People who argue that changing passwords frequently* is a waste of time has not had to deal with the security issue of people sharing their passwords on a regular basis.
People who argue that rotating passwords frequently is a good solution to password sharing are missing the point: password sharing means either: 1) People who should not have access to facilities are routinely being given it by others, or 2) People who should have access to facilities are not given reliable enough access to it in their own name.
Rotating passwords frequently does not address either of these problems. OTOH, it makes it more likely that people will be unable to remember their passwords and will, therefore, write them down somewhere near their computer for ready reference, which creates its own problems.
As an IT team we've done our best to abstract that concept by allowing anyone to log onto any computer in the network so long as they have an account, and mapping network drives automatically based on your permissions, but suffice to say some people just don't understand that. Someone will still only save to "My Documents" or C: drive, because thats what they do at home.
You can certainly redirect "My Documents" (and most other profile folders) to network locations, and you can make the rest of the C:\ drive writable only to administrators and not make normal users administrators. Problem solved.
We had this issue come up last summer where a manager knew a few people's passwords, and after being fired, was using the webmail client to snoop on emails.
And rotating passwords may limit the time of exposure to such attacks, but doesn't prevent them, so if there is anything truly sensitive exposed, it doesn't protect it. What an IT organization ought to do is deal with the reasons people are routinely sharing passwords.
When those machines get to a desktop size, you'll probably be able to print them cheaper than you can buy them.
No, just as with desktop printers, when the machines get to desktop size, the one-time cost of the machine will be more affordable, but the per copy production time will be longer and the per copy cost in consumables will be higher that what the large machines used by firms that do POD printing with a higher production volume use.
To the extent its preventing illegal copying, so what? The copying is illegal, but trivial cost and effort to do without the DRM. The DRM is illegal to remove, but trivial cost and effort. Net result: with or without the DRM, the illegal copying is illegal, and trivial in cost and effort.
Amazon announced that for every 100 hardback books they sell, 180 eBooks are sold.
Since many print books are never even released in hardback, being released first in paperback (this is true both of technical books that are only released as large-format softcovers, and many novels, etc., that are released only as mass-market paperbacks.)
Wake me up when ebooks sell more than paperbacks, and when the numbers are overall in the market and not just from one particular retailer that sells both and has been heavily promoting ebooks.
It depends; if it's a PC I prefer the glossy; they do seem sharper. But I wish my netbook had a matte screen, as it would be easier to read outside.
The glossy screens on my netbook and the newer of my two traditional laptops are generally easier to read outside than the matte screen on the older of my traditional laptops, though the glossy screens are more prone to glare with a bad lighting angle. In general, the glossy screens I've seen have greater maximum brightness then the matte alternatives, which is pretty key to visibility in bright ambient light.
food. The direct-to-video and Youtube phenomenon are more about smaller (and individual) producers doing their own thing, not something that's made-to-spec by the studios to act as filler.
Youtube, maybe. Lots of "direct-to-video" is made-to-spec formulaic sequels produced by the studio system; its different from classic B-movie as its not intended to complement a "bigger" movie in the same way (though, quite often, they do ride on the coattails of a bigger movie in a different way, as they are often sequels to moderately successful movies that weren't direct to video, but where the appeal of a sequel is not strong enough for a theatrical release of a sequel.)
It did not help that we were bullied into joining the Coalition of the Unwilling
"Bullied"? I thought it had something to do with NATO.
No, the so-called "Coalition of the Willing" that the US brought to bear agaisnt Iraq had nothing to do with NATO.
The mutual defense obligations under the NATO treaty had something to do with the NATO response in Afghanistan, because the US was attacked by terrorist based in and supported by the de facto government of Afghanistan.
There have been successful terrorist attacks around the world since 9/11.
Yes, one of them in L.A.
Terrorists groups have re-asserted their ongoing desire to conduct similar attacks with in the US.
And, you know, terrorists are always honest and straightforward about their intentions, and never say one thing and do another.
Moreover, some such attempts have been made in the US but largely prevented.
The ones that have been prevented in the US for which information has been made public each fall into one or more of the following categories:
1. Ones where the government undercover agent involved had to push very hard to get the "plotters" beyond idle chatter, 2. Ones which were detected and broken up using tools that were in place prior to 9/11. 3. Ones which would not have succeeded even if the terrorist were allowed to carry them out as planned because the plan was that broken.
