"Russia, which is the rebels."

Why do people persist with the pretence that these are local separatists merely being armed by Russia. They are Russian military, lead by a "former" GRU officer with no ties to the region except his current operation and who reports directly to his HQ in Moscow.

Likewise, mobile SAM systems, including the Buk missile platform, is not like a MANPAD or RPG, where you can spend an hour or two showing the locals how to point'n'shoot. You need 10-12 people, in multiple vehicles, all with proper training. These are not operated by locals "with Russian assistance", they are operated by the Russian military.

One missile control console

By showing that it wasn't anything else.

By ensuring the data is recovered even if people who want to cover up the crime control the site and take black boxes.

Apparently the actual excuse was "Went to my junk filter lol."

[Someone else pointed out that sony.com itself was only renewed 4 days before expiry, and only for two years. What, are you worried about paying too far in advance in case the company decides to stop using the internet and you can't get your $35 back? I mean, fuck.]

Coming from a small business background, sometimes this is the only way to deal with a corporate customer. Or you simply will not get paid.

Being a bookkeeper (and a pedantic nerd who pays things on time), I've always found it stunning how little respect corporations have for their own accounts payables and the consequences of not paying accounts properly. The only businesses which are worse are law firms.

There are countries that do give employees an "expectation of privacy" from employers snooping on email accounts (& phone calls, toilet breaks, etc), even though those are hosted on company equipment. And since it's the law/right/reg/ruling/etc, a mere employment agreement or company policy can't usurp that. The US is unusual in that it not only doesn't have anything like that, it so doesn't have it to such a degree that people can't even imagine having it. It's funny that the master-servant relationship is the default assumption in the US.

However, even those laws or regs would still only apply during the employee's tenure, not after they leave. And would have big fat exceptions for transferring job-title and task-title based email addresses (admin@fatass.com, renewals@fatass.com).

It's a basic accounts payable function, so yes.

Someone has to have authority to maintain and modify the automated payment schedule, otherwise either anything can be added/removed or nothing can be added/removed. Moreso, someone within their accounts payable department should be specifically responsible for all these particular kinds of payments: trademark fees, site ownership fess, official registrations, patent renewal fees, etc. That person should have lost their job today.

I'm a bookkeeper, I would lose my job if my employer's domain was cut off because a) I didn't pay the account, and b) my excuse was, "<shrug>I don't read that email account any more."

Hell, SOE is a large enough corporation in its own right that they should have someone whose sole job is to make sure contact information at vendors is up to date in response to structural changes and staff movements, as well as checking email accounts for employees who are no longer at the company or divisions that no longer exist to ensure that critical info isn't being lost. And an entirely separate person (but working in the same section) whose job is to make sure SOE's internal contact & billing information is updated for all of the major clients, to ensure that SOE itself is also sending accounts to the right companies/divisions and contacting the right people at those companies, to prevent SOE from causing similar embarrassments to SOE's major clients/partners/etc.

And Sony Corporation (the parent) should have at least one person whose sole job is to liaise between those "Contact Managers (internal/external)" in the different subsidiaries and major divisions of Sony, to ensure that the whole group is up to date.

And that person should have lost their job too.

Seriously, fuck that guy.

Too small to appear as a rounding off error in the smallest item on the balance sheet of the smallest subsidiary of the Sony Online Entertainment division of the Sony Group?

$35/yr, 100yrs? $3500. For their top level global nameserver.

Are you drunk or retarded? No car manufacturer would ever program a vehicle to preference hitting/not-hitting humans based on fucking medical records.

The car will be programmed to try to stop, or swerve into clear space. Failing that, it will be programmed to reduce its speed before impact. That's it. No moral assessments of your life's potential verses another pedestrians. Stop. Avoid. Reduce.

As the programming gets better, it simply means the cars will avoid more and more of the situations you are describing by reacting much earlier. They won't be assessing the relative worth of pedestrians to decide who to crash into, they will be assessing road conditions and probably future risk scenarios to avoid accidents.

