I'm often suspect of communication that adopts a tone of authority while making sweeping, generalized assertions, all the while light on details.
If there exist much worse blacklists, then by definition there must exist better.
Some of us actually use DNSBLs and have seen the benefit. For those who actually use DNSBLs to good effect and understand their worth, let me tell you the list I'm currently using:
maps_rbl_domains = sbl.spamhaus.org list.dsbl.org
I had ORDB on there until they decided to throw in the towel. And just as well--not a lot of hits on their list. Open relays are no longer they problem they once were and spammers are now, it seems, using subverted machines.
We've established that not all blacklists are equal. My recommendation to avoid false positives is to be a very selective shopper. Understand the listing and delisting policies and make sure they're reasonable. My searching (some time back) netted me just the three: ORDB Relays, Spamhaus SBL, and DSBL Trusted Senders. I'm again in the market for another good one or two, and CBL is a candidate. But I'm having a hard time deciding on it without a perfectly clear understanding of how they perform their listing.
Wondering why you didn't post with your regular account. Anyway...
Setting primary MX to a non-MTA machine sounds very interesting. Tell me more. I'll read the web page more fully in a minute. Basically you configure your DNS to have your primary MX be a non-functioning MTA so that legitimate MTAs roll onto a working address?
I've heard that some spamware targets the last MX as well. Maybe it makes sense to make the primary and last MXs both bogus?
And there's the possibility that they target a random MX. So maybe set up a large number of MX records where the only working one is the second in line?
And port 25 on the non-functioning MTAs should probably return an RST rather than timeout so that the sending MTA can move on more quickly, right?
We must receive spam from radically different sources. (Which can't be the case, really.) Here's stats for back in October for performance of my then-configured 3 block lists:
of 1609 total RBL rejections (for one week):
My mailer only checks syntax of the hostname for FQDN-ness, not validity of the hostname. And it only does a loose interpretation of FQDN-ness syntax.
(We're talking about the hostname in the SMTP HELO/EHLO, if there's any question.)
That is,
"foo" is not a FQDN by these measures
"foo.bar" is FQDN by these measures
"foo." is FQDN by these measures
No checks are performed for existence of any records (A, MX, or even NS) for the given domain. (I think there may be some misunderstanding as to what FQDN is.)
A technically complete FQDN (terminated by root zone '.') is not required (by my MTA).
And still this comprises 37% of total rejected spams on my server. Even more (potentially "most") if you dismiss the no-such-recipient rejections.
So, yeah, they'll tell you that the headers can be forged. This is true except for the last hop which should be your MTA.
So why doesn't your address show up in the "for" clause of the last hop? I don't think you'll see a fake address there, but where's your real address? I think in certain conditions your MTA will omit the "for". I don't know when that happens, but I've seen the "for" clause missing from the last hop on rare emails. I can't figure out the pattern.
One sense refers to the focused and deep-delving geeks/nerds which are the radiant source of geek chic.
Another sense refers to unreasonable and often belligerent adherence to favored ideas.
Earnest exploration and revelry: awesome.
Sectarianism, jingoism, groupthink, witch hunting, xenophobia, and shoddy reasoning catalyzed by wishful thinking and cognitive dissonance: not so much.
Javascript, no. Maybe you're not clear on how this works?
XSS, kind of, yes.
This exploit requires someone be able to insert a <form> element on a trusted site. (A site that you trust at least to have an account with.) The form gets the login info auto-populated by Password Manager, but then submits the results to a different site. This compromises the trusted site's credentials.
I use Password Manager, but rarely let it save passwords. (You're given the option each time, you know.) There are specific situations where it comes in handy for me, and thankfully none of them would expose me to a malicious use of this exploit. So, modulo your lack of specificity on the scenarios that make its use retarded, we agree.
Being security conscious, I (also) use NoScript. The exploit works even with both sites forbidden. So you know. No need for you to go configuring Password Manager to test it. (Which would not have been hard to do — it's a checkbox.)
