Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Hackers Breach White House Network
wiredmikey writes: The White House's unclassified computer network was recently breached by intruders, a U.S. official said Tuesday. While the White House has not said so, The Washington Post reported that the Russian government was thought to be behind the act. Several recent reports have linked Russia to cyber attacks, including a report from FireEye on Tuesday that linked Russia back to an espionage campaign dating back to 2007. Earlier this month, iSight Partners revealed that a threat group allegedly linked with the Russian government had been leveraging a Microsoft Windows zero-day vulnerability to target NATO, the European Union, and various private energy and telecommunications organizations in Europe. The group has been dubbed the "Sandworm Team" and it has been using weaponized PowerPoint files in its recent attacks. Trend Micro believes the Sandworm team also has their eyes set on compromising SCADA-based systems. -
Skilled Foreign Workers Treated as Indentured Servants
theodp writes: A year-long investigation by NBC Bay Area's Investigative Unit and The Center for Investigative Reporting (CIR) raises questions about the H-1B visa program. In a five-part story that includes a mini-graphic novel called Techsploitation, CIR describes how the system rewards job brokers who steal wages and entrap Indian tech workers in the U.S., including the awarding of half a billion dollars in Federal tech contracts to those with labor violations. "Shackling workers to their jobs," CIR found after interviewing workers and reviewing government agency and court documents, "is such an entrenched business practice that it has even spread to U.S. nationals. This bullying persists at the bottom of a complex system that supplies workers to some of America's richest and most successful companies, such as Cisco Systems Inc., Verizon and Apple Inc."
In a presumably unrelated move, the U.S. changed its H-1B record retention policy last week, declaring that records used for labor certification, whether in paper or electronic, "are temporary records and subject to destruction" after five years under the new policy. "There was no explanation for the change, and it is perplexing to researchers," reports Computerworld. "The records under threat are called Labor Condition Applications (LCA), which identify the H-1B employer, worksite, the prevailing wage, and the wage paid to the worker." Lindsay Lowell, director of policy studies at the Institute for the Study of International Migration at Georgetown University, added: "It undermines our ability to evaluate what the government does and, in today's world, retaining electronic records like the LCA is next to costless [a full year's LCA data is less than 1 GB]." President Obama, by the way, is expected to use his executive authority to expand the H-1B program after the midterm elections. -
Ken Ham's Ark Torpedoed With Charges of Religious Discrimination
McGruber writes: Back on February 4, "Science Guy" Bill Nye debated Creationist Kenneth Alfred "Ken" Ham. That high-profile debate helped boost support for Ham's $73 million "Ark Encounter" project, allowing Ham to announce on February 25 that a municipal bond offering had raised enough money to begin construction. Nye said he was "heartbroken and sickened for the Commonwealth of Kentucky" after learning that the project would move forward. Nye said the ark would eventually draw more attention to the beliefs of Ham's ministry, which preaches that the Bible's creation story is a true account, and as a result, "voters and taxpayers in Kentucky will eventually see that this is not in their best interest."
In July, the Kentucky Tourism Development Finance Authority unanimously approved $18.25 million worth of tax incentives to keep the ark park afloat. The funds are from a state program that allows eligible tourism attractions a rebate of as much as 25 percent of the investment in the project. Since then, the Ark Park's employment application has became public: "Nestled among the requirements for all job applicants were three troubling obligatory documents: 'Salvation testimony,' 'Creation belief statement,' and a 'Confirmation of your agreement with the AiG statement of faith.' (AiG is Answers in Genesis, Ham's ministry and Ark Encounter's parent company.)"
That caused the Kentucky Tourism, Arts and Heritage Cabinet to halt its issuance of tax incentives for the ark park. Bob Stewart, secretary of the cabinet, wrote to Ham that "the Commonwealth does not provide incentives to any company that discriminates on the basis of religion and we will not make any exception for Ark Encounter, LLC." Before funding could proceed, Stewart explained, "the Commonwealth must have the express written assurance from Ark Encounter, LLC that it will not discriminate in any way on the basis of religion in hiring." The ark park has not yet sunk. It is "still pending before the authority" and a date has not yet been set for the meeting where final approval will be considered. -
FTC Sues AT&T For Throttling 'Unlimited' Data Plan Customers Up To 90%
An anonymous reader writes The U.S. Federal Trade Commission today announced it is suing AT&T. The commission is charging the carrier for allegedly misleading millions of its smartphone customers by changing the terms while customers were still under contract for "unlimited" data plans that were, well, limited. "AT&T promised its customers 'unlimited' data, and in many instances, it has failed to deliver on that promise," FTC Chairwoman Edith Ramirez said in a statement. "The issue here is simple: 'unlimited' means unlimited." How apropos. -
Can Ello Legally Promise To Remain Ad-Free?
Bennett Haselton writes: Social networking company Ello has converted itself to a Public Benefit Corporation, bound by a charter saying that they will not now, nor in the future, make money by running advertisements or selling user data. Ello had followed these policies from the outset, but skeptics worried that venture capitalist investors might pressure Ello to change those policies, so this binding commitment was meant to assuage those fears. But is the commitment really legally binding and enforceable down the road? Read on for the rest.In a previous article about Ello, I wrote:
There is, in short, nothing to stop Ello from doing what Facebook does whenever they make a significant change to their Terms of Service: presenting users with a dialog box next time they sign in, saying, "These are the new rules, by checking this box, you are agreeing to abide by the new contract which you're not going to read."
After the story had been filed, I had a second thought and wrote to Ello's PR department, asking:
Why not just make an irrevocable commitment in the TOS, to remain privacy-friendly, or ad-free, or whatever else it is that Ello wants to promise users? Something like, "This is a binding, irrevocable commitment that cannot be modified in future updates to the TOS." That wouldn't make the venture capitalists happy, but it might address some of the concerns of the users.
Coincidentally, just as I was sending that email, Ello was issuing a press release announcing that they had re-chartered as a Public Benefit Corporation (PBC), bound by a charter which is intended, precisely, as an irrevocable commitment not to run ads or sell user data.
However, as user WWJohnBrowningDo pointed out in the previous story's comment threads, the Delaware law defining a "Public Benefit Corporation" states that the charter can be modified, or the PBC status nullified, or the company bought out by another entity not bound by the original charter, with the approval of a 2/3 supermajority of shareholders. (Go here and scroll down about halfway to the section beginning "Notwithstanding any other provisions of this chapter." It's also called out on the site about benefit corporations that is linked in Ello's press release.)
So, my non-lawyer face-value reading of the situation is: Previously, Ello could only change its policy and run ads with the approval of 51% of shareholders, and now 67% is required. That's an improvement but hardly an eternal guarantee. Either way, the majority could be achieved if enough of the original founders and shareholders give in to temptation, or if the exit-hungry venture capitalists get enough seats on the board to outvote them. (I ran this past a few Internet privacy lawyers to ask if there was any more nuance to it than this -- in particular, whether a company could make a "binding promise" in their PBC character, then toss it out with a 2/3 supermajority vote and get away with it. They said they had no idea.)
So, even if a PBC charter is not an irrevocable promise to remain ad-free, perhaps we can give them credit for trying to make such a promise, to the maximum extent legally possible. Or did they? This is just off the top of my head, but: What if they had said, "To each user signing up, we promise that if we ever start running ads or selling user-specific data or otherwise violating this charter, we will pay $1,000 to each affected user."
Now that's no longer merely a "charter" but is now an actual obligation to an outside party. And a contractual obligation to an outside party cannot be nullified by a 2/3 majority or even a 100% majority of shareholders. (Imagine: "All shareholders in favor of canceling our agreement to pay back the money we borrowed from FooBarBank, raise your hands.") On the other hand, this depends on whether a court would find the contract to be enforceable.
Regardless, even if Ello never voted to rescind their charter, another potential loophole is that the charter contains no formal definition of what constitutes "charging for advertising". Ello's stated business model is to offer optional special features that users can pay to use. But conceivably they could add paid features which essentially amount to the ability to advertise to other users, such as the ability to send mass messages to thousands of recipients. (I doubt Ello would do anything as crass as to let you spam thousands of random strangers. However, in most social networking sites such as Facebook, you cannot even mass-message thousands of people who are in your Facebook friends list. That's the kind of feature that some Facebook users, and some Ello users, would presumably be willing to pay for.) Or Ello could charge extra to have a special "badge" appear next to your name, or your company name, in search results. Or, like CouchSurfing.org, they could offer to "verify" your identity by charging $25 to a credit card in your name. And if the paid features really do remain Ello's sole source of revenue, then their developers may find themselves under subtle pressure to degrade the experience for regular non-paying users, while offering increasingly attractive perks to the paid ones.
Aral Balkan, one critic of Ello's venture-capital cash infusion, told me pointedly: "Their original statement smacked of misdirection. 'Look, we just got over $5M in additional venture capital but don't worry about that because...' I still don't trust them, sorry. They're closed source, centralized, (currently at least) free to use, and they've just taken an order of magnitude more VC after the influx of users they experienced. It sounds like typical Silicon Valley fare to me. If it looks like a duck and quacks like a duck..."
