Not only a good idea, but it's a really elegant solution for social networks. Nice work, Facebook!
Either you're trolling, or you really have a weird definition of "elegant". This is highly exploitable through social engineering, and also is a very inelegant solution for those who currently don't have three trusted online "friends", or those who no longer trust one, and have to give them the digital equivalent of a face slap by removing the assigned trust.
I think this is slightly more elegant: Write your password on a piece of cardboard. Fold it, and put it in an envelope. Mail it to a relative, saying it's your password for [service], and not to be opened unless you ask or you're dead. You don't need to hunt down three friends. You don't have to give facebook information about who you trust. And you're covered even if you die.
If you're worried about what happens in the event of your death, shouldn't you give that envelope to your lawyer instead, to hold as part of your will? Wouldn't that make it covered by attorney-client privilege and accessible only to you or those to whom you've given power of attorney (or the person you indicated in your will, after your death?) Sure, it's not quite as easy to access (you'd hopefully have to satisfy a high bar in terms of proving who you are to get access to it) and may not be worth it for your Facebook password, but may be for other passwords (bank account, investment account, etc.)
Or better yet, why not extend a laser keyboard onto your arm? Much larger keyboard, same size package on your wrist.
Still slower form of text entry than pretty much anything else, because you're restricted to one hand, but c'est la vie.
I think many people on Slashdot know perfectly well how quickly one can type with just one hand.
For example, I was just eating my lunch with one hand and typing with the other and while it was slower than typing with two, it wasn't that slow. It was likely faster than the 9.something WPM cited in the summary.
IMO while people having long (and sometimes VERY personal) conversations in the grocery line is annoying, a call that's basically (from the shopper's side) "Hi, honey, 1% or 2% milk? Okay, see you soon. Bye." is fine and probably takes less time than typing out the text and the other party doing the same. [The % character is likely going to require switching between keyboards letter->symbols and back again.]
The average American that has internet access may not lose access for very long, unless they get hit by a strike. But what happens when it's the otherend of the connection that fails? I don't want EA's or Blizzard's underestimate of demand or inability to provide sufficient server capacity to handle the early load to keep me from playing a game.
is that you don't talk about passwords. You never give your passwords to ANYONE. Anyone (other than you) who has a legitimate need to access your account shouldn't need your password (su or the equivalent.)
I'd _consider_ making an exception by locking a copy of my passwords in a safety deposit box (that can't be opened without a key in my possession) to accounts that I want my next of kin to be able to access after my death, or divulging those passwords to my attorney to be distributed after my death and kept confidential through attorney-client privilege until then.
So they add a clause changing the law into some "fluff" bill that is guaranteed to pass without fanfare, like a "Flags and Puppies For War Orphans" bill or a "Congratulations to the X School Football Team for its Victory over Y School in Such-and-such Tournament" bill. The fluff bill gets approved unanimously, and the tacked on piece makes anyone who writes more than ten words on a subject into a member of the "press" and subject to this law.
Q. Which of the following statements comes closer to your view on how you think newspapers in Britain should be regulated?
And 79% said that they would like "an independent body, established by law, which deals with complaints and decides what sanctions there should be if journalists break agreed codes of conduct" (ie what we've got).
Is it "what we've got?" I think this legislation will do almost all of the above. It's the "independent" part that is an open question.
I'd have to agree. What we really need to do shift from an address based physical mail to a person based official national email program. Everyone would be given a official email and CAC card. The CAC would be necessary for log in and document signing. The emails would be part of a publicly searchable contact directory. A small artificial cost would be applied to the sender to avoid abuse from advertising/SPAM agencies. All official government correspondence would be sent and received through said email program. Any document signed with the CAC would be seen as legally strong as a physical document signed by a handwritten signature. All libraries would be fitted with document scanners, computers, and CAC readers for those that do not have said equipment at home. Ideally, all government paper forms would be converted to digital forms. All correspondence or notifications could optionally be freely forward to your personal email so that you know when to check your government email.
