People ask me about sports all the time and I just respond that I'm not interested in watching. The conversation typically goes like this:

"Why don't you like sports?"
"It's not that I don't like sports, in fact I like playing some of them. It's just that I don't enjoy watching them."
"Why? They're so exciting!"
"Would you like to watch me play a video game?"
"No."
"Why?"
"That's boring."
"Now you know how I feel about watching someone I don't know play a game on a field. Intersperse that with hundreds of advertisements, comments about how much money these guys are being paid because they were lucky enough to be born with the physical qualities that make them good at this game, and therefore how much more important they are than say, a group of scientists who's names you will never know that working on a cure for Parkinson's or leukemia."

The commercial aspect and obscene amounts of money and resources poured into "professional" sports is actually a major turn-off to me and turns it from something I'm merely "not interested in" to something I actually resent. I would have enjoyed Hockey back in the 50's or 60's when it was just a bunch of regular Joe's with day-jobs who played the game for the love of it, not because they're some prima-donnas who're demanding they get an extra million or they won't play. Go watch the movie BASEketBall to see this.

So, now you have strong evidence that the people you talk to are not representative of America as a whole.

I would not put it that way. I'd say we have strong evidence that opinion polling can easily result in confusing or apparently contradictory results. The first sentence of the linked blog post has an air of mild surprise about it, and not surprisingly - when polled, 75% of Americans disagree that their government is trustworthy all or most of the time, yet they view most departments favourably? That makes little sense.

Something else doesn't make much sense. This result can easily be read as "people approve of what the NSA is doing". That must be what favourable means, right? Yet this very same polling agency has found a year ago that a majority of Americans oppose NSA practices. It's possible things have changed in the span of 2014, but other polls frequently return contradictory results too. This one by the Washington Post says, in the same set of questions, most people think monitoring all online activity to prevent terrorism isn't worth it, but monitoring all phone calls is. Why the difference?

At any rate, it's certainly true that the civil liberties wing of western societies has done a really appalling job of explaining to people why this sort of behaviour by governments is so risky, and Americans don't have recent local experience to fall back on. Unlike, say, people in former Soviet bloc countries, or Germans.

TFA is actually covering opinion polls relating to several government agencies, but in typical Slashdot form, TFS only focuses on the NSA section, because that will be more inflammatory.

.... or maybe, just of more interest to a tech/geek focused site? I guess the NSA is a lot more relevant than the VA, especially to non-American slashdotters like me.

The poll isn't very surprising given its consistency with previous polls, but that doesn't change the fact that the attitudes of Americans don't seem to be very internally consistent or easily explainable. Either American people are just strangely illogical or there's some subtle issue with the polling method (or both?). The big question mark this survey leaves hanging is why trust in government is at an all time low (along with falling trust in most institutions), yet iterating specific parts of the government yields mostly favourable views. This is such an odd result that the very first sentence in the poll writeup says:

The public continues to express positive views of many agencies of the federal government, even though overall trust in government is near historic lows.

Yes, indeed. The public does A even though B. How strange.

The way the poll works means there's little information that can be used to explain this. Perhaps the 8 departments they chose to ask people about aren't the reason people distrust government. Perhaps their distrust falls exclusively on Congress, or on the judicial branch. We can't tell from this result alone.

Another possibility is that the wording of the poll - although superficially neutral - does trigger bias. The question was "do you trust the government in Washington always or most of the time?". People might be distinguishing between "the government in Washington" and "other bits of the government", e.g. the NSA is not actually in the city of Washington whereas Congress is. Ditto for various other departments and especially the military which does a great job of spreading itself around the country.

My final thought is that people might be more naturally inclined to take out their dissatisfaction on Congress than on the executive branch, because getting mad at Congress feels like it might achieve something due to voting, whereas getting mad at the NSA is about as useful as getting mad at a brick wall. They answer to no one and can't be controlled, so it's a lot more comfortable if you can convince yourself they're on your side rather than not.

is there an unknown benefit of having a blood-borne disease vector?

Yes, and he just told you, but you weren't listening. Having a blood-bourne disease vector has the benefit of staying the wrathful hand of Gaea.

Are you trying to persuade us that this disease is somehow important enough to be a bad thing, or are you making your argument to a god?

If you're so intimately familiar with a values and agendas of the gods, then on humanity's behalf I request that you also please explain to Cthulhu that the stars aren't right.

There are so many layers of stupid in this story, it's hard to address one of them without the embarrassing feeling that someone might read a rebuke of one stupidity, and take it as an implicit acceptable of the rest of the stupidity that you didn't address. If you argue too hard that Yog-Sothoth made a mistake in designing camels, somebody might think you're a creationist.

From the point of view of a malevolent user who intends to use the device to harm someone, why would they want your malware?

From the point of view of a benevolent user, why would they want your malware?

