The nonsequitor there, is in asserting that because the whitehat hasn't disclosed his findings, that others haven't also independently found the hole, and been more mum about it.

Which is more profitable for a person who makes their living by stealing company secrets, laundering money through wire fraud, or selling stolen identity information?

Using an exploit that has been publicly discosed, and thus, everyone is super paranoid about it, and actively trying to plug it-- OR-- a nice little treasure trove of privately discovered exploits that aren't public knowledge that you can quiety switch to once the hole you are currently using gets discovered?

"Saving face" for the company fascilitates the real blackhats by keeping admins and users ignorant of the threat.

All public disclosure does is make real blackhat attackers silently move to their next vector, and cause a spike in script kid activities. (And of course, make the software vendor look bad.)

I never said I believed in "unbeatable protection". That's a strawman. I basically said that "out of sight, out of mind!" Is not a proper risk mitigation practice. Most certainly NOT the same thing as professing a belief in perfect security.

Proper keypair generation attempts to make it more costly for the attacker to profit from the action of hacking, and actually demonstrates this fact for them, should they try anyway.

Shitty obscurity based half-assery fakes being strong, to detur attempts, but fails easily on inspection. Something like using a password to XOR a file, and calling it "encrypted.", or doing what sony did and reusing the sae salt over and over again, completly defeating the purpose of the salt in the process.

Relying on "don't tell anybody! We'l get to it eventually, and if you don't tell, nobody will find out!" Is bullshit, which is what typically happens with so called "responsible disclosure." I have heard of serious exploits hanging around for YEARS after being "responsibly disclosed."

I understand that you can't fix the hole instantly, and that the patch needs to be tested to make sure it doesn't poke another hole elsewhere. However, informing the people at the most risk, (customers), that they need to take some mitigating actions to reduce the threat, and to watch for signs of exploit until the patch is ready is what is the responsible thing for the software vendor to do. NOT hide the exploit and try to forget about it, while less scrupulous crackers silently use it in combination with other exploits to commit fraud, steal company prividleged information, steal user persona data, build botnets, and worse, while pretending that "it won't happen, because nobody squealed!"

PS3 encryption== security through obscurity. (That salt doesn't need to ACTUALLY be random--each and every time-- does it? Cause, that would be a pain to implement!)

PROPER key pair generation == impossible to realistically derive the secret key from the public key and the payload, due to addition of true random salt. (Where "reasonable" means within the attacker's lifetime.) There simply is not enough information to derive all the factors to refactor the secret key. This is by design, and is considerably different from a simple password in implementation.

In other words, you are being specious, and are downplaying that the security involved with proper encryption is most definately not "if nobody looks, nobody will see!" Type security.

"Herp! He said a commonly used phrase, and I tooked exceptshun tuh dat! Hur-hur, so I calleded him an idjut and a mohron and stuffs! He coulndna poshibly know what dat phraseology thimgy rully means, like I'z does!"

Seriously, that's what you sound like when you say such dumbassery.

Security through obscurity is no security at all.

A security hole is a security hole. A hole that is not widely known about is not in any credible sense "safer" than one with a demonstration exploit posted on mailing lists.

I would rather that news of exploitable security holes be widely published, so that mitigating secondary security blocks can help cover the hole, and reduce the attack surface as soon as the exploit is discovered. While you can't recompile the kernel on day-0, you CAN filter network traffic, isolate unprotected systems, and take other affirmative actions to safeguard company and private data from unauthorized persons, and prevent the silent execution of malicious software early.

The problem one runs into there, is that most software out there today is not so much "secure", so much as it actually is analogous to a block of aged swiss cheese. Hardened in some places, and totally see-through in others. Managing many disparate suites of software packages means dealing with, and mitigating the risks, of a great, great many peepholes.

But again, a security hole is a security hole, and security through obscurity is no security at all. Wishful thinking that "if nobody says anything, then its perfectly safe to let slide for now!" Puts systems, data, and people at risk for the sake of convenience.

Look at the fallout of the near miss between that german drone aircraft and a small passenger plane that just came to light. Secrecy of the problem does not make the problem go away, and hiding the risks from people (for any reason) who are at risk is beyond inconscionable.

Those are only good for use as coasters!

Me? I roll with the AOL floppy disks! Premium MO disks, that just need a little bit of tape put in the corner! After you use the first one to get "On-Line" access, you can use the additional floppies they keep on sending to put all those newsgroup binaries on! The RAR files are conveniently 1.44mb in size even!

Translation: Invent the wheel many many times! Don't you DARE share the data on wheels with others without first getting permission to replicate data from the spoke makers, and rim makers!

