I recently purchased some hacking books on amazon out of curiosity, half-realizing that this COULD put me on some watch lists I probably don't want to be on. I wonder whether I'm just being paranoid.... or if we actually got to that point already.
It depends -- are you affiliated with a research lab that does computer security work? If yes, nobody will both you, because you are "supposed" to be reading about those sorts of things. On the other hand, if you are just a middle class worker somewhere, you are not supposed to be reading about technical things, so you will stand out as a suspect. Welcome to the land of paranoia, stupidity, and lost privacy rights.
So far as I can see, catching an exception before stack is unwound means that you need some form of spaghetti stack (since, on one hand, you have the original stack, and, on the other, you have the stack frame in which the exception handler executes, and said handler can spin off further frames by calling other things). That would require some non-negligible overhead even for the more common no-exception case.
I am not really sure why that needs to be the case. The exception handler itself can use a different stack, or it can just start at the top of the original stack, and can receive simply receive a pointer to the stack frame/instruction that should be returned to once the exception handling routine is finished. To support this, Common Lisp allows you to register a function as an exception handler; this function is called when the exception is caught, and the exception is an argument to the function.
The guy isn't under arrest. The ban on being alone with his daughter seems overly harsh but I can appreciate why.
So he is not under arrest, he has not been found guitly of a crime...but the state can prevent him from being alone with his own daughter? Let us spend some time thinking about how many things are wrong here.
The guy does have child pornography on his laptop; it's not like a reasonably likely cause of that isn't himself.
So he reported his own child pornography to the police?
There is a chance, I couldn't guess on odds, that the guy had looked at child pornography and was concerned his details may have gotten to the police.
So to make sure they have his details, he ran straight to them?
I think it is pretty reasonable for the police to want to make sure that isn't the case and I can see why they are concerned about him being left alone with a child in the meanwhile.
So why even bother with courts and trials? If the police suspect someone is guilty, we should immediately start procedures to protect everyone else from that dangerous person! Presumption of innocence? System of laws? Why bother?
Many compilers allow changing its behavior to return null instead, but this is not permitted by C++98, so when you use a compiler in such mode, you're not dealing with standard ISO C++.
Thank you for the clarification, I mispoke on that point.
If you are rather complaining about exceptions leaking from destructors crashing everything, that is also not really a C++ specific problem, it's just that other languages make different (but also bad) choices
I think there are better ways; in Common Lisp, you can catch exceptions before the stack is unwound, which basically solves this problem (a simpler exception handling mechanism that is similar to C++ and Java is available too, which follows the Java semantics for finally/unwind-protect exceptions). The problem with C++ and Java (and related languages) is that the stack is unwound as part of the process of entering the exception handler; this is not the only way to do things.
Languages that are better in every respect will fall by the wayside if they don't meet these criteria regardless of how much better they are...
I would agree if "syntax similar to C" were not one of the requirements. Common Lisp remains in use, and has been used successfully in several very big projects. Python is becoming increasingly popular as a general purpose language.
C has acceptable syntax (better than brainfuck) but there is nothing magical about C syntax. Many programmers learn a language with C-like syntax in school, but that is where the importance of that syntax stops, both in theory and in practice. With many schools moving to Python, I suspect that C-like syntax will start becoming a hindrance to language adoption pretty soon.
Aren't the basic programming concepts understood and defined now?
I am not an expert, so perhaps someone who is can weigh in on this: is there some reason to think that we have discovered every programming paradigm that could possibly exist? I suspect the answer is "no," but perhaps I am wrong.
All a new language can really bring to the table is a different syntax.
Or there could be a new paradigm that requires a new language. Prolog is not just "different syntax" from Java, it is a different approach to programming.
Exceptions too. If you're parsing a complex data file several layers deep then error handling will make C code enormously complex. With C++ you just throw an exception and let stack unwinding free all the temporary data for you.