As for the question of whether this is a Firefox security hole, I think it is. At least partly. Sure, XSS injection is a site-specific vulnerability. That much is the site's fault. But silently performing a credentials fill-in for cross-site form posting in an environment where XSS may happen... This is not ideal. Surely there must be some solution like tying the credentials not just to a domain and/or specific page, but to the triple of URL+form+action. Maybe this is hard to do if the populating is done before the action can be known for sure (as the form action attribute may change after population and before submission).
I can imagine having Firefox perform a check at the moment it attempts to submit: Did we auto-fill the credentials, and is the URL+form+action the same? If so, go ahead. If not, warn user.
"Compared to Pine" or any such mail client, mutt is... certainly different.
I think one question in this discussion is whether MTA function can reasonably be expected to be merged with MUA function in a single program, the mail client. Boundaries of functionality are often blurry things. Maybe it depends on the application's audience? Configuring an MTA to work with mutt was not prohibitive or painful for me, nor, I expect, for many other mutt users. It makes you wonder who the intended audience is.
But let's not ignore the concept of "do one thing, do it well." Capability, flexibility, ease of use (for that "one thing"), and security all benefit from this. If leaving out MTA function improves the security of my client, spares the opportunity cost for use in MUA-specific development, and speeds the release cycle, among other potential benefits, that works for me. I'll personally pay for those benefits with a little MTA configuration. Heck, I like my MTA. I guess I can understand if people want to wash their hands of sendmail.
Partisan bias obstructs cleaning up the electoral process.
Don't let your always short-lived victory lodge your head in your ass. Now with the Republicans smarting maybe they can be encouraged to get behind some improvements?
Your "democracy" is owned by private interests. Your vote barely counts. Fix it.
Barcodes on machine generated ballots are super-sketchy. The user needs to be able to be able to see and understand the marking on the ballot that the counting machine will read.
You ask an excellent question. Would folk be outraged if their candidate had won?
I'll venture a guess. If the Democrats had won amidst the same widespread reports of electoral fraud, many of them would suffer the same bias and belittling of outrage that many vocal Republicans have demonstrated.
Anyone want something like a percentage comparison? Just how many more or fewer Democrats would be assholes and hypocrites about a rigged election that served them versus Republicans? Homey don't play that. If you're curious and you think it's important, you're a fool. It's called sectarianism. It's called an "Us v. Them" mentality, and it is destructive.
(... hundreds of Slashdot readers immediately start trying to perceive me as being from their favorite whipping boy opposing party...)
Every one of you that's taking a side and rabidly generalizing about the standard opposing party is failing to realize that they're being used. Do you think "Dems blow!"? Or maybe "Damned Republitards!"? You are a tool, controlled with psychologicalforces seeded by greedy and self-serving players, amplified in an ugly dynamic between our innate tendencies and media pandering. You have failed to question the system. You fail it!
The truth is that every candidate is different, that there is a wide variety of (actual, not professed) platforms, regardless of party affiliation, despite all this damned gravity of conformity and majority voting pulling politics to these polar ideological centers of mass.
If I were on the winning side of an election, I'd be perfectly fine with supporting electoral reform that ensured accurate counting of each and every vote. Is it because I'd be so gracious? Does that really matter? What matters more is that I'd have the goddamned foresight to realize that nobody's political position is safe from electoral fraud and it wouldn't matter anyway if your fucking country were on a rocket sled shooting down the chute of corruption into a dystopic authoritarian septic pond of a future.
Securing the vote can only help. Regardless of your team's color.
I misunderstood the video. The executable on the card is actually run when the votes are counted. Subversion of the card's program is subversion of the tabulator.
By the way, if you're voting in California, you might consider that one of the candidates for Secretary of State, Debra Bowen is a proponent of Open Voting.
Bruce McPherson, the incumbent, appears to be obstructing progress towards open voting.
I don't know the other candidates' stances. Anyone?
I believe the actual votes were 6 NO, 2 YES. So that when (a treasonous, terrorizing, enemy combatantish) one adds -5 NO, +5 YES via pre-loading we get the result the video got:
1 NO, 7 YES
Now as to your question of how did the init printout show zero: Great question. Not only was it just zero, but if I remember correctly it was 0 NO, 0 YES.