I don't think it's a matter of "trust" -- I have no reason to doubt that the founders behind Ello are good people -- but when you dangle millions of dollars in front of someone, they can find rationalizations and loopholes that are consistent with their vision of themselves as a good person. And of course since hosting the Ello platform will cost money, if they don't make enough of it back from selling paid features, they will eventually make the kind of passive-aggressive announcement that is issued routinely by formerly free or ad-free services: "Look, we either have to start raising money somehow, or the service has to be shut down completely." And then regardless of how most people respond, they can say after a few days, "We have received an outpouring of support from users who said they would be willing to view ads as long as it keeps the service alive" (without saying what percentage of all user responses expressed this sentiment). Then the ads go up (I'm calling it thirty-six months in advance: some pundits will grandiosely refer to this as "destroying Ello in order to save it"), and then we're back to Facebook all over again.
-
Can Ello Legally Promise To Remain Ad-Free?
Bennett Haselton writes: Social networking company Ello has converted itself to a Public Benefit Corporation, bound by a charter saying that they will not now, nor in the future, make money by running advertisements or selling user data. Ello had followed these policies from the outset, but skeptics worried that venture capitalist investors might pressure Ello to change those policies, so this binding commitment was meant to assuage those fears. But is the commitment really legally binding and enforceable down the road? Read on for the rest.In a previous article about Ello, I wrote:
There is, in short, nothing to stop Ello from doing what Facebook does whenever they make a significant change to their Terms of Service: presenting users with a dialog box next time they sign in, saying, "These are the new rules, by checking this box, you are agreeing to abide by the new contract which you're not going to read."
After the story had been filed, I had a second thought and wrote to Ello's PR department, asking:
Why not just make an irrevocable commitment in the TOS, to remain privacy-friendly, or ad-free, or whatever else it is that Ello wants to promise users? Something like, "This is a binding, irrevocable commitment that cannot be modified in future updates to the TOS." That wouldn't make the venture capitalists happy, but it might address some of the concerns of the users.
Coincidentally, just as I was sending that email, Ello was issuing a press release announcing that they had re-chartered as a Public Benefit Corporation (PBC), bound by a charter which is intended, precisely, as an irrevocable commitment not to run ads or sell user data.
However, as user WWJohnBrowningDo pointed out in the previous story's comment threads, the Delaware law defining a "Public Benefit Corporation" states that the charter can be modified, or the PBC status nullified, or the company bought out by another entity not bound by the original charter, with the approval of a 2/3 supermajority of shareholders. (Go here and scroll down about halfway to the section beginning "Notwithstanding any other provisions of this chapter." It's also called out on the site about benefit corporations that is linked in Ello's press release.)
So, my non-lawyer face-value reading of the situation is: Previously, Ello could only change its policy and run ads with the approval of 51% of shareholders, and now 67% is required. That's an improvement but hardly an eternal guarantee. Either way, the majority could be achieved if enough of the original founders and shareholders give in to temptation, or if the exit-hungry venture capitalists get enough seats on the board to outvote them. (I ran this past a few Internet privacy lawyers to ask if there was any more nuance to it than this -- in particular, whether a company could make a "binding promise" in their PBC character, then toss it out with a 2/3 supermajority vote and get away with it. They said they had no idea.)
So, even if a PBC charter is not an irrevocable promise to remain ad-free, perhaps we can give them credit for trying to make such a promise, to the maximum extent legally possible. Or did they? This is just off the top of my head, but: What if they had said, "To each user signing up, we promise that if we ever start running ads or selling user-specific data or otherwise violating this charter, we will pay $1,000 to each affected user."
Now that's no longer merely a "charter" but is now an actual obligation to an outside party. And a contractual obligation to an outside party cannot be nullified by a 2/3 majority or even a 100% majority of shareholders. (Imagine: "All shareholders in favor of canceling our agreement to pay back the money we borrowed from FooBarBank, raise your hands.") On the other hand, this depends on whether a court would find the contract to be enforceable.
Regardless, even if Ello never voted to rescind their charter, another potential loophole is that the charter contains no formal definition of what constitutes "charging for advertising". Ello's stated business model is to offer optional special features that users can pay to use. But conceivably they could add paid features which essentially amount to the ability to advertise to other users, such as the ability to send mass messages to thousands of recipients. (I doubt Ello would do anything as crass as to let you spam thousands of random strangers. However, in most social networking sites such as Facebook, you cannot even mass-message thousands of people who are in your Facebook friends list. That's the kind of feature that some Facebook users, and some Ello users, would presumably be willing to pay for.) Or Ello could charge extra to have a special "badge" appear next to your name, or your company name, in search results. Or, like CouchSurfing.org, they could offer to "verify" your identity by charging $25 to a credit card in your name. And if the paid features really do remain Ello's sole source of revenue, then their developers may find themselves under subtle pressure to degrade the experience for regular non-paying users, while offering increasingly attractive perks to the paid ones.
Aral Balkan, one critic of Ello's venture-capital cash infusion, told me pointedly: "Their original statement smacked of misdirection. 'Look, we just got over $5M in additional venture capital but don't worry about that because...' I still don't trust them, sorry. They're closed source, centralized, (currently at least) free to use, and they've just taken an order of magnitude more VC after the influx of users they experienced. It sounds like typical Silicon Valley fare to me. If it looks like a duck and quacks like a duck..."
I don't think it's a matter of "trust" -- I have no reason to doubt that the founders behind Ello are good people -- but when you dangle millions of dollars in front of someone, they can find rationalizations and loopholes that are consistent with their vision of themselves as a good person. And of course since hosting the Ello platform will cost money, if they don't make enough of it back from selling paid features, they will eventually make the kind of passive-aggressive announcement that is issued routinely by formerly free or ad-free services: "Look, we either have to start raising money somehow, or the service has to be shut down completely." And then regardless of how most people respond, they can say after a few days, "We have received an outpouring of support from users who said they would be willing to view ads as long as it keeps the service alive" (without saying what percentage of all user responses expressed this sentiment). Then the ads go up (I'm calling it thirty-six months in advance: some pundits will grandiosely refer to this as "destroying Ello in order to save it"), and then we're back to Facebook all over again.
-
Can Ello Legally Promise To Remain Ad-Free?
Bennett Haselton writes: Social networking company Ello has converted itself to a Public Benefit Corporation, bound by a charter saying that they will not now, nor in the future, make money by running advertisements or selling user data. Ello had followed these policies from the outset, but skeptics worried that venture capitalist investors might pressure Ello to change those policies, so this binding commitment was meant to assuage those fears. But is the commitment really legally binding and enforceable down the road? Read on for the rest.In a previous article about Ello, I wrote:
There is, in short, nothing to stop Ello from doing what Facebook does whenever they make a significant change to their Terms of Service: presenting users with a dialog box next time they sign in, saying, "These are the new rules, by checking this box, you are agreeing to abide by the new contract which you're not going to read."
After the story had been filed, I had a second thought and wrote to Ello's PR department, asking:
Why not just make an irrevocable commitment in the TOS, to remain privacy-friendly, or ad-free, or whatever else it is that Ello wants to promise users? Something like, "This is a binding, irrevocable commitment that cannot be modified in future updates to the TOS." That wouldn't make the venture capitalists happy, but it might address some of the concerns of the users.
Coincidentally, just as I was sending that email, Ello was issuing a press release announcing that they had re-chartered as a Public Benefit Corporation (PBC), bound by a charter which is intended, precisely, as an irrevocable commitment not to run ads or sell user data.
However, as user WWJohnBrowningDo pointed out in the previous story's comment threads, the Delaware law defining a "Public Benefit Corporation" states that the charter can be modified, or the PBC status nullified, or the company bought out by another entity not bound by the original charter, with the approval of a 2/3 supermajority of shareholders. (Go here and scroll down about halfway to the section beginning "Notwithstanding any other provisions of this chapter." It's also called out on the site about benefit corporations that is linked in Ello's press release.)
So, my non-lawyer face-value reading of the situation is: Previously, Ello could only change its policy and run ads with the approval of 51% of shareholders, and now 67% is required. That's an improvement but hardly an eternal guarantee. Either way, the majority could be achieved if enough of the original founders and shareholders give in to temptation, or if the exit-hungry venture capitalists get enough seats on the board to outvote them. (I ran this past a few Internet privacy lawyers to ask if there was any more nuance to it than this -- in particular, whether a company could make a "binding promise" in their PBC character, then toss it out with a 2/3 supermajority vote and get away with it. They said they had no idea.)
So, even if a PBC charter is not an irrevocable promise to remain ad-free, perhaps we can give them credit for trying to make such a promise, to the maximum extent legally possible. Or did they? This is just off the top of my head, but: What if they had said, "To each user signing up, we promise that if we ever start running ads or selling user-specific data or otherwise violating this charter, we will pay $1,000 to each affected user."
Now that's no longer merely a "charter" but is now an actual obligation to an outside party. And a contractual obligation to an outside party cannot be nullified by a 2/3 majority or even a 100% majority of shareholders. (Imagine: "All shareholders in favor of canceling our agreement to pay back the money we borrowed from FooBarBank, raise your hands.") On the other hand, this depends on whether a court would find the contract to be enforceable.
