Communication about health risks for marijuana use needs to be on-point, especially among young people. From what I've read, use during brain development (prior to ages 25-30) risks learning disabilities and other mental health disorders due to how it affects cortisol. Marijuana is also an immune system suppressor, which may explain some elevated cancer rates. The effects on the immune system may also explain some food allergies, but susceptibility for fungal and viral infections resulting from marijuana use is fairly well established.
Compassion is supposed to be the key reason for mankind becoming the dominant species on our planet, and with intelligence being key to survival, it would follow that compassion would be a key marker for intelligence. A lot of scientists generally fit this characterization, a classical example being Einstein. As a counter-example, a lot of people regarded as poor leaders would probably also rank low for perceived compassion.
I haven't read that (paywalled) article, but I will note that she died on Feb 11th, while a Tesla recall was issued on Jan 26th for a software glitch that can prevent rearview cameras from displaying properly. It appears her death is under criminal investigation, so I presume they're investigating the possibility that the rearview camera glitch was intentionally exploited.
> It appears her death is under criminal investigation, so I presume they’re investigating the possibility that the rearview camera glitch was intentionally exploited.
Unless it was the neighbor who detailed her call at the time who exploited it and then invented the narrative of the call to cover it up, that particular exploit being responsible for the incident seems unlikely, since it is inconsistent with the description of the incident that the neighbor detailed her recounting (that she made a mistake she had made before with the gearshift and put the car in reverse instead of drive while making a three-point turn, and then the car zipped backward over the embankment and into the pond.)
The innovation needed here is for everyone to be able to have a premium rate phone number, and be able to set fee rates for contacts or "classes" of callers. Spam & robocalls need to become too cost-prohibitive to pursue. Everyone's time has value, so it seems mad that we can't set fees for incoming calls or texts.
I find it interesting that Americans are so afraid of regulation that suggestions like these get thrown out in response to calls for regulation. Just effectively regulate via government and move on. Don’t make everything a private toll thing.
A lot of people may not like regulation, but that excludes the issue of robocallers and spam marketers. People on both political spectrums support regulation here. The problem is that existing regulation is ignored and not being enforced
Obviously you would need an exception for calls you've given consent to receive.
But then companies would stick consent in every form license on the internet. So you'd need some kind of cookie banners that require you to give consent explicitly. But then you might miss the box you actually wanted to check opting in to appointment reminders from your doctor and then miss your appointment. So maybe we allow default opt in under some byzantine circumstances that require everyone to hire a lawyer to understand which also has the effect of exempting political donors so that everyone can continue to be inundated with calls.
What was the downside of letting people set inbound fees again?
Theoretically you already need to have a relationship with the sender today. Set an inbound fee and some people will set a high fee which catches the unwary and many legit senders simply will refuse as a matter of policy.
The obvious implementation would warn the caller that there is a fee and tell them how much it is, and then notify the recipient if they had a caller who refused the charge and provide their number.
Robocallers might then refuse the call if there is any fee at all, which is great, and then if you get the one from your doctor's office you see it in the call log and can exempt the number for next time.
Make it hard for people to reach you and they’ll be happy to just hang up. They have better things to do than get through to people playing elaborate games. It’s usually hard enough to connect to a doctor’s office as it is without expecting them to jump through hoops to get you on the phone.
"Press 1 to pay $0.10 and connect the call" is an elaborate game?
It doesn't happen to anyone who regularly calls you because you've exempted them but it handles the case of someone you know calling from an unusual number with something important, because they just pay the pittance. But spammers can't afford to do that at scale, and if they can you can raise it to $0.25.
I'm not sure what you're referring to as an unnecessary burden. Identifying who it is you consent to have call you? How do you propose to avoid that without allowing either everyone or no one to call you?
This sounds like a pretty huge hassle to me as a phone customer, honestly. I'd prefer that they just have to get my consent first. It would be a lot cleaner and easier for everyone, including the marketers.
Did you want the version where consent is easy to get and then you still get tons of spam calls, or the one where consent is hard to get and then many useful services don't exist?
And how would a consent law help anyway? Many of these calls are literally scams. They're already illegal and the problem is a lack of enforcement.
If you are that bothered by spam calls you probably need to make the tradeoff that you’re ok with not being able to reliably receive calls from numbers that aren’t on an explicit white list.
Various fixes are underway but today you have to make that personal trade off.
Phone calls to mobile phones are much more expensive in other countries.
In the US, mobile phones share their area codes with landlines, and it's the person with the mobile phone who pays for the "airtime" of their incoming (these days it's basically free so you can't tell, but historically it was much more expensive)
In the rest of the world, mobile phones have their own special area codes that are charged to a higher rate to the person who is making the call, and incoming calls are free for the mobile subscriber.
If you look at the pricing plans for VoIP providers, calling a mobile phone can be up to 10x more expensive than a landline (e.g. I'm seeing for France a landline is 4c/min, a mobile is 17c/min on RingCentral). But calling a US phone of any kind is often even completely free.