As far as the transport of non-message objects goes, we could either have a post office that delivers mail only a couple times a week or simply go completely private (UPS, Fedex, etc.).
Allow me to play Devil's Advocate.
When (not if, given the payout) the CAC card is compromised all documents signed with it are suspect until the government goes to the expense of fixing or replacing the cards. If someone's physical signature is forged, a limited number of documents are compromised; if the digital signing mechanism were to be broken in March, say, how many tax returns could be messed up?
Mailing lists, at least free ones, cease to exist. How many messages are sent each year to the Linux kernel mailing list, as one example? Wikipedia says 350-450 messages per DAY. So if the "artificial cost" were a tenth of a cent, that means each subscriber who has the list sent to their official address costs 35 to 45 cents a day or about $125-$160 per year. I suppose the LKML could try to exclude official addresses from the list, but every opt-in mailing list out there would need to do the same and even a 0.1% failure rate in that exclusion method could cost the list maintainer thousands of dollars a year. That's not counting people who deliberately try to cost the LKML money -- don't you think Microsoft would love to do that?
Politicians would exclude themselves from the "small artificial cost" clause of your proposal, so around election times those accounts would become unusable. After all, why pay a staffer to identify those email accounts whose owners can vote for the politician when it's less expensive (for them) to just send out a blanket email?
Why doesn't this representative sponsor a bill creating jobs planting trees and other plants in state-owned land? It doesn't take a lot of training or skill digging holes in which to plant a tree, but it would create jobs and the trees would absorb some of the CO2 and release oxygen as part of the normal photosynthesis process.
I would normally agree but the whole thing sounds preposterous. The gravitational pull of a spaceship is negligible.
The force of gravity between the asteroid and the ship is small, not necessarily negligible. Let's take some basic physics. The gravitational force between two objects is g (about 9.8 m/s/s) times the mass of the first object times the mass of the second object divided by the square of the distance between them.
F = g*m1*m2/d^2
The acceleration of an object imparted by a given force is the force divided by the mass of the object being accelerated.
F = m*a or a = F/m
So combining those two equations, the acceleration of the meteor being moved due to the gravity of the spaceship is g times the mass of the spaceship divided by the square of the distance between the meteor and the spaceship. The mass of the meteor cancels out.
a = g*m_{ship}/d^2
Now this is likely to be small, true. But just like interest in the financial world, the secret is time.If you can impart even a small acceleration over a long enough time frame, the thing you're accelerating ends up going at a pretty good velocity.
The approach you'd need to use to react to a meteor depends on the size and how long in advance of its impact you can detect it. If you detect it a year or two ahead of time? At _best_ you might have time to prepare an Armageddon-style mission; more likely you'd want to find some way to record information about humanity's progress so the survivors can recover or aliens can learn about the extinct human race. Ten years would be better for that type of "plant a bomb on it" mission or to prepare to launch a nuclear missile at it. Fifty to a hundred years? A low, slow method like gravitational towing may be good enough to ensure that Earth and the meteor don't pass through the same point in Earth's orbit at the same time.
If a person flies a model airplane with a camera in the airspace over THEIR OWN property and takes pictures of THEIR OWN home that includes no images of anyone else's property or possessions, that would be illegal according to my reading of the New Hampshire bill and the law it's modifying. [There's no clause in that bill indicating that it's not a crime if the owner of the property gives permission. The law it's modifying specifically defines and refers to private locations, but the bill doesn't use that same term.]
If my understanding of the bill is correct, I'd say that's a pretty big WTF.
It's pretty hard to imagine that fundamentalists could outsmart biologists who, after all, also have access to this tool to make a cure.
It is usually incredibly easier to destroy than it is to create. Creating a virus that does just enough to kill people is probably much easier than finding a cure. Just like it is easier to smash up a car than it is to fix a totalled car.