:O
You might have three possibilities:
All values are initialized, as you suggest.
This is unlikely (as you suggest). Yes, "ballots cast" shows zero, but "precinct" and "race #" are set. And presumably at least one test has been performed where a positive quantity of votes were registered for a candidate, which would have revealed this error of misreporting the card's startup values.
The code sums YESs and NOs, then shows 0 for each if the total is zero... and
this was some kind of INCREDIBLY IDIOTIC coding mistake.
or
it was deliberately done to enable fraud.
You could probably test it to see if it reports accurate pre-loaded votes for positive values. If it accurately reports pre-loaded positive votes, then the sum-of-both-equals-zero-for-each path is probably a distinct code path. I can't see the value of having a separate code path for this scenario except for the purpose of hiding the system's fraud-enabling function.
For fraud, you want the machine to pass (regular) testing for pre-loading, but to enable some kind of pre-loading. "Oh yeah, we pre-loaded 50 votes for Fred and it showed them. Works great. What? Pre-load negative votes in equal quantity for the other candidate? Uh... You must be a conspiracy-mongering nutjob!"
As many times as the Diebold source was leaked, you'd figure I'd have a copy handy to answer my questions definitely.
About grammar, probably. But I'm willing to bet you don't know shit about virii:)
Well, right. I said I was a layperson.
I'm sorry I offended you. I wasn't trying to come off as better. When I said use of 'virii' was ignorant, I meant it as a fact rather than an insult. "Lacking information or knowledge."
Your professors were probably not Latin scholars, so they too were ignorant of proper inflection. A person might be inclined to say "when in Rome...", thinking that convention is correctness in this matter, but there is an actual way for scholars to judge 'virii' as a solecism. Imagine if your community of Latin scholars started saying that viruses were in fact animalcules. Whether it were the norm, it wouldn't be correct.
Imagine you could know by asking an expert. Let's say instead that you didn't, that you just continued using 'virii', and that you even passed it on to your students when you started teaching. And they said, "That's just the way it is."
I fully expect now that the universe will pull an ironic twist and have the 4th declension plural of this particular word be 'virii' for some obscure but legitimate reason, with examples found in freshly unearthed texts.
Sorry if it was upsetting. I was addressing the general 'you' regarding 'virii', not the specific you, Rob. I mean no offense. I included that part of my post because this article was bound to spawn an outbreak of incorrect usage. I'm aiming to help people to do right in a context where wrong is going to crop up, so I see it as perhaps only half pedantic.
I can understand following convention, especially if it's among otherwised learned people whose roles are specifically to teach. We're better off absorbing their wisdom rather than looking at it all askance. However, popularity does not make right, teachers of biochemistry are not scholars of Latin, and 'virii' is wrong. The correct classical pluralization of virus is debated, including the point of whether there even is a correct pluralization, but there does exist a correct English inflection. Viruses. For all those teachers who use 'virii', how many contest 'viruses'? Even if your teachers were wrong, you can be right, and probably in a way that they wouldn't deny.
I can see how from a certain standpoint one might be comfortable with the assertion that there is no risk. As a layperson, my point of view is not that standpoint. Nor can I trust that researchers necessarily won't make mistakes. And small mistakes when playing with great possible consequences can amount to... great consequences.
From my perspective I have questions like, "What if the mechanisms that may have made us less susceptible to the old virus have deteriorated or gone dormant?" "What kind of natural frequency of spontaneous retrovirus revival can you expect from 30 incomplete copies that took consensus reconstruction to rebuild effectively?" "What kind of procedurally-based mutations could occur in the process of virus reconstruction for segments where there might be poor or conflicting consensus?" "Could identification of instances of the virus be off somehow, identifying functionally disparate viruses as the same one and encouraging joining them together into a form that has never existed?" Please don't answer those questions as a refutation of my having them. (Do answer them to edify, if you're inclined.) They serve to illustrate a layperson's fear.
The ever-discovering march of science necessarily means there is movement on the edge of understanding. This means that we necessarily don't understand all the ramifications of our actions. You, may say "that it worked is fairly amazing," but I read that as "that it amazes is fairly concerning."
