Just a friendly reminder - test your backups TODAY.
The MAJORITY of home and small business backups don't actually work when you try to restore. Often, it quit backing up 18 months ago and nobody noticed.

Disaster recovery is part of security, so that's one security drill. To handle an intrusion, often the best course of action is to unplug the network cable and call your expert. Do not power down the machine. Do not delete anything. Do not try to fix it. Just unplug the network and call the guy. That shouldn't be hard, but it is hard if you don't know who to call. If you're shopping for somebody during a panic, you'll likely pay too much for somebody who isn't as expert as you'd like. So find your expert ahead of time and you're most of the way there.

My first two accountants were referred by my friends who had businesses, saying these CPAs were good. Both were grossly incompetent. The didn't know about basic things any small business needs to do like section 179 deduction and gave me an absolutely wrong answer when I asked how to account for home office expenses. Their errors would have cost me a few thousand dollars, had I not caught them.

The second one couldn't even get the right social security numbers on the W2s, filed late and didn't tell me, etc.

If I'm going to have to study all of this tax law and understand it, then go over everything in detail to see where they screwed up, why wouldn't I just do it myself to start with? What am I paying them for?

If you do get a CPA for a small business ask them about section 179. If they don't explain it in a way that indicates they thoroughly understand it, find another CPA.

Perhaps Google could adopt a different driver model that permits them to create AOSP updates to OEM phones that have play services installed.

Basically they would allow OEMs to make the same changes to AOSP that they already make, but the underlying hardware would have to be built within certain parameters that allow for generic Android images to be downloadable by the end user.

Or to put it another way, every device has the option of becoming a "Google Play Edition" device.

> I'm waiting for other nations to start sending us foreign aid.

You can stop waiting. Foreign aid is most commonly in the form of loans. We've been borrowing from China for decades. As Slash would say, "First we did a little, but a little wouldn't do, so the little got more and more."

If you think that HIPAA and SOX are toothless, you don't know anything about them. The number of people thrown in jail is far from the only valid metric. Spend some time working in corporate worlds that manage medical or financial information and see just how terrified everyone is of violating them. In the relevant industries you can get almost anything done, regardless of whether it makes sense, if you can make a vaguely believable argument that HIPAA or SOX requires it.

From an enforcement perspective, the date will be the date on the first documented discussion, or the date recalled by a whistleblower. This sort of stuff tends to always generate an e-mail trail.

Sure, for any situation there are edge cases. But who cares whether gold-duping is considered a breach? A laptop full of names and social security numbers walking out the door is clearly a breach, and that's what we care about. But, regardless, legislation actually tends to be quite careful about defining such things. That care is a lot of what makes the law hard to read.

Trade secret law cannot be used to hide information from courts. They'll simply request the data and seal it. If it's dumped out by lawyers that will only be because the lawyers for the owner of the secrets were negligent. Filing the motions needed to protect such data is their job.

The Department of Justice, same as all federal laws. Sure, a future president could direct the DoJ not to bother, just as Obama has directed them not to pursue pot smokers, but in this case that would be a really hard move to justify politically.

That seems very unlikely. This would imply that creatures that don't have consciousness lack the instinct for self-preservation. That would mean we should see a lot of lower life forms that don't try to protect themselves. It would also seem to imply that our self-preservation should focus primarily on us as individuals, and not on our family or species.

If we instead look at self-preservation as an evolutionarily-derived imperative, it's pretty clear that we should expect all organisms to protect their genes, since those that didn't would be more likely to get selected out. Note "genes", not "self", except to the extent that protecting the self protects the replication of the genes. That provides a much better explanation of observed behavior, particularly the strong tendency of humans to defend their families and their tribes (however tribes are constituted) even at the expense of their own lives, but to defend themselves over just about anything else.

And if the instinct for self-preservation is a result of evolutionary forces, then AI that is created by us rather than evolved will be very unlikely to have that instinct. Unless we create it via competitive evolution-style methods.

Why do you think that self-awareness implies "feelings"? Emotions seem also to be the result of survival imperatives: love and affection serve to encourage procreation and protection of offspring, and binds us into mutually-supporting communities of various sizes; anger and hate are important responses to dissuade non-cooperation in said communities; fear and pain serve to help us to protect ourselves; and so on. For any emotion you can name, evolutionary pressures explain it. Of course the fact that an explanation can be found doesn't mean the explanation is correct, but in order for one idea to explain so much, that idea must have extraordinary "reach"... which also exposes the idea to correspondingly many opportunities for falsification. This gives us strong reason to believe it.

And, again, AIs developed by non-competitive processes have no reason to develop these various emotions... though it could empirically derive the dynamics which drove their development, and therefore logically choose to act as though it did have them.

