Is there some reason consumers should care more about Hachette than Amazon's two-day free delivery? I'd say Amazon won the PR war before it started.
One of Amazon's tactics against Hachette has been to limit inventories, with the (clearly intended) result that their titles are out of stock at Amazon a lot of the time, with delievery times for Amazon orders in weeks, not days. If two-day delivery is the basis for PR "victory", they're throwing it away...
]]>Short summary: "nothing personal, it's just business". As to the effect on their customers: " this business interruption affects a small percentage of Amazon's demand-weighted units. If you order 1,000 items from Amazon, 989 will be unaffected by this interruption." Because hey, one item is as good as another item, amirite? (They do also suggest that people who want prompt service on affected items order from their competition.)
The final, lovely touch is their sop to authors: if Hachette sets up some kind of fund for affected authors, Amazon will match Hachette's contributions. Because money for current sales is the only thing at stake.
]]>Does anyone have statistics on how many Big 5 mid-list authors are making a full-time living at it now? My anecdotal impression just from hanging out at cons and the like is that at least in the US, it's common for them to either have day jobs, or the support of a working spouse, or both.
(Granted, some of this has to do with what it takes to keep access to health insurance in the US, and to that extent, it may be changing a bit -- I understand the phenomenally prolific Seanan McGuire was recently able to give up her day job in part because she was finally able to get insurance at affordable rates through Obamacare. But even past that, one mid-list book advance a year, or even two, really isn't a lot to live on in much of the country...)
]]>Funny thing is, the infamous EC-DBRG random number generator, recently de-standardized by NIST, looks like it may have been exactly that. Here's the theory:
First off, a lot of crypto relies on good sources of random numbers, for key material, nonces, and the like. If your keys are known, or predictable, or can easily be chosen from a known space a of a few million elements, it doesn't matter what the algorithms are: anyone with a modern laptop can try every possible key quickly enough that you're compromised. This is why a lot of pseudorandom number generators which are good enough for many purposes (e.g., linear congruential) are completely unsuitable for cryptographic use.
But a random number generator with a cleverly concealed pattern is difficult to tell from a good one, unless you know what pattern you're looking for. So, the trick (for the NSA) is to construct a PRNG whose output contains patterns only they can extract in useful form.
How could one do this? Public key encryption. The EC-DBRG random number generator has two components. The first is a pseudorandom number generator which is "bad", in the sense that its state can be trivially reconstructed from a few samples of the output. The second is a strange series of operations which just happens to look exactly like encrypting the output of step one with a public key using an elliptic curve algorithm. Thus anyone who had the corresponding private key could invert step two, and recover the samples of the underlying process in step one --- making the output of the whole thing predictable thereafter. But to people without the private key, it's secure.
The NSA has never admitted that they have the private key required for this, but at this point, everyone (even NIST) is more or less assuming that they do.
(BTW, there's another approach, if you're capable of messing with hardware designs: bugs that show up only if a very particular sequence of operations occurs. It's easy to verify that hardware is doing what you want it to; it's awfully hard, these days, to verify that it can't be made to do something else when suitably tweaked.)
]]>Looking back further, at least one security researcher has found apparent Heartbleed exploit attempts in log files dating back to November, 2013 --- several months before the announcement:
]]>Mary Robinette Kowal says she's been running Scalzi's blog in his name for the past month (including the "reader questions" week):
http://www.maryrobinettekowal.com/journal/ive-john-scalzi-past-month-didnt-notice/
Subversion source control project switches its own development repository to git:
]]>In pilots' forums, I've seen them mention other conditions that happen at altitude. The two most salient are broken equipment screwing out garbage that's confusing ATC (and shut down at their request), and a transponder that's literally on fire. This stuff does actually happen --- and so far, rather more often than, well... whatever happened here.
(BTW, minor correction to prior comment: it was a programmed change hard left of the plane's expected route. Can't edit. Grump.)
]]>So, a programmed change in the flight path hard right of the plane's expected route, with no notice to air traffic control in repeated voice communications, is "explainable by depressurization or electrical fire"?
Please connect the dots...
]]>As of the aircraft's last ACARS ping, at 1:07 AM local time, the flight plan had already been altered in the plane's flight management system. This was while the crew was still in contact with Malaysian air traffic control, and giving no indication of anything wrong.