Regardless, even if Ello never voted to rescind their charter, another potential loophole is that the charter contains no formal definition of what constitutes "charging for advertising". Ello's stated business model is to offer optional special features that users can pay to use. But conceivably they could add paid features which essentially amount to the ability to advertise to other users, such as the ability to send mass messages to thousands of recipients. (I doubt Ello would do anything as crass as to let you spam thousands of random strangers. However, in most social networking sites such as Facebook, you cannot even mass-message thousands of people who are in your Facebook friends list. That's the kind of feature that some Facebook users, and some Ello users, would presumably be willing to pay for.) Or Ello could charge extra to have a special "badge" appear next to your name, or your company name, in search results. Or, like CouchSurfing.org, they could offer to "verify" your identity by charging $25 to a credit card in your name. And if the paid features really do remain Ello's sole source of revenue, then their developers may find themselves under subtle pressure to degrade the experience for regular non-paying users, while offering increasingly attractive perks to the paid ones.
Aral Balkan, one critic of Ello's venture-capital cash infusion, told me pointedly: "Their original statement smacked of misdirection. 'Look, we just got over $5M in additional venture capital but don't worry about that because...' I still don't trust them, sorry. They're closed source, centralized, (currently at least) free to use, and they've just taken an order of magnitude more VC after the influx of users they experienced. It sounds like typical Silicon Valley fare to me. If it looks like a duck and quacks like a duck..."
I don't think it's a matter of "trust" -- I have no reason to doubt that the founders behind Ello are good people -- but when you dangle millions of dollars in front of someone, they can find rationalizations and loopholes that are consistent with their vision of themselves as a good person. And of course since hosting the Ello platform will cost money, if they don't make enough of it back from selling paid features, they will eventually make the kind of passive-aggressive announcement that is issued routinely by formerly free or ad-free services: "Look, we either have to start raising money somehow, or the service has to be shut down completely." And then regardless of how most people respond, they can say after a few days, "We have received an outpouring of support from users who said they would be willing to view ads as long as it keeps the service alive" (without saying what percentage of all user responses expressed this sentiment). Then the ads go up (I'm calling it thirty-six months in advance: some pundits will grandiosely refer to this as "destroying Ello in order to save it"), and then we're back to Facebook all over again.
-
Why CurrentC Will Beat Out Apple Pay
itwbennett writes Working closely with VISA, Apple solved many complex security issues making in-person payments safer than ever. But it's that close relationship with the credit card companies that may be Apple Pay's downfall. A competing solution called CurrentC has recently gained a lot of press as backers of the project moved to block NFC payments (Apple Pay, Google Wallet, etc.) at their retail terminals. The merchants designing or backing CurrentC reads like a greatest hits list of retail outfits and leading the way is the biggest of them all, Walmart. The retailers have joined together to create a platform that is independent of the credit card companies and their profit-robbing transaction fees. Hooking directly to your bank account rather than a credit or debit card, CurrentC will use good old ACH to transfer money from your account to the merchant's bank account at little to no cost. -
Alienware's Triangular Area-51 Re-Design With Tri-SLI GeForce GTX 980, Tested
MojoKid writes Dell's Alienware division recently released a radical redesign of their Area-51 gaming desktop. With 45-degree angled front and rear face plates that are designed to direct control and IO up toward the user, in addition to better directing cool airflow in, while warm airflow is directed up and away from the rear of the chassis, this triangular-shaped machine grabs your attention right away. In testing and benchmarks, the Area-51's new design enables top-end performance with thermal and acoustic profiles that are fairly impressive versus most high-end gaming PC systems. The chassis design is also pretty clean, modular and easily servicable. Base system pricing isn't too bad, starting at $1699 with the ability to dial things way up to an 8-core Haswell-E chip and triple GPU graphics from NVIDIA and AMD. The test system reviewed at HotHardware was powered by a six-core Core i7-5930K chip and three GeForce GTX 980 cards in SLI. As expected, it ripped through the benchmarks, though the price as configured and tested is significantly higher. -
20 More Cities Want To Join the Fight Against Big Telecom's Broadband Monopolies
Jason Koebler writes At least 20 additional American cities have expressed a formal interest in joining a coalition that's dedicated to bringing gigabit internet speeds to their residents by any means necessary—even if it means building the infrastructure themselves. The Next Centuries Cities coalition launched last week with an impressive list of 32 cities in 19 states who recognize that fast internet speeds unencumbered by fast lanes or other tiered systems are necessary to keep residents and businesses happy. That launch was so successful that 20 other cities have expressed formal interest in joining, according to the group's executive director. -
Book Review: Measuring and Managing Information Risk: a FAIR Approach
benrothke writes It's hard to go a day without some sort of data about information security and risk. Research from firms like Gartner are accepted without question; even though they can get their results from untrusted and unvetted sources. The current panic around Ebola shows how people are ill-informed about risk. While stressing over Ebola, the media is oblivious to true public health threats like obesity, heart disease, drunk driving, diabetes, and the like. When it comes to information security, it's not that much better. With myriad statistics, surveys, data breach reports, and global analyses of the costs of data breaches, there is an overabundance of data, and an under abundance of meaningful data. In Measuring and Managing Information Risk: A FAIR Approach, authors Jack Freund and Jack Jones have written a magnificent book that will change the way (for the better) you think about and deal with IT risk. Keep reading for the rest of Ben's review. Measuring and Managing Information Risk: A FAIR Approach author Jack Freund and Jack Jones pages 408 publisher Butterworth-Heinemann rating 10/10 reviewer Ben Rothke ISBN 978-0124202313 summary Superb overview to the powerful FAIR risk management methodology The book details the factor analysis of information risk (FAIR) methodology, which is a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity. An Open Group standard, FAIR is a methodology and a highly effective quantitative analysis tool.
The power of FAIR is immense: it enables the risk practitioner to make well-informed decisions based on meaningful measurements. While that seems obvious, in practicality, it is a challenging endeavor.
FAIR is invaluable in that it helps the risk professional understand the language that the corporate board and senior executives speak. Understanding that and communicating in their language can make it much easier for information security to be perceived as a valued asset, as opposed to using Chicken Little statistics.
FAIR takes the risk professional out of the realm of the dealing with risk via the checklist; which only serves to produce meaningless measurements, into the world of quantitative, defendable results.
For those that are looking for a tool to create pretty executive summary charts with lots of colors, FAIR will sorely disappoint them. For those that are looking for a method to understand how to calculate qualitative risk to support a formal enterprise risk management program, they won't find a better guide than this book.
The book is an incredibly good reference that will force you to look again at how you view risk management. Jones writes in the preface that the book is not about checklists and formulas, but about critical thinking. The authors note that information security and operational risk has operated for far too long as an art, with not enough science. This is the gap that FAIR attempts to fill.
The authors write that risk decision making quality boils down to the quality of information decision makers are operating from, and the decision makers themselves. The book does a remarkable job of showing how a person can become a much better decision maker.
A subtle but important point the book makes early on is that many risk professionals confuse risk possibilities with risk probabilities. The FAIR method forces you to focus on probabilities and not to obsess with Ebola like possibilities. Such a quantitative analysis approach is what makes FAIR so beneficial.
The book spends a few chapters on going through FAIR risk ontology and terminology. Inconsistent and poorly defined terminology is one of the most significant challenges the information security and operational risk profession faces. Having a consistent set of logical terms and definitions that make up the FAIR framework significantly improves the quality of risk relations communications within an organization.
The value of having a consistent set of logical terms and definitions is significant. For example, the book notes that many people use the term threat. In the context of risk analysis, it might not be a real threat if there is no resulting loss. In that case, it would be considered a vulnerability event.
The challenge of FAIR is acclimating to its dialect. But once done, it creates an extremely powerful methodology for risk communication and management. And therein lays its power. Setting up a common framework for risk management becomes and invaluable tool to present risk ideas. In addition, it makes the findings much more objective and defendable.
In chapter 5, the authors address the biggest objections to quantitative risk management that it can't be measured or is simply unknowable. They agree that risk can't be measured at the micro level, but it can be effectively measured to the degree to reduce management's uncertainly about risk. They also importantly note that risk is a forward-looking statement about what may or come to pass in the future. With that, perfect accuracy is impossible; but effective quantitative risk management is very possible.
The power of FAIR is that is helps add clarity to ambiguous risk situations by giving you the tools to add data points to a situation that is purported to be unknowable.
Chapter 8 is an extremely enlightening chapter in that it provides 11 risk analysis examples. The examples do a great job of reinforcing the key FAIR concepts and methods.
In chapter 10, the authors write that the hardest part of learning FAIR is having to overcome bad habits. For most people, FAIR represents a recalibration of your mental model about what risk is and how it works. The chapter deals with common mistakes and stumbling blocks when performing a FAIR analysis. The 5 high-level categories of mistakes the chapter notes are: checking results, scoping, data, variable confusion and vulnerability analysis.
FAIR is a powerful methodology that can revolutionize risk management. The challenge is that it takes a village to make such a change. Management may be reticent to invest in what is perceived as yet another risk management framework.
But once you start using the language of FAIR and validate your findings, astute management will likely catch on. Over time, FAIR can indeed be a risk management game changer.