Except that C++ exceptions are tricky beasts; this is a classic "hard to shoot yourself in the foot, but if you manage it you'll blow your leg off" situation. Aside from how easy it is to get exceptions wrong (e.g. when your exception types are part of an inheritance hierarchy), there are also hidden "gotchas" like this:
See the problem? Wondering why this is relevant to exception handling? The body of this destructor might throw an exception, which is OK sometimes but deadly if the destructor was called as part of the stack unwinding process that resulted from another exception being thrown (which causes abort() to be called).
The C++ standard library also has (or at least as of C++98, had) poor support for exceptions. You must explicitly activate exceptions in some classes; "new" may or may not throw exceptions; the number of exceptions that might be thrown is very limited. There are some parts of the C++ standard library that require you to check return types or to check class members on your own (sometimes this is a good thing -- throwing an exception at the end of input would be horribly annoying).
C is not much better, since error states are advisory and people often ignore them (how many times do you see people fail to check the return value of printf?). What C++ needs (and perhaps this is in C++0x) is a better definition for exceptions, one that does not cause programs to abort (which is even worse than checking return values) and to make better use of exceptions in the standard library. Unfortunately, this would create all sorts of headaches for compiler writers, who would have to rethink their code generation strategies, so I do not think it is likely that we will see this happen any time soon.
You do not actually think that you will be uploading movies, do you? The services that provide you with the movie storage will already have copies; you will insert a DVD so that they can check that you really do have a copy of it, then magically you can access the shared copy that everyone else accesses.
Let me guess -- deCSS is for criminals, because it allows people to rip DVDs on their own, without paying for the privilege, and without requiring an Internet connection to watch?
Thus explaining the massive increase in the training and use of paramilitary law enforcement squads, the numerous attacks on the bill of rights, and the various favors and hand-outs the government gives big corporations? For decades, the executive branch of government has been expanding its power, to the point of being able to make and enforce laws. You think Obama is on the left? Then perhaps you can explain his support for ACTA, for the DEA and other war-on-drugs efforts (under his administration, the DEA has unilaterally declared numerous drugs to be illegal, without any democratic process), his support for killing citizens without due process, etc.
In America your choices are "extreme right wing" or "right wing." Leftists are few and far between.
No the moral of the story is that the average person have sex is no interest to someone who sees it hundreds of times a day. Despite what your teachers may have told you, you are not especially special.
Then you won't mind telling me your home address so that I can come over and put a camera in your bedroom?
I do not personally look at what members of my research group are doing on the servers that I am the (de facto) administrator for. Facebook employees were caught reading user communications at least 5 years ago, if not earlier than that; this is not a hypothetical risk, they were caught red handed and have evidently not changed their ways.
Facebook gives users the illusion of privacy by allowing them to set various "privacy controls." This leads people to believe that their data is somehow protected, especially when people are not technically literate. Facebook has even tried to deflect attention to the real privacy issue -- that their employees can read through anything a user posts -- by shifting to the focus to whether or not privacy settings are easy to use.
Otherwise, I agree -- and this issue was well known long before Facebook, back when people were complaining about invasive sysadmins reading their email. This is the sort of thing that (to a large extent) motivated civilian crypto research and public key cryptography.
To perform a private/public key check on photos you want to share with a select group of people would mean effectively sharing that public key with that select group.
Or using attribute based encryption, which allows a ciphertext to be decrypted by anyone who possesses a key with particular attributes. Now, when it comes to social networking, I envision the "trusted key issuer" (a necessary component of ABE) to be the person making posts, and "friending" to be the process of issuing someone a key (with particular attributes). Facebook would act as a key store, and would simply send keys to browsers (which would perform all decryption locally; this is critical to maintaining user privacy). This may also involve a secure computation protocol that protects users from a malicious party (i.e. Facebook itself), so that some processing can be done by Facebook's own servers (perhaps to manage the addition of new people to the social network; maybe you want to allow anyone from your school to be able to see which classes you are enrolled in, but do not want to be forced to issue key after key whenever a new user joins the social network).
