Slashdot Mirror

This is not, of course, to suggest that there is anything edifying about
what LaMacchia is alleged to have done. If the indictment is to be
believed, one might at best describe his actions as heedlessly
irresponsible. and at worst as nihilistic, self-indulgent, and lacking
in any fundamental sense of values. Criminal as well as civil penalties
should probably attach to willful, multiple infringements of copyrighted
software even absent a commercial motive on the part of the infringer.
One can envision ways that the copyright law could be modified to permit
such prosecution. But, "'[i]t is the legislature, not the Court which is
to define a crime, and ordain its punishment.'" Dowling, supra at 214
(quoting United States v. Wiltberger, 5 Wheat. 76, 95 (1820)).

..students who are good with math are less likely to be happy, and are likely to have low confidence. From the article "In essence, happiness is overrated" says study author Tom Loveless.

Really? Didn't anyone stop to think that maybe math is overrated?

However, as I'm sure many will point out, there are other uses for math too, but unless you had some special teachers or mentors, you won't find out about them in the typical public schoo. Of course with guys like Tom Loveless dictating education policy and believing things like "happiness is overrated" and associating that with math, the negativity surrounding math comes as no suprise.

You're out of your g*ddamn mind if you are seriously contemplating this. The fatal crash rate for general aviation is 50 times higher than for commerical airliners. It's 20 times more dangerous than driving. (All this from here.) All this to say nothing of the considerable added cost. Take a pill and call me in the morning--this reactionary nonsense is what got us into the mess we're in in the first place.

I also strongly, strongly recommend A Random Walk Down Wall Street. If you want a one-Web-page summary of why most other sources of investment advice are not to be trusted, see Greenspun.

Maybe Apple did this because 99.9% of the people in the world have found that case sensitive filesystems cause more confusion than they're worth? Just guessing.

My favorite quote is from Philip Greenspun: The great case-sensitivity winter descended upon humankind in 1970 with the Unix operating system.

So you take 2 years writing specs, another two years developing and guess what, when the project is out it is based on obsolete technology and business rules.

Maybe for your dinky little online todo list / social networking web site this is true, but for Enterprise Applications (i.e. ERP systems) that have an average lifespan of 20 years, 2 years of designs and requirements is worth it. Maybe more if you're replacing a 20 year-old legacy system that was written using COBOL and deployed on the Big Iron.

At my previous employer, we were using such a system (a bookkeeping application written in RPG for AS/400) that had been thrown together in the late 80's with no design/requirements process - just lots of ad-hoc requests from PHBs. The result was shoddy application, lots of grief from end-users, consistently irritated customers, and (of course) a lucrative 20-year "bug-fixing" contract for the consultants who had written the application in the first place.

Fun related reading: Sites that are really databases (scroll down to "Why don't customers wise up?")

As for technologies being "obsolete" - your last energy bill was most likely generated from an application written in COBOL 20 years ago. Just something to think about.

Philip Greenspun has answered this rather clearly, imho.

elevators in new buildings have notoriously high problem rates for the first year or so "slashdot" for the elevator crowd: http://www.greenspun.com/bboard/q-and-a.tcl?topic= Elevator%20Problem%20Discussion "Incidents involving elevators and escalators kill about 30 and seriously injure about 17,100 people each year in the United States, according to data provided by the U.S. Bureau of Labor Statistics and the Consumer Product Safety Commission. Injuries to people working on or near elevators - including those installing, repairing, and maintaining elevators, and working in or near elevator shafts - account for 14- 15 (almost half) of the deaths. The two major causes of death are falls and being caught in/between moving parts of elevators/escalators. Incidents where workers are in or on elevators or platforms that collapse, are struck by elevators or counterweights, or are electrocuted are also numerous."

While the things that you list are true, there is one crucial difference between scientists and 99% of the rest of the working class: they love their work. They enjoy exploring new concepts and testing predictions. Unlike the guy working drive-thru at McDonald's, scientists get a real sense of joy and accomplishment out of their work, which in large part diverts their attention from mere financial gain. If scientists hated their jobs half as much as most people, they could be making as much money as the puppets in their universities' administrations.