All that said, I am for active investigation. And I thank you for sharing details on the matter. Still, let me reiterate that, as a layperson, being told there is no risk is not reassuring. In fact, one might perceive a tone of certainty and see that as hubris, potentially to be followed by recklessness. Here's something that is a bit reassuring: biosafety level 3 appears to be pretty good precaution. And, use of biosafety level 3 shows that the scientists involved acknowledge and respect the danger, however remote it may be.
I believe in the Precautionary Principle. http://en.wikipedia.org/wiki/Precautionary_princip le But in this scenario it just means that the investigators should proceed carefully (as they apparently did). But I also believe that "The opportunity cost of imposing a restrictive measure must be balanced against the potential costs of damage due to a new technology, rather than just considering the potential damages alone."
If you want to reassure people and minimize the villagers-with-torches reaction, I imagine that open and sincere humility combined with evident care is probably your best bet. If you're thinking that people are obdurate and they should just listen to authority, think 'virii'.
There were two facets of Dr. Frankenstein that I brought up. One was his pursuit (and achievement) of knowledge, the other was recklessness and hubris. I meant that these scientists were Frankenstein in the aspect of advancing science. Then I warned that they should not also be Frankenstein in the other aspect.
"No Risk" By no means do I suggest that these researchers necessarily acted dangerously or that their research and research like it should be stopped, but I have to say that complex efforts with potentially "devastating" [your term] results should not be reassured against with phrases like "there was no risk". Your explanation of "The resultant virus was disabled so that, after replicating once in a cell, the daughter viruses could not replicate" only inspires a dubious curiosity for how this was done.
Indeed, also hearing the allegation that "the researchers couldn't be absolutely sure about Phoenix's infectivity" and that only biosafety level 3 was used while a level 4 was recommended, a layperson is left to wonder. (What the hell is a biosafety level in the first place, ?)
These researchers are Dr. Frankensteins in their pursuit of knowledge. And let them be! The pursuit of knowledge is unquestionably good! Just let them be careful while doing it, or they may also be Dr. Frankensteins in their poor safeguarding, Unleashing The Ritz on us.
Biodiversity & Nanomachines In support of the investigation, let me say that I recently wondered, on the tail of some ethics reading regarding ecology, what other utility values nature could provide us beyond simple resources and recreation. Thinking of how proteins are basically nanomachines; and how much of the unused portions of our genome may be disused codes for once-useful, now-retired proteins; and how hard it must be to design a working nanomachine (just look at how hemoglobin contorts so bizarrely with the simple addition of an oxygen molecule); I came to wonder whether there might be a goldmine of blueprints for tested nanomachines in us. In us and every species we destroy.
Yes, please figure out how to mine genomes for molecular machines. In the meantime we'll see about preserving all these genomes.
Ob. Plural Of 'Virus' Don't say 'virii'. That isn't even just wrong yet. You probably mean 'viri', which is just wrong. It wasn't used in the plural (being a mass noun, not a count noun) and there may not have been a proper plural form of it in Latin. My guess is that it is actually a 4th declension neuter with a plural of 'virus' (long 'u' sound), but what the hell do I know? Well, more than someone saying 'virii', by a long shot. Be safe, inflect it in English rather than classically: viruses.
Knowing the details of the debate makes you a pedant. I mean, how important is it really? But using the certainly wrong classical form makes you ignorant.
Slashdot Mirror
I'm often suspect of communication that adopts a tone of authority while making sweeping, generalized assertions, all the while light on details.
If there exist much worse blacklists, then by definition there must exist better.
Some of us actually use DNSBLs and have seen the benefit. For those who actually use DNSBLs to good effect and understand their worth, let me tell you the list I'm currently using:
maps_rbl_domains = sbl.spamhaus.org list.dsbl.org
I had ORDB on there until they decided to throw in the towel. And just as well--not a lot of hits on their list. Open relays are no longer they problem they once were and spammers are now, it seems, using subverted machines.