Fuck off AC. Look at the internet as a model on how unfettered data proliferation prevents biases from dominating information use. (What's that barbara striesand? That pictue of your beach house is STILL on the internet? Fancy that!) Allowing researchers to share and vet each of these databases you want them to all make independently is EXACTLY how this technology should be used, BECAUSE it prevents usedful data from being hushed up, or forgotten, and gives that data its due. The scientists that created the data want the data shared. The scientists that ewant the data, want it shared.

The only group that does NOT want the data shared, is the publishing industry, because if the data leaves their grimy little fingers, they can't charge rent.

That's the real issue here.

I fail to see how him complaining about people who feel entitled to be in his pocket makes him a "true fucktard."

Most of that sum (people) however, would be completely incapable of sustaining themselves.

Take New York, for instance. Millions of people, living in a very dense urban environment, totally dependent upon complex social heirarchies for labor, water, transport, and food distribution from outside localities. Those people would most certainly perish. (The few that have the luxury of rooftop gardens would be under continual threat of brutal crackdowns by just the other tennants in their buildings, and those small gardens would never be able to sustain the city. Throw into that, the destruction of those few production centers via fires, and the deaths of the few who know how to actually grow food instead of buying it at the store, and you quickly have a very serious problem. For a recent eye-opener, look at the LA riots. That was over the brutal beating of a man by local police officers due to something as innane as skin color. Imagine the riots over food distribution, and percieved injustices and subsequent mob reprisals! New York would be burning in days.)

Then you have the continued ecologica uphevals from everyone and adam trying to beat down the doors to the few remaining agreas that are still halfassedly habitable, (like, building houses!) And the situation spirals even more radically out of control.

I don't think you really comprehend the real gravity of what a GLOBAL ecological catastrophe really represents, with a global population as large as ours is.

Humanity *barely* survived the iceage, when we numbered well under 1 billion globally. (Closer to a few million.) This time we would have 7bn, on top of the adverse conditions, all competing to be the survivors. The unburied dead would promote serious issues with plagues, the basic resource shortages would ensure that healthcare would be a far lower priority, and on top of that, you would have batshit people rallying the troops and destroying what's left in mad dash efforts to control it.

I would rather be trapped with "that guy" in a tiny metal box than endure *that* hell.

As for who is going? It's anyone who can pay the admission fee, which is adjusted to all world currencies. It's the 97%, not the 1%. Just that a member of the 1% believes they can get richer by fascilitating the effort.

I agree that it is reprehensible to wrote off the earth and fly away. But high ideals often have bad consequences too. I am a utilitarian. I see utility in having a self sustaining martian colony. I don't really care how it gets funded. Anyone who goes to live in that colony will have nothing but endless hard work and suffering. Going to mars won't be a golden parachute. It will just be a hedged bet against extinction, however slim the margin. In all reality, a 1%er wouldn't be able to HANDLE living on mars anyway.

They wouldn't have 9 billion people outside, unable to care for themselves, looking for what they have, and willing to burn their colony down to the ground to get it, for starters.

Additionally, a self-sustaining colony would not be dependent upon the earth for resources, and as such, would nto be resource dependent upon the earth, so a breakdown of earth's economic and production infrastructures would simply not affect them in any way. The basic requirement for your reprisal is that the martian colony is completely at the mercy of supply shuttles. That is financially unfeasible even without a global crisis, of any magnitude. If you insist on holding that position, no wonder a martian colony looks retarded!

Providing the martian colonists with everything they need to provide for themselves (since despite what you may think, there most certainly *IS* atmosphere on mars, and it would be imminently useful for martian colonists as-is, just not for human breathing, and as such, the colony habitat will not be a closed resource economy! Just sintering the regolith will release oxygen gas because of the perchlorates present, for instance. The curiosity rover's drill sample shows high nitrogen content in the stones sampled, so that is an obtainable resource as well. All the vital materials are availale on site on mars.)

When you aren't having to worry about if the people living "just over there" are going to come kill you for the cabbages you grew, you can spend much more of your time making life better for yourself and others.

The costs of sending people to mars will be outrageous, but that is being privately funded by private enterprise, and is already budgeted. This means that if there is going to be theft and raping and murdering, it will be inside the *ONLY* habitat structure on the entire planet, and would occur regardless of earth conditions. Mars One is performing psych evaluations prior to sending people, and is unlikely to send batshit people.

You don't get that luxury in a post apochalypse.

Certainly.

Now, calculate that your average human requires approximately 2 liters of water daily for proper renal function (though they often do drink less, and it is unhealthy.) Also factor in the scarcity of the material on mars, and the feasibility of sustainable agricultural activities without that large quantity of water.