Greenspun further describes the typical scienst in his article :

Some scientists are like kids who never grow up. They love what they do, are excited by the possibilities of their research, and wear a big smile most days. Although these people are, by Boston standards, ridiculously poor and they will never be able to afford a house (within a one-hour drive of their job) or support a family, I don't feel sorry for them.

Unfortunately, this kind of child-like joy is not typical. The tenured Nobel Prize winners are pretty happy, but they are a small proportion of the total. The average scientist that I encounter expresses bitterness about (a) low pay, (b) not getting enough credit or references to his or her work, (c) not knowing where the next job is coming from, (d) not having enough money or job security to get married and/or have children. If these folks were experiencing day-to-day joy at their bench, I wouldn't expect them to hold onto so much bitterness and envy.

In short, some young people think that science is a good career for the same reason that they think being a musician or actor is a good career: "I can't decide if I want to be a scientist like James Watson, a musician like Britney Spears, or an actor like Harrison Ford."

Philip's argument makes good sense to me.

The article was noting that teaching Science isn't very rewarding, either:

"What happens is that the system tends to beat them down," Padilla said. "Working conditions are poor, it's a difficult job, and the pay isn't that great."

So, I would say that, on the face of it, Science just doesn't pay, and a lot of us are really interested in getting paid.

What does pay? Perhaps research, (which Vernor Vinge called "Search & Analysis," and noted was at "the heart of the economy,") perhaps technology, perhaps being a system administrator, or being a mechanic, or something like that. Perhaps being a business person or a manager. I wouldn't really know; I've not asked the question "How do I make more money?" deeply enough.

But answering the question "How does the natural world work?" doesn't seem to be where the money is at. "How do I make this better?" seems to be only a little bit closer.

I would prefer that we asked the question: "How do we make the world a more satisfying place for all people in it, and ensure that nature grows healthier and healthier?" Unfortunately, the pay isn't so good. Perhaps the questions necessary child is: "How do we make this pay?"

Why does anyone think science is a good job?
The average trajectory for a successful scientist is the following:
1. age 18-22: paying high tuition fees at an undergraduate college
2. age 22-30: graduate school, possibly with a bit of work, living on a stipend of $1800 per month
3. age 30-35: working as a post-doc for $30,000 to $35,000 per year
4. age 36-43: professor at a good, but not great, university for $65,000 per year
5. age 44: with young children at home (if lucky), fired by the university ("denied tenure" is the
more polite term for the folks that universities discard), begins searching for a job in a market
where employers primarily wish to hire folks in their early 30s

This is how things are likely to go for the smartest kid you sat next to in college. He got into Stanford for graduate school. He got a postdoc at MIT. His experiment worked out and he was therefore fortunate to land a job at University of California, Irvine. But at the end of the day, his research wasn't quite interesting or topical enough that the university wanted to commit to paying him a salary for the rest of his life. He is now 44 years old, with a family to feed, and looking for job with a "second rate has-been" label on his forehead.

What does this tell us? If you believe in supply and demand, this tells us that there are MORE than enough top quality scientists being produced and that science education is not lagging in the least and that science knowledge is a commodity. This article is a bunch of hand-wringing over nothing.

OK, I'll indulge you. Why sendmail sucks, in a nutshell:

It was designed before Internet e-mail standards were established. As a result, it contains a general purpose rewriting engine that's Turing complete--the idea was it would be able to be configured to translate addresses between BITNET, UUCP, JANET, ARPAnet, CompuServe, FidoNet, and so on, without recompiling the sendmail binary. This was important because back in the 80s, those networks all had different address formats.

Nowadays the ability to arbitrarily rewrite addresses is completely unnecessary, but Sendmail keeps the old design. This leads to a number of major misfeatures.

1. Sendmail is a pig to configure. The "new improved" sendmail.mc is slightly better than the old sendmail.cf, but still awful compared to the alternatives because it's layered on top of M4, an ancient macro processor. Compare an example postfix config and an example sendmail config. And remember, that's the new .mc file that's compiled into the actual sendmail.cf; if you ever need to do something complex that requires editing the sendmail.cf itself, you'll be faced with something much nastier.

2. Sendmail has a continuing history of poor security. 16 vulnerabilities between 2000 and mid-2006, according to nvd.nist.gov. By comparison, Exim has had 9, Postfix has had 4, Qmail 3.