We've established that not all blacklists are equal. My recommendation to avoid false positives is to be a very selective shopper. Understand the listing and delisting policies and make sure they're reasonable. My searching (some time back) netted me just the three: ORDB Relays, Spamhaus SBL, and DSBL Trusted Senders. I'm again in the market for another good one or two, and CBL is a candidate. But I'm having a hard time deciding on it without a perfectly clear understanding of how they perform their listing.
Wondering why you didn't post with your regular account. Anyway...
Setting primary MX to a non-MTA machine sounds very interesting. Tell me more. I'll read the web page more fully in a minute. Basically you configure your DNS to have your primary MX be a non-functioning MTA so that legitimate MTAs roll onto a working address?
I've heard that some spamware targets the last MX as well. Maybe it makes sense to make the primary and last MXs both bogus?
And there's the possibility that they target a random MX. So maybe set up a large number of MX records where the only working one is the second in line?
And port 25 on the non-functioning MTAs should probably return an RST rather than timeout so that the sending MTA can move on more quickly, right?
Ooh, exciting. Testing...
Yes indeed. "for" clause omitted when I manually tested an SMTP transaction to a couple addresses (using two "RCPT TO:" SMTP statements).
Thanks.
We must receive spam from radically different sources. (Which can't be the case, really.) Here's stats for back in October for performance of my then-configured 3 block lists:
of 1609 total RBL rejections (for one week):
94.0% DSBL (1514 blocks)
5.7% Spamhaus SBL (92 blocks)
0.1% ORDB (3 blocks)
+3 spam a week is obviously not a flood. I even had ORDB listed as the first DNSBL to check (sorry for the load, ORDB guys).
So ORDB hasn't been serving me for some time.
(Thanks to anyone about to recommend CBL/XBL, I'm already investigating.)
My mailer only checks syntax of the hostname for FQDN-ness, not validity of the hostname. And it only does a loose interpretation of FQDN-ness syntax.
(We're talking about the hostname in the SMTP HELO/EHLO, if there's any question.)
That is,
"foo" is not a FQDN by these measures
"foo.bar" is FQDN by these measures
"foo." is FQDN by these measures
No checks are performed for existence of any records (A, MX, or even NS) for the given domain. (I think there may be some misunderstanding as to what FQDN is.)
A technically complete FQDN (terminated by root zone '.') is not required (by my MTA).
And still this comprises 37% of total rejected spams on my server. Even more (potentially "most") if you dismiss the no-such-recipient rejections.
(FQDN requirement: RFC 2821 2.3.5)
So, yeah, they'll tell you that the headers can be forged. This is true except for the last hop which should be your MTA.
So why doesn't your address show up in the "for" clause of the last hop? I don't think you'll see a fake address there, but where's your real address? I think in certain conditions your MTA will omit the "for". I don't know when that happens, but I've seen the "for" clause missing from the last hop on rare emails. I can't figure out the pattern.
(I use Postfix.)
Beware when you use the term fanboy.
One sense refers to the focused and deep-delving geeks/nerds which are the radiant source of geek chic.
Another sense refers to unreasonable and often belligerent adherence to favored ideas.
Earnest exploration and revelry: awesome.
Sectarianism, jingoism, groupthink, witch hunting, xenophobia, and shoddy reasoning catalyzed by wishful thinking and cognitive dissonance: not so much.
Just as I got to the RSS client part of the video I thought about this issue. Gives new meaning to the phrase "feed the third world".
Javascript, no. Maybe you're not clear on how this works?
XSS, kind of, yes.
This exploit requires someone be able to insert a <form> element on a trusted site. (A site that you trust at least to have an account with.) The form gets the login info auto-populated by Password Manager, but then submits the results to a different site. This compromises the trusted site's credentials.
I use Password Manager, but rarely let it save passwords. (You're given the option each time, you know.) There are specific situations where it comes in handy for me, and thankfully none of them would expose me to a malicious use of this exploit. So, modulo your lack of specificity on the scenarios that make its use retarded, we agree.
Being security conscious, I (also) use NoScript. The exploit works even with both sites forbidden. So you know. No need for you to go configuring Password Manager to test it. (Which would not have been hard to do — it's a checkbox.)
