Here's an idea: let's form a religion (or teaching within an existing religion) which mystically believes that insurance should be based on hedging against risk of catastrophically-large expenses, rather than dealing with small predictable non-emergent expenses. The key is it would be based on dogmatic belief in a supernaturally-conveyed (and impossible to disprove) command that we must only use insurance that way. Whenever anyone asks you why insurance should be about spreading risk, we'll always use our faith in paranormal phenomenon to explain.

NEVER will we discuss game theory, limiting overhead, common sense, etc. Let's keep this religious.

Q: "Why do you think insurance shouldn't cover these $10 pills?"

A: "He wrote it thus, when his arm was moved by the will of The Noodly One."

Q: "Do you think it is more efficient that the patient directly pay the supplier of the pills rather without going through a middleman or filing a claim to get reimbursed?"

A: "I have no opinion about that. I do not know nor do I care."

Q: "But don't you at least agree that if the patient shops around, the might be able to get the pills for $8 here instead of $10 there?"

A: "The questions is impertinent. You're missing the point: the cost is irrelevant. This is a matter of good versus evil, and recognizing the essential basil oil in our souls. We transact directly with our sellers because we must, not because it reduces cost."

Q: "What if you don't? Suppose I could reduce claims processing overhead so that--"

A: "Overhead is irrelevant!"

Q: "Ok, but what if I had you file a claim for an $8 bottle of pills?"

A: "The horror!! No, please, no. That is the Shadow Sauce speaking through you. I cannot transact a drug purchase in such a manner!"

Q: "Wait a minute. How do you know all this?"

A: "I just do."

The big question is: do you think you can handle doing this? Mystics make this stuff all look so easy but you have to understand, they train this behavior their whole lives, guided from the time they are children. It's a way of life.

Handling water may possibly become my first Arduino or RaspPi project, if I can get through my newbie ignorance, and learn some new tricks as an old dog.

We have flood irrigation that comes in from an acequia every couple weeks (used to be every week, but times are changing) at an irregular rate at irregular time-of-day. (You can't deal with this, just using timers, and the amount of water pressure is tiny compared to what you usually have on a typical garden hose, so lots of cheap ubiquitous gadgets don't work here.) I leave a floodgate open (i.e. remove a coffee can from the end of a tube), go to work, go back home for lunch, go back to work, go home at end of day. For various reasons that you can probably imagine, it's bad to leave the floodgate open after we have collected a certain amount of water. Things work out fine if it happens to finish at lunch time (or if it's so slow that it hasn't finished until end of day), but otherwise, someone has to leave their workplace and go home to deal with it.

That is lame, in a way that really does (slightly) matter.

Thus I'm tempted to either build a sensor (or just cheeze out with a webcam, though that's less geeky) and some kind of remote-controllable motorized floodgate.

AFAICT nobody sells anything for this; it's up to me. As it happens, there are lots of guides online for building this kind of stuff, but they're all within the context of Dwarf Fortress! Yeah, right, as if I want a gate that'll remain stuck open just because there's a butterfly or elephant carcass in the way.

Lower tech solution: find retired neighbor to do it, in exchange for beer or something. This is actually the cheapest/smartest way to do, but rubs me the wrong way. I'm sure you all understand.

This is all about more gov control, taxes, regulation to protect us from ourselves.

Sorry, I clicked the links but I think I might have missed an important part of one them. Could someone please tell me what the word "this" in the above quotation refers to? What is about more government control, taxes and regulations?

Maybe what you need is an anti-watch that uses anti-time: not only does it not tell you what time it is, but suppresses other clocks around you.

"What time is it?"

"It's time for me to press the 'temporary disable' button on my anti-watch. Ah, according to Big Ben, it's 10:38."

Our greatest protection was giving-a-fuck.

It's still available, and occasionally used in some limited contexts. There's pretty much no problem that won't be quickly fixed by the people exercising this power.

But we usually refuse. Giving-a-fuck is somehow a "nuclear option" these days, not to be exercised lightly. "Whoa there, this might be a crappy situation, but I'm not going to 'throw away' my vote!"

Hey man, maybe this tax is a good idea, but the whole "Gas is much too cheap in the US," thing is a pretty dumb thing to say. There is no such thing as "too cheap." By all means, end the gas subsidies and externalities (e.g, middle east wars, not having to pay to plant forests to soak up CO2 pollution, etc) and add any taxes that are appropriate (e.g. fuel usage and road wear maybe aren't an exact match but they're pretty close; so I'd say gax taxes to pay for highways are a pretty decent idea), but even 10 cents per gallon wouldn't be "too cheap" because nothing can ever possibly be too cheap.

