I would guess: age, code availability, inertia, and lack of benefit.
PBKDF2 is old, and had time to get adopted. Code is widely available for it, even included in many frameworks. Once you implemented something like this, unless it's really broken it's a lot of hassle to change it.
I fairly recently looked into implementing password hashing, and my requirement was that somebody already did the job for me, because I'm not a pro cryptographer and don't trust myself to do it right. So since Qt supports PBKDF2, PBKDF2 it is.
And Argon specifically is RAM hungry, which limits applications on things like low end virtual machines and mobile devices.
Lastpass and 1 pass launched before any of those existed except bcrypt. And I am guessing PBKDF2 was selected over bcrypt because its PBKDF2 just had more academic review.
In USA there are 120.5 guns/100 people AND 3.4 gun murders/100000 people
In Canada there are 34.7 guns/100 people AND 0.6 gun murders/100000 people
In France there are 19.6 guns/100 people AND 0.4 gun murders/100000 people
In Germany there are 19.6 guns/100 people AND 0.1 gun murders/100000 people
In Italy there are 14.4 guns/100 people AND 0.3 gun murders/100000 people
In England+Wales there are 4.6 guns/100 people AND 0 gun murders/100000 people
Sources: Small Arms Survey, United Nations Office on Drugs and Crime.·Ownership rates are for 2017. Murder rates for the U.S., Canada, Sweden, Switzerland, Australia and Spain are from 2016; otherwise, the latest available rates are used.
Because these countries are cherrypicked. If your list included places like Mexico, Brazil, Finland and Switzerland you would have a very different idea of the relation between gun ownership and gun homicide rates.
Also, I personally do not care one whit about gun homicide rates. I care about overall homicide rates, and I think most everyone else does too.
Because Telegram has headquarters in London, United Kingdom
(legal domicile) [1] and becuase conversations on Telegram are not E2EE, does that mean that they could voluntarily scanning them?
For users who signed in from the European Economic Area (EEA) or United Kingdom, the General Data Protection Regulations (GDPR) are supported by storing data only on servers in the Netherlands, and designating a London-based company as their responsible data controller.[1]
Now, question is, because there is a London-based company, are they allowed to read and store all messages?
sorry, but anti-vaxxers are empowered by doubtful and propagandistic press releases...when you have solid, scientific and independently peer-reviewed data the only thing that anti-vaxxers can do is be silent and accept them.
That is just not how anti-vaxers work, if you ever talked to one. There is a multitude of problems they can say they found even with an RCT with 100k participants. You are assuming you are talking to a person with years of experience with science and critical thinking. That's not a typical antivaxer.
And if you do talk to a person like that, no press release is a problem for them, they see right through it.
The US meeting date is based on an arbitrary scheduling rule saying meetings like this must take place 15 days after request, or something to that effect.
The FDA itself closely inspects data throughout the phase 3 trials so this review should just consist of looking at the details to see if something was missed, (ideally) not some brand new information come to light.
Wow, thanks for the info. I didn't know it was arbitrary scheduling. Seems like given the circumstances you'd hope they would just setup a meeting tomorrow.
AFAIK both the FDA and the MHRA have been getting data regularly from the various vaccine developers. They didn't have to wait for a final dump of data just to see any of it.
Given that they could halt the rollout of the vaccine at any point, it makes sense to approve ASAP to get all bureaucratic burdens out of the way, and concurrently analyze the situation. Not saying that this is the case though.
For example, the EU is going to review the Pfizer vaccine on December 29, and they have requested further information.
Yes, it's likely. Regulators are not as independent from the industry as you think. They've been getting closer and closer over the decades. It's call corruption and it's growing.
Having a reasonable fear of corruption within the regulation process is not dangerous. How is it dangerous to address real concerns that a number of people at the CDC/WHO are deeply connected to Gavi/Gates and industrial interests?
Medical isn't constrained to science. Healthcare professionals are allowed to use tradition, authority, and Art in combination with science.
It's mind boggling to Engineers to hear this, but Medicine is older than the scientific method and physicians used Regulatory capture to prevent competition.
Science doesn't have all the answers. My partner recently got into a heated debate with a pharmaceutical company she was working for because they wanted something added to their standards of care document for a rare genetic disorder they developed a therapy for.
She couldn't find a study to backup the claims that the medical team wanted to make in the document, but the lead doctor said that if this wasn't included, the patients would suffer and ultimately die.
So she said "you need to prove this in a study so it can be included, otherwise you put the company at risk". To which the doctor said "We could do that, but it would take 3-4 years, and in the mean time, the patients we're caring for would go back home, the doctors would be missing the one key piece of advice, and then they'll all suffer and die".
