These affidavits aren't used to penalize the individual, they are used to protect the casinos from nuisance lawsuits when they escort the individual off the property. Basically, if you sue claiming assault, you are opening yourself up to a criminal charge. It's an effective deterrent.
A casino doesn't ever need to call the cops to deal with you, they have their own private force.
Some casinos have public law enforcement, depending on the state. They don't need an affidavit to trespass someone (likely at the summary offense level depending on state), especially since it's all recorded. You shouldn't be able to sue someone while committing a trespass due to the clean hands doctrine, depending on state.
Getting trespassed from an Indian Casino can technically be an international incident; it happens now and then - the sovereignty of tribal nations is a real thing, even if not what you might expect.
Correct. The keys are only used for signing JWTs. Trust was established with the vendor out of band from this wire protocol (the URL they scan for public keys).
I'm not sure I understand, but haven't you just moved the problem to the out of band layer? And is that layer not secured using the same normal (somewhat) long-lived TLS as most sites?
I don't think I understand the threat model you are using here?
Think of the out of band layer as two human executives exchanging URLs and GUIDs in person. You still need a secure transport, but in this model the thing that is being secured on the wire expires within 15 minutes. The only way to break the model is to defeat a transport or protocol key and only before rotation, revocation and expiration can catch up each time.
Can you share more detail on the exploit itself? Does the shell escape give you access to programs that require a paid account, or does the shell escape give you root access?
When escaping, you can invoke custom commands and binaries. If a tool is not available, just place them (mail yourself there, use zmodem, ...), via chmod. But you have a disk quota of 20mb, so you're limited as unverified account.
But the whole thing is: if you can escape as non verified user, than you can mass automate it to do ddos etc...
It's unclear why one would ever need to do this. Is it for power savings? What other use-cases would benefit from turning the FPU off between instructions?
Yes, for power savings. But I'd need to do a bit of a study on my code to see if it's even worth it. Since the majority of it doesn't use the FPU, it could help. But it might not be worth the effort.
You can have legitimate use cases where it's a core functionality of the application to store it, so the user obviously knows it's being collected and agrees by using it.
Nothing external needs my precise location to navigate with a map. An approximate location is sufficient to deliver to my device a map of an area I'm in, and of the overall route, and all of the details that are useful for navigation.
Fitness apps can be local. We have pocket supercomputers; certainly, we don't need help from the clown to keep track of how far (or how energetically) we biked or walked today, or where that took place.
The problem is really one of supply and demand. Whatever SV talking heads say is a post-hoc rationalization on top of this basic fact.
We have too many PhDs (I say this as one). It's never been easier to get one. Most PhD topics are incremental and derivative whereas they should be seminal and ground-breaking.
Unfortunately, with credential inflation, this cycle will escalate. Soon people will complete two just to qualify for an academic position.
I would blame the monopolization of the economy. A few corporations purchasing big chunks of the industry control the job market create a bottleneck where supply of jobs is controlled by a few corporations. Once all jobs are controlled by a few decision makers the precarious work conditions, diminished salaries, abuses, etc. come naturally.
> Unfortunately, with credential inflation, this cycle will escalate.
Even if everybody had high education, companies would still compete for the best employees. There is no competition for employees because large corporations have agreed to not do so.
Apple, Google, Intel... discussed no-poach as a way to keep salaries low. Has anything changed?
> Even if everybody had high education, companies would still compete for the best employees. There is no competition for employees because large corporations have agreed to not do so.
Yes, but the degree itself used to be a signal. Of course the school mattered, but getting the degree was considered something. Now the only thing that matters is the school.
> Apple, Google, Intel... discussed no-poach as a way to keep salaries low. Has anything changed?
They wouldn't be able to do that if supply was low. In the 70s-80s, PhDs could incorporate themselves and consult to a very comfortable middle-class living. Nowadays, that's basically impossible for an average PhD. Supply really does matter.