Now, let's also think about the secondary particles generated when heavy and complex lead neuclei are exposed to iron neculei traveling at near C, and the subsequently exponential impact that this secondary radiation will have as the shielding becomes more and more radiological from constant exposure.

In other words, yes, water has serious issues. You still have to bring it with you if you are really serious about a martian colony. There is no discussion there. You HAVE to take it. It isn't optional. Since you already have to tae it with you, using the absurd cost to orbit it as a canard is moot. Adding the water AND the lead will always cost more than launching just the water.

The water does not have the same problem with producing dangerous secondary radiation, and does not become radioactive itself at near the same rate as will the lead rad shield. The water is already required, and is not optional.

Why not just use the water, then?

You can resolve the "water expands, dumbass!" Problem by freezing it already prior to launch. This also makes it much safer to transport in the event of a micrometeorite puncturing the containment vessel, and believe it or not, ice can be quite insulating, and can serve other functions for regulating the capsule's environment.

If you are going to demand the kitty cat, you must also demand the swivveling chair, and the doomsday deathray aimed at the earth!

A miniatureized clone of yourself wouldn't hurt either!

That's a pretty profound jump, to state that I don't take climate change very, very seriously, and have used it only because it was convenient as an argument.

Far the contrary, in fact. I believe that it is a very dangerous thing, and that the ensueing chaos associated with food and energy shortages as people attempt to live in an environment that no longer has the human carrying capacity of former generations will definately result in wars, precious few resources squandered on ensuring that only "americans" (insert whatever group most floats your boat here. I'm not picky.) Will be the "haves", and damn all everyone else. I fully expect bullshit like scorched earth policies to be vividly and bombastically be discussed, because of the gravity of that kind of environment, and expect true reason and sensibility to have flown the coop long before.

Our chance to avert the disaster was 20 years ago. We blew it, because it was much more profitable to keep on doing what we were doing before, and to foofoo the data and castigate the science and scientists behind it instead.

The data shows we are now beyond the tipping point. The point of no return has been crossed. Signs are showing up everywhere, and it can't be denied anymore (though many still try anyway.)

The biggest threat will be other people. To me, it would be comforting to know that at least somewhere else in the solar system, a group of people would be huddling in a metal shell growing tomatoes instead of shooting other people, raping other people, and stealing shit as society comes down around all around everyone on the earth.

The calamity is already started. No shelters on earth will be built. There will be worldwide disasters, and instead of working to resolve the proble, people will look for who to blame.

There is a long body of evidence to support humanity behaving in this fashion, as resource collapse has been a recurring thread in human civilizations over the ages. Up until now, those collapses have never been global in scale, however.

This is very much an "act now" moment. This is an achivable goal. I hope they succeed. Fixing the fuckup we have caused on earth is far harder than building a martian greenhouse, and really would be science fiction terraforming. At least on mars, the colonists won't have armed robbers demanding their food.

The earth is in store for some very dire shit indeed, and that doesn't even count what the unknown variable of mass animal and plant form extinctions the changed climate will introduce for continued human activity on earth. Look at the serious dangers that just losing bees offers.

Even if we 100% stop all burning of fossil fuels right now, the warming trend won't stop, and the coastal methane realse will still occur.

We have well and truly fucked ourselves.

You are forgettng that humans are without question altering the environment of the earth in such a fashion that its continued habitability will become much more difficult in a mere 200 years.

Humans *are* the extinction level event. Or are you a climate change denier, that thinks the 97% consensus in the scientific community is wrong?

The calamity doesn't have to be a big space rock. It could just as easily be runaway methane release from continental shelves, and wild environmental conditions, and be completely man made.

Does the hubris matter, if the structure is built, maintained, and crewed, rather than written off as too expesive?

The whole point of building the mars colony is to build the mars colony, as a life insurance policy that you hope to never cash in on.

If its built, there's no need to pay more: 250 thousand people is enough for a viable population to be sustained, so more people aren't even needed. This is a non-argument.

If you supply those risk takers with tools and plans to help them succeed, then they may well do so. That's the point.

Since they won't be disuaded, and want to go, regardless of the risk, at least capitalize on the effort, rather than sabotaging it.

Making assertions about the difficulties says nothing that was not already known, and is therefore without value. You can dislike that these people have chosen to go anyway, but you shouldn't be so self-righteous that you overtly try to stop them, and force them to spend that money and their lives doing things that in YOUR opinion hold greater value.

Life, lemons. Make lemonade. Don't whine and bitch that you can't have the mountain dew you want instead.