3. Sendmail has lousy performance. Postfix is 2-4x faster. Take a look at some benchmarks.

4. Sendmail was designed to parse and reconstruct the header of every e-mail going through it. This makes it brittle--give it something it isn't expecting, and the results are unpredictable. This has resulted in Bcc:ed recipients being revealed to each other, unknown header fields being destroyed, and so on. It also makes e-mail forensics difficult--just because the message looked like it had the right addresses when it arrived, didn't mean it had the right addresses when it was sent, if it has passed through sendmail. MTAs should not rewrite e-mail going through them; only e-mail being passed to them directly by a client.

5. It has broken behavior when sending to multiple recipients. For example, if the To: field is missing a comma between two addresses, sendmail will send copies of the e-mail to all the addresses that it can parse, then barf on the broken ones. This is unhelpful, because if the user then re-sends the mail, most people end up getting 2 copies.

So in short: it's broken, it's slow, it's insecure, and it's awkward to configure. There are other open source mailers that have a few of those defects, but sendmail is the only one that has them all. Do a search for "sendmail sucks" and you'll find plenty of people with the same opinion as me.

So we're going to make available code that works only with mySQL. On the side we have a proprietary line of products.

Why do women shy away from this field?

Paraphrasing Philip Greenspun instead of asking "Why so few women?" perhaps we ought to ask "Why so many men?"

Here's the score on Palm and its Treo:

Hardware: Famously prone to failure.

Software: Palm thinks so highly of its PalmOS that it has switched over to Windows Mobile!

If you *did* like PalmOS, as I did, this is not an encouraging sign about Palm's support for the platform (you still can't make an appointment starting at 11 pm and ending at 12:30 am, or view national holidays, on the Calendar).

If you don't like PalmOS, well, you may be one of the first Windows Mobile fans on the planet, or you're shopping for a Nokia.

I wouldn't really trust Honda to build my Ferrari...

Interesting choice. Honda actually builds the Acura NSX, which can give a Ferrari a run for it's money:

http://philip.greenspun.com/materialism/cars/nsx.h tml

http://philip.greenspun.com/seia/

I dare you - come up with a list of viruses, that can infect a standard (or updated) installation of Debian Gnu/Linux.

The same could officially be said of Windows. Microsoft usually has a patch out by the time a virus hits the 'net. So officially Windows is "virus free". (Yeah, right.)

Unfortunately, if you don't want a virus, you need to go to the Mac. The closest thing it has ever had is a social engineering worm. Linux, on the other hand, has fallen into the same trap as Microsoft on several occasions. Granted, Linux doesn't have many viruses, but it's also not a very big target. The Mac is a far larger target, and they're still waiting.

Do you ever wonder where all the spam in your Inbox is coming from, or how+why DDoS attacks are possible?

I know, and you know. Joe Average has no clue. It's just the magical Internet to him. Especially since adding Virus Software doesn't stop the spam.

I really can't take that statement seriously, sorry.

You obviously have never actually listened to the public. They really believe that Bill Gates is the smartest man alive. Some choice quotes:

"Bill [Gates] is just smarter than everyone else. There are probably more smart people per square foot right here than anywhere else in the world, but Bill is just smarter."

"I think Bill Gates is wonderful. I am poor as dirt, but there's no reason bleaming one man for everyone's woes. Of course, he is stinky rich, but hey, he earned it. "

"William Henry Gates III is the richest man on the planet, and maybe the smartest."

"It's like walking the Vatican with the pope." (Brokaw on Gates)

http://www.fuckmicrosoft.com/content/whatsbad.shtm l
http://philip.greenspun.com/bg/
http://www.novell.com/linux/truth/no_mention.html
http://www.netaction.org/msoft/cybersnare.html
http://www.endgame.org/microsoft.html

The cookie gives the site access to information which it created in the first place, not any of your personal data.

The trick is that the cookie can be linked to your personal information.

The class "compromising cookie" scenario involves a cookie set by an embedded image from a different server.

