Yeah big news there, I've been calling my pet capybara "swegsweg" for like 3 years now and he's started to say "swegsweg" like he's a pokemon or some shit
Yeah. If you read the article, it is not asserting "Capitalism is Bad", it is saying that the rationality assumption implies that we don't need the market. If everyone was perfectly rational, we would all coordinate without the market.
They aren't joking. How? Because they went out of their way to hire very good appsec people to build their team. There's a geography and right-place right-time element to what they did, too.
They're a pretty good case study for how the right senior hires at the right time can set the tone for a security organization for many years after those people leave.
Etsy is a weird case. I'd never, ever have thought there's so many such good people in a company that initially seemed to me to be a random eBay-like store for selling trinkets. And yet, it turns out they have serious talent and post a lot of very interesting tech stuff.
They had (have?) a security team entirely larger and more competent than I'd expect (or, honestly, really choose to seek to have) in an org their size. I think they were just lucky to get a couple great people early on and doubled down.
How are we to know what to support as citizens? What's worse, cyberterrorism due to fundamentally insecure cryptography infrastructure, or physical terrorism due to a lack of spying capability? I am marginally more afraid of what terrorists can do with computers than what they can do with guns and bombs.
I'm pretty sure I could do more damage with one rifle and a handful armor-penetrating rounds than with a bomb, without ever firing at--or even seeing--another human. I expect that a network attacker can do 95% of that kind of damage more remotely, but perhaps also more preventably, just using a computer. I think I could probably even forget about the rifle, and just wreak some havoc with just stuff that could be purchased at Home Depot, without even a whiff of suspicion.
It's a really good thing that I know I'm rather dependent on all that infrastructure for my easy lifestyle, and I have no good reason to go around destroying any of it.
So what I fear more than anything is someone as smart as or smarter than me, who has acquired individual motive to cause a huge amount of damage to public infrastructure.
Blowing up a high-profile building full of people, or going on a shooting rampage that leaves a bloody trail behind you, are good for getting into the news articles, but save us all from that guy out to cause sheer financial damage instead of human casualties. Soldiers are scary, but those guys that sit back, dreaming up new weapons, are simply terrifying. [0][1][2][3][4]
You don't really want to watch angry, gullible young men with a grudge. You need to watch out for that guy who can write "airliner = cruise missile; cost: ~$500" on a sticky note, then immediately move on to dream up some other way to hurt you.
One of the major points made in the article is that nobody hears about the attacks that get prevented. It may just be that surveillance is very effective.
That is correct. On an unrelated note, can I interest you in purchasing a rock that prevents bear attacks?
It's all very well to talk about the attacks that were quietly prevented. However, international terrorism is a well-studied problem, and there are several countries who have to deal with it, and they are trying a small variety of approaches. We don't have to speculate in a vacuum.
At least speaking of aviation security, we can pretty confidently say that the billions of dollars we have spent have, largely, accomplished nothing but political theater.
As an actual security expert who has studied this issue in depth concluded:
> Since 9/11, approximately three things have potentially improved airline security: reinforcing the cockpit doors, passengers realizing they have to fight back and -- possibly -- sky marshals. Everything else -- all the security measures that affect privacy -- is just security theater and a waste of effort.
Apprehending them in advance isn't really what occurs, though. Rather, you spend billions of dollars putting up elaborate defenses against the previous successful plot. And you sacrifice as much liberty and privacy as possible in the name of anti-terrorism, but then you use your new powers for non-terrorism purposes.
I mean, look at the USA's terrorism laws. 99% of arrests from the TSA or the Patriot Act are related to things that had nothing to do with terrorism.
It's all just theater unless you can show that countries without that level of paranoia and invasiveness are getting attacked much more often. And I don't think that's the case.
> One of the major points made in the article is that nobody hears about the attacks that get prevented.
Except for all the time the government spends trumpeting the attacks its has supposedly foiled (which mostly turn out to be comical, implausible plots, often instigated by government agents.)
>One of the major points made in the article is that nobody hears about the attacks that get prevented.
The government would be shouting from the rooftops if they've prevented any attacks, if only to justify the surveillance. Pre-2015 there was a report that mass surveillance had not prevented a single attack. I'm not sure if that statistic is still true, but I imagine it is.
It does them no favors to keep the attacks prevented hush-hush, as it leads citizens to believe it isn't working at all.
Former NSA analyst, head of the spying program, calls it useless. [0] And more information/people-in-the-know [1].
Nah. Every time the FBI pushes someone into accepting their offers of bomb-making materials, they scream about it from the rooftops as though they've prevented 9/11 v2.0. Of course these are largely vulnerable or mentally ill people who are also politically disgruntled.
Remember the Boston bombings? I sure do. The FBI had a line up on them before the fact, then were too slow/stupid/whatever to prevent the bombs from going off. To repeat: they had information in hand as a result of surveillance, then still fumbled the ball.
At the core of these "security vs liberty" debates is usually three assumptions which are fallacies:
1. Complete security is possible, if only we give up our liberties (it isn't, look at violence in prison populations)
2. Complete security is desirable, so we should give up our liberties (it isn't, because we'd be in prison)
3. Giving up our liberties will have no unintended consequences (it does, involving willingness to put new ideas out)
Although I don't agree with any of those premises, that debate is not one-sidedly poorly supported. A lot of the opposing arguments prove too much.
For example, a common remark in discussions on relevant topics are paraphrases of that "those who would give up essential liberty" quote. Yet, those comments appear much less frequently of discussions of other sacrifices of liberty for the sake of security.
I find it very hard to believe that there are significant attacks being prevented. Information on those prevented attacks would be leaked every time there was a new round of budgets and every time some agency screwed up and needed to smother the bad publicity with some good.
That's interesting that the mice with stressed parents dealt better with stress. I've typically interpreted this strain of study as a sort of depressing, "rich get richer" of biology concept where every generation gets more stressed out until they somehow get removed from the gene pool. But it seems like the exact opposite is the case, that there is an adaptive numbing effect
>That's interesting that the mice with stressed parents dealt better with stress
It doesn't say they dealt with stress better. They had a blunted stress response, and in humans that might lead to depression, etc.
Presumably there must be an evolutionary reason. If the environment is very stressful, it's perhaps better to have a lower HPA axis response to stress, otherwise you would be at risk of various diseases.
"Dealt better with stress" is not the conclusion (inference) that concerns them in the paper:
"This is relevant, and problematic, because blunted stress responses in humans are associated with neuropsychiatric disorders like depression, schizophrenia, and autism." (emphasis mine).
I interpreted it to mean that they have a blunted stress response, nothing more. Maybe a lot of people that undergo stress have a twofold reaction: 1. downregulate the response to similar stressors 2. still have some bad feelings about what happened
I would rather have 1 & 2 than just 2 alone. So yeah, when they say "associated with" they aren't saying "caused"
I don't understand why other market participants can't adapt to spoofing.
I agree that fines won't work because it's just another variable influencing the value of the spoofing strategy and if you get extreme about it you're punishing legitimate parties.
Maybe the real problem is the culture of finance. I'm sure this guy isn't all too embarrassed about what happened and there are plenty of people who would love to hire him