It may be different in this specific case, but I doubt it.
True, but the number of people interested in curing the virus will be much larger than the number of people interested in creating it. Even if governments have to implement isolation protocols that keep people in shelters while the virusCure@Home community works on a cure, some small group of humanity will survive.
Telling the TSA to get the fuck out of your airport and re-installing private security with more common sense than your average peanut shell.
The only reason TSA is pervasive is because it is a government handout, replacing the measures they had in place before 9/11. IIRC, there is absolutely nothing preventing airports from replacing TSA with their own security.
When Texas threatened to make "invasive screening" a misdemeanor the TSA threatened to shut down all traffic out of Texas airports. I have no doubt that if an airport tried to expel the TSA and install private security that they'd do the same to that airport.
If this device is being used at a location where a human cashier is working, just get the cashier to look at the thumb pad while the person is pressing their thumb against it. If the employee sees a thumb being held in another set of fingers, or sees a thumb whose tip shows signs of being surgically stitched onto a stub, he or she presses the "Hold transaction" button on the register and asks for ID or calls the police as appropriate. The additional check would be needed for locations where there is no human cashier involved, say at a gas station's self-service pump (where the cashier is in the central kiosk monitoring all the pumps for problems and processing cash transactions.)
Washington DC is within 100 miles of the border, right? So if a DHS agent wanted to seize the laptop of a senator or representative under suspicion of bribery (a violation of 18 USC Sec. 201) he or she would be within their authority to do so without needing to worry about the li'l old 4th Amendment?
Welcome to Slashdot. Here's your background reading material on The SCO Group -- pay particular attention to section 3, Litigation. And what discussion of The SCO Group's litigation would be complete without a mention of Groklaw?
Or instead of looking at Wikipedia, you could search Slashdot itself for "SCO" -- there are about 650 hits for stories related to SCO's lawsuits. One of particular interest is the original one: SCO Sues IBM for Sharing Secrets with Unix and Linux. [There are earlier stories that mention SCO, but that's the one that put them in the bullseye.] That one is technically still active AFAIK, though it's been stayed during the bankruptcy.
> I have to admit not ever reading xkcd, having more important things on my Kindle.
It publishes 3 strips a week, plus a what-if from time to time. It's not a book, or anything else which would compete with whatever's on your kindle for your attention, unless you're a very, very slow reader.
If you must play a SimCity-style game, consider the alternatives like Lincity, OpenCity, or Micropolis. And let EA know why you're not going to buy their game.
By convicting people for insulting the king, isn't the judge implying that the king isn't strong enough to stand up for himself? If someone did that to me, I'd be pretty insulted. Throw the judge in jail!
Right? If no one is allowed to say or even IMPLY anything critical of the king (which the king himself said should be allowed, according to a quote in Wikipedia) then that should apply to the judges as well.
If Facebook will split this fee with the recipients, check your apps. How many of them have requested (and been granted) permission to send messages on your behalf? Could those apps send messages to persons not on your friends list (say the author of the app) and automatically accept the charge? If they can't now, how long before someone unscrupulous hacks it so it is possible and packages that up into a Farmville clone?
Nothing, as long as you have a large enough corpus of the framee's writing. If the framee is your friend, this probably isn't a problem. If they're a public figure, maybe not a problem (depending on how much editing and PRing their written statements undergo before they are released.) If they're $RANDOM_PASSERBY, not so easy.
I think a more common usage would be to tweak your own writing just so it doesn't sound like you. Write something you don't want identified as your (the test sample), check it against a corpus of your own written work. If it detects as your work, rough up the test sample until it doesn't. This would be an easier problem than the framing case since you're not trying to make it look like a specific other person's work, you're trying to make it look like it's ANYONE else's (you don't really care whose) work.