Say that Evil, Inc runs a banner server banners.evil.com, which puts ads on kinky.xxx and on yourchurch.org (or maybe just an invisible "web bug" on either site). When you visit kinky.xxx, your browser requests the banner from banners.evil.com, which sets a cookie saying "I went to kinky.xxx and all I got was this lousy cookie". That cookie will be sent along with any request your browser makes to banners.evil.com.

Then you log in to yourchurch.org. Their home page has an image tag with a source like "http://banners.evil.com/spyonme.php?username=your name". Your browser makes this request to banners.evil.com, sending along the cookie that server set eariler. Your browser thus tells Evil, Inc your yourchurch.org username (in the image URL) and the fact the you visited kinky.xxx (in the cookie it).

Evil, Inc phones up your pastor and lets him know so that he can shame you in front of the parish the next Sunday (turns out this is all part of your church's anti-porn crusade).

seems topical enough: http://philip.greenspun.com/bg/ "How to become as rich as Bill Gates."

Source: http://philip.greenspun.com/humor/eecs-difference- explained

Once upon a time, in a kingdom not far from here, a king summoned two of his advisors for a test. He showed them both a shiny metal box with two slots in the top, a control knob, and a lever. &ldquolWhat do you think this is?”

One advisor, an engineer, answered first. “It is a toaster,” he said. The king asked, “How would you design an embedded computer for it?” The engineer replied, “Using a four-bit microcontroller, I would write a simple program that reads the darkness knob and quantizes its position to one of 16 shades of darkness, from snow white to coal black. The program would use that darkness level as the index to a 16-element table of initial timer values. Then it would turn on the heating elements and start the timer with the initial value selected from the table. At the end of the time delay, it would turn off the heat and pop up the toast. Come back next week, and I'll show you a working prototype.”

The second advisor, a computer scientist, immediately recognized the danger of such short-sighted thinking. He said, “Toasters don't just turn bread into toast, they are also used to warm frozen waffles. What you see before you is really a breakfast food cooker. As the subjects of your kingdom become more sophisticated, they will demand more capabilities. They will need a breakfast food cooker that can also cook sausage, fry bacon, and make scrambled eggs. A toaster that only makes toast will soon be obsolete. If we don't look to the future, we will have to completely redesign the toaster in just a few years.”

“With this in mind, we can formulate a more intelligent solution to the problem. First, create a class of breakfast foods. Specialize this class into subclasses: grains, pork, and poultry. The specialization process should be repeated with grains divided into toast, muffins, pancakes, and waffles; pork divided into sausage, links, and bacon; and poultry divided into scrambled eggs, hard- boiled eggs, poached eggs, fried eggs, and various omelet classes.”

“The ham and cheese omelet class is worth special attention because it must inherit characteristics from the pork, dairy, and poultry classes. Thus, we see that the problem cannot be properly solved without multiple inheritance. At run time, the program must create the proper object and send a message to the object that says, 'Cook yourself.' The semantics of this message depend, of course, on the kind of object, so they have a different meaning to a piece of toast than to scrambled eggs.”

“Reviewing the process so far, we see that the analysis phase has revealed that the primary requirement is to cook any kind of breakfast food. In the design phase, we have discovered some derived requirements. Specifically, we need an object-oriented language with multiple inheritance. Of course, users don't want the eggs to get cold while the bacon is frying, so concurrent processing is required, too.”

“We must not forget the user interface. The lever that lowers the food lacks versatility, and the darkness knob is confusing. Users won't buy the product unless it has a user-friendly, graphical interface. When the breakfast cooker is plugged in, users should see a cowboy boot on the screen. Users click on it, and the message ‘Booting UNIX v.8.3’ appears on the screen. (UNIX 8.3 should be out by the time the product gets to the market.) Users can pull down a menu and click on the foods they want to cook.”

“Having made the wise decision of specifying the software first in the design phase, all that remains is to pick an adequate hardware platform for the implementation phase. An Intel 80386 with 8MB of memory, a 30MB hard disk, and a VGA monitor should be sufficient. If you select a multitasking, object oriented language that

From reading the other comments sounds like this guy is a whiner, a sour grapes kinda guy. I knew I was too lazy to become an engineer so I stuck with computer science. I think the problem these days with any high-tech field is that you spend a lot of money on an education for an uncertain personal future. Though the future is bright the reality of it for most techies is pretty dim. If you don't believe me, take a look at Philip Greenspun's Career Guide for Engineers and Computer Scientist. And he wrote this before the tech bubble burst.