As for the question of whether this is a Firefox security hole, I think it is. At least partly. Sure, XSS injection is a site-specific vulnerability. That much is the site's fault. But silently performing a credentials fill-in for cross-site form posting in an environment where XSS may happen... This is not ideal. Surely there must be some solution like tying the credentials not just to a domain and/or specific page, but to the triple of URL+form+action. Maybe this is hard to do if the populating is done before the action can be known for sure (as the form action attribute may change after population and before submission).
I can imagine having Firefox perform a check at the moment it attempts to submit: Did we auto-fill the credentials, and is the URL+form+action the same? If so, go ahead. If not, warn user.
Wonder what will come of this all?
"Compared to Pine" or any such mail client, mutt is ... certainly different.
I think one question in this discussion is whether MTA function can reasonably be expected to be merged with MUA function in a single program, the mail client. Boundaries of functionality are often blurry things. Maybe it depends on the application's audience? Configuring an MTA to work with mutt was not prohibitive or painful for me, nor, I expect, for many other mutt users. It makes you wonder who the intended audience is.
But let's not ignore the concept of "do one thing, do it well." Capability, flexibility, ease of use (for that "one thing"), and security all benefit from this. If leaving out MTA function improves the security of my client, spares the opportunity cost for use in MUA-specific development, and speeds the release cycle, among other potential benefits, that works for me. I'll personally pay for those benefits with a little MTA configuration. Heck, I like my MTA. I guess I can understand if people want to wash their hands of sendmail.
The system needs fixing.
Partisan bias obstructs cleaning up the electoral process.
0 7107726851
Don't let your always short-lived victory lodge your head in your ass. Now with the Republicans smarting maybe they can be encouraged to get behind some improvements?
Your "democracy" is owned by private interests. Your vote barely counts. Fix it.
One way your vote doesn't count:
http://video.google.com/videoplay?docid=-72367912
Organizations to support for change:
Black Box Voting
Open Voting Consortium
Sedition, then?
s
http://en.wikipedia.org/wiki/Treason#United_State
I'm all for legislation making electoral fraud severely punishable.
Maybe you missed that part of what he said?
Here's a brochure.
If this is sensible enough, look deeper?
You ask an excellent question. Would folk be outraged if their candidate had won?
...)
I'll venture a guess. If the Democrats had won amidst the same widespread reports of electoral fraud, many of them would suffer the same bias and belittling of outrage that many vocal Republicans have demonstrated.
Anyone want something like a percentage comparison? Just how many more or fewer Democrats would be assholes and hypocrites about a rigged election that served them versus Republicans? Homey don't play that. If you're curious and you think it's important, you're a fool. It's called sectarianism. It's called an "Us v. Them" mentality, and it is destructive.
(... hundreds of Slashdot readers immediately start trying to perceive me as being from their favorite whipping boy opposing party
Every one of you that's taking a side and rabidly generalizing about the standard opposing party is failing to realize that they're being used. Do you think "Dems blow!"? Or maybe "Damned Republitards!"? You are a tool, controlled with psychological forces seeded by greedy and self-serving players, amplified in an ugly dynamic between our innate tendencies and media pandering. You have failed to question the system. You fail it!
The truth is that every candidate is different, that there is a wide variety of (actual, not professed) platforms, regardless of party affiliation, despite all this damned gravity of conformity and majority voting pulling politics to these polar ideological centers of mass.
If I were on the winning side of an election, I'd be perfectly fine with supporting electoral reform that ensured accurate counting of each and every vote. Is it because I'd be so gracious? Does that really matter? What matters more is that I'd have the goddamned foresight to realize that nobody's political position is safe from electoral fraud and it wouldn't matter anyway if your fucking country were on a rocket sled shooting down the chute of corruption into a dystopic authoritarian septic pond of a future.
Securing the vote can only help. Regardless of your team's color.
openvotingconsortium.org
verifiedvoting.org
(And if we can get well-working electronic voting instated, we'll be one step closer to implementing a method that helps to combat the ills of majority voting.)
(Not to suggest you mean so.)
Anyway, it is a solvable problem.