Actually, all this focus on "it must have worked because there were no attacks after" ignores a crucial point: there haven't actually been foreign terror attacks in the USA _before_ 9/11 for a very long time.
It also ignores the even more critical point that there has been at least one foreign terrorist attack (though not a mass casualty attack) in the US after 9/11.
I bought a magic talisman that prevents tiger attacks, it must work cause I have no been attacked by any tiger yet for the 10 years I have worn it.
The problem with asserting that this is the thinking that underlies the idea that "no terrorist attacks on U.S. soil since 9/11" can be the proof of the validity of any policy that is supposedly credited with this effect, is that unlike the "magic talisman" that prevents tiger attacks, there have been several terrorist attacks on US soil since 9/11.
There were, for instance, the anthrax attacks. Since those have been blamed on a domestic source, the claim is sometime phrased as "no foreign terrorist attacks since 9/11".
But even that's problematic, since the LAX airport counter attack was carried out by a foreign (and, according to government reports at the time, al-Qaeda-linked) terrorist. Though it appears to have been a lone-wolf operation, not an organized one.
So, really, the whole claim on post-9/11 terror prevention not only requires magic talisman thinking, it also requires ignoring the actual occurrences of the event that the talisman supposedly protects against.
Yes, but not necessarily in the newspaper or on the newspaper's website.
Since GP was in response to GGP countering a post on Slashdot (not the newspaper or its website) about whether or not the newspaper's action was a good idea by saying its the newspapers right whether or not its a good idea, your response (while true) is a non-sequitur in just the same way that GGP was.
For example, two of Glenn Beck's purported heroes are Thomas Paine and Martin Luther King Jr. Both of those men were hard-core socialists, and advocated radical (for their time) socialist agendas
Calling Paine a socialist is somewhat problematic. While he no doubt had some ideas that were later echoed in socialism, at his time "socialism" doesn't exist, and some of his positions don't match really well with socialism. Its kind of like calling Adam Smith a socialist -- while Smith's critique of the mercantile class and their influence over society is not all that different from Marx's critique of capital and its influence (differing primarily in that Smith, writing at a time before land was as commoditized as it was in Marx's time, writes a countervailing praise of the landed classes.)
Although, if you were to argue that Paine held ideas that, in others, Glenn Beck has expressly labelled as "socialist", that would probably be an easier case to make than that Paine was a socialist.
Well, not quite. What I was really proposing is actually more like a three or four tiered system, with:
1. Stuff that is whitelisted: treated as most likely not spam and presented to user. 2. Stuff that is neither whitelist nor identified as probable spam by traditional spam filtering: treated/flagged as possible spam and presented to user. 3. Stuff that is caught as probable spam by traditional spam filtering, treated/flagged as probable spam and presented to user. 4. Stuff that is caught as near-certain spam or clearly dangerous by existing filtering: blocked entirely and not delivered to user.
(3 and 4 can be separate, or only one of those treatments can be applied to both categories.)
really, there's no way around this that can't also be worked around by the spammers.
There's a fairly simple way around it on the client end (and which could easily be implemented by webmail providers); allow the user to designate "safe" domains, any mail that isn't from a known contact or a domain identified by the specific recipient as "safe" is shunted to an "unsolicited" box (or tagged "unsolicited"), essentially serving as a lower-probability "possible spam" box to a traditional Spam mailbox/tag.
Yeah, okay, it doesn't mesh with your personal experience. So what? People's personal experiences often conflict, but trying to generalize from personal experience is a pretty limited utility approach in developing useful, generally applicable knowledge.
Leveraging statistical methods and the scientific method in structured investigations (such as those reported in TFA) is a much more useful manner of gaining an understanding of how the world works generally than simply extrapolating one person's personal experience.
Try getting onto the highway on a short on-ramp behind a Prius or Smart or similarly underpowered vehicle, and tell me otherwise
The Prius isn't underpowered. If someone is not accelerating fast enough to merge safely, either the ramp is incredibly poorly designed or the driver is incompetent or distracted/impaired.
I will admit, I see just as many large engined vehicles over on the shoulder after a failed merge as underpowered ones, but that's due to incompetent drivers and a worthless licensing system.
But if it is just as many, as you say, and since those factors (incompetent drivers and worthless licensing system) should apply just as much to "underpowered" vehicles as "large engined" ones, there is no indication in the experience you relate that there is any special problem associated with underpowered vehicles.