Given that their standard boilerplate appears to contain links to Facebook, Twitter, and Cullen Communications (their hosting service?) that could be rather expensive. 300 Euros times however many pages they have on their site should resolve the problem rather quickly, should those sites decide turnabout is fair play.
Slashdot Mirror
Not only a good idea, but it's a really elegant solution for social networks. Nice work, Facebook!
Either you're trolling, or you really have a weird definition of "elegant". This is highly exploitable through social engineering, and also is a very inelegant solution for those who currently don't have three trusted online "friends", or those who no longer trust one, and have to give them the digital equivalent of a face slap by removing the assigned trust.
I think this is slightly more elegant:
Write your password on a piece of cardboard. Fold it, and put it in an envelope. Mail it to a relative, saying it's your password for [service], and not to be opened unless you ask or you're dead.
You don't need to hunt down three friends. You don't have to give facebook information about who you trust. And you're covered even if you die.
If you're worried about what happens in the event of your death, shouldn't you give that envelope to your lawyer instead, to hold as part of your will? Wouldn't that make it covered by attorney-client privilege and accessible only to you or those to whom you've given power of attorney (or the person you indicated in your will, after your death?) Sure, it's not quite as easy to access (you'd hopefully have to satisfy a high bar in terms of proving who you are to get access to it) and may not be worth it for your Facebook password, but may be for other passwords (bank account, investment account, etc.)
Or better yet, why not extend a laser keyboard onto your arm? Much larger keyboard, same size package on your wrist.
Still slower form of text entry than pretty much anything else, because you're restricted to one hand, but c'est la vie.
I think many people on Slashdot know perfectly well how quickly one can type with just one hand.
For example, I was just eating my lunch with one hand and typing with the other and while it was slower than typing with two, it wasn't that slow. It was likely faster than the 9.something WPM cited in the summary.
IMO while people having long (and sometimes VERY personal) conversations in the grocery line is annoying, a call that's basically (from the shopper's side) "Hi, honey, 1% or 2% milk? Okay, see you soon. Bye." is fine and probably takes less time than typing out the text and the other party doing the same. [The % character is likely going to require switching between keyboards letter->symbols and back again.]
For physics, mathematics, and computer science there's the Arxiv.
The average American that has internet access may not lose access for very long, unless they get hit by a strike. But what happens when it's the other end of the connection that fails? I don't want EA's or Blizzard's underestimate of demand or inability to provide sufficient server capacity to handle the early load to keep me from playing a game.
I also enjoy playing older games, and I don't want a company's decision to shut down old servers they don't want to pay to maintain to prevent me from doing that.
is that you don't talk about passwords. You never give your passwords to ANYONE. Anyone (other than you) who has a legitimate need to access your account shouldn't need your password (su or the equivalent.)
I'd _consider_ making an exception by locking a copy of my passwords in a safety deposit box (that can't be opened without a key in my possession) to accounts that I want my next of kin to be able to access after my death, or divulging those passwords to my attorney to be distributed after my death and kept confidential through attorney-client privilege until then.
So they add a clause changing the law into some "fluff" bill that is guaranteed to pass without fanfare, like a "Flags and Puppies For War Orphans" bill or a "Congratulations to the X School Football Team for its Victory over Y School in Such-and-such Tournament" bill. The fluff bill gets approved unanimously, and the tacked on piece makes anyone who writes more than ten words on a subject into a member of the "press" and subject to this law.
A YouGov poll from the end of last year asked:
Q. Which of the following statements comes closer to your view on how you think newspapers in Britain should be regulated?
And 79% said that they would like "an independent body, established by law, which deals with complaints and decides what sanctions there should be if journalists break agreed codes of conduct" (ie what we've got).
Is it "what we've got?" I think this legislation will do almost all of the above. It's the "independent" part that is an open question.
