I would point to 3com as an exaple of an instance of your magic bullet to the brain bug, though that bug did not 'fry the chip,' it simply introduced an error into the packet that caused any packet carrying a specific bit pattern to be discarded by the next ethernet adapter the packet traversed and was checksummed before doing any further handling. That bug caused a large number of problems as the symptom looked like there was random noise on the network, but was very repeatable. As a result, there are a reasonable number of network engineers who take into consideration the problem described.

That's not to say that you can't generate such a magic bullet, or sniper shot, just observing that at some level many engineers are already looking for it. Also making it work may not be quite as easy to implement as people think, as it very well may depend on how the packets are handled by the device you are looking to take out, and different classes of routers and network switches handle the packets differently. Which I won't get into here.

Because of what it was intended to do, Stuxnet could very well be considered a targeted sniper bullet, but again the delivery was by sneakernet. Which didn't prevent it from getting around in other ways, just that it needed to use sneakernet to get to it's target systems. At some level it worked via the genetic match system, look for this type of associated hardware, and do work on this type of material. From a biological hazard equivalent, look for a genetic marker, say a combination of markers that gives someone blond hair, facial hair, blue eyes, and greater than 30% body fat, then work by destroying heart muscle tissue. You may end up affecting thousands of men, but miss your actual target because you didn't know that your target bleached his hair and wears blue colored contackt lenses to hide his brown hair and eyes. Stuxnet shows that we can do something like this within the technolgy field, but at this point we can't do the same thing with humans. Most of that has more to do with the lack of complexity within the computer industry, more than the fact that it's a statement of how poorly we can do biological attacks.

As fast as the internet generations flash by, I hate to say it, but cyber weapons are still at the throw rocks, wave spears and scream cat calls level. Think of cyber weapons (for now anyway) more as PC based biological warfare.

We currently have limited vectors available. Stuxnet was sneakernet delivered to the systems it was designed to attack. It was essentially at the VD level of disease propagation. Yes it reached a large number of systems, but look at how many people end up with Syphilis and Gonorrhea every year.

Botnets are fundamentally the common cold. You find out your system was infected, get it cleaned up, commit to washing your hands (install personal firewall software at least) and find out all your neighbors picked it up from somewhere as well, it sort of runs it's course, the immune system figures out how to take it out (AV software gets new signatures) and the virus mutates starting the cycle over again.

We're a long way from the smallpox to ebola level of contagion. And the types of attacks that we're being told are cycber warfare attacks are substantially similar to monkeys throwing crap at the people watching them.

After 5 years, some provider will offer unlimited honking as part of their standard contract at lower than competitor's prices, but you'r car will only operate on limited access roadways and your horn will be bufered through the network with random failures to deliver horn notifications in a timely manner and occasionall complete loss of horn notifications. Subscribers will point at the low prices as evidence of better than expected service, impressively inovative and the customer service representatives will be rated higher than any of the competition.

suspect that it may be baysian poisoning, but they might be search string keys for NSA metatag searches. (Whether the submitter knows that or not.)

The blame lies firmly in where the colleges and universities are getting their funding, and the fact that many states, including mine, have upgraded the status of 'technical schools' to 'colleges' rather than recognizing that there is a difference and that becoming a programmer is a technical school program, rather than a BS or Masters degree program in a college or university.

However as most universities are continuing to look for funding from businesses who really couldn't care less about having a well rounded college graduate, standards and programs related to these students has change to turn the student into just another rote learning graduate, rather than a lifetime student who appreciates the challenges of a non-trivial problem as a way to develop a breadth of knowledge, and fine tune the ability to perform research and properly document test results to build on what knowledge base he or she has, and be able to pass that knowledge on.

Additionally, while professors ostensibly live under a publish or perish rule regarding their research, the reality is a bit more complex, as many are involved in getting the funding the school is looking for, and the key publish characteristic is often considered to be satisfied by the generation of a report to the funding source with no availability of results to the general public.

As to programming being a foreign language in Kentuky, I submit that for many highschool graduates, COBOL would be considered a foreign language.

Thinking it will get you a 6 block section in Detroit, but I haven't checked the prices lately. Mind you it's a bit of a fixer upper project.

You'd be better served by going to the original Archimedes for that actually. Newton was a piker.

Programs are shut down for one of two reasons, someone isn't getting their pork barrel program funded and is looking for a program to shut down in retaliation, and the program contributes to the personal embarrassment of a congresscritter. To get the NSA metadata program shut down will probably require that the supporters of that program in congress publicly publish the metadata of their own, their family and their staff's phones.

They should be in suport of that, after all there's nothing incriminating or concering in the conversations they have, is there?

