Honestly curious, how exactly do you calculate "output" of kcal? Are you talking about estimating (probably badly) the calories "burned" by your body in order to function? Have you considered the *ahem* other way calories leave your body?

The computation is not simply that reducing your calorie intake while still exercising for the same number of minutes will cause you to lose weight. There's all kinds of other factors.

- Your body does not extract every calorie from everything you eat.
- Reducing your food intake may cause your body to burn fewer calories because it's tuned for famines.
- Eating a restricted diet may cause your body to run short of nutrients it needs to function effectively, possibly causing weight gain.
- Just like doing the same exercise every day has diminishing returns (your body will get better and better at performing the exercise while burning less energy) eating the same food every day may cause your body to get more efficient at extracting calories from it, increasing your effective calorie intake without increasing your actual food intake
- The calorie counts on food are not based on what the human body can extract from the food

Post-war America really likes simple computations, they sell well. Quantizing values and applying formulas to them makes people feel like they have control. That's why Weight Watchers managed to spread all over the country. The truth is that biological processes are rarely so simple.

The fad diets in particular push you to over-stress your body and increase cortisol levels, it might cause temporary weight loss but you'll pay for the physical damage long after the weight comes back.

There were plenty of people and businesses in the US that didn't align with the wars in Iraq and Afghanistan. Also, Russians seem to understand that something bad is coming. For instance, Russian Jews are leaving in huge numbers, seemingly expecting political tumult and violence in the near future on Russian territory. It seems people might have a good reason to want to leave Russia for their personal safety. Kaspersky isn't just asking employees to "stand with us" or "stand with Russia", but to do so at risk to their personal safety.

However, you're right. If Kaspersky wants to wrap itself in the flag and tie itself to a genocidal war of aggression, that is a political position I suppose they're entitled to take, but they shouldn't be surprised if they find themselves excluded permanently from quite a few markets.

Technology people in particular can have long memories about corporate ethics (mention GoDaddy to anyone over 30 and see how quick SOPA comes up - that was 2011). I've been a stakeholder several times in corporate anti-virus purchases, I'll certainly remember this. 10 years from now Ukraine will be independent and Kaspersky will be either out of business or restricted to Russia's "friendly nations".

They're apparently worried the ill-gotten gains of their largest industry will get stolen by the Chinese.

"In simple words, this means that no one in the country can access the platform for any work. This is seemingly the case for users who have the software installed on their device. It is said that VLC Media Player is blocked on all major ISPs including ACTFibernet, Jio, Vodafone-idea and others."

What platform? VLC's website is just there to host downloads, nobody uses it for their day-to-day work. And there's no reason VLC needs a server to function, it doesn't even need an internet connection. Whoever wrote this article has no idea what VLC is, nor could they be bothered to find out.

RCS has built-in advertising capabilities, which were so badly abused in India that Google disabled them (for that country only) just 2 months ago: https://techcrunch.com/2022/06/04/google-disables-rcs-ads-in-india-following-rampant-spam-by-businesses/

No doubt Google's RCS team is looking for new revenue after giving up their juiciest market.

Gee, I can't think of any reason why a protocol vulnerable to spam might be an unwanted addition to a "luxury" phone brand. And certainly, certainly none of those Indian companies will start spamming US targets over RCS. Why, India doesn't spam or robocall the US at all! Once the people with spending power are on it, RCS spam will skyrocket in the US.

Next time somebody invents a communication protocol, make the conversations require permission from both parties, limit the frequency that users can try to add new permitted contacts, and require ID. If people really want to get randomly spammed by anonymous people then make receiving those messages opt-in.

But there is a way to get through to Microsoft support and Tutanota did that, and still was refused a solution. At that point it's a conscious policy decision, though it's hard to believe none of the engineers brought up the problem with domain ownership in the first place, it's an obvious flaw. There's a lot of circumstantial evidence that Microsoft wants to make it hard to start a service that would compete with theirs, and is happy to abuse their market position to do so.

