fired even if the manager's record gets hurt in the process.
I think you are looking at the wrong problem. Yes, this exists but, I look at it this way:
If there is an underperforming employee who just isn't doing the work, there is, most likely, a problem with THAT employee. It may be one you can work with or fix, but, very likely it is localized; and there is a chance, either way, that replacing him fixes it.
If many employees are not doing the work however, the problem is likely not the employees but a more general systemic issue relating to management or work structure; and replacing the employees will likely be about as effective as rotating your tires because the battery stopped charging.
Ever seems to be missing the point. Sure, nearly everybody goofs off occasionally. Have I ever spent most of a work from home day goofing off? Sure. Have I ever dialed into a meeting and played video games because the meeting was totally useless for me? Yup. Ever encompasses many many things.
The thing is, the article isn't about how this one time a guy at the Patent office spent a day goofing off. Its about how goofing off, not doing the work, and then rushing the report is standard operating procedure.
You do get that there is a difference between something that someone did or something that happened and... how business is normally conducted. Like, its one thing to go out for lunch with your coworkers and all get drunk one day....its quite another to do it every day as a matter of course.
> 2. Don't know what happens if they charge your card and you've signed the agreement.
I call them up and let them know that if they don't remove the charge they are going to find out just how effective this policy is at getting them notoriety. Pretty sure I have a lot less to lose in the court of public opinion than they do.
I mean, depending on how you want to call it, you may or may not call the customer a victim in this scenario but...the real victim is the public who are being denied honest opinions; I have no qualms about letting the public know what one group of scammers is trying to pull over on them.
Except "We pay for a license so we have someone to sue" really means "we want someone to blame". You are right, the idea of an actual lawsuit over anything anyone says that about is true.... however, they will use the someone to blame, both to their customers, and for employees to their managers, managers to their directors etc.
What its really comes down to is they want to be able to say "We are working with support right now" so they don't have to take the heat for not knowing what the issue is right away, even if its unreasonable for them to.
Thinking back it was local in Boston so you are probably right. If there is one thing I am sure of, its that the people I was working for would never send us anywhere to go for a conference or pay any reasonable amount for it either; so whatever it was was something they got tossed in for free on a contract. Must have been one of those events.
Prior to working for them I had been to Usenix. Need to start making some requests for next year, I bet I can get these guys to send me to a conference.
> lol Hackers have been doing this for a very long time, but this is nothing new or smart a script kiddie could do it
Sure but it isn't so much about the technology being used as that they are now using it and legitimizing their use of it by targeting a group that is so reviled as to taint any discussion of how they were targeted.
I hate to say it, but this is pretty smart. They seem to have realized that using their new techniques against child porn is the best way forward for them because the issue has stigma to spare that can help quell dissent, then, once the practice is firmly established, they can quietly expand it to everything else they desire.
well.... I don't like to get into the label game of whether I am or am not a libertarian, I do have many such symptahies though.
That said.... there is respected....and there is respected.
On its face, it is hard to argue with such terms without also arguing with other kinds of NDAs which, while I tend to not be a fan of, I am not really dead set against either. In fact, I can only find one reason split that hair, but I do think its a decent reason.... bad reviews are a form of consumer protection and so they are actually asking you to cover up their quality so as to reduce other people's ability to make an informed decision. As such, I would generally be ok with saying.
That said, I should also point out that one has generally already paid by the time one writes a bad review. If they wanted to charge you, they would have to do it after the fact.
As such, I would say, I am ok with them having this policy and not ok with the force of the state being used to enforce its terms. So feel free to charge me $500, I am not going to pay, and i will never come to your establishment again, you can grow old and die thinking I owe you $500 for all I care. Enjoy your policy.
Hows that for libertarian?
If VMWorld is the one I am thinking of, then I actually would recomend against it. It was a few years ago but I went to a "conference" put on by VMWare that was one of the most useless experiences of my career. Maybe my standards were set high by Usenix, but, I was not expecting every single "talk" to be some salesman in a suit giving me the dog and pony show on his product.
Wasn't a single presentation on anything useful, nothing on research projects, nothing but dogs and ponies.
Maybe I am mistaken and this was some event other than VMWorld that they held, but, if it is, then I can't recomend it at all.
Actually, in fairness, I don't believe Silk Road did allow this.
More what he is accused of is trying to hire a hitman after being blackmailed, threatening both him and his customers.
Although, from the looks of things, what he really did was get scammed by a blackmailer and a fake hitman.
I find it hard to be so black and white about a situation where threats are actually potentially putting lives on the line, its not like he had other recourse. The blackmailer was a former conspirator of his....honestly.... I have trouble applying normal morality to such a case..... a person entering into illegal business who then attempts to blackmail his former boss knows what he is getting into.... for his former boss to then kill him I don't put quite as much moral weight on as if it was pretty much anyone else in just about any other situation.
I almost put it more in the category of a boxer who kills his opponent in the ring. They both knew what they were getting into, what the stakes were. If a child walks up to a bear and gets mauled it is a tragedy. If a man walks into the path of a bear he didn't see, it is likewise. If a full grown adult tosses food around his own campsite to attrack the bears because he wants to see one, then punches it in the face..... maybe on some level its tragic but, its not nearly as tragic.
Um.... me too, and still never been even asked. In fact my last employer was basically a hospital (or rather if them and the hospital were facebook friends, their relationship status would be 'its complicated'). Now the actual insurance industry, that I could understand....they seem more um.... uptight.