I'd have to agree. What we really need to do shift from an address based physical mail to a person based official national email program. Everyone would be given a official email and CAC card. The CAC would be necessary for log in and document signing. The emails would be part of a publicly searchable contact directory. A small artificial cost would be applied to the sender to avoid abuse from advertising/SPAM agencies. All official government correspondence would be sent and received through said email program. Any document signed with the CAC would be seen as legally strong as a physical document signed by a handwritten signature. All libraries would be fitted with document scanners, computers, and CAC readers for those that do not have said equipment at home. Ideally, all government paper forms would be converted to digital forms. All correspondence or notifications could optionally be freely forward to your personal email so that you know when to check your government email.
As far as the transport of non-message objects goes, we could either have a post office that delivers mail only a couple times a week or simply go completely private (UPS, Fedex, etc.).
Allow me to play Devil's Advocate.
Why doesn't this representative sponsor a bill creating jobs planting trees and other plants in state-owned land? It doesn't take a lot of training or skill digging holes in which to plant a tree, but it would create jobs and the trees would absorb some of the CO2 and release oxygen as part of the normal photosynthesis process.
I would normally agree but the whole thing sounds preposterous. The gravitational pull of a spaceship is negligible.
The force of gravity between the asteroid and the ship is small, not necessarily negligible. Let's take some basic physics. The gravitational force between two objects is g (about 9.8 m/s/s) times the mass of the first object times the mass of the second object divided by the square of the distance between them.
F = g*m1*m2/d^2
The acceleration of an object imparted by a given force is the force divided by the mass of the object being accelerated.
F = m*a or a = F/m
So combining those two equations, the acceleration of the meteor being moved due to the gravity of the spaceship is g times the mass of the spaceship divided by the square of the distance between the meteor and the spaceship. The mass of the meteor cancels out.
a = g*m_{ship}/d^2
Now this is likely to be small, true. But just like interest in the financial world, the secret is time.If you can impart even a small acceleration over a long enough time frame, the thing you're accelerating ends up going at a pretty good velocity.
The approach you'd need to use to react to a meteor depends on the size and how long in advance of its impact you can detect it. If you detect it a year or two ahead of time? At _best_ you might have time to prepare an Armageddon-style mission; more likely you'd want to find some way to record information about humanity's progress so the survivors can recover or aliens can learn about the extinct human race. Ten years would be better for that type of "plant a bomb on it" mission or to prepare to launch a nuclear missile at it. Fifty to a hundred years? A low, slow method like gravitational towing may be good enough to ensure that Earth and the meteor don't pass through the same point in Earth's orbit at the same time.
If a person flies a model airplane with a camera in the airspace over THEIR OWN property and takes pictures of THEIR OWN home that includes no images of anyone else's property or possessions, that would be illegal according to my reading of the New Hampshire bill and the law it's modifying. [There's no clause in that bill indicating that it's not a crime if the owner of the property gives permission. The law it's modifying specifically defines and refers to private locations, but the bill doesn't use that same term.]
If my understanding of the bill is correct, I'd say that's a pretty big WTF.
It's pretty hard to imagine that fundamentalists could outsmart biologists who, after all, also have access to this tool to make a cure.
It is usually incredibly easier to destroy than it is to create. Creating a virus that does just enough to kill people is probably much easier than finding a cure. Just like it is easier to smash up a car than it is to fix a totalled car.
It may be different in this specific case, but I doubt it.
True, but the number of people interested in curing the virus will be much larger than the number of people interested in creating it. Even if governments have to implement isolation protocols that keep people in shelters while the virusCure@Home community works on a cure, some small group of humanity will survive.
"'removes the need for the enhanced pat-down?"
Telling the TSA to get the fuck out of your airport and re-installing private security with more common sense than your average peanut shell.
The only reason TSA is pervasive is because it is a government handout, replacing the measures they had in place before 9/11. IIRC, there is absolutely nothing preventing airports from replacing TSA with their own security.
When Texas threatened to make "invasive screening" a misdemeanor the TSA threatened to shut down all traffic out of Texas airports. I have no doubt that if an airport tried to expel the TSA and install private security that they'd do the same to that airport.