Actually, the problem with IP is the TTL and Timeouts that are configured. a ttl of 255 seconds is built into IP, (and any protocol riding on IP like UDP) which means that the packet is considered dead after 255 seconds (or the combination of x seconds and y hops adding up to 255.) Switching to IPv6 does not help, as the only significant change to the field is the name, where it changed from Time To Live to Hop Limit. It is still an 8 bit field, meaning it is a maximum of 255. If the protocol when switching to solar system communications changes to purely hop limit, and stops decrementing the counter each second, you may be able to get away with it, but you will have a large legacy of implementation of protocols on top of IP that rely on this that will essentially be broken as a result.

The suggestion of DecNet was specifically make use of timeout value in the DecNet protocol. Using a connectionless protocol on top of it seems reasonable to me, but I would actually be OK with almost any protocol that would not expire packets in transit and start trying to saturate the bandwidth with retransmittions.

Yes, to some degree a single satelite solution would be possible. It would work best as a solution for mars if it were to orbit the sun perpendicular to the earth-moon line at opposition, with an eliptical orbit with a period such that at opposition, the satelite would be either as far north of the sun as the orbit would allow, or as far south.

I would still argue for relays at L4 and L5, but then there are more than a few people interested in setting up stations there anyway. Possibly easier to establish would be a sun-earth l4/l5 pair (vs. the traditional earth-moon lagrange points) as just those two should give sufficient spread to se around the sun, without being incapable of being repaired easily.

Essentially you could do it with two, but 4 gives you the redundancy needed. Start by putting a satelite in orbit around the sun on Earth's orbit, but leading by 120 degrees. A second trailing by 120 degrees. At all times you'll have at least one unobstructed LOS path to Mars, and most of the time 3. That said, the distance is enough that it would be a good idea to double the possible paths. Put two more satelites up in orbit of the sun, on Mars orbit, one leading by 120 degrees, one trailing by 120 degrees. Make sure that all four of these satelites track Mars, Earth, and preferably each other.

You could also just put three satelites in orbit of the sun in Venus orbit, 60 degrees before and behind, and at 180 degrees, The advantage here is that you have more theoretical power available via solar collection here. The down side is more hard radiation to contend with. Additional down side here is that these three points are not quite as stable for orbit mantenance as the 120 degree trojan points for Earth and Mars.

Latency is high enough, in any of these paths that you will not be using IP. DECnet protocol would be sufficient. Worst case path from Mars to MarsT1/2, to Earth in opposition to Mars would be on the close order of 600 million kilometers one way, 1,200 million kilometers round trip. Divide that by 300,000 km and we get a round trip light speed time of roughly 4000 seconds, or a little over an hour and 6 min., not including signal regeneration time.

Ok, a theoretically worse path that might have to be taken would be where earth's moon is between Earth and Mars, and the Earth-Moon pair is on the cord between Mars and we are limited to using the other Martian Trojan orbital point, which gives a round trip distance of close to 1,500 Million kilometers. Though I would immagine that it would be easier to put a couple of satelites at L4 and L5, or even a constelation of polar orbiting satelites of the moon would effectively address that, and I suspect it would be less expensive to establish.

Actually, the reverse is mostly true.

Most companies want to be able to find developers who can do this, as it means that they have someone on staff (or available) who will go to the trouble of figuring out just what it is that the spagetti code that did make it to production actually does. Someone who can write this level of code, can often get the company in question out of trouble that even the original developer could not, or perhaps would charge excessively high "support" fees based on the perception that they are the only ones capable of reading the code they produced to begin with.

That said, someone who can do this can probably put in all kinds of back door's to programs, but that's what you implement a code audit and QA department for.

As a minor correction, you get a report of what the company wants you to believe is the flow of the money coming in, and the money leaving the company, and possibly how it is being used internally. It is hoped, in many cases, that what is reported has a basis in the reality of cash or money flowing through the company, but the evaluation of reported cash flow, to actual cash flow, is what a financially audit is used to determine. (Note that there are significant penalties for having a significant difference between reality and report, but that penalty almost never happens unless the books are audited.

...no one is doing actual data analysis. From what I'm seeing in the story, recruiters are 'sort of getting a feel for' candidtes by looking at fb, twitter, and other social media pages, rather than using standardized analysis to do some variety of a Briggs-Meyer analysis of the candidates and compare those results with the requirements of the job posting they are looking to match the candidates up with. Granted I don't expect that any of the recruiters involved have even the slightest idea of how to match up profiles to requirements, but from the sounds of these 'Ratings' they are right up there with figuring out if someone who's sent you a FB friend invite is someone you want to have as a friend there.

I have a suspicion that for people w/o a FB profile, the fix is to find a FB profile of someone with a similar name, and assume that they can gather sufficient information about that person to make a determination about you. In short I don't think they really know what they are doing (as evidenced by the story itself) so any method of giving themselves a feeling that they are getting something of value will do. But that's mostly just a suspicion, and you could be right.