Hospitals themselves I am pretty sure have the same issue as IT given what I have heard from the horses mouthes about doctors and drug habbits
nah its easier to just shrug it off when I get one wrong. As far as off topic comments go, it hardly even registers compared to the gay nigger brigade still trying to cover natilie portmans hot grits in pants; so overall.... could be worst.
Really? because its been my experience that most of the people subjected to employment drug testing are the lower salary employees. Then again, I work in IT where most companies don't drug test because they know what the results will be.
I have never, and will never, submit to a drug test. In fact, in the past decade, every single time I have been on the hunt for a new job and on the phone with an HR person, I have been silently practicing my vitriolic rant should they ask.
As of yet, nobody has asked, so nobody has gotten my rant.
People who get paid to piss in a cup for someone elses amusement are called prostitutes, and honstly, I have nothing against honest prostitutes; its only the ones who delude themselves into thinking they are something else that I take issue with.
> I have never been a fan of the quantum "weirdness" either. Everyone gets caught up in the Copenhagen
> interpretation and Schroedingers' cat and all, and ignores a simpler explanation.
Ignores? I am a lay observer but I have yet to see one that actually explains.
> when single particles are allowed thru, we see only single points on the detector.
> It is only when a flood of electrons are allowed that we see an interference pattern similar to that of a wave.
Wrong. when single particles are allowed through a single path yes. However, if multiple paths are available even a single particle interferes with itself. Take enough samples of a single particle going through with multiple paths, and you get an interference pattern: http://en.wikipedia.org/wiki/D...
The problem with the simple explanations is, we already know they are wrong. Between the double slit and the bell inequality, classical theories are pretty sunk. I would love to see a simpler model that actually predicts things like single particle interference and the violation of the bell inequality!
Well thanks for that. I was actually wondering recently why it was so hard to shop for pants. I have a hard size anyway, as I am built for a much smaller inseam than my waist (or rest of my torso) would seem to indicate. In fact, I would say if you look at my torso vs legs, I have the torso of someone several inches taller than me, and the legs of someone an inch or two shorter.
Looking back, I think this is why my childhood doctor was always suggesting my weight should be unreasonably low based on her height charts. I mean, she was right, I was overweight, but, not nearly by as much as she made it out, once I got into HS sports I found out her "ideal weight" for me based on height was about 10 lbs less than my lean body mass!
In any case, I find this makes pants shopping hard. Often over the years I have had to buy pants that were too long and then have the legs shortened, which is no help for inseam issues at all.
I am sorry that the advice I give for free on slashdot doesn't live up to the impossibly high standard of being unassailable by major national governments with deeper pockets than the vicar of christ.
Every system has weaknesses; if you have to worry about directed attacks by dedicated actors with the resources (time and skills, or money to hire them) to focus on your systems.... then by all means, don't take the free advice you get on slashdot and feel free to raise the bar high.
However, for everyone else, raising the bar even a little bit is enough. You have to understand there is a gulf in threats between "at risk of having data casually scraped or stolen by a trojan" and "the target of a directed attack" and then again "targeted by a group with resources". Each step you can take away from the first category of risk is huge, whereas every step away from the others, really only helps a little bit....unless you have good reason to fear it.
All true and yet, I don't see how any of that matters. The point of using the phone is it is something you have, and its not tied to the device you are connecting with. Yes, you may lose the phone more often, BUT...that just means you replace the phone and reload the software with a new key....BFD.
Stealing your phone doesn't reveal what systems you would connect to. Getting access to your laptop, doesn't provide the authentication token. Its about using two factors that are not tied to eachother in a way that a remote attacker can discern that improves the security of such a system.
which is why I strongly disagree that an app on the laptop is better.... because an app on the laptop is on the laptop, one device which connects to it all. Or another way to think of it...where is the safest place for the key to your safe.... in an unmarked envelope in your house....or in an unmarked envelope at your friend's house?
Even if your friend's house is less secure than your own, its still the better place because.... there is no way for the attacker to make the association needed to find it....even if it is your friend's house that he robs, even if he finds the key there!
Sure its not protection from specific kinds of attackers, but, if your security measures need to stand up to NSA levels of scrutiny, I have no problem declaring your requirements out of scope for this level of discussion, and far beyond most people who could benefit from simple tokens.
So this would:
> prohibit the government from collecting all information from a particular service provider or a broad geographic
> area, such as a city or area code
Sounds rather specific. My bet is this was very carefully crafted, with help of the NSA to specifically and publically ban a slice of activities so narrow and specific as to stop NOTHING that they are currently doing.
> For fans of software scheme: you must tell how your soft tokens resist attack by malware.
A solution doesn't have to be a panacea for all attacks. A soft token could be on your phone, assuming you do not also use the phone to directly access the service, that is pretty decent protection. I would consider needing to also find and gain access to your phone, in addition to whatever access they may otherwise be able to get, as a pretty decent addition to the resistence.
> Remember that to get pay-tv signals, folks were willing and able to design special ICs.
Remember that people were willing to pay for those ICs to decode signals they already otherwise had access to, meaning there was a rather large potential market for those ICs before they were produced, especially since it is decently hard to justify how you are doing anything wrong by simply recieving and manipulating a signal...you aren't even stealing a service, you are just, not using their descrabling service, just providing your own instead; for a signal you could already recieve.....