Now, at the moment these systems are still very much "research level" systems, which is why it will be a while before we can deploy them. If Facebook wanted to help in that research, they would be welcome -- their resources and experience in social networking would probably help a lot. Unfortunately, that is not something we are likely to see happen any time soon, since it works against Facebook's own goals (monetizing privacy violations).
The reality is even if Facebook deployed crypto the people who care about crypto won't and CANNOT trust FB to do it in a way secure for the users
That is why we need to start deploying systems that protect users from malicious parties. Web browsers currently ship with support for basic encryption and signing of messages exchanged by the browser and the web server. Yet with social networking, what we really need is a secure way to communicate between two clients, through the server; moreover, it needs to allow users to log in from different systems. What we need is a multiparty computation system that offers security against malicious parties, and which is built in to web browsers so that we do not have to rely on Facebook to deploy some sort of applet (e.g. Hushmail's approach, which fails to protect its users and which we all knew would fail to protect its users even before the DEA walked into court with multiple DVDs of decrypted data).
It is still research-level stuff -- still not quite practical for the volumes of data that Facebook deals with -- but there is no reason to think that it is impossible or that it could not be practical. The biggest challenge is getting this sort of thing built in to browsers; browsers have a vested interest in helping advertisers and related companies (like Facebook), and so the politics and economics wind up getting in the way.
That's quite naive though because that would mean their sys-admins could not see it if they needed to, also law enforcement(in which jurisdiction?); I'm not sure how you could legally or functionally achieve either of these.
We have known for years that the sysadmins who run communication systems could potentially eavesdrop on us, which was one of the big motivations for public research on cryptography and public key encryption systems. I know, I know, "It's hard," "Ordinary people won't do it," "There are a million failure modes," but we are not trying to secure against nation-state intelligence agencies here. If Facebook were serious about protecting user privacy (not that anyone would expect them to be), they would have deployed cryptographic solutions to these problems long ago. If they want to be able to grant law enforcement access to these things, they can use a threshold system so that there is no single person who can read users' messages.
The reality, though, is that Facebook will only devote resources to giving users to appearance of privacy, because Facebook's entire business model is based on privacy violations.
So the moral of the story is that you have no idea who could be reading what you posted to Facebook, and that privacy controls are completely meaningless when it comes to Facebook employees reading through your information? How is that news?
...which are based on what? Where is the evidence for these models? How do we know that acupuncture works better than blood letting, prayer, or instructing patients to stand on their heads?
A thousand years of folk knowledge is plenty of statistical evidence.
So the Earth is flat? Dead people may reappear as ghosts? Ritualistically sacrificing an animal will result in a good harvest?
The fact that people believe things work does not mean that they work. Herbal medicines probably do work sometimes, but we need to investigate these matters to determine when herbal medicines work, when they do not work, and what they actually do. Leeches were subjected to scientific testing, and it turns out that sometimes leeches are the right approach to a medical problem -- but not nearly for the number of conditions leeches were once used for.
Here's my question for you: do you believe things just because everyone else believes those things? If not, how do you determine what is or is not true? What role, if any, does evidence play in your evaluation of truth?
Some "traditional medicines" are bupkus. Some are not
If only we had some sort of method to distinguish between them...yeah...some sort of way to objectively separate useful treatments from useless treatments...
Once you have figured out how we can determine which treatments are useful and which are not, you should apply for a patent.
That includes many things that we take advantage of daily -- even before we start on the stuff which is ridiculed by people like you
[citation needed]
Are scientists representatives of God?
No, scientists are just people who back up their claims with evidence, collected and analyzed according to careful procedures. Representatives of deities are the people who demand that we believe their claims regardless of the available evidence, because we are supposed to place value on "faith."
Do they really know EVERYTHING?
Did someone claim that scientists know everything? Scientists conclude their publications with lists of unanswered questions, which is what motivates scientific investigations in the first place. Scientists are not claiming that treatments which have not been investigated do not work -- they are claiming that there is no way to know, until those treatments are investigated.
I think a better question is this: do you think that you know everything? If you do not demand evidence, then how do you determine what is or is not true (or which treatments are or are not effective)?