That said, gas sure is cheap. I can buy gas cheaper than I can buy Coca Cola and it's sure worth a lot more.

Crazy? Sounds like a fun card game, to me.

However, anything is better than nothing,

The only thing worse than knowledge that you are insecure enabling you to behave accordingly, is a false sense of security so that you don't.

That one is easy: don't assume a false sense of security. There, problem solved. I don't know how anyone would ever get into that position, but I agree that if they do, we should give them a common-sense reality check.

you can't trust google to provide the endpoints if you want to be secure FROM google.

I think everybody gets that. It's irrelevant to the problem at hand (that a quarter century after PGP, people are still sending plaintext) though, and all implementations of OpenPGP fall outside the scope of addressing the "is my computer running the software that I think it's running?" question. Don't get me wrong, it's a good question for people to be asking. But it doesn't necessarily mean it's stupid to run Google's code; running Google's code merely comes with a convenience/security tradeoff that most people here won't want to pay, or won't want to pay in certain situations. Please, see beyond that point.

You face that same issue every time you use https in your web browser. That doesn't mean you have stopped using https, does it? Do you really get a sense of security (which you know is always going to be false) when you use https? Of course not. You get a sense of securER. The same thing will apply to users of this extension.

We really have to stop bringing up the "false sense of security" bugbear every time someone tries to make things better. Think about what users are going to do, after they have been using Google's version for a few years, have absorbed some of the concepts and habits, and then a story eventually gets out that Google (or a middle) got caught sending a compromised version to someone. That will be a good day, not a bad one.

If someone points a gun to my head...

IMHO once people are pointing guns at you, you have serious problems. And yet even then, if the attacker happens to be your government, or someone within reach of your government, you still have recourse. Unless they pull the trigger, then you know that it happened, so you can challenge it in court, or call the cops on the assailant after he leaves, or whatever.

But that isn't really the kind of situation that people are talking about much, in 2014.

The TLA's are certainly authorised to make these demands; It's their job

Looking at the TLAs' behavior provides a good illustration of why crypto needs to be at the endpoints, rather than trusted to service providers: the TLAs have not been making those demands!

We're not hearing about them barging into peoples' homes, pointing guns at them, showing them warrants, and telling them "give me the key to this information about you, or else." We have a legal system for handling that kind of situation, most people are pretty happy with it, and a citizen from 1814 would recognize it. Just read the Bill of Rights, and you get all sorts of images of stories where cops with British accents hatefully sneer, when their Samuel-Adams-esque criminal suspect tells them "oh yeah? See you in court, limey bastard!" and they have to grudgingly go along with the new laws. America, fuck yeah!

Something quite different has been happening, because we have been deploying tech in a way that the confrontation doesn't need to happen, and all our old laws are circumvented. The tech we're using, doesn't fit our needs.

This isn't to protect against government coersion of the business.

This isn't, but it's a step in that direction. You're right that a Google plugin running in a Google browser, certainly doesn't protect against that. That's what I was saying, and then labeled as a minor point.

Nevertheless, it could help educate users on the necessary key exchange and trust concepts, and get them used to decryption as something done by their user agent, where a service provider should normally lack the capability to do it. And if this is really OpenPGP compatible, then it has a fully interoperable upgrade path, to something that does protect against coercion of third parties.

The people who want things easy but less secure, can talk to the people who make the effort to learn how to do things. People could shift at their own pace, but all be part of the same network effect. (I gotta admit, that excites me. I've gotten so jaded, and used to thinking of network effects as usually-bad things.)

In 2015, Joe User uses Google's implementation, and an attacker goes to Google and makes them offer a compromised Chrome-or-plugin to Joe, which Joe unwittingly accepts, and then it extracts his key and sends it out. Joe never knows what happened. A couple years later in 2017, Joe User has moved his keyring to gpg, and an attacker goes to Google and makes them offer malware to Joe. Joe accepts and runs the malware, but it never extracts the key, because Chrome doesn't have it anymore.

At that point, either the malware has to be nastier (break out of its process, use a local elevation exploit, etc -- other purely technical problems that we're always trying to solve anyway), or, if that's not on the table or doesn't work: then suddenly WE'RE BACK IN AMERICA, and the attacker has to show their warrant to Joe.