This is exactly the problem - early on there was a lot of "low hanging fruit" in science - entire new areas where our tools and capabilities for discovery and analysis got way better very quickly. Think of everything that better telescopes, scanning electron microscopy, and computerization allowed.
Complaining that "Why doesn't progress go fast like before?!" when the newest tool-side improvement is a slightly faster CPU or a new clanker model.
I think there's this group of folks who are like "Why don't we have flying cars?" and eventually realize the problem is physics, but have to somehow blame people instead.
> This is exactly the problem - early on there was a lot of "low hanging fruit" in science - entire new areas where our tools and capabilities for discovery and analysis got way better very quickly. Think of everything that better telescopes, scanning electron microscopy, and computerization allowed.
This trope gets repeated every so often but it's just a trope. In 1900s people felt all physics was solved, then came relativity and the photoelectric effect.
In the 1940s, after the second world war, atomics was the ultimate of physics, then we developed transistors. Until 1950s, sand was basically a worthless resource, and now, good quality silica commands a high price in the global marketplace. Truth is, there are many low-hanging fruit, we cannot even guess what we don't know when we don't know it. I wager that we have barely scratched the surface of what is possible.
Past performance is never a guarantee of future performance, that's a gambler's fallacy. Just because we found out more groundbreaking stuff before, doesn't mean we will continue to do so.
There are actually hard limits to things, too. For example, we basically can't make transistors any smaller. Like, physically it's not possible.
"physics being solved" feels like it backs the original refinement point - we still use the formulas of Newtonian physics in non-extreme cases, and while those extremes definitely matter in important areas (nuclear power generation, semiconductors), they feel more like exceptional circumstances.
In any case, I agree with the argument for funding more general research because we don't know where the next advance will happen, and even a discovery that only applies in exceptional/narrow cases can have a lot of value.
It still takes 3 - 5 years or more even for that incremental progress. It takes years to just catch up on the field! Do we expect PhD candidates to subsist on barely livable wages until they eventually publish a ground-breaking result? That kind of disincentive to even start a PhD would not be conducive at all to progress.
Yes, most PhD theses are scientific and commercial dead-ends (even more reason not to gate the degree on ground-breaking results!) but they do serve to cull the problem space, and that's exactly why we need more of them. In fact we should even provide some incentives to publish negative results in academia.
Most PhD topics are incremental, because you are supposed to do a PhD very early in your career. Because the American system won and the PhD become the terminal degree. Which you often do as a student rather than even a junior professional.
In my experience, academic researchers are more likely to do significant independent work in their 30s than in their 20s. Some academic cultures have higher doctorates, habilitations, or similar milestones to wrap up this period of peak productivity, but those remain national oddities.
This is a good point. Regrettably, most get pushed out of the current system before they have a chance to hone their skills. Society doesn't get to benefit from their best work.
Your comment about PhD topics incremental reminds me of what someone once told me about getting a PhD - you learn absolute everything about almost nothing.
That’s not a knock on PhDs, rather it’s a waste of great talent to be so hyperfocused on one deep incremental topic, then to hope someone has a job for you in that specialized topic upon graduation so you can add the most value.
Do you think the boundary of science isn't pushed forward incrementally? Not every person can be an Einstein, hell, not every generation has an Einstein. And Einstein couldn't have done what he did for science without the foundation of those "incremental and derivative" advancements.
This nonsense falls apart at the barest inspection. Science IS BORING. And it should be.
Take for example a muscle building study that found that the biceps grew significantly more when tension was maximized in the stretched position. Science based lifting people hawked for years that the "stretch mediated growth" was king. All based on that one "seminal and groundbreaking" research. Years later when a "incremental and derivative" study was done on the hamstrings found no stretch mediated growth effect. Without the boring work, we wouldn't know that some muscles grow faster when tensioned under stress and some don't. And we still don't know exactly why. The current leading theory is it's something to do with the balance of fast vs slow switch fibers that make up the muscle, but we don't know without more derivative and incremental research.
Hell even under your criteria, if the stretch mediated effect wasn't found in the original study you'd probably classified it as incremental and derivative too.
