Interesting article. One can easily notice that most folks seem to treat the speed limit as a minimum speed rather than a maximum speed. It's not just designers designing for speed. They do so because of market demand. That demand is boosted by advertising - both overt and culturally pervasive imagery. Buckle up folks. Try not to speed. You're really not saving much, if any, time. Also minimize left turns and lane changes. When you do turn (or change lanes) always use your turn indicator. When cars are robots they can do these things. The worry it that freedom loving consumers will still choose thrills over safety and this may stunt the adoption of robocars.
> One can easily notice that most folks seem to treat the speed limit as a minimum speed rather than a maximum speed.
That's because the speed limit doesn't match actual traffic speeds. On highways/motorways, traffic typically will freely flow at speeds ranging from 75 to 85 mph (120 to 140 km/h). Posting a speed limit of 55 to 65 mph (90 to 110 km/h) will result in traffic treating those numbers as a minimum acceptable speed.
In fact, in the state of Virginia (in the USA), they have signs posted on their interstate highways that state that commercial vehicles may not use the left most lane if being operated below the posted speed limit (65 or 70 mph).
No, it really isn't. The compliance rate increases when the speed limit is set to the upper limit of the pace speed/85th percentile speed. I noted some examples[1] in my other post
Cars are actually quite safe if you consider how much we use them. Your odds of dying in a car accident are quite low. Given that robocars have their own trade-offs, I don't think it's too surprising that some people will elect to continue to buy human-driven cars indefinitely if given the choice.
My odds of dying in a car are much higher then almost anything else in the short term. If there is anything to rationally optimize for, it is car safety.
I think maybe you are missing a whole bunch of other risks in your life that are more likely to take your life.
How much do you worry about dying from a fall, or poison, or alcohol, or drugs? Or a firearm? All of those are either similar to or more likely than dying in a car accident.
If you want to rationally optimize for something that will improve your survival odds, heart health is by a vast, vast margin a better place to spend your efforts.
If you drive an average number of miles per year, you will probably be involved in some kind of accident once every decade. The odds you will die in that accident are pretty low, as it only happens about once every 100,000,000 miles driven.
They may be 'safe' for the people in the car, but not for the people who get hit.
It's cars crashing into bicycles, pedestrians or buses (causing the buses to avoid them and crash) that are the major issue.
The people who die in car crashes are innocent healthy people. Often killed by people who never think how dangerous cars are and assume that they themselves are safe.
One of the major bus crashes [0] was caused by a drunk SUV driver over taking a bus too fast in the rain, losing control, crashing into the bus and killing numerous passengers. The SUV driver only suffered slight injuries.
Ah, yet another Strong Towns anti-car screed of "let's make all roads so damn slow nobody can actually get anywhere" without any discussion of the downside of what they propose.
I've lived in "Cannah get theyah from heah" Boston. I can assure you that slow, safe, crappy, narrow, winding roads suck as bad as you think.
Or try going from Braddock to Penn Hills in Pittsburgh, PA. Nice and slow and infuriating. There's a reason why a whole bunch of people decided "You know, that nice empty area west of Pittsburgh with roads that actually let you get from A to B is very enticing."
> One can easily notice that most folks seem to treat the speed limit as a minimum speed rather than a maximum speed.
I disagree. People simply IGNORE the speed limit and drive at what they consider to be a safe speed.
Part of the problem is that there are political forces (cough police budgets) that encourage stupidly low speed limits. If all roads were set at the appropriate speed (something like 85% of traffic, IIRC, but there is an actual engineering number), suddenly "speeding" becomes an actual traffic safety issue.
And, in fact, ignoring a speed limit is a rational decision when everybody else would be going 10-20mph faster than you. Absolute speed means more damage when a accident occurs, but relative speed differentials mean more accidents occur.
Didn't read? That 85% _mantra_ is mentioned. Yes, it's an engineering principle...designed for rural roads. Blindly applying that to all other road types is not engineering, that's cargo cult.
I'm not a traffic engineer so I'd love an explanation, because on the first look, it seems absurd to apply this measure to determining speed limits, as a) 85th percentile will keep creeping up with each iteration of such speed limit adjustment, and b) the whole rationale seems to depend on "wisdom of the crowds", i.e. trusting greedy optimization to find the right balance in the system that needs to be optimized globally.
> a) 85th percentile will keep creeping up with each iteration of such speed limit adjustment,
That doesn't actually occur. In 1997, West Virginia raised its speed limits from 55 to 65 mph on limited access 4 lane divided highways. The 85th percentile speed incrased from 62 mph to 66.5 mph. The compliance level with the speed limit went from 15% to nearly 85%. On interstate highways, the speed limit increased from 65 mph to 70 mph. The 85th percentile speed increased from 70 mph to 71.6 mph. The compliance rate went from 50% to about 70%.
In both cases, the compliance rate went up (in one case, substantially). Also, the Martin Parker study [1] also says that lowering and raising speed limits do not substantially affect actual traffic speeds.
I feel for your brother and understand your fatherly fears. I have three sons. They are all fine now, but ... One got hit by a drunken driver, one broke his neck, and the other fell onto a wrought iron fence which stabbed through his skull and into his brain. All three are healthy and active. Each came so close to death. As you say, many of the largest changes are quite beyond our control. I frequently find myself having to choke back the terror to keep focus and keep moving.
So I had this clever little comment worked out. I was going to say that a formula for designing a unique building - and, hence, gaining a star reputation - would be to pick a design that everyone else knows has a fatal flaw. That way no others like it would have been built. But, reading the comments I see that this exact mistake has been made more than once. So much for theory.
That's commonly known as 'remarketing' - by co-operating a little, a website and an advertising network can communicate the pages and products you've been looking at, and then the ad network can show you the products (or related items) again when you visit other sites.