It is, of course, reasonable to suppose that the pilots might alter the flight path in response to some emergency --- but if they had, then why was there no hint of it in their radio communications with air traffic control. (Or someone's radio communications ... but the Malaysians are now saying that it was the copilot's voice on the last transmission.)
Like everything else that's been reported about this flight, it has to be taken with a grain of salt: the official story has changed more than once in significant ways. (It's no longer considered established fact that ACARS was disabled before the plane ceased voice communications; all we really know is that it did its regularly scheduled update at 1:07, and missed the next one, at 1:37.) But if this holds up, it's really hard to see how this was anything other than a deliberate choice by whoever was flying the airplane to take it off course.
Source: http://www.nytimes.com/2014/03/18/world/asia/malaysia-airlines-flight.html
]]>Which, to summarize, is that the plane suffered an electrical fire, which caused the radios to fail, and the pilot to turn back towards Malaysia. And then the pilot was overcome by fumes and the aircraft continued on autopilot.
However, if I'm reading the maps right, then having the plane continue straight on that course would put it quite a bit due east of the "southern arc" of possible final positions, from the satellite pings. So if that's right then there were, at least, subsequent course changes.
(I'm not sure that straight flight in any direction puts you on either the northern or southern arc of possible positions for the satellite pings.)
]]>Which should have occurred to me; one of the possibilities being bandied about in the rumor mill is that MH370 itself evaded radar detection over some of its flight path by shadowing a legitimate flight in exactly this manner, close enough to look like a single plane on radar --- and, obviously, with its own transponder off.
Your scenario does set up a situation in which the 777 squawking the bizjet's identity has a primary radar return that's way larger than any bizjet has any right to emit --- but it's not clear that that would raise any alarms. (And it's not the sort of thing that a controller at JFK or La Guardia would be likely to notice on their own; they are phenomenally busy and distracted on a good day. Though having the plane come in as a bizjet gives you more options for the fake flight plan --- Teterboro is actually closer to the southern tip of Manhattan than JFK.)
]]>By the way, I've heard nothing about voice analysis indicating whether the person communicating with Malaysian ATC was a member of the original flight crew, but you'd think there would be recordings.
]]>Well, the best evidence against North Korean involvement is probably just that the plane's last satellite ping put it at least 1500 miles from Korea, possibly much more. (The closest spot to Korea along the northern arc of possible ping positions is pretty close to Hanoi.)
That said, the North Korean regime is not exactly known for its sagacity or concern for superpower opinion. The North Korean nuclear program, for example, has deeply vexed both the US and China in the very recent past.
In any case, as I noted above, there are plenty of other sketchy governments in the area that might want to mount this sort of operation, to say nothing of intelligence agencies with little, if any, respect for their nominally superior civilian authority. Both Pakistan and Iran come to mind there. The eastern tip of the northern arc of final ping positions is over Kazakhstan, with those fun-loving crazies in Uzbekistan not far south, and Afghanistan and Pakistan a bit further on.
]]>First off, there's a big problem with the 250-ton cruise missile scenario: getting the thing to its target without it being detected by radar, interdicted, and shot down. Ordinary cruise missiles deal with the problem by flying at low altitude, and having small radar cross-sections. The Sept. 11, 2001 attacks got into controlled airspace by being airliners with legitimate flight plans. I'm not sure either option works for a black-flagged jumbo jet flying in from over the ocean. (That said, One World Trade Center is not yet open to the public.)
On the other hand, there's precedent for kidnapping techies: Mexican Drug cartels have nabbed several dozen cell phone technicians (at least) for work on their private networks. And while North Korean kidnappings (of which there are regrettably many), have generally been very discreet, the intent here seems to have been for the plane to vanish over the ocean, leaving the victims presumed dead. And they wouldn't need to train a pilot if they could bribe or coerce one. It still looks crazy --- but if the pilots deliberately shut down the radios at a change of control and then disabled the passengers, crazy is all that's left. (Though North Koreans are far from the only possible suspects for such an operation, even among sketchy regional governments!)
As to the heist scenarios: one of the odd coincidences feeding the rumor mill was trouble with X-Ray cargo inspection at Kuala Lumpur. They were having trouble with the units all day --- but MH370 may have been the only plane to depart without any X-Ray cargo screening whatever.
One last note: there are a lot more places to ditch a 777 if you don't care whether either the plane or the runway is ever in shape for a subsequent takeoff.
]]>