The rate of infection you refer to is probably the rate of detected infections. The true infection rate is probably higher. What else do you suggest than herd immunity? The only other solutions I see is containing the virus, which is very hard at this point, or developing a vaccine, which will also take some time.
Perhaps, but in today's world if you tell a company you find something offensive they're likely to listen (for fear of PR fallout). Admittedly, I find all ads offensive (to my time) so it's disingenuous but it works—for now—so I'll keep doing it.
Is that so? I recently bought some fake-plastic bags made out of plant matter (not fossilized mind you) in the hope that they would be more environmentally sustainable. As I remember it, googling did not turn up any conclusive evidence to the contrary. Why do you think banning plastics would be a bad idea?
- there are very many plastics with different properties, and - AFAIK - not all of them can be replaced with plant matter
- replacing all plastics with plants will likely compete with agriculture for land use
- if you just went and banned plastics, we'd have to use things like glass, metals and woods instead; not sure how the manufacturing footprint compares between metals and plastics, but just consider that if every plastic item you have around you was made from steel instead, how much heavier everything would be, and how it would impact energy requirements to move those things around
While what you say is true, taking public transport makes people move around more: going to/from the bus-stop, changing at connections, standing up in the metro instead of sitting etc.
Here is a study on this subject: http://www.bmj.com/content/349/bmj.g4887
Its conclusion: "Men and women who commuted to work by active and public modes of transport had significantly lower BMI and percentage body fat than their counterparts who used private transport."
This should be the major argument against GnuTSL and OpenSSL. PolarSSL is symbolically verified!
You can see some screenshots at http://blog.frama-c.com/
but unfortunately their frama-c annotations for polarssl are not open source. It would help a lot if such annotations could be used for similar crypto APIs also.
There are many more such symbolic verifiers and bugfinders out there (using solvers), but Frama-C was one the first and is still one of the best.
I wonder how to reconcile the symbolic verification of PolarSSL with FRAMA-C with the top comment on this thread, where someone evaluating PolarSSL found a memory corruption flaw within a day of looking at it.
The most likely explanation is that the memory corruption flaw was found in a different PolarSSL version than the one the verification kit applies to. The PolarSSL verification kit is a recent development. The available verification kit applies to version 1.1.8 with patches that have not been released yet. Another verification kit is being finalized for the 1.3.x branch.
Another possibility is that the person who found the memory corruption was not using PolarSSL in the same configuration as the one described in the verification kit. PolarSSL allows to select sub-components at compile-time, and to select between implementation options within these components. Finally, there is always the possibility that a bug remains for compilation parameters other than the ones the verification was configured for. If I did not do too bad a job, this comment should make it clear what kind of differences could explain a bug remaining: https://news.ycombinator.com/item?id=7573483
There is always the possibility of a bug in Frama-C having for consequence a bug in PolarSSL not being found. This is far less likely than the previous commenter referring to a version that was not verified.
It should be pretty easy to verify which case it is: acquire the verified version of PolarSSL and check to see if the memory corruption bug, found 2 days ago and reported publicly, is in that codebase.
Yes, Privacy Enhanced Mail is not part of the verified PolarSSL configuration. And the bug at https://github.com/polarssl/polarssl/issues/83 is definitely the sort of bug Frama-C would “not shut up” about, as Regehr puts it. The warning will only occur where the buffer overflow eventually happens, and it may be more or less pleasant to go back from the site of the buffer overflow to the bug in the fashion of http://blog.frama-c.com/index.php?post/2014/02/23/CVE-2013-5... , but Frama-C's value analysis is designed to reliably find this bug and not shut up about it.
It is not really a fork: all the necessary bugfixes to make the chosen PolarSSL version free of undefined behavior have been contributed back and either have been released or are pending release.
It is more a choice of version, choice of compilation platform (some bugs only occur with 64-bit pointers or unsigned chars —the verification in question has been done with 32-bit pointers and signed chars, no guarantee is given for other parameters) and description of a library configuration.
The PolarSSL Verification Kit takes the form of a 8-page description of the above parameters and a 100-page technical annex with all the formal specifications and justifications. You only need to read the second part if you don't trust the kit's authors. Like similar documents are, the technical annex is intended to be audited by picking a piece at random and checking the reasoning locally and how it relates to the other pieces.
The other commentators haven't mentioned the fact that perhaps you could instead try to accept the fact that there is nothing wrong with being mediocre. By definition, most people are. Try to look into why you fear being mediocre? Also, perhaps you just happen to perceive yourself as mediocre? Sometime the want for change is the ill that needs to be addressed, and not the perceived faults in yourself. Good luck however you proceed!
I'll agree to my optimism and it being a claim. Its untrue in Germany due according to the article but is the problem legalization or the laws trying to promote said legalization?
Criminal organizations seek out areas of gratification like this and once in their clutches it seems next to impossible to remove completely. Prohibition patently isn't working but instead of seeking any possible alternative, we stick our head in the sand and continue business as usual.
My problem is I see inefficiency. The war on drugs or terror are both incredibly, woefully inefficient and nothing is changing for the better, only the worse.