It's frequently annoying if you've already made the purchase / decided not to, but it's a marketing ROI 'hack' in that the users who are being shown these adverts have already previously expressed some interest in them.
Even if 50% of users aren't interested any more or bought the product, the remaining 50% are still 'well qualified' -- i.e. known relevant -- and so showing the content again to them is more likely to result in sales, and so is 'cheaper' for the advertiser than targeting otherwise-unknown users. It's better for the ad network as well since their customers (the advertisers) will get better results.
Intent mining is really more about analyzing what people are saying online (or, equally, the text they're entering via search engines) and working out what they are intending to do - are they looking to purchase a camera, or are they looking for information about a business?
The two aren't completely separate - remarketing combined with intent mining could presumably have some interesting results (we've seen you were investigating shoes yesterday, and you're travelling to a mall - I'll show you some adverts from shoe stores there), but they're slightly logically different.
Balderdash! How many people are in the baby boom generation? And you paint them all with one bush? Do you do the same for people of a particular race? Upon closer inspection you will find that few boomers are responsible for your woes. Your parents maybe, but most of us are as powerless as you. "Industrial mindset"? Poppycock! I look around and I see many young people serving up enormous amounts of their private information on public forums. Boomers have nothing to do with this. Quit obsessing about "boomers". It's such a useless distraction.
All this increased digital surveillance comes at a time when the US Post Office is under artificial financial pressure. Just last night the news reported a plan to eliminate direct delivery to the door in favor of some sort of community mail box facilities. Interesting coincidence that physical letters (whose contents are still protected by federal statute) are being discouraged while unprotected content is being collected.
What makes you think that the financial pressure is artificial? Postal services in general are having problems because there's not much reason to spend money sending a letter that will take days to arrive, when you can write an email for free and it will arrive in seconds.
Please forgive my rudimentary (and possible erroneous understanding. There are three things important to public-key encryption. The public key, the private key (together called the key pair) and a certificate. If I understand it the cert is just to give confidence that you have the correct public key. So the NSA having access to the cert is a non issue as everyone has access to same. That's its purpose in life. Also the public key is publicly available or the system wouldn't work. The only sensitive things are the private keys. Is this right so far? If I want to encrypt a message to someone I need to use that person's public key. I use the cert to make sure I have the right one. Now the message can only be decrypted with the private key. So how can the NSA decrypt such a message? They would need the private key. The ISP doesn't have it. Even if they have the private key don't they need a pass phrase to use it?
Not sure how the above applies to https or to ssh. Still, in both cases I don't think access to the cert breaks things. Indeed access to it and the public keys are essential to it working at all. (I guess one can operate without the cert too if you trust the source.)
Your understanding of keys is about right. It is the OP article that your are not understanding.
You ask "so how can the NSA decrypt such a message?" That's what the article is telling you: Either by 1) getting the private key from the corporation you are communicating with, or by 2) cracking the cryptography.
Most people don't encrypt every email, they just use https to their email server. You say you're not sure about https, but that is the big vulnerability. So NSA just needs to ask your emailserver corp for their private key (to decrypt the packets, and then everyone can deny that the NSA obtained your email from the corp). This is case 1) above.
For people who encrypt the message end to end (as in your example "encrypt a message to someone I need to use that person's public key"), this is case 2). It is controversial whether the NSA can crack the best ciphers, which are postulated to be near-impossible to crack. But the NSA has resources we cannot imagine and/or secret resources we cannot even know about. When the first encryption schemes came out, they were strong in the day but were later brute forced by more power computers. So there are some who think the NSA can or will be able to crack the current crypto (that's what the OP is referring to when he says "the means to subvert widely used mechanisms"). As others have said, in targetted cases like this, it may be easier for the NSA just to plant a bug on the receiving computer, to read contents after it has been decrypted.
Now certs, which you have half wrong. Yes, certs give confidence that you have the correct public key. But certs are mostly used by companies (case 1 above) not individuals (case 2).
In case 2, peer-to-peer encryption, individuals rarely go to the expense of getting trusted certificates. You say "let's take this private", and you send him your public key, or he sends you his--no cert involved. Instead you both rely on publishing your public keys everywhere and all the time (at the bottom of every email, on their website, etc.). That provides some history for you to trust the key he sends you--and vice-versa. In other words, public keys MUST be displayed publicly before you want to use it to gain credibility.
Certificates are a way for companies to publish their public key with a credible certificate authority (CA). A certificate is essentially another public-private key pair that lets you determine that the CA really endorses the public key you are interested in. The credibility of the CA is determined by their record in the marketplace as to whether they endorse credible companies and whether they keep their master keys secure.
The original article really doens't address certs, except to say that if master keys can be deciphered, we cannot trust certs anymore. That's because a malicious party could create a cert that looked real but wasn't (this happened recently when somebody stole one of the master keys used by a CA--they were able to make fake certs).
My question to you is: if you misunderstood the article, why are you taking such strong positions in your other comments?
Strong position? Do you mean the Post Office thing? Or the "Balderdash" comment warning about getting distracted by generalizing people? Or did you mean the joke about getting ads for stuff I already bought? Sorry if I came on too strong. The boomer bashing is getting old (get it?). It's in no way helpful.
The original article seemed to be a bit political and so I bailed on it. Perhaps I'm getting lazy in my old age.
Thanks for confirming my understanding about asymmetric keys. I forget how the pass phrase fits into this. Is it required in order to use the private key? Also the article and you use the term "master key". What is that? Is that just another term for private key?
What I'd like to see (Monty Python Gumby) is some dates on his web page. Maybe a GitHub page. I got Incosolata a few years ago and have been using it since, but he says he's working on it. When was the last update?