If only this had a built in phone. Even if it was just VoIP software.

Perhaps Philip Greenspun's vision of the mobile phone computer is getting closer.

Link: http://philip.greenspun.com/business/mobile-phone- as-home-computer) Discussed on Sunday - http://hardware.slashdot.org/article.pl?sid=05/09/ 25/1445212

"Absurdly over-inflated sense of own intellectual superiority only offset partly by the fact that he's a professor at MIT? check... (dammit!)"

Greenspun does seem to teach at MIT, but his resume doesn't claim that he is a professor. Courses are frequently taught with people from industry. Greenspun doesn't show up in the MIT staff directory.

So... is most shrinkwrap proprietary software noted for its conceptual integrity or innovation?

'Professionalism' is rather a loaded word, see Phil G.'s notes on it.

A good introduction to SQL databases with lots of Oracle-related examples is SQL for Web Nerds.

Well, whose fault is that? There are plenty of places where you could have bought a helicopter http://www.controller.com/listings/forsale/list.as p?catid=7&guid=1A5EB1F3AA584022948695D66E2D8E1F and places where you could have learned to fly one http://philip.greenspun.com/flying/helicopters Why should someone else have to evacuate you just because YOU did not plan ahead?

Increase RAM in your servers.
http://philip.greenspun.com/wtr/server-sizing.html /

Tcl:

1) Is a very easy language to learn, so it can be used in the templates as well as the backend.

2) Has lots of nifty introspection features, so you can do quite fancy programming if you care to - since the syntax is so simple, you can even write new control structures in Tcl itself.

3) Tcl is sort of a pragmatic Lisp: http://philip.greenspun.com/tcl/

Unfortunately, we don't have the fancy web framework in place just yet, but I think Tcl is still one of the best languages out there for web coding.

The things people put online and the security of certain systems is mind-boggling.

Eh...

Not so scary, really.

I figure the man already has my street address and phone number and stuff. What's the big deal?

People are always telling me: "You are putting your info online! You are gunna be in big trouble, Mister!"

I chalk it up to Vanity Fear. "I'm so important/beautiful, my powerful enemies/obsessive stalkers can't have my (street address, phone number, email address.)"

Philip Greenspun has had his cell phone number online for at least a decade. He's almost certainly more powerful than you are. And let's not even begin with his enemies. And yet he reports only getting 1 or 2 annoying calls.

The things people put online and the security of certain systems is mind-boggling.

Eh...

Not so scary, really.

I figure the man already has my street address and phone number and stuff. What's the big deal?

People are always telling me: "You are putting your info online! You are gunna be in big trouble, Mister!"

I chalk it up to Vanity Fear. "I'm so important/beautiful, my powerful enemies/obsessive stalkers can't have my (street address, phone number, email address.)"

Philip Greenspun has had his cell phone number online for at least a decade. He's almost certainly more powerful than you are. And let's not even begin with his enemies. And yet he reports only getting 1 or 2 annoying calls.

After College, What Type of Jobs Should One Seek?

One should always consider Philip Greenspun's tried and true Career Guide for Engineers and Computer Scientists, written at the beginnning of the dot-con, er, dot-com boom. It has a wealth of information that is as timeless then as it was before the boom, during the boom, during the bust, and after. The question you should be asking yourself, nay, the question you should be practicing is: "Would you like fries with that?"

Dare I say it -- have a look at Phillip and Alex's Guide to Web Publishing. The basic concepts of what makes a good web service were pretty much laid out here. It's all still as relevent as when it was written. This is the important part. The rest is just a technical exercise.

I'm not suprised you missed the article. Probably we night owls were the only ones intelligent enough to read it.

Man, if only Bill Gates had a nickel for everytime Windows crashed, he could pay his way out...

Well in 2003 there were 593,085,000 PC's. There were 42.8 million PC's sold in Q2 2004, for simplicity lets assume that these sales remain stable for the period Q1 2004 to the end of Q2 2005 - this would equal 256,800,000 PC's baught in this period. I don't have any figures showing how many of these purchases will be replacements rather than new users, therefore I shall be conservative and say 50% are replacements giving a total number of PC's in the world at a very rough estimate by the end of Q2 2005 to be 721,485,000. About 95% of PC's run Windows, therefore the number of Window's PC's in the world at the end of Q2 2005 would equal approximately 685,410,750.