Get your open source and well-working solution from openvotingconsortium.org.
Slashdotter SAFH already shared a summary of the system.
Secret source be damned.
I misunderstood the video. The executable on the card is actually run when the votes are counted. Subversion of the card's program is subversion of the tabulator.
Read section "Findings" in Hursti's report:
http://www.blackboxvoting.org/BBVreport.pdf
By the way, if you're voting in California, you might consider that one of the candidates for Secretary of State, Debra Bowen is a proponent of Open Voting.
Bruce McPherson, the incumbent, appears to be obstructing progress towards open voting.
I don't know the other candidates' stances. Anyone?
Now as to your question of how did the init printout show zero: Great question. Not only was it just zero, but if I remember correctly it was 0 NO, 0 YES.
You might have three possibilities:
This is unlikely (as you suggest). Yes, "ballots cast" shows zero, but "precinct" and "race #" are set. And presumably at least one test has been performed where a positive quantity of votes were registered for a candidate, which would have revealed this error of misreporting the card's startup values.
or
You could probably test it to see if it reports accurate pre-loaded votes for positive values. If it accurately reports pre-loaded positive votes, then the sum-of-both-equals-zero-for-each path is probably a distinct code path. I can't see the value of having a separate code path for this scenario except for the purpose of hiding the system's fraud-enabling function.
For fraud, you want the machine to pass (regular) testing for pre-loading, but to enable some kind of pre-loading. "Oh yeah, we pre-loaded 50 votes for Fred and it showed them. Works great. What? Pre-load negative votes in equal quantity for the other candidate? Uh... You must be a conspiracy-mongering nutjob!"
As many times as the Diebold source was leaked, you'd figure I'd have a copy handy to answer my questions definitely.
And we're back round to wondering if The Great Worm were in fact unleashed because of error.
Well, right. I said I was a layperson.
I'm sorry I offended you. I wasn't trying to come off as better. When I said use of 'virii' was ignorant, I meant it as a fact rather than an insult. "Lacking information or knowledge."
Your professors were probably not Latin scholars, so they too were ignorant of proper inflection. A person might be inclined to say "when in Rome...", thinking that convention is correctness in this matter, but there is an actual way for scholars to judge 'virii' as a solecism. Imagine if your community of Latin scholars started saying that viruses were in fact animalcules. Whether it were the norm, it wouldn't be correct.
Imagine you could know by asking an expert. Let's say instead that you didn't, that you just continued using 'virii', and that you even passed it on to your students when you started teaching. And they said, "That's just the way it is."
I fully expect now that the universe will pull an ironic twist and have the 4th declension plural of this particular word be 'virii' for some obscure but legitimate reason, with examples found in freshly unearthed texts.
Sorry if it was upsetting. I was addressing the general 'you' regarding 'virii', not the specific you, Rob. I mean no offense. I included that part of my post because this article was bound to spawn an outbreak of incorrect usage. I'm aiming to help people to do right in a context where wrong is going to crop up, so I see it as perhaps only half pedantic.
... great consequences.
p le But in this scenario it just means that the investigators should proceed carefully (as they apparently did). But I also believe that "The opportunity cost of imposing a restrictive measure must be balanced against the potential costs of damage due to a new technology, rather than just considering the potential damages alone."
I can understand following convention, especially if it's among otherwised learned people whose roles are specifically to teach. We're better off absorbing their wisdom rather than looking at it all askance. However, popularity does not make right, teachers of biochemistry are not scholars of Latin, and 'virii' is wrong. The correct classical pluralization of virus is debated, including the point of whether there even is a correct pluralization, but there does exist a correct English inflection. Viruses. For all those teachers who use 'virii', how many contest 'viruses'? Even if your teachers were wrong, you can be right, and probably in a way that they wouldn't deny.