However, with 37,000 less deaths on the road each year, 2.5 million less road injuries/disabilities each year, the cost to cities/states should be so much less that they can afford to carry the budget short-fall for their PD. I mean, just the reduction in the cost of accident attendance, rescue and recovery each year.

Anyone capable of wiring up a car-bomb, especially one with a remote detonator (usually a heavily modded cellphone), would probably have the ability to RC an existing non-robot car from off-the-shelf parts. (A quad-copter kit for the electronics and cameras, plus some larger motors and actuators for the car controls.) Even better, unlike bomb making, you can pick the brains of the RC community without fear of being reported. "Hey guys, I thought I'd RC an old van to hack around my farm as a summer project, anyone in the area want to help?"

If there was a demand for this from terrorists (whether domestic or Muslim), it would already be happening.

A robot car would actually make it harder, since it will obey traffic laws, stop when blocked, never exceed the speed limit. That means, for example, you couldn't speed up and jump the curb to get your bomb closer to the building. Or drive through a pedestrian-only path for the last 100 yards. Or smash through a entry barrier. Etc, etc. And hacking it to bypass those controls would likely be harder than RCing a non-robot car, IMO.

An RC car can be driven however you want. A robot car only how Google wants.

Investigators already have methods to deal with drug shipments. You follow and wait for a human to intercept the shipment.

You don't want to stop the car, if the dealers have any kind of monitoring system, they'll know they've been rumbled and go to ground. You don't want the dealers to know that anything is wrong until the shipment reaches them.

Robot cars will be programmed to obey road laws. Which means they'll pull over for emergency vehicles (to get out of the way), they'll stop for traffic lights, or for pedestrians or any vehicle blocking their path. Any of those is your kill switch. Bad guys with the ability to bypass such programmed behaviour can obviously bypass a kill-switch.

Hell, bypassing the kill-switch will be a common hack in the car-mod community, so the bad guys won't even need to do the hard work.

And if there's a kill signal to stop any car it's pointed at, the triggers must be mass produced for all law enforcement vehicles (and mobile security zones, etc). Which means they will be easily diverted onto the black market and thus available to bad guys to ambush important targets much more easily. That's ignoring hobbyists who break the system and publish the details, and copycat boxes quickly available online. [This means there'll be an exemption to the kill switch requirement for "important" vehicles, which means the kill switch will become a class-based item.]

Thus the only people who could possibly be even inconvenienced by kill switches are everyone except the bad guys.

For that matter, anyone with the ability to wire up a car bomb (especially the ones that use hacked cellphones as triggers) probably has the ability to RC an existing car. So if there was a danger of "guided missile" cars, we'd have already seen it. (Hell, hand grenade on a quad-copter.) It isn't how the bad guys operate. Fill a truck full of ANFO, park it next to the target, run away. Strap a bomb to a gullible teenager, send him into a shopping centre. Who needs a "guided missile" car outside of a lame Hollywood movie?

Pens in voting booths run out without showing an obvious external sign, you have to test them continuously, one at a time, for the whole day. Pencils in booths can be easily checked by sight at walking pace whether they are blunt without touching them. Much quicker. Also pencils tips don't dry out.

Your concern, I'm guessing, is someone rubbing out the pencil and changing other people's vote? Soft graphite on thin cheap matte paper can't be easily erased without leaving marks or ripping the paper. The marks allow counters/auditors to see changes made to the ballot. A few corrections might be ignored, a thousand ballots in the same ballot box all with the same "correction" either means fraud or a huge design flaw on the ballot. Either way, it's a big red flag.

[I recall reading that the AEC actually chooses their paper & pencil brands specifically for this property.]

Likewise, graphite is just black carbon, it's pretty inert unless you set fire to it. OTOH, many organic inks can be erased with certain basic solvents that otherwise leave the paper unharmed, and metallic inks are never used in cheap pens. In theory you could spray the right fast-drying solvent on each ballot, then re-mark them when they are dry. (More convoluted hence less likely than basic ballot stuffing, but if it's a concern, pens are not the answer.)