Want another example? How about this one, a scientist was studying which tricep movement produced the most growth. It's obvious right? It's the one that lets you load the most weight onto the triceps, or at least the one that lets you load the most weight onto the most heads of the triceps. Boring. Derivative. Incremental. Except this study found that despite "common sense" it was actually the overhead tricep extension. You can't load it the heaviest, it's mainly targeting just one head of the tricep, it makes absolutely no sense. But science has proven it to be the case. Later "incremental and derivative" research has proposed a theory that since it's overhead, the muscles go slightly hypoxic during the lift and that triggers a stronger growth reaction, and in fact, applying a band for vasoconstriction around the arm and doing bicep curls was found to lead to more bicep growth than doing it without the vasoconstriction. All of this is incremental science. All of this advances our knowledge of how the body grows.
Science is slow. Science is advanced unpredictability. Science is boring.
Anyone can cherry pick examples to support that science is incremental (or not). The current structure of academic science struggles to reward creative thinking, struggles to support eccentric thinking, and struggles to move outside of their ivory domain based towers. It’s both a bureaucratic issue and one of hierarchy and power within science itself. I have seen far too many physicists resist changing how they teach because they have already figured out how to educate how dare you question them. I have seen far too many seismologists refuse to use non acoustic data sets because why wouldnt seismic data be enough? These are often even young people who refuse to step outside of their domains point of view perhaps from fear that they will never secure a faculty position. Additionally it is often times driven by university politics and finances. For example, Most R1 universities large revenue source is grant overheads, and yet most faculty have little say on how those overheads are spent because university democracies and leadership have been replaced with administrators building bureaucracies. I say this as a scientist for 15 years whose published over 30 papers, won grants, advised phds and postdocs, etc. the system would do well to change if only to give more time back to scientists to do science they find interesting instead of what can be keyworded in to grant applications.
> Anyone can cherry pick examples to support that science is incremental
This is not a rebuttal of what I stated. You dismiss my data and provide no data of your own, just feelings. I appreciate what you're trying to say, but bring data or else we can't discuss it meaningfully.
“I am, somehow, less interested in the weight and convolutions of Einstein’s brain than in the near certainty that people of equal talent have lived and died in cotton fields and sweatshops”
Nietzsche argued that genius is more frequent than we think, but that something else is missing for its realization ("the five hundred hands"):
> In the realm of genius, might the “Raphael without hands” — the term understood in its broadest sense — be not the exception, but the rule? — Genius is perhaps not so rare after all: but the five hundred hands it needs to tyrannize the καιρὁς, “the right time” — to seize chance by the scruff of the neck! [0]
This chestnut gets trodded out every so often but it's frankly absolute and total nonsense sold by anti-intellectuals and bought by people from all walks of life.
Science is and always was incremental. The breakthroughs come from truly unforeseeable places. It takes seemingly niche and unprofitable and incremental research like studying bacteria living in volcano vents, for us to have PCR.
VCs expect a sliver of their companies to become Unicorns, we understand it to be a numbers game. That grace is given to entrepreneurs but scientists need to grovel for cash and endlessly show that their research is "translatable" or sufficiently impactful.
Sorry, I've heard this one too many times before. Thanks for your contribution to our world's knowledge, I hope you value it as much as I do.
VCs don't manage public money, and they also have their own filters to pick who gets to play the lottery. (And the VC ecosystem has its own set of impact metrics. the sacred KPIs! CLV, CAC, YoY! and of course just scientists know which grant organization wants which buzzwords, just as founders know which VC loves which overhyped contemporary meme.)
None of these spheres of life are, uhm, perfect, but this PR problem is completely the fault of academia, that they cannot sell this lottery model as well as the biz world. (Though I think maybe we should take a minute to consider how well loved investors and capitalists are nowadays!)
That's still an immense amount of code for a chat interface essentially consisting of a text box and a button, which any OS (mobile or desktop) can usually throw up in a few lines of code.
A casino doesn't ever need to call the cops to deal with you, they have their own private force.
reply