> Phone calls to mobile phones are much more expensive in other countries.
No… that isn’t why. Where I live both are rated the same which is to say, essentially free. We still don’t get this.
I’ll tell you what it actually is: American exceptionalism. Again we’re talking about a country so allergic to regulation that some poster above was talking about inbound fees. Yeah no, here we just regulate, and it works, and I’ve never had to think about it. Maybe just copy the working examples instead of being so dead set that it Won’t Work For Your Country.
While I think a proposed "inbound fees" soloution is a ridiculous one other countries do not have spam calls figured out.
The reason it happens so much more in the U.S. more than other countries is the ease of exfiltrating money from an enviroment where on average you can get a wealthy target (relatively, even if someone is living paycheck to paycheck if they're paying $4000 in rent it's a pretty big paycheck worth targeting). If the US starts to get on top of spam calling there's a very real chance that the countries it doesn't happen often in will 'enjoy' a similar level of spam as established scammers retarget their efforts.
The good news is the US telcos are forced to do a lot of the heavy lifting in forcing foreign telcos they connect with to begin using SHAKEN/STIR protocols. This means that other countries (which are in just as bad a technical position as the US) will be able to pass similar regulation on their telcos, without having to worry about accidentally forcing them to cut off entire other countries, as most legitimate telcos will have cut their teeth while dealing with the US telcos.
N.B. SHAKEN/STIR protocol requirements basically means that you can identify a call and say to a foreign connecting telco "Here are these identifiable calls that are a problem, I'm sure it's not you so go talk to the smaller telco you provide services for that you can identify with these number (even if we can't) because we don't want to be forced to cut you off". It basically removes the deniability of "Well we've got 10 smaller sub telcos servicing the country/countries and no system implemented to tell which of the 10 is selling to bad actors" because it enforces having a system going out and if your not getting your sub telcos to use shaken/stir on the way in you're the problem.
> The research also estimates the average person now receives 6.04 nuisance calls every month, while 56% of people receive nuisance calls every single week, and 83% of people receive at least one nuisance call a month.
There are industry experts who know the technical answers to your question and lawyers who know the legal ones, why should I have to come up with it myself?
Tabnine is my personal favorite as it works with most IDEs including IntelliJ, Vim and even VSCode and the suggestions are high-quality. I actually moved away from Copilot to Tabnine across all IDEs and haven't gone back since.
Yep, and this is link to disease that people often miss - when we attribute conditions and diseases to "genetics", what is implied is that it is due to some environmental exposure or detrimental pattern of behavior that hasn't been identified, causing some gene expression/mutation that ends up being harmful.
I would be curious to know if anyone has audited this for malicious code, or how one would go about doing that in the first place. Is that kind of software auditing a use case for Ghidra? A demo of using Ghidra to audit Ghidra would be interesting I suppose.
Its used to reverse engineer an unknown binary without the matching source code. Since Ghidra already is open source it be no use to audit Ghidra itself except for learning purposes. It might be useful to reverse engineer a closed source driver so you can write an open source one from scratch.
A security audit is still useful when you have sources to the program. There may still be some intended or just accidental security problems with it. Having the sources makes such an audit a lot easier to do.
Is there a standard process anywhere for vetting some software for information leakage? I would imagine that someone would deploy the software behind an MITM proxy and then look at the traffic, but it would be nice if there was some standard process or framework for this somewhere.
It's a huge code base, of course there are security issues. Same way IDA and radare have security issues. People who reverse malware take that into account.
I would expect there to be self-mutating code such that when the open source code is compiled with a particular compiler it activates a different code path (written into the compiler itself) such that the final resulting binary does not correspond to the source code if it were compiled with another compiler.
And if this resulting binary is distributed, audits of the source code wouldn't catch these modifications.
1) There are many java compilers with diverse origins. Try more than one.
2) The binary (or jar) can't lie about what it contains. Take it into an air gap and reverse engineer it, what's there is there. This includes compilers.
3) see posters comment about the impracticality of stopping someone with the money, talent, skills, and patience of the NSA :)
One might view it as a way of discouraging remote work in Colorado for various reasons. I suspect that Colorado cannot collect much income tax on remote workers given their low flat income tax, so if the tax collected in the remote employers state is higher than that of Colorado, then Colorado gets nothing.
There is no mention of Python Bundlewrap (https://bundlewrap.org/), which I have really liked, though I don't know how speed and scalability compares. I believe Bundlewrap will welcome contributors for these enhancements.
Citing some relevant papers on the subject:
https://pmc.ncbi.nlm.nih.gov/articles/PMC8229290/
https://pmc.ncbi.nlm.nih.gov/articles/PMC7258471/
https://pmc.ncbi.nlm.nih.gov/articles/PMC3930618/
https://pmc.ncbi.nlm.nih.gov/articles/PMC4586361/