If you are willing to give up the non-sellable/forcible vote, there are one-way functions that can generate keys for tracking ballots. Ie, the voter gets a receipt with a number that enables them to later check their vote online. The key function can't be reversed, so the Ruling Party stooges can't pull up all the votes for Rival Party candidate to to unmask those voters. Indeed, even the personal key isn't linked to the voter's ID, except on the piece of paper held by the voter.

[And therein lies the flaw. It is possible for people to be individually coerced into logging in and showing their vote to Party loyalists. Say by bosses or union heavies. This sort of thing apparently happens in Russia a lot (except using postal ballots), along with the more usual voter intimidation and fraud. Or more peacefully, it allows people to buy votes. "Show me your vote, if it's for Rich Party, win $50".]

Such a system would also allow "floating proxies". A system where you assign your one-vote to a proxy (who either uses it or assigns it to a further proxy) and proxies vote in Parliament/Congress in proportion to the number of votes assigned to each of them. Unlike current representatives, you could reassign your vote as often as you want (hence "floating"), and, unlike current representatives, no voter is unrepresented (because there's no "winning" or "losing" candidates, only proxies.)

[This still has the same flaw. Someone can force you to surrender your key so they can manipulate your proxy.]

Not disagreeing with that part. Except that the hand count should be the "official" count, and the optical scan just the election-night "indicator".

Power companies don't develop bespoke security on their control systems (and would likely suck if they did). A particular power system most likely use off-the-shelf 1970s or '80s Siemens systems whose specs are widely known through the industry because of the decades of technicians who have worked on them.

For example: http://www.wired.com/2013/10/ics/

Security through obscurity doesn't work because it relies on the security of your obscurity, and most of the time your obscurity is weak. Key-based crypto systems are a form of security through obscurity, the obscurity is your key. But you have a reasonable ability to control the key, if they are issued per-person/per-session/etc. A key crypto system becomes useless if the key is distributed to multiple people, because you've breached the security of your obscurity. OTOH, the back-end system for the key-crypto cannot be obscure because someone other than the individual user had to develop it, install it, maintain it, operate it, etc. The same is true of the power station example, since there must be thousands of people trained to maintain such systems, plus all the developers/etc at Siemens, plus any rival company who's reverse engineered a Siemens system to develop "compatible" systems, plus... In the case of a voting system, you've got all the system devs, all the system maints, all the people who have access to the secret Trust Me computer when it's in use, all the people who have access to the secret Trust Me computer when it's not in use, etc. Your obscurity is inherently insecure.

But in the case of voting (or vote counting, in this case), we don't want security through obscurity specifically because obscurity is a known risk in voting systems. We want security through multiple independent observation of the entire process, the more observers the better. A vote count that is carried out entirely within a piece of code on a computer is, by definition, no matter how secure and air-gapped and guarded that computer, unable to be observed by independent observers. It lacks the fundamental requirement of being verifiable.

That's why you can't beat a hand count.

[If they want to put the count on a computer, then every piece of data (in this case, the preference information on individual ballots) should be put on-line - in addition to the hand count. That way, hundreds of independent, 3rd party systems can do a quick electronic count, not just the AEC's secret Trust Me box. (Parties, NGOs, media networks, university politics professors, university statistics students, etc.) Likewise, during the data entry process by AEC officials, on-site observers watching over their shoulders would be able to, would be encouraged to, enter each ballot into their own separate (tablet/laptop-based) systems. If the results of the later official hand count disagrees wildly with the majority of 3rd party systems, it's cause for panic/re-count/inquiries. If a few 3rd party systems get different results from the majority, there's probably a flaw in those. In net, you end up with multiple, overlapping, self-reinforcing and completely open counting systems that assures everyone of the integrity of the system and which gets stronger over time, while at the same time giving the advantage of faster (electronic) results.]

Or I just misread it. D'oh.