The book is flawless in its execution and description of the subject. The only critique is that in that the author's should have been a bit more transparent in the text when (especially in chapter 8) mentioning the FAIR software, in that it is their firm that makes the software.
For those that are willing to put in the time to understanding FAIR, this book it will make their jobs much easier. It will help them earn the trust of senior management, and make them much better risk management professionals in the process.
Reviewed by Ben Rothke.
You can purchase Measuring and Managing Information Risk: A FAIR Approach from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know -
Book Review: Measuring and Managing Information Risk: a FAIR Approach
benrothke writes It's hard to go a day without some sort of data about information security and risk. Research from firms like Gartner are accepted without question; even though they can get their results from untrusted and unvetted sources. The current panic around Ebola shows how people are ill-informed about risk. While stressing over Ebola, the media is oblivious to true public health threats like obesity, heart disease, drunk driving, diabetes, and the like. When it comes to information security, it's not that much better. With myriad statistics, surveys, data breach reports, and global analyses of the costs of data breaches, there is an overabundance of data, and an under abundance of meaningful data. In Measuring and Managing Information Risk: A FAIR Approach, authors Jack Freund and Jack Jones have written a magnificent book that will change the way (for the better) you think about and deal with IT risk. Keep reading for the rest of Ben's review. Measuring and Managing Information Risk: A FAIR Approach author Jack Freund and Jack Jones pages 408 publisher Butterworth-Heinemann rating 10/10 reviewer Ben Rothke ISBN 978-0124202313 summary Superb overview to the powerful FAIR risk management methodology The book details the factor analysis of information risk (FAIR) methodology, which is a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity. An Open Group standard, FAIR is a methodology and a highly effective quantitative analysis tool.
The power of FAIR is immense: it enables the risk practitioner to make well-informed decisions based on meaningful measurements. While that seems obvious, in practicality, it is a challenging endeavor.
FAIR is invaluable in that it helps the risk professional understand the language that the corporate board and senior executives speak. Understanding that and communicating in their language can make it much easier for information security to be perceived as a valued asset, as opposed to using Chicken Little statistics.
FAIR takes the risk professional out of the realm of the dealing with risk via the checklist; which only serves to produce meaningless measurements, into the world of quantitative, defendable results.
For those that are looking for a tool to create pretty executive summary charts with lots of colors, FAIR will sorely disappoint them. For those that are looking for a method to understand how to calculate qualitative risk to support a formal enterprise risk management program, they won't find a better guide than this book.
The book is an incredibly good reference that will force you to look again at how you view risk management. Jones writes in the preface that the book is not about checklists and formulas, but about critical thinking. The authors note that information security and operational risk has operated for far too long as an art, with not enough science. This is the gap that FAIR attempts to fill.
The authors write that risk decision making quality boils down to the quality of information decision makers are operating from, and the decision makers themselves. The book does a remarkable job of showing how a person can become a much better decision maker.
A subtle but important point the book makes early on is that many risk professionals confuse risk possibilities with risk probabilities. The FAIR method forces you to focus on probabilities and not to obsess with Ebola like possibilities. Such a quantitative analysis approach is what makes FAIR so beneficial.
The book spends a few chapters on going through FAIR risk ontology and terminology. Inconsistent and poorly defined terminology is one of the most significant challenges the information security and operational risk profession faces. Having a consistent set of logical terms and definitions that make up the FAIR framework significantly improves the quality of risk relations communications within an organization.
The value of having a consistent set of logical terms and definitions is significant. For example, the book notes that many people use the term threat. In the context of risk analysis, it might not be a real threat if there is no resulting loss. In that case, it would be considered a vulnerability event.
The challenge of FAIR is acclimating to its dialect. But once done, it creates an extremely powerful methodology for risk communication and management. And therein lays its power. Setting up a common framework for risk management becomes and invaluable tool to present risk ideas. In addition, it makes the findings much more objective and defendable.
In chapter 5, the authors address the biggest objections to quantitative risk management that it can't be measured or is simply unknowable. They agree that risk can't be measured at the micro level, but it can be effectively measured to the degree to reduce management's uncertainly about risk. They also importantly note that risk is a forward-looking statement about what may or come to pass in the future. With that, perfect accuracy is impossible; but effective quantitative risk management is very possible.
The power of FAIR is that is helps add clarity to ambiguous risk situations by giving you the tools to add data points to a situation that is purported to be unknowable.
Chapter 8 is an extremely enlightening chapter in that it provides 11 risk analysis examples. The examples do a great job of reinforcing the key FAIR concepts and methods.
In chapter 10, the authors write that the hardest part of learning FAIR is having to overcome bad habits. For most people, FAIR represents a recalibration of your mental model about what risk is and how it works. The chapter deals with common mistakes and stumbling blocks when performing a FAIR analysis. The 5 high-level categories of mistakes the chapter notes are: checking results, scoping, data, variable confusion and vulnerability analysis.
FAIR is a powerful methodology that can revolutionize risk management. The challenge is that it takes a village to make such a change. Management may be reticent to invest in what is perceived as yet another risk management framework.
But once you start using the language of FAIR and validate your findings, astute management will likely catch on. Over time, FAIR can indeed be a risk management game changer.
The book is flawless in its execution and description of the subject. The only critique is that in that the author's should have been a bit more transparent in the text when (especially in chapter 8) mentioning the FAIR software, in that it is their firm that makes the software.
For those that are willing to put in the time to understanding FAIR, this book it will make their jobs much easier. It will help them earn the trust of senior management, and make them much better risk management professionals in the process.
Reviewed by Ben Rothke.
You can purchase Measuring and Managing Information Risk: A FAIR Approach from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know -
Solving the Mystery of Declining Female CS Enrollment
theodp writes After an NPR podcast fingered the marketing of computers to boys as the culprit behind the declining percentages of women in undergraduate CS curricula since 1984 (a theory seconded by Smithsonian mag), some are concluding that NPR got the wrong guy. Calling 'When Women Stopped Coding' quite engaging, but long on Political Correctness and short on real evidence, UC Davis CS Prof Norm Matloff concedes a sexist element, but largely ascribes the gender lopsidedness to economics. "That women are more practical than men, and that the well-publicized drastic swings in the CS labor market are offputting to women more than men," writes Matloff, and "was confirmed by a 2008 survey in the Communications of the ACM" (related charts of U.S. unemployment rates and Federal R&D spending in the '80s). Looking at the raw numbers of female CS grads instead of percentages, suggests there wasn't a sudden and unexpected disappearance of a generation of women coders, but rather a dilution in their percentages as women's growth in undergrad CS ranks was far outpaced by men, including a boom around the time of the dot-com boom/bust. -
Ask Slashdot: How Do I Make a High-Spec PC Waterproof?
jimwormold writes: I need to build a system for outdoor use, capable of withstanding a high pressure water jet! "Embedded PC," I hear you cry. Well, ideally yes. However, the system does a fair bit of number crunching on a GPU (GTX970) and there don't appear to be any such embedded systems available. The perfect solution will be as small as possible (ideally about 1.5x the size of a motherboard, and the height will be limited to accommodate the graphics card). I'm U.K.- based, so the ambient temperature will range from -5C to 30C, so I presume some sort of active temperature control would be useful.