Nobody claimed that alternative therapies are beyond the reach of scientific inquiry; there have even been some studies on the effectiveness of Chinese herbal medicine (part of traditional Chinese medicine). The problem is that these alternative therapies are being practiced and taught without first being subjected to scientific evaluation -- it is anyone's guess as to whether or not these treatments are actually effective. Here is an example, from TFA, of the sort of claims that are being made:
some chiropractors now extended their manipulation of the spine to children, and claimed that this could cure asthma, allergies, bedwetting, attention deficit hyperactivity disorder, colic, fever and numerous other problems, and could serve as a substitute for vaccination.
Evidence? Studies? Clinical trials? Nothing has been presented to support the claim that chiropractors can cure asthma or bedwetting, let alone the really bizarre claims (a substitute for vaccination?).
There is no conspiracy or closed-mindedness. When evidence that herbal medicines do work, scientists embrace them:
You see that long and extensive list of studies? Did you notice that the scientific criticisms were almost entirely focused on smoking as a method of ingestion? Did you notice that the non-scientific criticisms were political, driven by America's far-right government agenda that has been pushed for decades now?
These scientists are objecting to the teaching of treatments that have no evidence to support their use, which have not been the subject of any studies, and for which no statement of efficacy can be made (how do we know these treatments do not cause more harm than good? how do we know that these treatments are not just a waste of time?).
Re:I like both forms, but printed is still best
on
The eBook Backlash
·
· Score: 1
First off I never fear losing a physical book, the value is low enough I don't care
I will add to this that I do not fear casually tossing a printed book into my bag or onto my desk, dropping a pile of other books on top of it, etc. I am pretty worried about dropping my bag when it has a computer of any sort in it -- too many ways that dropping a computer could render it unusable.
Do you really need to do those things on a machine that has no network connection?
Absolutely -- there are going to be insider threats, and they have the potential to do more damage than outsiders. Do you really think that your $35k/year janitor is not going to be paid twice that by someone trying to download your valuable data? Do you really think that a disgruntled employee would not try to run an exploit pack on your airgapped, security-sensitive system? Security is about more than simply keeping the outsiders out.
Slashdot Mirror
I recently purchased some hacking books on amazon out of curiosity, half-realizing that this COULD put me on some watch lists I probably don't want to be on. I wonder whether I'm just being paranoid.... or if we actually got to that point already.
It depends -- are you affiliated with a research lab that does computer security work? If yes, nobody will both you, because you are "supposed" to be reading about those sorts of things. On the other hand, if you are just a middle class worker somewhere, you are not supposed to be reading about technical things, so you will stand out as a suspect. Welcome to the land of paranoia, stupidity, and lost privacy rights.
So far as I can see, catching an exception before stack is unwound means that you need some form of spaghetti stack (since, on one hand, you have the original stack, and, on the other, you have the stack frame in which the exception handler executes, and said handler can spin off further frames by calling other things). That would require some non-negligible overhead even for the more common no-exception case.
I am not really sure why that needs to be the case. The exception handler itself can use a different stack, or it can just start at the top of the original stack, and can receive simply receive a pointer to the stack frame/instruction that should be returned to once the exception handling routine is finished. To support this, Common Lisp allows you to register a function as an exception handler; this function is called when the exception is caught, and the exception is an argument to the function.
The guy isn't under arrest. The ban on being alone with his daughter seems overly harsh but I can appreciate why.
So he is not under arrest, he has not been found guitly of a crime...but the state can prevent him from being alone with his own daughter? Let us spend some time thinking about how many things are wrong here.
The guy does have child pornography on his laptop; it's not like a reasonably likely cause of that isn't himself.
So he reported his own child pornography to the police?
There is a chance, I couldn't guess on odds, that the guy had looked at child pornography and was concerned his details may have gotten to the police.
So to make sure they have his details, he ran straight to them?
I think it is pretty reasonable for the police to want to make sure that isn't the case and I can see why they are concerned about him being left alone with a child in the meanwhile.