Using the tax code to influence behavior is evil. Allow taxes only for revenue generation and you prune back government corruption considerably.
You actually don't. It really doesn't matter on whit if you provide incentives through the tax code (e.g., via tax credits) or outside of it (through direct subsidies), except that the latter, by requiring a separate payment operation, increases the administrative costs and required bureaucracy.
Now, if you would rather not use government to influence behavior, that's a different discussion. But, assuming government is doing it at all, doing it through the tax system promotes efficiency compared to a separate operation that amounts to the left hand taking and the right hand giving.
The reasons people in lower socioeconomic strata do worse (even absent computers) are varied, but the biggest problem is lack of support in the home environment. In fact, last I saw stats, socioeconomic status ("low income") didn't seem to be the driving factor, so much as something covariant with the real driving factor that most tightly correlated with student success -- the parent's level of educational attainment. It's not hard to see how, both in terms of values and moral support and more direct support (homework help, guidance, etc.) this works.
Getting a computer at home could be a powerful tool for improving education, or it could be a distraction. Which it is -- as with anything else -- most likely depends largely on other factors in the home environment, including what your parents are willing and able to support you in doing with it. Clearly, the big disadvantage here rests with the same group that is disadvantaged to start with.
So, yeah, throwing computers at low-income children (and, probably more specifically, those whose parents are themselves poorly educated) with no other support is going to serve mostly as a distraction rather than an educational tool.
Computers, the internet, etc., can be powerful educational tools, but they don't substitute for education, just like giving an infant wood and nails isn't the same as giving it a home.
If we find the one gene or series of genes which cause the disease, why not shut those genes off?
I direct you to my response to GP (well, with the "their/there" error corrected):
Why don't they find the serial killer gene instead?
Because there probably isn't one.
What is the social benefit of serial killing rapists?
I never said there was a social benefit of becoming a serial killer of any kind; I said that (because links between genes and behavior are rarely simple) its quite likely that if there is a gene or set of genes that increases the overall likelihood of someone with it becoming a serial killer, the same gene or set of genes could quite possibly also have other effects, which are socially beneficial. Whether in any particular person the undesirable effects, the desirable effects, both, or neither manifest could be (as is often the case) determined not by the genetics alone but the genetics combined with environmental triggers.
Why don't they find the serial killer gene instead
Because their probably isn't one.
There may well be genes that impact the propensity to become a serial killer, but, even if there are, its not at all inconceivable that one that slightly increases the propensity to be a serial killer also has all kinds of socially beneficial effects, too, and that which effects manifest in any particular person vary based on environmental, rather than genetic, circumstances.
Google is proposing that the social networking software should automatically detect these subgroups.
No. The presentation is suggesting that social networking applications should be designed around the fact that people tend to have a small number of clearly defined silos of friends, and make different distinctions within those groups. It mentions some of the kinds of distinctions made within groups.
Nothing in the presentation suggests that social networking applications should automatically identify either the basic groups or the distinctions within the groups (although some of the distinctions, particularly the distinctions based on things specifically shared through the social network, are obvious candidates for automated tracking, and some -- e.g., strong/weak ties -- one can imagine might be roughly detectable using heuristics.)
People who argue that rotating passwords frequently is a good solution to password sharing are missing the point: password sharing means either:
1) People who should not have access to facilities are routinely being given it by others, or
2) People who should have access to facilities are not given reliable enough access to it in their own name.
Rotating passwords frequently does not address either of these problems. OTOH, it makes it more likely that people will be unable to remember their passwords and will, therefore, write them down somewhere near their computer for ready reference, which creates its own problems.
You can certainly redirect "My Documents" (and most other profile folders) to network locations, and you can make the rest of the C:\ drive writable only to administrators and not make normal users administrators. Problem solved.
And rotating passwords may limit the time of exposure to such attacks, but doesn't prevent them, so if there is anything truly sensitive exposed, it doesn't protect it. What an IT organization ought to do is deal with the reasons people are routinely sharing passwords.
No, just as with desktop printers, when the machines get to desktop size, the one-time cost of the machine will be more affordable, but the per copy production time will be longer and the per copy cost in consumables will be higher that what the large machines used by firms that do POD printing with a higher production volume use.
To the extent its preventing illegal copying, so what? The copying is illegal, but trivial cost and effort to do without the DRM. The DRM is illegal to remove, but trivial cost and effort. Net result: with or without the DRM, the illegal copying is illegal, and trivial in cost and effort.