If this device is being used at a location where a human cashier is working, just get the cashier to look at the thumb pad while the person is pressing their thumb against it. If the employee sees a thumb being held in another set of fingers, or sees a thumb whose tip shows signs of being surgically stitched onto a stub, he or she presses the "Hold transaction" button on the register and asks for ID or calls the police as appropriate. The additional check would be needed for locations where there is no human cashier involved, say at a gas station's self-service pump (where the cashier is in the central kiosk monitoring all the pumps for problems and processing cash transactions.)
Washington DC is within 100 miles of the border, right? So if a DHS agent wanted to seize the laptop of a senator or representative under suspicion of bribery (a violation of 18 USC Sec. 201) he or she would be within their authority to do so without needing to worry about the li'l old 4th Amendment?
Welcome to Slashdot. Here's your background reading material on The SCO Group -- pay particular attention to section 3, Litigation. And what discussion of The SCO Group's litigation would be complete without a mention of Groklaw?
Or instead of looking at Wikipedia, you could search Slashdot itself for "SCO" -- there are about 650 hits for stories related to SCO's lawsuits. One of particular interest is the original one: SCO Sues IBM for Sharing Secrets with Unix and Linux . [There are earlier stories that mention SCO, but that's the one that put them in the bullseye.] That one is technically still active AFAIK, though it's been stayed during the bankruptcy.
Only a lawyer could make a sentence so hard to parse with the use of commas!
Not true, William Shatner, could, do,, it. And he could make it even more difficult if he's portraying his character Denny Crane.
> I have to admit not ever reading xkcd, having more important things on my Kindle.
It publishes 3 strips a week, plus a what-if from time to time. It's not a book, or anything else which would compete with whatever's on your kindle for your attention, unless you're a very, very slow reader.
Or unless you bought the Humble eBook Bundle back in October.
Some of those points are just stupid.
"People have exactly N names, for any value of N.
People’s names fit within a certain defined amount of space."
So how many people have a uncertain number of names at any given time? Is your name involved in some quantum uncertainty fluctuation?
Depending on the context and the specific titles or honors that are considered part of a "name" Queen Elizabeth II has a very large number of names.
If you must play a SimCity-style game, consider the alternatives like Lincity, OpenCity, or Micropolis. And let EA know why you're not going to buy their game.
By convicting people for insulting the king, isn't the judge implying that the king isn't strong enough to stand up for himself? If someone did that to me, I'd be pretty insulted. Throw the judge in jail!
Right? If no one is allowed to say or even IMPLY anything critical of the king (which the king himself said should be allowed, according to a quote in Wikipedia) then that should apply to the judges as well.
If Facebook will split this fee with the recipients, check your apps. How many of them have requested (and been granted) permission to send messages on your behalf? Could those apps send messages to persons not on your friends list (say the author of the app) and automatically accept the charge? If they can't now, how long before someone unscrupulous hacks it so it is possible and packages that up into a Farmville clone?
Nothing, as long as you have a large enough corpus of the framee's writing. If the framee is your friend, this probably isn't a problem. If they're a public figure, maybe not a problem (depending on how much editing and PRing their written statements undergo before they are released.) If they're $RANDOM_PASSERBY, not so easy.
I think a more common usage would be to tweak your own writing just so it doesn't sound like you. Write something you don't want identified as your (the test sample), check it against a corpus of your own written work. If it detects as your work, rough up the test sample until it doesn't. This would be an easier problem than the framing case since you're not trying to make it look like a specific other person's work, you're trying to make it look like it's ANYONE else's (you don't really care whose) work.
Given that their standard boilerplate appears to contain links to Facebook, Twitter, and Cullen Communications (their hosting service?) that could be rather expensive. 300 Euros times however many pages they have on their site should resolve the problem rather quickly, should those sites decide turnabout is fair play.