Holy crap, if that isn't the next sign of the dystopian future I don't know what is.

Private corporations getting the consulting services of the king spook of the spy agency which has tapped into the entire fucking world.

That scares the bejezzus out of me.

Because all of the secrecy of the NSA combined with the douche-baggery of corporations is straight out of a cyberpunk novel.

The surveillance state meets Wall Street. Oooh, they could privatize the NSA, that would be really profitable.

Time to stock up on Guy Fawkes masks.

Yeah, but it's not real science unless someone is wearing a shock collar...

Hmmm ... it's only science if some of the subjects can shock some of the other subjects without actually knowing who (including themselves) will get shocked.

Otherwise, I think it's just kinky adults, and the goth kids. ;-)

those electrical stimulators mildly shock muscles to force a friend to mirror the user's movements). It's an imperfect system

LOL, what could possibly go wrong?

There's a super(hero|villain) origin story in here waiting to happen.

VR, dodgy electrical shocks, a budding young scientist, a Microsoft product ... quick, someone should sell this to Marvel. =)

Absolutely. And if only 1% of your staff is black you've got to suspect that something else is already in play...

Starting with "how many African Americans have an education in tech?".

When I went to university, I do not remember a single black person in my courses. Since then, I've known only a handful in tech.

I've known and worked with Chinese, Vietnamese, Korean, Indian, Sri Lankan, Nepalese, Czech, Russian, Australian, Egyptian, Pakistani, Turkish and pretty much every other nationality I can think of -- which makes for awesome company pot lucks.

And, for reasons I cannot even begin to explain, the only blacks/African Americans I've met have been what I'd call "recently African" (ie. first generation immigrants).

I have never known anybody who refused to hire a qualified black candidate. But, in my experience (which admittedly doesn't cover everything), there's simply not many applicants.

So, the question to ask is: do blacks, as a group, even go into tech? Are they self excluding from the profession? Is the education system failing to get them into it?

I don't think it's so much that people are excluding anybody, it's that you can only include people who come to the game.

The liability thing isn't an issue if you think about it. If the accident was caused by lack of maintenance, then its the owners fault. Otherwise its the manufactures fault.

Sure, that sounds great. It's a nice simplistic response, all neatly tied up in a bow.

But, until there is case law (or laws explicitly passed) to address this, the reality is ... you have no basis on which to make that statement.

The law is much more complex than what we here on Slashdot like to reduce it to. And until someone has passed a law, and the courts have had a chance to rule on it, I'm going on the assumption this is FAR from a resolved question.

Or is this not an issue in the UK?

Because, if it's a driverless car, I'm not taking any control or responsibility for the vehicle other than telling it my destination.

If the car can suddenly say "Oh, crap, you take over I don't know what to do" then it defeats the purpose.

If you're going to have truly driverless cars, then you need to determine who takes liability if it runs over a person. Because I'm going to be sleeping in the back seat or reading a book.

Somehow, I doubt the companies making these cars have stepped up and said they're so confident in their technology that they'll take responsibility. And someone who has disengaged themselves from the act of driving (like reading a book) can't immediately switch to being in control of the vehicle. If I have to keep tabs on it and be responsible at a moments notice, then what is the benefit at all?

Every time this comes up, it just seems like nobody has actually addressed this yet.

You want a driverless car? Make sure I can crawl into the backseat after a night at the pub and not have to worry about it. Until then, this is really advanced cruise control, but you still need to be aware the whole time.

Oh, in that case, HTML5 +CSS3 qualifies. The more you know.

No, really. If you can implement a Turing Machine in HTML5 and CSS3 (and I mean a real one, not something which mimics it but actually doesn't do the computations) -- then what you would have would be a programming language.

I have no idea if you actually can or not with those technologies, but Turing Completensss is the measure.

If it aint Turing Complete, it's not really a programming language (or a computer).

That definition is decades old.

The ML in HTML is for markup language. I think you splitting hairs if you think programming language does not include markup langauge.

If you could implement a Turing machine in it, it's a programming language. If you can't, it isn't.

SGML, the precursor to HTML and eventually XML, was written by a lawyer to allow people to mark up documents for printing and layout.

HTML most certainly is NOT a programming language in and of itself.

There are variables, no control flow, no logical operators, and nothing which is actually programming in it. It's had a bunch of other things grafted onto it (Javascript, DOM, Ajax etc) which give you the ability to program against the HTML.

But HTML is not, and never has been, a programming language.

Could they extend it to make it a programming language? Sure they could. Is it currently a programming language? Nope, it isn't.

If ports are unused, then the hosts themselves will reject any traffic sent to them without the need of a firewall...

Unless someone figures out how to glean information from your system, or exploit something you don't know about in the operating system. If I can figure out what ports you have stuff listening on, I can work on exploiting the things that I can determine are listening.

Without a firewall, you're allowing external entities to map the system, when they shouldn't even be able to reach the system.

if you're going to try for security, assume nothing, trust nothing, and act as if it was really important stuff.

If you're not going to try for security, well, the Ostrich Algorithm is a strategy, but one whose consequences you might need to live with.

I'm more of the school that says packet requests from sources you don't trust should simply be dropped, and not provide them with any more information than necessary.

But it's a terrible idea.

During the setup, the vendor disabled the local firewall, and in a number of emails back and forth since (with me getting more and more aggravated) they went from suggesting that there's no need for a firewall, to outright telling me that's just how they do it and the contract dictates that's how we need to run it.

If this is what your vendor is telling you, they're either lazy or incompetent when it comes to security.

My advise, you need to get management to sign off on it to do a little CYA, otherwise someone is going to blame you for this when you get hacked (assume there is no 'if' in this situation).

If they've signed a contract with this vendor saying it "needs" to be ran without a firewall, then the person who signed that contract wasn't reading carefully, or didn't understand what they were signing.

Telling you that you don't need a firewall is like telling you that your car doesn't need brakes -- it should be a giant warning that someone is either lying to you, clueless, or doesn't give a damn.

"Real professionals" are paranoid about security, and don't take stupid risks. Me, I'd go with your assessment of "bunch of clowns".

Yes, this might be a small shop, and with a limited budget -- but hanging your production database outside of a firewall is just asking to get pwned. You can safely assume someone is trying to hack into you right now, because there's a good chance they are.

Is it MARVELous this SHIELD?

No matter how stupid Apple was to fall for this, and how much they disregarded good practice, this is still definitely fraud.

Why wouldn't they call the police?

No kidding, any system which comes down to "I have a number, trust me" is pretty flawed.

Obviously, Apple was doing something wrong since they're on the hook for it, but you'd really think there would have to be some validation inherent to this.

This sounds like it boiled down to "declined, declined, declined, OK, go ahead". That's crazy.

But that's the problem with this system: as long as the number of digits is correct, the override code itself doesn't matter.

Who the hell came up with that idea?

That's no security in any meaningful sense of the word.

I'm betting some lobbyist made it so that the banks didn't really need to do anything concrete, just look like they were.

If that's all that's required, the banks deserve to be getting ripped off.