Where is the benefit of the DRM?
Since many print books are never even released in hardback, being released first in paperback (this is true both of technical books that are only released as large-format softcovers, and many novels, etc., that are released only as mass-market paperbacks.)
Wake me up when ebooks sell more than paperbacks, and when the numbers are overall in the market and not just from one particular retailer that sells both and has been heavily promoting ebooks.
The glossy screens on my netbook and the newer of my two traditional laptops are generally easier to read outside than the matte screen on the older of my traditional laptops, though the glossy screens are more prone to glare with a bad lighting angle. In general, the glossy screens I've seen have greater maximum brightness then the matte alternatives, which is pretty key to visibility in bright ambient light.
Youtube, maybe. Lots of "direct-to-video" is made-to-spec formulaic sequels produced by the studio system; its different from classic B-movie as its not intended to complement a "bigger" movie in the same way (though, quite often, they do ride on the coattails of a bigger movie in a different way, as they are often sequels to moderately successful movies that weren't direct to video, but where the appeal of a sequel is not strong enough for a theatrical release of a sequel.)
No, the so-called "Coalition of the Willing" that the US brought to bear agaisnt Iraq had nothing to do with NATO.
The mutual defense obligations under the NATO treaty had something to do with the NATO response in Afghanistan, because the US was attacked by terrorist based in and supported by the de facto government of Afghanistan.
Yes, one of them in L.A.
And, you know, terrorists are always honest and straightforward about their intentions, and never say one thing and do another.
The ones that have been prevented in the US for which information has been made public each fall into one or more of the following categories:
1. Ones where the government undercover agent involved had to push very hard to get the "plotters" beyond idle chatter,
2. Ones which were detected and broken up using tools that were in place prior to 9/11.
3. Ones which would not have succeeded even if the terrorist were allowed to carry them out as planned because the plan was that broken.
It also ignores the even more critical point that there has been at least one foreign terrorist attack (though not a mass casualty attack) in the US after 9/11.
The problem with asserting that this is the thinking that underlies the idea that "no terrorist attacks on U.S. soil since 9/11" can be the proof of the validity of any policy that is supposedly credited with this effect, is that unlike the "magic talisman" that prevents tiger attacks, there have been several terrorist attacks on US soil since 9/11.
There were, for instance, the anthrax attacks. Since those have been blamed on a domestic source, the claim is sometime phrased as "no foreign terrorist attacks since 9/11".
But even that's problematic, since the LAX airport counter attack was carried out by a foreign (and, according to government reports at the time, al-Qaeda-linked) terrorist. Though it appears to have been a lone-wolf operation, not an organized one.
So, really, the whole claim on post-9/11 terror prevention not only requires magic talisman thinking, it also requires ignoring the actual occurrences of the event that the talisman supposedly protects against.
Since GP was in response to GGP countering a post on Slashdot (not the newspaper or its website) about whether or not the newspaper's action was a good idea by saying its the newspapers right whether or not its a good idea, your response (while true) is a non-sequitur in just the same way that GGP was.
The rest of the world can stop it very easily. All it requires is for each of the governments of the rest of the world to do one of the following:
1. Don't sign it,
2. If you fail #1, and your system of laws requires a separate legislative ratification of treaties, don't ratify it.
Because it is so simple, if the "rest of the world" really was opposed to it, there wouldn't be an issue in the first place.
Whether or not it is the newspaper's right as a private business, it is everyone else's right to comment on whether or not it is a great idea.
Calling Paine a socialist is somewhat problematic. While he no doubt had some ideas that were later echoed in socialism, at his time "socialism" doesn't exist, and some of his positions don't match really well with socialism. Its kind of like calling Adam Smith a socialist -- while Smith's critique of the mercantile class and their influence over society is not all that different from Marx's critique of capital and its influence (differing primarily in that Smith, writing at a time before land was as commoditized as it was in Marx's time, writes a countervailing praise of the landed classes.)
Although, if you were to argue that Paine held ideas that, in others, Glenn Beck has expressly labelled as "socialist", that would probably be an easier case to make than that Paine was a socialist.
Well, not quite. What I was really proposing is actually more like a three or four tiered system, with:
1. Stuff that is whitelisted: treated as most likely not spam and presented to user.
2. Stuff that is neither whitelist nor identified as probable spam by traditional spam filtering: treated/flagged as possible spam and presented to user.