I'm sure many, including myself, have experienced this issue very personally and tragically. Both parties were correct in your example. In my case I was the patient advocate and would argue very strongly on the side of the doctor. Your partners case has merit as well, however, as malpractice insurance and lawsuits are impacting healthcare costs and risk management decisions considerably.
But not a lot. That's what's fascinating. At least in the US, over 95% of fatalities are people over 55. We're at 200k ~ 300k deaths for the year in the US (and I think there is reason to believe this is an overestimate, not an underestimate). That's lower than heart disease and cancer (500~600k yearly). I doubt we'll even approach those numbers by March.
Science is slow because it needs to be right. We're no longer in a time 185 years ago when Jenner could just stab people with puss he pulled off of a Horsepox infected cow. Remember that 500 years ago, the Chinese were blowing smallbox puss into people's noses (infections in the nose were typically not bad and people recovered faster) and isolated them. Many of them survived fine, but some died.
Do you want to return to that world where we just experiment on humans without regards to what that means?
This vaccine should be a choice. I'm under 40 and not in a high risk group. I'm fine with people volunteering to take this vaccine. Maybe I'll take it in 5 years. But I don't want to see this become mandatory for going to work or being able to enter a music venue.
You can quote the Jacobson decision all you want, but that SCOTUS decision only said Jacobson had to pay the $5 fine, he never was forced to take the vaccine. Furthermore Jacobson lead to the Buck decision (forced sterilization) and the SCOTUS decision that led to the WW2 Japanese internment camps. It's bad law that's bread a poisoned well of bad law.
> At least in the US, over 95% of fatalities are people over 55
I'll never understand people who say this, thinking it somehow proves their point or something. My parents are nearly 60, and easily have 20 more years of time with me and their grandkids. Why are we okay with that?
Then why not protect them specifically? Give money to isolate them if they don't live in their own homes. Provide grocery delivery services. Let them make the choice. There are some old people who are 70 and say "I want to live my life" and so let them go out and do whatever and assume the risk themselves.
We can provide support specifically to those at risk, while also respecting the liberty and freedom of everyone else. Someone with an autoimmune disease or who is 65 can choose not to go to a pub and simply not interact with the rest of the world using technology. At the same time, the pub owner should be allowed to make a damn living.
I don't think it is fear mongering. While the health institutes have access to the data, I don't. I don't think anyone on hacker news can make many intelligent statements about side effects, yet, though the press releases claim that they are similar to what is typical of other vaccines.
We are a scientifically literate society, and increasingly so. We do not simply summon blind faith in institutions to interpret the world in which we live; we share with each other and seek truth.
I do not trust governments, not only (and not primarily) because they have violated trust, but because trust in governments to be arbiters of scientific truth is not a healthy or sustainable practice in a civilized society.
Pretty much all governments have a history of maliciousness and/or incompetence. Well I think it unlikely they would allow it. It is certainly in the realm of possible scenarios.
I don't actually want the raw data as I am not an epidemiologist, but I do want to see peer-reviewed papers as the grandparent to my original comment was waiting for before making a judgment. The point is that there are very few people in the world who can currently say anything intelligent about the subject of side effects in this vaccine. From my basic knowledge of vaccines and the approval process, I suspect any side effects will be heavily out-weighed by the benefits, but right now, I have no way of making an educated assessment. To be clear, I'm not really worried about it. My point was simply that I saw only intellectual curiosity in the grandparent to my original comment where the parent saw fear mongering.
> the press releases claim that they are similar to what is typical of other vaccines.
They are much, much, worse but typically subside in a day and at most two. The side effects are bad enough that there is worry people won't show up for the second dose.
This could be the fastes approval in the whole drugs' history considering that
The assessment of a marketing authorisation application for a new medicine takes up to 210 ‘active’ days. This active evaluation time is the time spent by EMA experts to evaluate the evidence provided by the applicant in support of a marketing authorisation application.
This time is interrupted by one or two ‘clock-stops’ during which the applicant prepares the answers to any questions raised by the CHMP. The maximum duration of a clock-stop depend on how long the applicant thinks it will take to respond, but must be agreed by the CHMP. The first clock-stop usually lasts 3 to 6 months and the second one 1 to 3 months.
Overall, the assessment of a new medicine usually lasts around a year.
> This could be the fastes approval in the whole drugs' history considering that
Without a doubt. The closest competitors would be imatinib (3 years) and several other chemotherapy drugs (~5 years) meant to treat malignant tumors. The vast majority of the drugs approved this quickly, with the exception of the HepC treatment, treated diseases with a life expectancy of less than the time it took to approve the drugs so long term side effects was less of a concern.
Would those drugs be in use by the majority of the patients that need them before that though, as they'd be in the studies etc? Whereas this vaccine needs to be given to a large percentage of the population. How are flu vaccines regulated? They change yearly, correct?