I found this helpful discussion, but it's 14 years old. Thus, I thought I'd post my question here. Do any of you enlightened Slashdotters have insights to this problem, or know of any products that will help me achieve my goals? -
Days After Shooting, Canada Proposes New Restrictions On and Offline
New submitter o_ferguson writes As Slashdot reported earlier this week, a lone shooter attacked the war memorial and parliament buildings in Ottawa, Canada on Wednesday. As many comments predicted, the national government has seized this as an opportunity to roll out considerable new regressive legislation, including measures designed to* increase data access for domestic intelligence services, institute a new form of extra-judicial detention, and, perhaps most troubling, criminalize some forms of religious and political speech online. As an example of the type of speech that could, in future, be grounds for prosecution, the article mentions that the killer's website featured "a black ISIS flag and rejoiced that 'disbelievers' will be consigned to the fires of Hell for eternity." A government MP offers the scant assurance that this legislation is not "trauma tainted," as it was drafted well prior to this week's instigating incidents. Needless to say, some internet observes remain, as always, highly skeptical of the manner in which events are being portrayed. (Please note that some articles may be partially paywalled unless opened in a private/incognito browser window.) -
Verizon Injects Unique IDs Into HTTP Traffic
An anonymous reader writes: Verizon Wireless, the nation's largest wireless carrier, is now also a real-time data broker. According to a security researcher at Stanford, Big Red has been adding a unique identifier to web traffic. The purpose of the identifier is advertisement targeting, which is bad enough. But the design of the system also functions as a 'supercookie' for any website that a subscriber visits. "Any website can easily track a user, regardless of cookie blocking and other privacy protections. No relationship with Verizon is required. ...while Verizon offers privacy settings, they don’t prevent sending the X-UIDH header. All they do, seemingly, is prevent Verizon from selling information about a user." Just like they said they would. -
A Low Cost, Open Source Geiger Counter (Video)
Sawaiz Syed's LinkedIn page says he's a "Hardware Developer at GSU [Georgia State University], Department of Physics." That's a great workplace for someone who designs low cost radiation detectors that can be air-dropped into an area where there has been a nuclear accident (or a nuclear attack; or a nuclear terrorist act) and read remotely by a flying drone or a robot ground vehicle. This isn't Sawaiz's only project; it's just the one Timothy asked him about most at the recent Maker Faire Atlanta. (Alternate Video Link) -
Computer Scientist Parachutes From 135,908 Feet, Breaking Record
An anonymous reader writes: The NY Times reports that Alan Eustace, a computer scientist and senior VP at Google, has successfully broken the record for highest freefall jump, set by Felix Baumgartner in 2012. "For a little over two hours, the balloon ascended at speeds up to 1,600 feet per minute to an altitude of 135,908 feet, more than 25 miles. Mr. Eustace dangled underneath in a specially designed spacesuit with an elaborate life-support system. He returned to earth just 15 minutes after starting his fall. ... Mr. Eustace cut himself loose from the balloon with the aid of a small explosive device and plummeted toward the earth at a speeds that peaked at more than 800 miles per hour, setting off a small sonic boom heard by observers on the ground. ... His technical team had designed a carbon-fiber attachment that kept him from becoming entangled in the main parachute before it opened. About four-and-a-half minutes into his flight, he opened the main parachute and glided to a landing 70 miles from the launch site." -
Recent Nobel Prize Winner Revolutionizes Microscopy Again
An anonymous reader writes: Eric Betzig recently shared in the Nobel Prize for Chemistry for his work on high-resolution microscopy. Just yesterday, Betzig and a team of researchers published a new microscopy technique (abstract) that "allows them to observe living cellular processes at groundbreaking resolution and speed." According to the article, "Until now, the best microscope for viewing living systems as they moved were confocal microscopes. They beam light down onto a sample of cells. The light penetrates the whole sample and bounces back. ... The light is toxic, and degrades the living system over time. Betzig's new microscope solves this by generating a sheet of light that comes in from the side of the sample, made up of a series of beams that harm the sample less than one solid cone of light. Scientists can now snap a high-res image of the entire section they're illuminating, without exposing the rest of the sample to any light at all." -
FTDI Removes Driver From Windows Update That Bricked Cloned Chips
New submitter weilawei writes: Last night, FTDI, a Scottish manufacturer of USB-to-serial ICs, posted a response to the ongoing debacle over its allegedly intentional bricking of competitors' chips. In their statement, FTDI CEO Fred Dart said, "The recently release driver release has now been removed from Windows Update so that on-the-fly updating cannot occur. The driver is in the process of being updated and will be released next week. This will still uphold our stance against devices that are not genuine, but do so in a non-invasive way that means that there is no risk of end user's hardware being directly affected." This may have resulted from a discussion with Microsoft engineers about the implications of distributing potentially malicious driver software.
If you design hardware, what's your stance on this? Will you continue to integrate FTDI chips into your products? What alternatives are available to replace their functionality? -
We Need Distributed Social Networks More Than Ello
Frequent contributor Bennett Haselton writes: Facebook threatened to banish drag queen pseudonyms, and (some) users revolted by flocking to Ello, a social network which promised not to enforce real names and also to remain ad-free. Critics said that the idealistic model would buckle under pressure from venture capitalists. But both gave scant mention to the fact that a distributed social networking protocol, backed by a player large enough to get people using it, would achieve all of the goals that Ello aspired to achieve, and more. Read on for the rest.At the end of September, "FacebookDragQueenGate" fell from the sky like a gift from the gods to the founders (and venture capital backers) of the Ello social network. The company promised not only to remain ad-free and to allow drag queen stage names, but even stated that they planned to allow pornographic content (something that received relatively little press, compared to the ad-free model). But critics such as Aral Balkan wrote that once Ello received venture capital funding, the backers would inevitably pressure the company to change its relationship with its users in order to make money. In an interview published in Forbes on Monday, Harvard Business School professor John Deighton was blunt: "The board will need to monetize the membership in whatever fashion ensures a profitable return of capital for the venture fund’s investors. So my advice, if they believe Ello is still viable by then, is to buy out [Paul Budnitz, the idealistic founder who came up with the 'no ads' idea]."
There is, in short, nothing to stop Ello from doing what Facebook does whenever they make a significant change to their Terms of Service: presenting users with a dialog box next time they sign in, saying, "These are the new rules, by checking this box, you are agreeing to abide by the new contract which you're not going to read." If Ello succeeds beyond its founders' dreams, then its ad-free nature might start to hinge on its founders all turning down buyout offers of tens of millions of dollars to stick to their ideals -- hardly a sure thing. Or the VCs might get enough seats on the board that they can outvote the founders and render their objections moot.
As Joshua Kopstein writes in an editorial for Al-Jazeera America, what really would have changed the game would have been a distributed, decentralized social network. I already wrote two pieces arguing that a distributed social network could work, and how -- a protocol that allows users to create profiles, "status" posts, groups, events, and other familiar social networking features as "objects" that live on their own server, but that can interact with users' profiles hosted on other servers. I don't want to re-hash all the details here, but the short version is that there seems to be nothing about social networks, as we currently use them, which would require all of the data to be stored in a single centralized system. In a distributed protocol, you could host your profile with any hosting company, and users could "subscribe" to updates from your profile, as well as the ability to receive invites to your events and your groups, and direct messages from you. Think RSS feeds, but with better support for well-defined objects like "event invites".
If your profile were linked to a domain name that you own, then if your existing hosting company ever deleted your profile (or threatened to), you could simply move your profile to a new hosting company, the same way that any person or company can currently switch their domain name between hosting providers. This, obviously, would instantly render moot any one company's policies about "real names" (or porn, for that matter) -- all you have to do is find at least one company, anywhere in the world, whose policies are permissive enough to host your profile, and that should be possible for all but the most extreme or illegal content.
This also renders moot all the worries about profile hosting companies trying to amass tens of millions of users and then stabbing them in the back, by changing the terms of service to allow them to sell user data or stuff unwieldy ads down their throat. When users can switch seamlessly between hosts, no one host is going to be able to "charge" more than the going market rate for hosting a profile (where "charging" could be in the form of monetary payment or displaying ads to the user). How much would it actually cost to host a profile for the typical user these days, complete with all their photos and status updates? It's hard to know, because other than university professors, nobody really has personal webpages any more, after they all went to MySpace and then to Facebook. But since the old days when people did actually host their own personal pages, hosting and serving data has gotten really, really cheap. For the average user, with a few hundred photos and a few hundred friends looking at them, $1 per year might be enough. Maybe they'd just have to watch one of those ads once a year that Youtube puts in front of a Beyoncé music video, and that would cover it.
Unfortunately, to many people the concept of distributed social networking is linked with the failure of Diaspora, the most ambitious attempt to create a decentralized protocol to compete with the likes of Facebook. But Diaspora didn't fail because the idea lacked merit; it almost certainly failed because people asked the same question that they asked of any other upstart Facebook competitor: Why should I join, when all of my friends are on Facebook instead? Of course people might reasonably asked the same question about Google+, but when Google launches a product, people join because they know the quality will be decent, they know that probably some of their friends will join because of the Google brand, and they know people will be buzzing about it anyway so they want to join in order to see what the big deal is.
And that brings up the story's second moral: Despite what you may have heard from your cousin who just read The Fountainhead, the products that are the most successful are not necessarily the best, by any objective measure; rather, they're usually the ones that had major backing (Google+) or were the beneficiaries of a staggering lucky break (Ello). Diaspora didn't take off, because it didn't have either one of these.
And since you cannot manufacture a lucky break, I continue to believe that the last best hope for truly free social networking -- with minimal censorship, and ads and costs kept to a minimum by market competition -- would be for a major player like Google to launch a social networking protocol, and to set up themselves as the default host for new profiles, but allowing the protocol to interoperate seamlessly with profiles hosted elsewhere. Either that, or if the system is launched by a startup or a nonprofit, make sure that you have a host of widely respected luminaries or organizations standing ready to help promote it -- if the EFF and the BoingBoing guys endorsed a new social networking system as the future of Internet freedom, people would join because it would seem uncool not to. As long as the product itself is functional, just have the right connections lined up when you launch it. Because that's what matters, and don't let the deluded ghost of Ayn Rand tell you otherwise.
-
We Need Distributed Social Networks More Than Ello
Frequent contributor Bennett Haselton writes: Facebook threatened to banish drag queen pseudonyms, and (some) users revolted by flocking to Ello, a social network which promised not to enforce real names and also to remain ad-free. Critics said that the idealistic model would buckle under pressure from venture capitalists. But both gave scant mention to the fact that a distributed social networking protocol, backed by a player large enough to get people using it, would achieve all of the goals that Ello aspired to achieve, and more. Read on for the rest.At the end of September, "FacebookDragQueenGate" fell from the sky like a gift from the gods to the founders (and venture capital backers) of the Ello social network. The company promised not only to remain ad-free and to allow drag queen stage names, but even stated that they planned to allow pornographic content (something that received relatively little press, compared to the ad-free model). But critics such as Aral Balkan wrote that once Ello received venture capital funding, the backers would inevitably pressure the company to change its relationship with its users in order to make money. In an interview published in Forbes on Monday, Harvard Business School professor John Deighton was blunt: "The board will need to monetize the membership in whatever fashion ensures a profitable return of capital for the venture fund’s investors. So my advice, if they believe Ello is still viable by then, is to buy out [Paul Budnitz, the idealistic founder who came up with the 'no ads' idea]."