So why even bother with courts and trials? If the police suspect someone is guilty, we should immediately start procedures to protect everyone else from that dangerous person! Presumption of innocence? System of laws? Why bother?
Many compilers allow changing its behavior to return null instead, but this is not permitted by C++98, so when you use a compiler in such mode, you're not dealing with standard ISO C++.
Thank you for the clarification, I mispoke on that point.
If you are rather complaining about exceptions leaking from destructors crashing everything, that is also not really a C++ specific problem, it's just that other languages make different (but also bad) choices
I think there are better ways; in Common Lisp, you can catch exceptions before the stack is unwound, which basically solves this problem (a simpler exception handling mechanism that is similar to C++ and Java is available too, which follows the Java semantics for finally/unwind-protect exceptions). The problem with C++ and Java (and related languages) is that the stack is unwound as part of the process of entering the exception handler; this is not the only way to do things.
"A method for representing words beginning with the sound 'kuh-yoo' or ending with the sound 'kuh' in electronic or printed media..."
Can we become better educated on patents -- maybe just a little
OK, let's start here:
http://www.uspto.gov/web/offices/pac/mpep/documents/2100_2106_02.htm
Then here:
https://en.wikipedia.org/wiki/In_re_Bilski
Then here:
https://en.wikipedia.org/wiki/Church-turing_thesis
Then, if we are all still paying attention, we can ask how any software patent is valid.
Languages that are better in every respect will fall by the wayside if they don't meet these criteria regardless of how much better they are ...
I would agree if "syntax similar to C" were not one of the requirements. Common Lisp remains in use, and has been used successfully in several very big projects. Python is becoming increasingly popular as a general purpose language.
C has acceptable syntax (better than brainfuck) but there is nothing magical about C syntax. Many programmers learn a language with C-like syntax in school, but that is where the importance of that syntax stops, both in theory and in practice. With many schools moving to Python, I suspect that C-like syntax will start becoming a hindrance to language adoption pretty soon.
Aren't the basic programming concepts understood and defined now?
I am not an expert, so perhaps someone who is can weigh in on this: is there some reason to think that we have discovered every programming paradigm that could possibly exist? I suspect the answer is "no," but perhaps I am wrong.
All a new language can really bring to the table is a different syntax.
Or there could be a new paradigm that requires a new language. Prolog is not just "different syntax" from Java, it is a different approach to programming.
Exceptions too. If you're parsing a complex data file several layers deep then error handling will make C code enormously complex. With C++ you just throw an exception and let stack unwinding free all the temporary data for you.
Except that C++ exceptions are tricky beasts; this is a classic "hard to shoot yourself in the foot, but if you manage it you'll blow your leg off" situation. Aside from how easy it is to get exceptions wrong (e.g. when your exception types are part of an inheritance hierarchy), there are also hidden "gotchas" like this:
See the problem? Wondering why this is relevant to exception handling? The body of this destructor might throw an exception, which is OK sometimes but deadly if the destructor was called as part of the stack unwinding process that resulted from another exception being thrown (which causes abort() to be called).
The C++ standard library also has (or at least as of C++98, had) poor support for exceptions. You must explicitly activate exceptions in some classes; "new" may or may not throw exceptions; the number of exceptions that might be thrown is very limited. There are some parts of the C++ standard library that require you to check return types or to check class members on your own (sometimes this is a good thing -- throwing an exception at the end of input would be horribly annoying).
C is not much better, since error states are advisory and people often ignore them (how many times do you see people fail to check the return value of printf?). What C++ needs (and perhaps this is in C++0x) is a better definition for exceptions, one that does not cause programs to abort (which is even worse than checking return values) and to make better use of exceptions in the standard library. Unfortunately, this would create all sorts of headaches for compiler writers, who would have to rethink their code generation strategies, so I do not think it is likely that we will see this happen any time soon.
You do not actually think that you will be uploading movies, do you? The services that provide you with the movie storage will already have copies; you will insert a DVD so that they can check that you really do have a copy of it, then magically you can access the shared copy that everyone else accesses.