I can see how from a certain standpoint one might be comfortable with the assertion that there is no risk. As a layperson, my point of view is not that standpoint. Nor can I trust that researchers necessarily won't make mistakes. And small mistakes when playing with great possible consequences can amount to
From my perspective I have questions like, "What if the mechanisms that may have made us less susceptible to the old virus have deteriorated or gone dormant?" "What kind of natural frequency of spontaneous retrovirus revival can you expect from 30 incomplete copies that took consensus reconstruction to rebuild effectively?" "What kind of procedurally-based mutations could occur in the process of virus reconstruction for segments where there might be poor or conflicting consensus?" "Could identification of instances of the virus be off somehow, identifying functionally disparate viruses as the same one and encouraging joining them together into a form that has never existed?" Please don't answer those questions as a refutation of my having them. (Do answer them to edify, if you're inclined.) They serve to illustrate a layperson's fear.
The ever-discovering march of science necessarily means there is movement on the edge of understanding. This means that we necessarily don't understand all the ramifications of our actions. You, may say "that it worked is fairly amazing," but I read that as "that it amazes is fairly concerning."
All that said, I am for active investigation. And I thank you for sharing details on the matter. Still, let me reiterate that, as a layperson, being told there is no risk is not reassuring. In fact, one might perceive a tone of certainty and see that as hubris, potentially to be followed by recklessness. Here's something that is a bit reassuring: biosafety level 3 appears to be pretty good precaution. And, use of biosafety level 3 shows that the scientists involved acknowledge and respect the danger, however remote it may be.
I believe in the Precautionary Principle. http://en.wikipedia.org/wiki/Precautionary_princi
If you want to reassure people and minimize the villagers-with-torches reaction, I imagine that open and sincere humility combined with evident care is probably your best bet. If you're thinking that people are obdurate and they should just listen to authority, think 'virii'.
There were two facets of Dr. Frankenstein that I brought up. One was his pursuit (and achievement) of knowledge, the other was recklessness and hubris. I meant that these scientists were Frankenstein in the aspect of advancing science. Then I warned that they should not also be Frankenstein in the other aspect.
I think there's an Outlook plugin you might appreciate.
http://spambayes.sourceforge.net/
"No Risk"
By no means do I suggest that these researchers necessarily acted dangerously or that their research and research like it should be stopped, but I have to say that complex efforts with potentially "devastating" [your term] results should not be reassured against with phrases like "there was no risk". Your explanation of "The resultant virus was disabled so that, after replicating once in a cell, the daughter viruses could not replicate" only inspires a dubious curiosity for how this was done.
Indeed, also hearing the allegation that "the researchers couldn't be absolutely sure about Phoenix's infectivity" and that only biosafety level 3 was used while a level 4 was recommended, a layperson is left to wonder. (What the hell is a biosafety level in the first place, ?)
These researchers are Dr. Frankensteins in their pursuit of knowledge. And let them be! The pursuit of knowledge is unquestionably good! Just let them be careful while doing it, or they may also be Dr. Frankensteins in their poor safeguarding, Unleashing The Ritz on us.
Biodiversity & Nanomachines
In support of the investigation, let me say that I recently wondered, on the tail of some ethics reading regarding ecology, what other utility values nature could provide us beyond simple resources and recreation. Thinking of how proteins are basically nanomachines; and how much of the unused portions of our genome may be disused codes for once-useful, now-retired proteins; and how hard it must be to design a working nanomachine (just look at how hemoglobin contorts so bizarrely with the simple addition of an oxygen molecule); I came to wonder whether there might be a goldmine of blueprints for tested nanomachines in us. In us and every species we destroy.
Yes, please figure out how to mine genomes for molecular machines. In the meantime we'll see about preserving all these genomes.
Ob. Plural Of 'Virus'
Don't say 'virii'. That isn't even just wrong yet. You probably mean 'viri', which is just wrong. It wasn't used in the plural (being a mass noun, not a count noun) and there may not have been a proper plural form of it in Latin. My guess is that it is actually a 4th declension neuter with a plural of 'virus' (long 'u' sound), but what the hell do I know? Well, more than someone saying 'virii', by a long shot. Be safe, inflect it in English rather than classically: viruses.
Knowing the details of the debate makes you a pedant. I mean, how important is it really? But using the certainly wrong classical form makes you ignorant.
http://en.wikipedia.org/wiki/Plural_of_virus
eom