There is, in short, nothing to stop Ello from doing what Facebook does whenever they make a significant change to their Terms of Service: presenting users with a dialog box next time they sign in, saying, "These are the new rules, by checking this box, you are agreeing to abide by the new contract which you're not going to read." If Ello succeeds beyond its founders' dreams, then its ad-free nature might start to hinge on its founders all turning down buyout offers of tens of millions of dollars to stick to their ideals -- hardly a sure thing. Or the VCs might get enough seats on the board that they can outvote the founders and render their objections moot.
As Joshua Kopstein writes in an editorial for Al-Jazeera America, what really would have changed the game would have been a distributed, decentralized social network. I already wrote two pieces arguing that a distributed social network could work, and how -- a protocol that allows users to create profiles, "status" posts, groups, events, and other familiar social networking features as "objects" that live on their own server, but that can interact with users' profiles hosted on other servers. I don't want to re-hash all the details here, but the short version is that there seems to be nothing about social networks, as we currently use them, which would require all of the data to be stored in a single centralized system. In a distributed protocol, you could host your profile with any hosting company, and users could "subscribe" to updates from your profile, as well as the ability to receive invites to your events and your groups, and direct messages from you. Think RSS feeds, but with better support for well-defined objects like "event invites".
If your profile were linked to a domain name that you own, then if your existing hosting company ever deleted your profile (or threatened to), you could simply move your profile to a new hosting company, the same way that any person or company can currently switch their domain name between hosting providers. This, obviously, would instantly render moot any one company's policies about "real names" (or porn, for that matter) -- all you have to do is find at least one company, anywhere in the world, whose policies are permissive enough to host your profile, and that should be possible for all but the most extreme or illegal content.
This also renders moot all the worries about profile hosting companies trying to amass tens of millions of users and then stabbing them in the back, by changing the terms of service to allow them to sell user data or stuff unwieldy ads down their throat. When users can switch seamlessly between hosts, no one host is going to be able to "charge" more than the going market rate for hosting a profile (where "charging" could be in the form of monetary payment or displaying ads to the user). How much would it actually cost to host a profile for the typical user these days, complete with all their photos and status updates? It's hard to know, because other than university professors, nobody really has personal webpages any more, after they all went to MySpace and then to Facebook. But since the old days when people did actually host their own personal pages, hosting and serving data has gotten really, really cheap. For the average user, with a few hundred photos and a few hundred friends looking at them, $1 per year might be enough. Maybe they'd just have to watch one of those ads once a year that Youtube puts in front of a Beyoncé music video, and that would cover it.
Unfortunately, to many people the concept of distributed social networking is linked with the failure of Diaspora, the most ambitious attempt to create a decentralized protocol to compete with the likes of Facebook. But Diaspora didn't fail because the idea lacked merit; it almost certainly failed because people asked the same question that they asked of any other upstart Facebook competitor: Why should I join, when all of my friends are on Facebook instead? Of course people might reasonably asked the same question about Google+, but when Google launches a product, people join because they know the quality will be decent, they know that probably some of their friends will join because of the Google brand, and they know people will be buzzing about it anyway so they want to join in order to see what the big deal is.
And that brings up the story's second moral: Despite what you may have heard from your cousin who just read The Fountainhead, the products that are the most successful are not necessarily the best, by any objective measure; rather, they're usually the ones that had major backing (Google+) or were the beneficiaries of a staggering lucky break (Ello). Diaspora didn't take off, because it didn't have either one of these.
And since you cannot manufacture a lucky break, I continue to believe that the last best hope for truly free social networking -- with minimal censorship, and ads and costs kept to a minimum by market competition -- would be for a major player like Google to launch a social networking protocol, and to set up themselves as the default host for new profiles, but allowing the protocol to interoperate seamlessly with profiles hosted elsewhere. Either that, or if the system is launched by a startup or a nonprofit, make sure that you have a host of widely respected luminaries or organizations standing ready to help promote it -- if the EFF and the BoingBoing guys endorsed a new social networking system as the future of Internet freedom, people would join because it would seem uncool not to. As long as the product itself is functional, just have the right connections lined up when you launch it. Because that's what matters, and don't let the deluded ghost of Ayn Rand tell you otherwise.
-
Michigan Latest State To Ban Direct Tesla Sales
An anonymous reader writes As many expected, Michigan Governor Michigan Governor Rick Snyder signed a bill that bans Tesla Motors from selling cars directly to buyers online in the state. When asked what Tesla's next step will be, Diarmuid O'Connell, vice president of business development, said it was unclear if the company would file a lawsuit. "We do take at their word the representations from the governor that he supports a robust debate in the upcoming session," O'Connell said. "We've entered an era where you can buy products and services with much greater value than a car by going online." -
Microsoft, Ask.com, Oracle Latest To Be Sued Over No-Poach Deal
itwbennett (1594911) writes Oracle, Microsoft and Ask.com are facing suits alleging that they conspired to restrict hiring of staff. The suits appear to refer to a memo that names a large number of companies that allegedly had special arrangements with Google to prevent poaching of staff and was filed as an exhibit on May 17, 2013 in another class action suit over hiring practices. The former employees filing lawsuits against Microsoft, Ask.com and Oracle have asked that the cases be assigned to Judge Koh as there were similarities with the case against Google, Apple and others — and it maybe doesn't hurt that Judge Koh thought the $324.5 million settlement in that case was too low. -
FTDI Reportedly Bricking Devices Using Competitors' Chips.
janoc writes It seems that chipmaker FTDI has started an outright war on cloners of their popular USB bridge chips. At first the clones stopped working with the official drivers, and now they are being intentionally bricked, rendering the device useless. The problem? These chips are incredibly popular and used in many consumer products. Are you sure yours doesn't contain a counterfeit one before you plug it in? Hackaday says, "It’s very hard to tell the difference between the real and fake versions by looking at the package, but a look at the silicon reveals vast differences. The new driver for the FT232 exploits these differences, reprogramming it so it won’t work with existing drivers. It’s a bold strategy to cut down on silicon counterfeiters on the part of FTDI. A reasonable company would go after the manufacturers of fake chips, not the consumers who are most likely unaware they have a fake chip." Update: 10/24 02:53 GMT by S : In a series of Twitter posts, FTDI has admitted to doing this. -
The Bogus Batoid Submarine is Wooden, not Yellow (Video)
This is a "wet" submarine. It doesn't try to keep water out. You wear SCUBA gear while pedaling it. And yes, it is powered by a person pushing pedals. That motion, through a drive train, makes manta-style wings flap. This explains the name, since rays are Batoids, and this sub is a fake Batoid, not a real one. It's a beautiful piece of work, and Martin Plazyk is obviously proud to show it off. He and his father, Bruce, operate as Faux Fish Technologies. Follow that link and you'll see many photos, along with a nice selection of videos showing their creations not just in static above-water displays, but in their natural (underwater) element. Meanwhile, here on Slashdot, Martin tells how Faux Fish subs are made. (Alternate Video Link) -
Facebook To DEA: Stop Using Phony Profiles To Nab Criminals
HughPickens.com writes: CNNMoney reports that Facebook has sent a letter to the U.S. Drug Enforcement Administration demanding that agents stop impersonating users on the social network. "The DEA's deceptive actions... threaten the integrity of our community," Facebook chief security officer Joe Sullivan wrote to DEA head Michele Leonhart. "Using Facebook to impersonate others abuses that trust and makes people feel less safe and secure when using our service." Facebook's letter comes on the heels of reports that the DEA impersonated a young woman on Facebook to communicate with suspected criminals, and the Department of Justice argued that they had the right to do so. Facebook contends that their terms and Community Standards — which the DEA agent had to acknowledge and agree to when registering for a Facebook account — expressly prohibit the creation and use of fake accounts. "Isn't this the definition of identity theft?" says privacy researcher Runa Sandvik. The DEA has declined to comment and referred all questions to the Justice Department, which has not returned CNNMoney's calls. -
3D-Printed Gun Earns Man Two Years In Japanese Prison
jfruh writes: Japan has some of the strictest anti-gun laws in the world, and the authorities there aim to make sure new technologies don't open any loopholes. 28-year-old engineer Yoshitomo Imura has been sentenced to two years in jail after making guns with a 3D printer in his home in Kawasaki. -
Security Company Tries To Hide Flaws By Threatening Infringement Suit
An anonymous reader writes: An RFID-based access control system called IClass is used across the globe to provide physical access controls. This system relies on cryptography to secure communications between a tag and a reader. Since 2010, several academic papers have been released which expose the cryptographic insecurity of the IClass system. Based on these papers, Martin Holst Swende implemented the IClass ciphers in a software library, which he released under the GNU General Public License.