Cumbersome? Absurd? All of the above.
Let me guess -- deCSS is for criminals, because it allows people to rip DVDs on their own, without paying for the privilege, and without requiring an Internet connection to watch?
America has been trending left for a century
Thus explaining the massive increase in the training and use of paramilitary law enforcement squads, the numerous attacks on the bill of rights, and the various favors and hand-outs the government gives big corporations? For decades, the executive branch of government has been expanding its power, to the point of being able to make and enforce laws. You think Obama is on the left? Then perhaps you can explain his support for ACTA, for the DEA and other war-on-drugs efforts (under his administration, the DEA has unilaterally declared numerous drugs to be illegal, without any democratic process), his support for killing citizens without due process, etc.
In America your choices are "extreme right wing" or "right wing." Leftists are few and far between.
No the moral of the story is that the average person have sex is no interest to someone who sees it hundreds of times a day. Despite what your teachers may have told you, you are not especially special.
Then you won't mind telling me your home address so that I can come over and put a camera in your bedroom?
Otherwise, I agree -- and this issue was well known long before Facebook, back when people were complaining about invasive sysadmins reading their email. This is the sort of thing that (to a large extent) motivated civilian crypto research and public key cryptography.
To perform a private/public key check on photos you want to share with a select group of people would mean effectively sharing that public key with that select group.
Or using attribute based encryption, which allows a ciphertext to be decrypted by anyone who possesses a key with particular attributes. Now, when it comes to social networking, I envision the "trusted key issuer" (a necessary component of ABE) to be the person making posts, and "friending" to be the process of issuing someone a key (with particular attributes). Facebook would act as a key store, and would simply send keys to browsers (which would perform all decryption locally; this is critical to maintaining user privacy). This may also involve a secure computation protocol that protects users from a malicious party (i.e. Facebook itself), so that some processing can be done by Facebook's own servers (perhaps to manage the addition of new people to the social network; maybe you want to allow anyone from your school to be able to see which classes you are enrolled in, but do not want to be forced to issue key after key whenever a new user joins the social network).
Now, at the moment these systems are still very much "research level" systems, which is why it will be a while before we can deploy them. If Facebook wanted to help in that research, they would be welcome -- their resources and experience in social networking would probably help a lot. Unfortunately, that is not something we are likely to see happen any time soon, since it works against Facebook's own goals (monetizing privacy violations).
The reality is even if Facebook deployed crypto the people who care about crypto won't and CANNOT trust FB to do it in a way secure for the users
That is why we need to start deploying systems that protect users from malicious parties. Web browsers currently ship with support for basic encryption and signing of messages exchanged by the browser and the web server. Yet with social networking, what we really need is a secure way to communicate between two clients, through the server; moreover, it needs to allow users to log in from different systems. What we need is a multiparty computation system that offers security against malicious parties, and which is built in to web browsers so that we do not have to rely on Facebook to deploy some sort of applet (e.g. Hushmail's approach, which fails to protect its users and which we all knew would fail to protect its users even before the DEA walked into court with multiple DVDs of decrypted data).
It is still research-level stuff -- still not quite practical for the volumes of data that Facebook deals with -- but there is no reason to think that it is impossible or that it could not be practical. The biggest challenge is getting this sort of thing built in to browsers; browsers have a vested interest in helping advertisers and related companies (like Facebook), and so the politics and economics wind up getting in the way.
That's quite naive though because that would mean their sys-admins could not see it if they needed to, also law enforcement(in which jurisdiction?); I'm not sure how you could legally or functionally achieve either of these.
https://en.wikipedia.org/wiki/Encryption
We have known for years that the sysadmins who run communication systems could potentially eavesdrop on us, which was one of the big motivations for public research on cryptography and public key encryption systems. I know, I know, "It's hard," "Ordinary people won't do it," "There are a million failure modes," but we are not trying to secure against nation-state intelligence agencies here. If Facebook were serious about protecting user privacy (not that anyone would expect them to be), they would have deployed cryptographic solutions to these problems long ago. If they want to be able to grant law enforcement access to these things, they can use a threshold system so that there is no single person who can read users' messages.