Let us assume that each Window's PC crashes twice per week, worldwide that's 1,370,821,500 windows crashes per week which equals 71,529,465,870 worldwide windows crashes per year.

A Nickel is worth 5 cents, so the amount of money you would receive per crash per year (pcpy) if you had a Nickel for every time Windows crashed would be $3,576,473,293.5, or $3.58 Billion. Windows was released in 1985 so if we assumed that there were a constant number of PC's from 1985 to 2005 that would be $71.53 billion. Of course there weren't as many PC's in 1985 so that figure would actually be a lot lot less.

As Billy No Gates has a personal wealth of over $61 billion it is safe to say that your argument has been proved!

Sorry, it's you who is wrong. Gates' family had a large fortune long before he built a giant fortune.

'Old Money' in the computer industry is a self-contradiction.

The Gates fortune came from banking, not computers, so I'm not arguing with this statement. They had money long before little Billy made his own pile. That's why he could afford to drop out of Harvard and start a business: he had mommy and daddy and a million dollar trust fund to back him up. If he hadn't had that, he would have ended up like these successful MIT graduates: a poor stiff.

Sorry, it's you who is wrong. Gates' family had a large fortune long before he built a giant fortune.

'Old Money' in the computer industry is a self-contradiction.

The Gates fortune came from banking, not computers, so I'm not arguing with this statement. They had money long before little Billy made his own pile. That's why he could afford to drop out of Harvard and start a business: he had mommy and daddy and a million dollar trust fund to back him up. If he hadn't had that, he would have ended up like these successful MIT graduates: a poor stiff.

Here is some of Gate's Bio. Incomplete of-course.

'Old Money' has nothing to do with computer industry. Gate's great-grandfather was J.W. Maxwell - founder of Seattle's National City Bank (1906). Gate's grandfather was James Willard Maxwell - banker, who established a million dollar trust for William (Bill) Henry Gates III.

From the article:

William Henry Gates, Jr. and Mary Maxwell were among Seattle's social and financial elite. Bill Gates, Jr. was a prominent corporate lawyer while Mary Maxwell was a board member of First Interstate Bank and Pacific Northwest Bell. She was also on the national board of United Way, along with John Opel, the chief executive officer of IBM who approved the inclusion of MS/DOS with the original IBM PC.


Remind your parents not to send you to public school. Bill Gates went to Lakeside, Seattle's most exclusive prep school where tuition in 1967 was $5,000 (Harvard tuition that year was $1760). Typical classmates included the McCaw brothers, who sold the cellular phone licenses they obtained from the U.S. Government to AT&T for $11.5 billion in 1994. When the kids there wanted to use a computer, they got their moms to hold a rummage sale and raise $3,000 to buy time on a DEC PDP-10, the same machine used by computer science researchers at Stanford and MIT.


and so on. Does this answer your question?

With sufficient RAM any database will cache on its own, and usually quite efficiently. Plain vanilla database-backed dynamic websites work fine. With insufficient resources on supercheap Web hosting accounts, run by inexperienced admins, they do not.

Old but true:

"IBM, Oracle, Informix, and Sybase have collectively invested several billion dollars in figuring out optimal strategies for caching information extracted from an RDBMS via a SQL query ... The stupid programmer: can't figure out this RDBMS thang and resorts to stuffing the results of queries into the Unix file system."
--Philip Greenpun on Vignette StoryServer

He was a rich, whiney little slime in 1976, and he hasn't changed a bit. It seems that being a whiney little slime is profitable.

He was a rich, whiney little slime in 1976, and he hasn't changed a bit. It seems that being a whiney little slime is profitable.

Skype have definitely got something going on, everything you read about Skype is positive. Everything you read about their compeitors is terrible!

You would think if penny pinching is good enough for Bill Gates (look for the comment on the Rotary speech), pence pinching would do for the British.