The library is useful to experiment with and determine the security level of an access control system (that you own or have explicit consent to study). However, last Friday, Swende received an email from INSIDE Secure, which notified him of (potential) intellectual property infringement, warning him off distributing the library under threat of "infringement action." Interestingly, it seems this is not the first time HID Global has exerted legal pressure to suppress information. -
An Algorithm to End the Lines for Ice at Burning Man
Any gathering of 65,000 people in the desert is going to require some major infrastructure to maintain health and sanity. At Burning Man, some of that infrastructure is devoted to a supply chain for ice. Writes Bennett Haselton, The lines for ice bags at Burning Man could be cut from an hour long at peak times, to about five minutes, by making one small... Well, read the description below of how they do things now, and see if the same suggested change occurs to you. I'm curious whether it's the kind of idea that is more obvious to students of computer science who think algorithmically, or if it's something that could occur to anyone. Read on for the rest; Bennett's idea for better triage may bring to mind a lot of other queuing situations and ways that time spent waiting in line could be more efficiently employed.I skipped burning man this year but went for the first time in 2013. One of the only goods for sale at Burning Man is bags of ice -- to keep your own food cool, or simply to refresh yourself, you can line up to buy bags of ice that are sold by Arctica camp out of the back of a refrigerated truck under a tent. Bags cost $3 apiece.
During peak times last year, the lines were up to an hour long. This year, so I heard, the lines on the first day were even worse, because two of the three distribution points were unable to open due to closed roads, so everybody lined up at the only sales tent that was operating.
Regardless of the conditions, the procedure when you get to the front of the line is the same. You specify how many bags of ice you want, and deposit cash in a container on the counter. Then a volunteer walks back to the ice truck to fetch one or more bags from the truck and brings them back to the counter. You collect your bags and continue on your way.
OK, before reading any further -- based on what I just wrote, can you think of a way to speed up the line? No cheating -- read the preceding paragraph and think of what you might do differently. Spoilers follow!
The thought that occurred to me almost immediately after I got my bag of ice, was: Why not just have the volunteers carry the bags of ice from the truck to the counter, before people place their order? As long as the line is moving, no bag of ice would sit on the counter long enough to melt. And then each transaction at the front of the line would be reduced to: Customer pays for bag(s), customer picks up bag(s) and leaves. By eliminating the time to walk back to the truck and fetch the bag(s), the system would significantly reduce the per-customer transaction time.
I'd asked a handful of Burning Man veterans about this, and they said that Arctica had tried this at one point, but was required to stop by Nevada health code regulations, which treated ice as a "food product" and therefore said that it could not be moved out onto the counter until an order has been placed. This sounded puzzling to me -- don't cafés place other "food products" out on a counter all the time, where they can be bought and picked up by customers? And for the ice bags, why would it matter in practice anyway -- even if the state of Nevada is worried about germs starting to multiply as soon as the bag is removed from the refrigerated truck, the time the bag spends sitting on the counter is still negligible compared to the time the customer spends transporting it back to their own camp.
So I emailed the Nevada State Health Division to ask them what the regulations actually said, and if they would allow the ice vendors to load bags of ice onto their sales counter before they had been paid for by a customer. One of their Public Health Engineers replied and said, "I can assure you that we do not require the ice to remain in the truck until it is ordered" (and dryly added, "It is common for vendors to blame the health authority for imagined regulations"). Regarding the resulting long lines, he also advised me, in the spirit of Burning Man radical self-reliance (if not practicality), "You may consider bringing your own ice to the Playa rather than purchasing it from them."
So that's it. There's no regulatory reason why the ice can't be brought to the sales counter before it's paid for -- where it wouldn't even have time to start melting, if there are customers eagerly waiting to carry it away -- and no reason why the line couldn't probably move 5 to 10 times faster as a result. (I emailed Arctica to ask if they would start having volunteers bring ice bags up to the counter before customers place their orders, and showed them the email from the Nevada Health Division saying it would be legal. I received a very friendly reply, mostly asking me who I was and why I was concerned about the issue; I said I had no stake in the matter except hoping to reduce the wait times and hence the aggravation and health risks for people waiting in line in the sun. I have not received a reply to any subsequent inquiries after that.)
In a previous article I'd theorized about an algorithm for speeding up the vehicle exodus at Burning Man. (Basically, have a "priority lane" where cars can exit at different times of day, depending on the last character on their license plate. So one hour where the priority lane is set aside for cars whose license plates end in "A", another hour where the lane is used by cars with plates ending in "B", and so on. This means that drivers who want to use the priority lane, can just wait for the designated hour, instead of spending five hours queueing up to leave.) That was intended more of an intellectual exercise, as a jumping-off point for a discussion about which algorithms would work best under different theoretical assumptions, and with only the small possibility that it might ever actually be implemented at the real event.
The call to speed up the ice lines is not an intellectual exercise. Unless there's a non-obvious major problem with making this change, this is something that could be done the very next year, and would save people thousands of person-hours waiting in line in the sun.
My other suggestion would be to have a "turbo" line even faster than the main one, designed for people to complete each sales transaction in seconds. Every customer in the "turbo" line would be required to have exact change (or be willing to overpay and let the vendor keep the change), and every customer would be required to have their cash fanned out in their hand like playing cards when they got to the front of the line. (A volunteer could walk up and down near the front of the line to verify that people already had their cash displayed properly.) A transaction at the front of the line would simply consist of, "Three dollars -- bag", or, "Six dollars -- two bags", where the customer shows their fanned-out money, dumps it into the cash receptacle, and picks up one or more bags from the counter.
With or without the "turbo" line, at first it might seem like it would take extra labor to keep a supply of ice bags moving constantly from the truck to the counter, but that's not the case. For a given number of bags to be sold, every bag has to be moved from the truck, to the counter, exactly one time. So the total amount of labor is always going to be the same, for a fixed number of ice bags. To have a steady supply of ice moving quickly from the truck to the counter, you might need to have more volunteers working at the same time, but that just means that rather than having 5 volunteers with one-hour shifts spaced throughout the day, you'd have those same volunteers working simultaneously to keep the bags moving.
With the lines moving that much more quickly, what if the ice bags run out halfway through the day? Hopefully the vendor can just send the trucks back out to fetch more bags of ice to be brought back in and sold in the afternoon. But even if they can't -- even if, for some reason, the number of ice bags sold per day has to be fixed at X -- you've still done an enormous amount of good by reducing the wait time from 30-45 minutes to 5 minutes. Because you still sell the same number of ice bags, but you've eliminated the pointless deadweight loss of all the time the customers were previously wasting in line.
And if the vendors can bring in more ice whenever their existing stock sells out much faster, that's a win too -- regardless of whether they're selling the ice for profit or just for altruistic motives. If they're selling ice to help people, then selling more ice is better. If they're selling ice for profit, then selling more ice is better, too.
I'm being fairly pedantic here because I want to make it clear that I think that I think there's no counterargument to be made to this, under any combination of reasonable assumptions -- whether the vendors can bring in more ice or whether they're stuck selling a fixed number of bags per day; whether the goal of selling the ice is for altruism or to make a profit. Bring the ice out before it's paid for, shave the transaction time down to the bare minimum of the customer paying money and then grabbing their ice bags, and everyone will be grateful they don't have to wait an hour in the sun.
And if you're an adventurer thinking about going to Burning Man, my tips for making it (slightly) easier include bringing your own cooler (separate from any food storage cooler) so that you can buy a bag of ice each day, dump it in the cooler, and have your own supply of ice water. That's well worth it, whether the wait time in the ice line is five minutes or an hour.
-
An Algorithm to End the Lines for Ice at Burning Man
Any gathering of 65,000 people in the desert is going to require some major infrastructure to maintain health and sanity. At Burning Man, some of that infrastructure is devoted to a supply chain for ice. Writes Bennett Haselton, The lines for ice bags at Burning Man could be cut from an hour long at peak times, to about five minutes, by making one small... Well, read the description below of how they do things now, and see if the same suggested change occurs to you. I'm curious whether it's the kind of idea that is more obvious to students of computer science who think algorithmically, or if it's something that could occur to anyone. Read on for the rest; Bennett's idea for better triage may bring to mind a lot of other queuing situations and ways that time spent waiting in line could be more efficiently employed.I skipped burning man this year but went for the first time in 2013. One of the only goods for sale at Burning Man is bags of ice -- to keep your own food cool, or simply to refresh yourself, you can line up to buy bags of ice that are sold by Arctica camp out of the back of a refrigerated truck under a tent. Bags cost $3 apiece.
During peak times last year, the lines were up to an hour long. This year, so I heard, the lines on the first day were even worse, because two of the three distribution points were unable to open due to closed roads, so everybody lined up at the only sales tent that was operating.
Regardless of the conditions, the procedure when you get to the front of the line is the same. You specify how many bags of ice you want, and deposit cash in a container on the counter. Then a volunteer walks back to the ice truck to fetch one or more bags from the truck and brings them back to the counter. You collect your bags and continue on your way.
OK, before reading any further -- based on what I just wrote, can you think of a way to speed up the line? No cheating -- read the preceding paragraph and think of what you might do differently. Spoilers follow!
The thought that occurred to me almost immediately after I got my bag of ice, was: Why not just have the volunteers carry the bags of ice from the truck to the counter, before people place their order? As long as the line is moving, no bag of ice would sit on the counter long enough to melt. And then each transaction at the front of the line would be reduced to: Customer pays for bag(s), customer picks up bag(s) and leaves. By eliminating the time to walk back to the truck and fetch the bag(s), the system would significantly reduce the per-customer transaction time.