The reality, though, is that Facebook will only devote resources to giving users to appearance of privacy, because Facebook's entire business model is based on privacy violations.
even from this article it's not clear they're just going through private content on a whim.
Well, perhaps this article from 5 years ago will help to clarify the issue for you:
http://gawker.com/315901/facebook-employees-know-what-profiles-you-look-at
So the moral of the story is that you have no idea who could be reading what you posted to Facebook, and that privacy controls are completely meaningless when it comes to Facebook employees reading through your information? How is that news?
Chinese medicine has detailed models
A thousand years of folk knowledge is plenty of statistical evidence.
So the Earth is flat? Dead people may reappear as ghosts? Ritualistically sacrificing an animal will result in a good harvest?
The fact that people believe things work does not mean that they work. Herbal medicines probably do work sometimes, but we need to investigate these matters to determine when herbal medicines work, when they do not work, and what they actually do. Leeches were subjected to scientific testing, and it turns out that sometimes leeches are the right approach to a medical problem -- but not nearly for the number of conditions leeches were once used for.
Here's my question for you: do you believe things just because everyone else believes those things? If not, how do you determine what is or is not true? What role, if any, does evidence play in your evaluation of truth?
Some "traditional medicines" are bupkus. Some are not
If only we had some sort of method to distinguish between them...yeah...some sort of way to objectively separate useful treatments from useless treatments...
Once you have figured out how we can determine which treatments are useful and which are not, you should apply for a patent.
That includes many things that we take advantage of daily -- even before we start on the stuff which is ridiculed by people like you
[citation needed]
Are scientists representatives of God?
No, scientists are just people who back up their claims with evidence, collected and analyzed according to careful procedures. Representatives of deities are the people who demand that we believe their claims regardless of the available evidence, because we are supposed to place value on "faith."
Do they really know EVERYTHING?
Did someone claim that scientists know everything? Scientists conclude their publications with lists of unanswered questions, which is what motivates scientific investigations in the first place. Scientists are not claiming that treatments which have not been investigated do not work -- they are claiming that there is no way to know, until those treatments are investigated.
I think a better question is this: do you think that you know everything? If you do not demand evidence, then how do you determine what is or is not true (or which treatments are or are not effective)?
some chiropractors now extended their manipulation of the spine to children, and claimed that this could cure asthma, allergies, bedwetting, attention deficit hyperactivity disorder, colic, fever and numerous other problems, and could serve as a substitute for vaccination.
Evidence? Studies? Clinical trials? Nothing has been presented to support the claim that chiropractors can cure asthma or bedwetting, let alone the really bizarre claims (a substitute for vaccination?).
There is no conspiracy or closed-mindedness. When evidence that herbal medicines do work, scientists embrace them:
https://en.wikipedia.org/wiki/Medical_marijuana
You see that long and extensive list of studies? Did you notice that the scientific criticisms were almost entirely focused on smoking as a method of ingestion? Did you notice that the non-scientific criticisms were political, driven by America's far-right government agenda that has been pushed for decades now?
These scientists are objecting to the teaching of treatments that have no evidence to support their use, which have not been the subject of any studies, and for which no statement of efficacy can be made (how do we know these treatments do not cause more harm than good? how do we know that these treatments are not just a waste of time?).
First off I never fear losing a physical book, the value is low enough I don't care
I will add to this that I do not fear casually tossing a printed book into my bag or onto my desk, dropping a pile of other books on top of it, etc. I am pretty worried about dropping my bag when it has a computer of any sort in it -- too many ways that dropping a computer could render it unusable.
Do you really need to do those things on a machine that has no network connection?
Absolutely -- there are going to be insider threats, and they have the potential to do more damage than outsiders. Do you really think that your $35k/year janitor is not going to be paid twice that by someone trying to download your valuable data? Do you really think that a disgruntled employee would not try to run an exploit pack on your airgapped, security-sensitive system? Security is about more than simply keeping the outsiders out.