Vegemite is like Guinness ... dark, made with yeast, nutritious, and exquisitely delicious. Consumed in large quantity by Aussies. Like Guinness, you can usually tell someone's nationality by how thick they spread their vegemite (or how quickly they drink their Guinness.

especially vegimite sandwiches...

Vegemite sandwiches are like Guinness sandwiches...

"Everybody that I know that wants to sell stuff online I just point to Yahoo Shopping."

And if anyone is interested in that success, there's book about e-commerce webdesign from the guy who wrote Yahoo! Shopping.

The only "ethically challenged" group we can assert and assume with any certainty is the company providing the Apply Yourself services.

Its ethically criminal to provide a confidential service on the internet with virtually no security.

From (almost) the horses mouth: Noted web application developer and MIT professor Phillip Greenspun notes on his Harvard weblog:

• The ApplyYourself code had a bug such that editing the URL in the "Address" or "Location" field of a Web browser window would result in an applicant being able to find out his admissions status several weeks before the official notification date. This would be equivalent to a 7-year-old being offered a URL of the form http://philip.greenspun.com/images/20030817-utah-a ir-to-air/and editing it down to http://philip.greenspun.com/images/ to see what else of interest might be on the server.
• Someone figured this out and posted the URL editing idea on the BusinessWeek discussion forum, where all B-school hopefuls hang out and a bunch of curious applicants tried it out.

Liable and culpable? Apply Yourself and the B-Schools who outsourced to a cheesy service provider without, apparently, commissioning even a basic security audit.

Its of no consequence - no doubt there is at least one bright former-B-school student wannabe now contracting the services of a lawyer to sue Haavard - not for denying them access, but for allowing confidential information to be exposed to the internet. Seems to me such a suit is likely to return more than the cost of tuition to any other school in the world...

The only "ethically challenged" group we can assert and assume with any certainty is the company providing the Apply Yourself services.

Its ethically criminal to provide a confidential service on the internet with virtually no security.

From (almost) the horses mouth: Noted web application developer and MIT professor Phillip Greenspun notes on his Harvard weblog:

• The ApplyYourself code had a bug such that editing the URL in the "Address" or "Location" field of a Web browser window would result in an applicant being able to find out his admissions status several weeks before the official notification date. This would be equivalent to a 7-year-old being offered a URL of the form http://philip.greenspun.com/images/20030817-utah-a ir-to-air/and editing it down to http://philip.greenspun.com/images/ to see what else of interest might be on the server.
• Someone figured this out and posted the URL editing idea on the BusinessWeek discussion forum, where all B-school hopefuls hang out and a bunch of curious applicants tried it out.

Liable and culpable? Apply Yourself and the B-Schools who outsourced to a cheesy service provider without, apparently, commissioning even a basic security audit.

Its of no consequence - no doubt there is at least one bright former-B-school student wannabe now contracting the services of a lawyer to sue Haavard - not for denying them access, but for allowing confidential information to be exposed to the internet. Seems to me such a suit is likely to return more than the cost of tuition to any other school in the world...

The only "ethically challenged" group we can assert and assume with any certainty is the company providing the Apply Yourself services.

Its ethically criminal to provide a confidential service on the internet with virtually no security.

From (almost) the horses mouth: Noted web application developer and MIT professor Phillip Greenspun notes on his Harvard weblog:

• The ApplyYourself code had a bug such that editing the URL in the "Address" or "Location" field of a Web browser window would result in an applicant being able to find out his admissions status several weeks before the official notification date. This would be equivalent to a 7-year-old being offered a URL of the form http://philip.greenspun.com/images/20030817-utah-a ir-to-air/and editing it down to http://philip.greenspun.com/images/ to see what else of interest might be on the server.
• Someone figured this out and posted the URL editing idea on the BusinessWeek discussion forum, where all B-school hopefuls hang out and a bunch of curious applicants tried it out.

Liable and culpable? Apply Yourself and the B-Schools who outsourced to a cheesy service provider without, apparently, commissioning even a basic security audit.

Its of no consequence - no doubt there is at least one bright former-B-school student wannabe now contracting the services of a lawyer to sue Haavard - not for denying them access, but for allowing confidential information to be exposed to the internet. Seems to me such a suit is likely to return more than the cost of tuition to any other school in the world...