The first user should never have been assigned the domain without some sort of domain ownership verification process. Claiming ownership for an organization (or, in this case, disclaiming single-organization control) should be equally simple, Microsoft can email a link to the technical contact for the domain, or have them perform DNS verification.

As the article implies, Microsoft has a perverse incentive to make starting public email services more difficult. I have to say though, their management of their own service is absolute trash. I notice that outlook.com's abuse email address no longer works, and about 20% of the emails in my spam folder seem to be coming from outlook.com, onmicrosoft.com domains, or Office 365 tenants. A few phishing emails from Microsoft-controlled servers even manage to make it past GMail's filters.

Microsoft is just never going to be a good corporate citizen. They only seem better by comparison to the "new tech" companies like Meta and Uber.

No doubt of course in a day or so the public attention will have gotten this fixed, but just for this company.

The way to do this is to embed a private key into the camera itself and have it sign the file. The resulting file has the image data, the signature, and a certificate with the public key that is signed by the manufacturer. You then need to keep the original image around in any files that get passed around. If the manipulations are straightforward transforms then your idea of keeping track of them and storing them as a small set of instructions in the file should work. The other route is to store the full original image inside the file along with the modified version.

I'm sure there are lots of other ways to manipulate studies though, and most of them won't be so easy to solve. Sure, we can have every instrument start signing its output, but humans can still manipulate studies involving human patients, or lie about the inputs to the devices. Most of the solution is probably non-technical. There needs to be more work done on replicating studies before they're published. The "race to publish" should be tempered by a requirement for verified, replicated (not just theoretically replicable) results. Institutions that fail to catch falsified results before publication should face heavy sanctions (like not being able to get a grant without another un-sanctioned institution involved). Perhaps, like accounting, regular audits conducted by certified third parties should occur on a regular basis.

Also, the punishment for things like this isn't particularly severe. They'll probably (hopefully) be drummed out of the profession and never again given a job where honesty is a requirement, but they still got a lot of good years out of their crime and plenty of profit. One could, for instance, make lying about the data in a government-funded study a felony perjury charge. If a young scientist desperate for success knows that the last guy who fudged the results spent 10 years in prison, it might give them pause.

Don't forget the universities (mostly private non-profits, probably a good number of public unis as well) that operate a business model of low admission requirements so they have a large freshman class. They're required to live on campus so 100% of their spending goes to the college one way or another. They know they admitted 4x as many students as they should have, and that 75% will fail out within a year, but in the meantime they collect the profit margin on the tuition + room + board + books, while leaving the unsuspecting freshman holding the debt.

Example: Rochester Institute of Technology, well known practice there.

Personally I think Income Share Agreements should replace standard student loans. If the student doesn't get a decent paying job, the school doesn't get paid. That shifts all of the incentives to where they should be.

Fine, but automatically drop all such emails unless the user opts in to receive campaign emails.

It's not like any of these groups bother to filter their lists. They don't care if they email thousands of foreigners, people from outside their constituency, etc. I received at least two emails from campaigns in NY during the primary cycle, I haven't lived there in more than 10 years. My email address also wasn't associated with my voter registration there (wasn't collected at the time) and I'm not registered anymore (the DMV knows I moved) Why should non-US users have to opt out of every US political campaign every two years?

These campaigns also buy data of questionable veracity in huge quantities. There's really no reason to believe even half of the people on the list are eligible to vote or contribute to FEC-regulated campaigns.

The shareholders hire the board, the board hires the management, the management hires the employees. It's the responsibility of each to make sure the next one down the line is following the law. Now, if the employee had been trying to sabotage the company, that would be one thing, but the employee was working to further the goals of the company.

Shareholders are almost never directly responsible for the bad acts of a corporation, it doesn't mean they're immune from losses as a result.

When your country is hostile to white collar workers, do you really expect them to stay?