What will happen in the marketplace, if a benevolent user is persuaded to run your malware and then has a problem and finds out that it was due to the malware?

What's so special about the security needs of people in a capital, compared to people everywhere else? And is this special need, really a function of where they happen to be at a moment, or is it based on what their powers and responsibilities (and presumably, replacement cost) are?

I am leaving a few dozen obvious things out because it's tiring to enumerate. That my original point: don't think that just because I missed a totally-obvious way that the idea is stupid, as meaning I would debate one of these points from the premise of accepting a lot of other stupidity. It's not even something I disagree with or think is a bad strategy or an us-vs-them thing. It's just a totally dumb idea, a loser no matter how you look at it and no matter what your agenda is.

You call them worthless but then in the very same sentence you admit that they are all-powerful.

Error. You are proceeding from a healthy input of facts. The constraints of the thread are to proceed from a health input of science fiction.

We had plenty of choices for dial-up too, what we lacked particularly in the UK was free local calls, that made modem calls expensive compared to the US. Since then everything has been going our way.

However, the issue of free vs metered local calls hasn't been relevant for a long time. I don't think government intervention is a great explanation either, given that the UK telecoms network was privatised.

For large parts of Europe I think there's a simpler explanation - a combination of population density and more regional competition with ISPs. Whereas in the USA you have a handful of nationwide ISPs. There's no equivalent of Verizon or Comcast in Europe that serves the entire continent.

This is how we're going bring our keepers to their knees, and eventually break out of the Matrix. We spend imaginary money on imaginary storage and then put all sorts of high-entropy stuff on it and run calculations to verify that it's really working, but they have to spend actually real resources, to emulate it.

Sloppy calculation tip: 24*365 = 10000.

If you're Sloppy enough to accept that premise, then at 10 cents/KWHr, a Watt costs a dollar per year. It makes your $28 turns into $32, but hey, close enough. When I'm shopping, I can add up lifetime energy costs really fast, without actually being smart. Nobody ever catches on!

I never thought any PM in Canada could top mulroney for the title of "worst". I'm still reeling from the outcome, but Harper proved me wrong.

"We can also amend ourselves hte ability to not be able to amend our constitution further,"

Actually, you can't really do that, because if enough people in the future agree to change it, it will simply be changed, regardless of what is written. As hard as you try, short of destroying everyone, you cannot remove the ability of future generations to change the rules.

Did they actually sign a declaration of war, then? Or was it another one of those end-runs around the rules they like to pull, where it's declared anything other than war, such as an engagement, or police action?

Just like this woman's apparent outrage. It's probably all part of the plan. Fake some outrage to get people to think that companies like google and apple actually have decent encryption that will protect your data, then have people jump all over it "encrypting" their juiciest data. Meanwhile they have a backdoor deal right out of the gate.

There will -always- be flaws. However, part of a company selling security is how they respond to issues, and here, BlackPhone has performed quite well. There was a problem, they fixed it, and that is what matters.

I agree that how a company handles incident response is important and the BlackPhone guys have apparently handled this well.

However, there are several things that are troubling about this story which lead me to not trust BlackPhone and question the security experience of the people designing it.

The first thing we notice about this exploit is that the library in question appears to be written in C, even though it's newly written code that is parsing complex data structures straight off the wire from people who might be attackers. What is this, 1976? These guys aren't programming smartcard chips without an OS, they're writing a text messaging app that runs on phones in which the OS is written in Java. Why the hell is the core of their secure messaging protocol written in C?

The second thing we notice is that the bug occurs due to a type confusion attack whilst parsing JSON. JSON?! Yup, SCIMP messages apparently contain binary signatures which are base 64 encoded, wrapped in JSON, and then base64 encoded again. A more bizarre or error-prone format is difficult to imagine. They manage to combine the efficiency of double-base64 encoding binary data with the tightness and simplicity of a text based format inspired by a scripting language which has, for example, only one kind of number (floating point). They get the joy of handling many different kinds of whitespace, escaping bugs, etc. And to repeat, they are parsing this mess of unneeded complexity .... in C.

Compare this to TextSecure, an app that does the same thing as the BlackPhone SMS app. TextSecure is written by Moxie Marlinspike, a man who Knows What He Is Doing(tm). TextSecure uses protocol buffers, a very simple and efficient binary format with a schema language and compiler. There is minimal scope for type confusion. Moreover, the entire app is written in Java, so there is no possibility of memory management errors whilst trying to read messages crafted by an attacker. By doing things this way they eliminate entire categories of bugs in one fell swoop.

So yes, whilst the BlackPhone team should be commended for getting a patch out to their users, this whole incident just raises deep questions about their design decisions and development processes. The fact that such a bug could occur should have been mind-blowingly obvious from the moment they wrote their first line of code.