3. Stuff that is caught as probable spam by traditional spam filtering, treated/flagged as probable spam and presented to user.
4. Stuff that is caught as near-certain spam or clearly dangerous by existing filtering: blocked entirely and not delivered to user.
(3 and 4 can be separate, or only one of those treatments can be applied to both categories.)
There's a fairly simple way around it on the client end (and which could easily be implemented by webmail providers); allow the user to designate "safe" domains, any mail that isn't from a known contact or a domain identified by the specific recipient as "safe" is shunted to an "unsolicited" box (or tagged "unsolicited"), essentially serving as a lower-probability "possible spam" box to a traditional Spam mailbox/tag.
Yeah, okay, it doesn't mesh with your personal experience. So what? People's personal experiences often conflict, but trying to generalize from personal experience is a pretty limited utility approach in developing useful, generally applicable knowledge.
Leveraging statistical methods and the scientific method in structured investigations (such as those reported in TFA) is a much more useful manner of gaining an understanding of how the world works generally than simply extrapolating one person's personal experience.
The Prius isn't underpowered. If someone is not accelerating fast enough to merge safely, either the ramp is incredibly poorly designed or the driver is incompetent or distracted/impaired.
But if it is just as many, as you say, and since those factors (incompetent drivers and worthless licensing system) should apply just as much to "underpowered" vehicles as "large engined" ones, there is no indication in the experience you relate that there is any special problem associated with underpowered vehicles.
You actually don't. It really doesn't matter on whit if you provide incentives through the tax code (e.g., via tax credits) or outside of it (through direct subsidies), except that the latter, by requiring a separate payment operation, increases the administrative costs and required bureaucracy.
Now, if you would rather not use government to influence behavior, that's a different discussion. But, assuming government is doing it at all, doing it through the tax system promotes efficiency compared to a separate operation that amounts to the left hand taking and the right hand giving.
"Usually" may sound like it starts with "you", but it really doesn't.
The reasons people in lower socioeconomic strata do worse (even absent computers) are varied, but the biggest problem is lack of support in the home environment. In fact, last I saw stats, socioeconomic status ("low income") didn't seem to be the driving factor, so much as something covariant with the real driving factor that most tightly correlated with student success -- the parent's level of educational attainment. It's not hard to see how, both in terms of values and moral support and more direct support (homework help, guidance, etc.) this works.
Getting a computer at home could be a powerful tool for improving education, or it could be a distraction. Which it is -- as with anything else -- most likely depends largely on other factors in the home environment, including what your parents are willing and able to support you in doing with it. Clearly, the big disadvantage here rests with the same group that is disadvantaged to start with.
So, yeah, throwing computers at low-income children (and, probably more specifically, those whose parents are themselves poorly educated) with no other support is going to serve mostly as a distraction rather than an educational tool.
Computers, the internet, etc., can be powerful educational tools, but they don't substitute for education, just like giving an infant wood and nails isn't the same as giving it a home.
I direct you to my response to GP (well, with the "their/there" error corrected):
Because there probably isn't one.
I never said there was a social benefit of becoming a serial killer of any kind; I said that (because links between genes and behavior are rarely simple) its quite likely that if there is a gene or set of genes that increases the overall likelihood of someone with it becoming a serial killer, the same gene or set of genes could quite possibly also have other effects, which are socially beneficial. Whether in any particular person the undesirable effects, the desirable effects, both, or neither manifest could be (as is often the case) determined not by the genetics alone but the genetics combined with environmental triggers.
Because their probably isn't one.
There may well be genes that impact the propensity to become a serial killer, but, even if there are, its not at all inconceivable that one that slightly increases the propensity to be a serial killer also has all kinds of socially beneficial effects, too, and that which effects manifest in any particular person vary based on environmental, rather than genetic, circumstances.
No, IE9 passes all of Microsoft's HTML5 tests.
Which is very different than supporting all HTML5 elements. (And even more different than meaningfully supporting all HTML5 elements.)
No. The presentation is suggesting that social networking applications should be designed around the fact that people tend to have a small number of clearly defined silos of friends, and make different distinctions within those groups. It mentions some of the kinds of distinctions made within groups.
Nothing in the presentation suggests that social networking applications should automatically identify either the basic groups or the distinctions within the groups (although some of the distinctions, particularly the distinctions based on things specifically shared through the social network, are obvious candidates for automated tracking, and some -- e.g., strong/weak ties -- one can imagine might be roughly detectable using heuristics.)