In Nigeria, they literally had to start a campaign called "#StopRobbingUs" to get the POLICE to stop robbing anyone carrying a laptop, which they saw as an easy target. So, you can stay in your home country, get paid peanuts, and have the government/police rob you while most of the population hates you for having skills valuable enough to afford a decent life, or you can move elsewhere and get paid more.

https://techcrunch.com/2019/10/16/nigerias-stoprobbingus-campaign-could-spur-tech-advocacy-group-ceos-say/

Besides, doing anything in the financial industry in Nigeria is going to be... challenging unless your focus is solely domestic. The moment anyone foreign starts reviewing your documents they'll see "Nigeria" and set out to prove it's a scam. Even if they don't find any evidence, they'll probably decide you're not worth the risk. The Nigerian government could have chosen to clean this up, but the attitude that it's fine to steal from "rich" people seems to permeate Nigerian society.

North Korea fits the bill, and they have in fact invested heavily in printing fake $100 bills, successfully. Paper currency is by no means secure and really never has been.

I think you vastly over-estimate how easy it would be to duplicate a hardware token. Hardware-embedded private keys have existed for a very long time, and while there have been attacks on EMV they've mostly been man-in-the-middle or social engineering attacks, not direct duplication of the chip (which realistically requires extremely sophisticated microscopes). In fact, if it's easy to duplicate these tokens then it should already be happening for both Apple Pay and cards with "tap to pay" built in. Probably the easiest route is to hack into whoever is making the tokens and try to steal the keys. I think there was a hack on Gemalto (SIM card maker) along those lines a few years ago.

No, it's not "just as easy", because recovering your account is going to require proving who you are, and it's going to require a central ledger with >99% uptime and dispute handling. None of those things are easy or cheap. A lot of human labor goes into proper identity verification (mostly for corner cases) and dispute processing.

By comparison, a system like this could really be quite cheap. If you're storing it on a phone it can probably be free, and if you need a physical device like a smart card that can be quite cheap (certainly under $10 and reusable for years). My guess is the biggest opponents will be ATM networks. Ironically, a lot of the small retailers that bitch about high CC processing fees also have ATMs on site, I wonder how they'll feel about losing that revenue stream.

I'm assuming that for an end-user with a smartphone and a bank account it will be possible to simply withdraw money from your checking account and have it added to your phone's internal wallet using your bank's mobile app.

Also, Check 21 worked out pretty well, at least as far as plastering over the gaps in a creaking old financial system. That was "designed by politicians" too, at least as much as ECASH was.

Ukraine wanted to join NATO because they were afraid of (surprise surprise) annexation by Russia. They gave up their Soviet-era nuclear weapons in 1994 in exchange for protection "assurances" from Russia, the UK, and the US. Obviously that agreement wasn't worth anything because we allowed Russia to annex Crimea.

In the context of foreign policy, it's pretty clear Ukraine doesn't have any real interest in having a nuclear arsenal, they just wanted protection against Russia, and were basically saying "if we can't join NATO we'll have to build nuclear weapons as alternative protection." The argument that a nuclear weapons program protects you from invasions is pretty solid, see Russia and North Korea. That said, it was never a serious threat, just a statement that they wanted a reasonable alternative.

As for NATO being Russia's "proven" enemy, I don't believe NATO forces have ever directly engaged Russian forces on a battlefield. NATO is also currently sitting on its hands while Russia attempts to annex a democratic country. Russian military drones have been flying in NATO airspace without any apparent military response, so at this point it's an open question as to how far Russia could go without a response. I'd argue Russia can probably get away with both troop movements and bombings on NATO territory so long as they call it an accident or blame it on Ukraine.

The only complaint Russia really has against Ukraine is that Russia doesn't think Ukraine should be an independent country. Russia figured they would eventually be able to take over Ukraine (and probably a few other former Soviet states), but Ukraine kept making moves to ensure its independence (like trying to join the EU and NATO). Russia finally decided to invade to prevent Ukraine from making further moves to guarantee its independence. They'd be doing the same in Belarus and Kazakhstan if there was any change in the status quo towards independence in those two countries. In fact, you could argue that Belarus is currently under Russian occupation, with significant Russian forces on their territory it's not clear that the Belarusian government is able to act independently.