And that last thing, is the goal. If we can get it to go that way, then we'll have due process again. I want suspects to be saying things like "I'm calling my lawyer, officer," not middlemen saying, "What does the legal department say about this? Should we comply? Eh.. it's not like it's any skin off our noses anyway. The customer will probably never find out it happened, so the cost to our reputation should be quite minimal."

At first glance, this looks like a good idea which should be encouraged and nurtured. Even if they fuck up something.

The downside is that it's pretty crazy to be doing stuff like this in a scripting language inside of a machine that downloads new versions from somewhere, at the drop of a hat, and where the machine itself (Chrome) is remotely-coercible. (In other words, point a gun at Google's head, and they will extract your key the next time you enter your passphrase.) But really I think this is a minor point! (bear with me; I know that sounds like a bombshell.)

It's good to for people to start using OpenPGP, even if they do some things wrong, and for it to get more mainstreamed. It'll get 'em familiar with the concepts (and they need to learn them all; take anything out and you have a broken system), and then some day they will graduate to the real thing (actual PGP or GnuPG, outside the vulnerable context of today's web browsers) and do things more carefully on their own time while remaining interoperable with their associates.

I know I am a dead-horse beater on this, but OpenPGP, after all these years, really is still the very best, top-notch, number one PK system we have. It's not merely good; it's right. And the applications for the WoT go far beyond merely securing communications from snooping, though it happens to be excellent that that. Three cheers for Google not inventing something gratuitously nonstandard (and therefore, probably deficient)!

No, it's about guns. Nobody's talking about other 3d printed objects yet.

"Yet?" If anyone says this is a slippery slope and and some day we'll regret it, I'd have to flame 'em for having their tense wrong.

Try printing a "circumvention device" or merely "manufacture, import, offer to the public, provide, or otherwise traffic" a model for one, and then tell the judge in the DMCA case, that it's allowed because it's not a gun.

I bet with a little research, you could find decades or possibly even a century or two, of precedent for all sorts of restrictions on things that are far more innocuous than guns, and 3d printers are going to run into much of that stuff. Guns are really only a special case here, because we have an amendment that specifically prohibits the government from .. uh .. well, what they're not allowed to do is apparently rather debated, but one thing we all agree on, is that amendment really does use the word "arms." And we don't have any constitution-level law at all, that mentions the words "computer programs." ;-)

You should expect interference of some kind, whenever there's any sort of advance in cheap anonymous unskilled creation. That's just how things work, always. I seriously don't know how anyone could possibly think we're only talking about the future of guns. Guns are so nothing within the overall economy.

Are you claiming to be some sort of psychic?

Many people could learn much, from your rigorous skepticism! If I may indiscreetly boast a little in fraternal camaraderie, I share your gift, though to a lesser degree. By seeing through some people's bullshit, we have learned to discern much knowledge about the world.

The year is 2014, and guy walks up and shouts, "I'm Napoleon Bonaparte! Soon, Europe shall be mine!" Further confounding us, this is immediately followed by a second guy on his heels, who claims, "I'm Arthur Wellesley, Duke of Wellington. Your army will soon be defeated, Napoleon!" Right off (so much quicker than I, I must admit [I bow to you]), you are squinting suspiciously at the second guy, a sneer of distrust on your face. It takes me a while to trace your logical steps, but eventually I arrive at the same elementary conclusion that you did: that he is Wellington, is totally preposterous! Why? Because Wellington has been dead over 150 years!

It's so simple, a child should be able to see it. Yet, few people realize what we do.

So while the rest of Slashdot reels in confusion, not knowing what is going on and what is going to happen next, we have already figured it all out. We divest or short-sell various European enterprises, invest heavily in French war bonds, and await the riches that shall soon be ours. Everyone else thinks we're mad fools, but soon, they will gape in amazement at our prescience.

Using the power of reason alone (so simple, yet so rare), we have determined that that no one stands in Napolean's path, to prevent him from conquering all of Europe.

An atheist can be as big of an asshole, but if atheists are wrong then at least they're not as big of a security risk. Since they don't pray, they don't ever accidentally get the attention of Gozer or Yog-Sothoth or Jehova or Ra with their mystic brain waves. "Somebody wants help, do they? Where? Earth? Earth?! So, life has returned to Earth, and it .. it [buzz buzz, tuning prayers] .. it can feel pain and fear? *drool* Doris, I'm going out to lunch. Hold my prayers."

No!! Wait. How do you know that praying didn't cause the problem to happen in the first place, and that prayers aren't prolonging the paralysis? How do you know the consequences of a prayer?