Do drug approvals even have much history? My impression was that the concept of drugs needing to be approved has been around for less than 100 years, but I guess it will vary from country to country.
> The paper said EU member states have “called for solutions” to allow “law enforcement and other competent authorities to gain lawful access to digital evidence”, without weakening encryption or breaching privacy and fair trial guarantees.
This is interesting because if we consider EU27 and the Press Freedom Index we discover that 8 countries have a good situation, 11 satisfactory, 8 noticeable problems...could the 8 countries (Romania,Croatia, Poland, Greece, Cyprus North, Malta, Hungary) be somehow beneficial from the encryption weakening?
Bulgaria
> EU home affairs officials have grown increasingly concerned about international paedophile networks and in July unveiled plans to force technology companies to take greater responsibility for reporting them.
> terrorists, pedophiles, drug dealers, and money launderers
At some point, unless you want everyone making their own personal moral judgements (including people who e.g. don't think women should have rights?), it should be permissible to deal neutrally with everyone who wants to do business with you. Let the law enforcers enforce the law, let the bankers bank.
The Mexican drug cartels could not fit cash through the teller stations quickly enough, so HSBC had special teller boxes so that it was far more efficient.
> U.S. agencies responsible for enforcing money laundering laws rarely prosecute megabanks that break the law, and the actions authorities do take barely ripple the flood of plundered money that washes through the international financial system.
From your first link. It sounds like the law enforcers need to do better at enforcing the law. If they can't enforce it against the banks, how can we expect the banks to enforce the law against themselves?
"It sounds like the law enforcers need to do better at enforcing the law"
While true, it's a non-sequitur.
OP made the point that banks serve criminals and asked then who are the "real crooks". You asked if bankers can serve everyone neutrally rather than be expected to exercise "personal morality". Which is a fair question in my opinion
Questions of individual moral duty aside, however, banks are not merely neutral when the law forbids them from specific activity and they decide to do it anyway.
Now your goalpost appears to be that banks should be able to do whatever they want if law enforcement cannot do anything about it, which is a very strange stance, to be honest
This doesn't make much sense when you think about the context of the original work you're quoting.
Niemoller was writing about a fascist government. Fascism is inherently built on an "us-vs-them" conflict. The details may change, but a key point is there's always an enemy who is responsible for everything that's wrong with the world. When fascists take power, they set out to get rid of the enemy. Then they find that didn't actually fix anything, so they splinter away some of their former in-group and make them the new enemy.
That is what fascists groups in power must do, because of course everything is much more complex than they claim. Nothing is ever as simple as "if we get rid of that group of undesirables, everything will be great", no matter who those undesirables are. Socialists? Capitalists? People who post on HN? Any other group you might name? The answer is never as easy as "those people are bad."
There doesn't need to be a slippery slope from whatever the government wants to outlaw to everyone being a criminal. It depends on the structure and goals of the government. In a fascist state, yeah it's pretty much guaranteed. In the US? Well, we're a muddled mix of everything with a very mixed record and uncertain future, but at least we're not a fascist state. There isn't a guarantee that any step leads to a next step.
So it really isn't analogous to the situation the original work was describing. And it's not really constructive to weaken its point by making jokes applying it to this situation, given the point it's trying to make. But maybe the fact that so many people don't understand the context means it's already too late.
> But maybe the fact that so many people don't understand the context means it's already too late.
final answer?
so. yes, it is a joke. its funny because its Europe and has an unrelatable but likely more relevant 21st century approach to regulating unhelpful industries. I like that they made regulations against the data brokers, who are the enemy even though the data broker's individual actions are fairly benign.
The real key here is knowingly. Large banks have had a slew of "scandals" whereby they've been caught moving many billions of dollars for evil organizations the rest of us would go to prison for donating to. How many times do these organizations have to get caught for it to be handled in a fashion comparable to mere mortals?
I say "scandals" because by some miracle it never seems to be a particularly big deal in the media.
> Aguably, the news is shadowed by other, more immediate topics - it would be interesting to see how it would have been received in a non-2020-ish year.
This is what frustrates me. You can find these scandals happening way before 2020. The fact that it isn't common knowledge is distressing.
If the banks' involvement in such activities was promoted to the same extent as the political noise that currently dominates, we might have actually have made some improvement in human and drug trafficking between the 80s and now.
Especially given the abysmal state in cross border law enforcement. The Europol is mainly a purely administrative entity; police has to fax stuff around and gets results via physical mail.
It’s not “illegal” if we just contract a trusted ally to spy on our own citizens. The US, U.K., Germany, and the other five eyes do it. I’d been shocked if the French or Dutch aren’t doing it but I haven’t read about it myself.
Why every online password manager (lilke lastpass, 1 pass etc) uses PBKDF2 instead of Argon2id, scrypt, bcrypt, Lyra2?