Sorry, math/CS major here. Though I am reading Russell's History of Western Philosophy.

So close, but instead of a poster, it's a 140 character scribble on the bathroom wall of the Internet, and childish clips of kids kicking each other in their nuts.

https://www.youtube.com/watch?v=r_4jrMwvZ2A

I appreciate the intent, I really do. I reality, it will be very, very difficult to right sensible rules that apply to every situation. Typically, when you think you might have been hacked, there are more questions than answers. You may never known if the intruder took any data.

Most investigations I've been involved in start with noticing something slightly odd - some non-critical machine has a file on it and we're not sure what the file is, or how it got there. It might be the installer for a Microsoft hotfix that an admin downloaded - a perfectly innocent file, just something someone forgot to delete when done, or it might be something a bad guy forgot to delete. (The typical hacker toolkits try to cover their tracks).

You investigate a bit more and find more suspicious stuff, so you become fairly convinced that a bad guy had some level of access to THIS computer. YOU might even know for sure that they had _some_ access to _this_ computer. You can never know for sure that they didn't have access to the entire network, because you can't prove a negative. You _think_ the intrusion was limited to this one machine.

Maybe you see something strange on a machine that has access to customer information. Maybe some typical Windows malware trying to send out spam. If the people running the botnet knew what machine they had infected, they could have gotten customer data. They probably didn't notice, though; they're just running spam botnet. Do you have to contact all of your customers and tell them that your Customer Service Manager's desktop had malware on it?

Typically, you KNOW that sensitive data was taken it starts showing up in public. So at what point do you contact customers?

I think that's a judgement call. It depends on both the likelihood of a leak and the type of data involved - could it do much damage, and is there anything to be done to lessen the damage? I've done it at different times depending on the data. Once, there was a small possibility that a bad guy could have accessed credit card numbers. We were 85% certain there was no bad guy, but we went ahead and called customers anyway. We called and told them "we're pretty sure there is no problem, but please look at your credit card statement and let us know if you see anything out of the ordinary". An example in the other extreme was that a bad guy could probably could have read the PHP source code of a public web site. That was much more likely, but who cares - it's mostly public anyway. I didn't hurry to notify anyone that time.

Anonymous, verifiable voting that allows the voter to check their vote was counted correctly, but not prove to anyone else how they voted, is possible. See the Punchscan system. Some more recent research has also shown how this can be done electronically (Punchscan uses paper ballots).

Of course, that still leaves open the door for coercion/payment at time of vote, but if that were as large a problem as often claimed we couldn't trust absentee and other mail-in ballots.

> heres another thought experiment for you, how many people would become more educated if they didng have to worry about working for an income to survive?

Most people go to college in order to get a better job. They show up in high school in order to get into college. Most people (not all) are essentially lazy - they will sit on their butt if they don't need to do more than that to meet their "needs". (Where needs is defined by media, etc.) If you doubt that, show up to any government office building at 5:15 PM and see how many people are still there, doing extra to serve the community. You'll see it's roughly zero. Any of them could theoretically stick around serving the society, but they do't - they leave at five because that's al that's required to get the paycheck.

Hmm. The articles I've seen were talking about a 300 km range.

Not to detract from your point, but there are a fair number of people from ghetto and poor rural neighborhoods working at Google. I'd estimate that about 5% of American Google engineers come from a background that could be described that way. That's just a guess based on personal observation, but I think it's probably not too far off the mark. My current team has a much higher percentage of people from low-income backgrounds -- probably 50% -- but it's an atypical team in many ways.

It's interesting to speculate on the causality in that correlation. The obvious expectation is that the emotional state engendered by a big and unavoidable expense causes a reduction in intelligence, and that it's the relative scale of the expense which causes the difference between poor and wealthy people. However, it's also possible that the ability to continue thinking clearly in the fact of disastrous expense is what enables people to build and preserve wealth. In fact, I think resilience of that sort is clearly a big factor in wealth.

The researchers should try scaling the size of the disastrous expense relative to the subjects' wealth.

That's why I leased my LEAF. Not because I predicted this particular change, but because I knew significant improvement would be coming. EV technology is improving rapidly.

Censorship is a specific METHOD of restricting speech. Specifically, it means having the censor approve publications before they are published. Under a censorship system, the Charlie cartoon wouldn't have been published, because the censor would not have approved it for publication.

Threat of punishment is ANOTHER way of getting similar results. The effect my be similar to censorship, but the method is via punishment, not via censorship.

It may still be bad, evil, unconstitutional, etc. It's just not censorship, because censorship is a specific process, not a result.