People, please!! If you are going to going to bring awesome cosmic powers to bear on this problem, you need to do it responsibly. You are meddling with supernatural forces that can shape galaxies, part seas, resurrect dead people, inflict or cure cancer, turn people into columns of salt, and win football games. We have already had it explained many times to us, that these things "work in mysterious ways" and that their plans are not always apparent to us, and their minds are beyond our capacity to understand. We can never assume that they want what we want.

If you are going to call on beings of infinite power, don't you think you ought to first understand the causes and effects? Wouldn't that be prudent, in a basic "not totally reckless and negligent on a potentially PLANETARY scale" sense?

Perhaps this patient was paralyzed as retribution for some conceit of hubris on her part, as one of life's lessons. By allying with her (i.e. interfering with her enlightenment), you might be paralyzed next, whether as punishment for defying the will of the gods, or maybe even as little lesson in hubris of your own.

Ok, maybe she was paralyzed by The Great Enemy, because she was close to uttering the Word of Justice that would undo all the Enemy's plans, so by calling on the Enemy's enemy, you might be able to help her, get the Word uttered, and all evil will finally be banished from the world forever and ever. Yet it is just as likely, that she was about to utter the Word of Despair, plunging America into yet another Eight Years of Apathy, and it was only by some hero's hours-long (and expensive, due to the rarity of some of the herbs and oils used) ritual that managed to stop her, and by bringing Great Powers into this, you might bring about the Eight Years of Apathy.

It could be happening because of something as mundane as the tumor "cover story", but then whichever god answers your prayer and cures her first (you know that prayer works, but do you know how it works, how it propagates, etc?), will be owed a favor by her, which might be a horrific lifelong struggle for her; whereas without your arrogant meddling, she might have recovered naturally anyway, without any long-term spiritual debts. Or -- are you sure you truly understand all the mechanics here, and that not only have you totally mastered Law of Man, but you also have perfect insight into the Law of the Gods -- perhaps the debt will be YOURS.

If a doctor were to idly carve on her brainstem without knowing what he was doing, you would be among those crying "malpractice!" But here you are, barging in with your hasty invocations of the mightiest powers that history has ever known, using a bulldozer-the-size-of-a-mountain to swat flies on the rim of a teacup. You would purify a pint of water with a lake of iodine, poisoning the drinker. You would shoot a man for snorin' too loud, light a cigarette with a hydrogen bomb, and write a "hello world" program that compiled to a 6 terabyte binary.

I beg -- no, insist -- all those considering resorting to the extremity of prayer, to first carefully consider all the ramifications. Make sure you understand how it really works, Whom you are really contacting, what you're really asking of Them, what it truly costs, etc. You may be doing more harm than good, and you might be involving innocent third parties.

Indeed, even if it were just one person's life at stake (and it's not!), I don't think it would be too out of line for me to demand that you first prove (to reasonable degree of certainty; we don't have to get all mathematical here) that the effects will be benign. At least do some controlled studies.

Is that not reasonable? I submit to you, that you would ask the same thing of a much less powerful, and much less dangerous doctor. No neurosurgeon's erroneous scalpel, can possible destroy a galaxy, summon The End of Time, create zombies (well, ok, maybe neurosurgeons can do that, but not a whole plague of them), time-travel everyone on Earth six thousand years back in time to The One Day of Cretacious, turn every firstborn daughter instantly into a lesbian, or alter history such that the second amendment never got ratified. God can do that, and just might, unless you're saying you're Him and you know what He's thinking. Is that what you're saying, punk?

As far as the automotive portion of this, they've overlooked a pretty critical detail...

Are you sure they have overlooked this? I think the words "google" and "car" and "driver" have been used in a lot of sentences over the last few years, especially with the word "driver" modified.

Make no mistake, there really is a vision here, and it's pretty damn clever (even if it's also insideous and horrible). Outside of dense areas with usable public transportation, a lot of "eye hours" are being "wasted" every day. Google is able to fund work on self-driving-car development, precisely because claiming this resource will be so much like finding the holy grail.

Human: "Take me to Joe's Brewpub."

Car: "Ok, here we go. By the way, Fred's Brewpub is also nearby and they have a new Imperial Red Ale that has received 14 positive reviews in the last 4 days. Would you like to g--"

Human: "Take me to Fred's."

Google: "Dear Fred, one conversion. That'll be a dollar, please."

Joe: "Dear Google, I would like to place an ad."