I'd asked a handful of Burning Man veterans about this, and they said that Arctica had tried this at one point, but was required to stop by Nevada health code regulations, which treated ice as a "food product" and therefore said that it could not be moved out onto the counter until an order has been placed. This sounded puzzling to me -- don't cafés place other "food products" out on a counter all the time, where they can be bought and picked up by customers? And for the ice bags, why would it matter in practice anyway -- even if the state of Nevada is worried about germs starting to multiply as soon as the bag is removed from the refrigerated truck, the time the bag spends sitting on the counter is still negligible compared to the time the customer spends transporting it back to their own camp.
So I emailed the Nevada State Health Division to ask them what the regulations actually said, and if they would allow the ice vendors to load bags of ice onto their sales counter before they had been paid for by a customer. One of their Public Health Engineers replied and said, "I can assure you that we do not require the ice to remain in the truck until it is ordered" (and dryly added, "It is common for vendors to blame the health authority for imagined regulations"). Regarding the resulting long lines, he also advised me, in the spirit of Burning Man radical self-reliance (if not practicality), "You may consider bringing your own ice to the Playa rather than purchasing it from them."
So that's it. There's no regulatory reason why the ice can't be brought to the sales counter before it's paid for -- where it wouldn't even have time to start melting, if there are customers eagerly waiting to carry it away -- and no reason why the line couldn't probably move 5 to 10 times faster as a result. (I emailed Arctica to ask if they would start having volunteers bring ice bags up to the counter before customers place their orders, and showed them the email from the Nevada Health Division saying it would be legal. I received a very friendly reply, mostly asking me who I was and why I was concerned about the issue; I said I had no stake in the matter except hoping to reduce the wait times and hence the aggravation and health risks for people waiting in line in the sun. I have not received a reply to any subsequent inquiries after that.)
In a previous article I'd theorized about an algorithm for speeding up the vehicle exodus at Burning Man. (Basically, have a "priority lane" where cars can exit at different times of day, depending on the last character on their license plate. So one hour where the priority lane is set aside for cars whose license plates end in "A", another hour where the lane is used by cars with plates ending in "B", and so on. This means that drivers who want to use the priority lane, can just wait for the designated hour, instead of spending five hours queueing up to leave.) That was intended more of an intellectual exercise, as a jumping-off point for a discussion about which algorithms would work best under different theoretical assumptions, and with only the small possibility that it might ever actually be implemented at the real event.
The call to speed up the ice lines is not an intellectual exercise. Unless there's a non-obvious major problem with making this change, this is something that could be done the very next year, and would save people thousands of person-hours waiting in line in the sun.
My other suggestion would be to have a "turbo" line even faster than the main one, designed for people to complete each sales transaction in seconds. Every customer in the "turbo" line would be required to have exact change (or be willing to overpay and let the vendor keep the change), and every customer would be required to have their cash fanned out in their hand like playing cards when they got to the front of the line. (A volunteer could walk up and down near the front of the line to verify that people already had their cash displayed properly.) A transaction at the front of the line would simply consist of, "Three dollars -- bag", or, "Six dollars -- two bags", where the customer shows their fanned-out money, dumps it into the cash receptacle, and picks up one or more bags from the counter.
With or without the "turbo" line, at first it might seem like it would take extra labor to keep a supply of ice bags moving constantly from the truck to the counter, but that's not the case. For a given number of bags to be sold, every bag has to be moved from the truck, to the counter, exactly one time. So the total amount of labor is always going to be the same, for a fixed number of ice bags. To have a steady supply of ice moving quickly from the truck to the counter, you might need to have more volunteers working at the same time, but that just means that rather than having 5 volunteers with one-hour shifts spaced throughout the day, you'd have those same volunteers working simultaneously to keep the bags moving.
With the lines moving that much more quickly, what if the ice bags run out halfway through the day? Hopefully the vendor can just send the trucks back out to fetch more bags of ice to be brought back in and sold in the afternoon. But even if they can't -- even if, for some reason, the number of ice bags sold per day has to be fixed at X -- you've still done an enormous amount of good by reducing the wait time from 30-45 minutes to 5 minutes. Because you still sell the same number of ice bags, but you've eliminated the pointless deadweight loss of all the time the customers were previously wasting in line.
And if the vendors can bring in more ice whenever their existing stock sells out much faster, that's a win too -- regardless of whether they're selling the ice for profit or just for altruistic motives. If they're selling ice to help people, then selling more ice is better. If they're selling ice for profit, then selling more ice is better, too.
I'm being fairly pedantic here because I want to make it clear that I think that I think there's no counterargument to be made to this, under any combination of reasonable assumptions -- whether the vendors can bring in more ice or whether they're stuck selling a fixed number of bags per day; whether the goal of selling the ice is for altruism or to make a profit. Bring the ice out before it's paid for, shave the transaction time down to the bare minimum of the customer paying money and then grabbing their ice bags, and everyone will be grateful they don't have to wait an hour in the sun.
And if you're an adventurer thinking about going to Burning Man, my tips for making it (slightly) easier include bringing your own cooler (separate from any food storage cooler) so that you can buy a bag of ice each day, dump it in the cooler, and have your own supply of ice water. That's well worth it, whether the wait time in the ice line is five minutes or an hour.
-
If You're Connected, Apple Collects Your Data
fyngyrz (762201) writes It would seem that no matter how you configure Yosemite, Apple is listening. Keeping in mind that this is only what's been discovered so far, and given what's known to be going on, it's not unthinkable that more is as well. Should users just sit back and accept this as the new normal? It will be interesting to see if these discoveries result in an outcry, or not. Is it worse than the data collection recently reported in a test version of Windows? -
Apple Doesn't Design For Yesterday
HughPickens.com writes Erik Karjaluoto writes that he recently installed OS X Yosemite and his initial reaction was "This got hit by the ugly stick." But Karjaluoto says that Apple's decision to make a wholesale shift from Lucida to Helvetica defies his expectations and wondered why Apple would make a change that impedes legibility, requires more screen space, and makes the GUI appear fuzzy? The Answer: Tomorrow.
Microsoft's approach with Windows, and backward compatibility in general, is commendable. "Users can install new versions of this OS on old machines, sometimes built on a mishmash of components, and still have it work well. This is a remarkable feat of engineering. It also comes with limitations — as it forces Microsoft to operate in the past." But Apple doesn't share this focus on interoperability or legacy. "They restrict hardware options, so they can build around a smaller number of specs. Old hardware is often left behind (turn on a first-generation iPad, and witness the sluggishness). Meanwhile, dying conventions are proactively euthanized," says Karjaluoto. "When Macs no longer shipped with floppy drives, many felt baffled. This same experience occurred when a disk (CD/DVD) reader no longer came standard." In spite of the grumblings of many, Karjaluoto doesn't recall many such changes that we didn't later look upon as the right choice. -
Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores
Apple has long sold Bose headphones and speakers in its retail stores, including in the time since it acquired Bose-competitor Beats Audio, and despite the lawsuit filed by Bose against Apple alleging patent violations on the part of Beats. That's come to an end this week, though: Apple's dropped Bose merchandise both in its retail locations and online, despite recent news that the two companies have settled the patent suit. -
Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores
Apple has long sold Bose headphones and speakers in its retail stores, including in the time since it acquired Bose-competitor Beats Audio, and despite the lawsuit filed by Bose against Apple alleging patent violations on the part of Beats. That's come to an end this week, though: Apple's dropped Bose merchandise both in its retail locations and online, despite recent news that the two companies have settled the patent suit. -
How Whisper Tracks Users Who Don't Share Their Location
blottsie (3618811) writes "On Thursday, the Guardian reported that secret-sharing app Whisper was tracking users' locations even when they opt-out of sharing their location. [See also this earlier, related story.] Whisper has denied the accusations—but this may be a matter of semantics. Whisper allegedly uses an outdated version of GeoIP by MaxMind, which uses your IP address to estimate your location on a map. Whisper's Chad DePue said in a comment on Hacker News that the tool is "so inaccurate as to be laughable," suggesting that determining something as broad as your country or state won't bother the basic user (and he could be right, but what is and isn't an upsetting degree of user information is another argument entirely)." -
The Physics of Why Cold Fusion Isn't Real
StartsWithABang writes If you can reach the fabled "breakeven point" of nuclear fusion, you'll have opened up an entire new source of clean, reliable, safe, renewable and abundant energy. You will change the world. At present, fusion is one of those things we can make happen through a variety of methods, but — unless you're the Sun — we don't have a way to ignite and sustain that reaction without needing to input more energy than we can extract in a usable fashion from the fusion that occurs. One alternative approach to the norm is, rather than try and up the energy released in a sustained, hot fusion reaction, to instead lower the energy inputted, and try to make fusion happen under "cold" conditions. If you listen in the right (wrong?) places, you'll hear periodic reports that cold fusion is happening, even though those reports have always crumbled under scrutiny. Here's why, most likely, they always will. -
Kickstarter Cancels Anonabox Funding Campaign
An anonymous reader writes: On Friday, the controversy surrounding Anonabox reached its zenith with Kickstarter officially canceling the project's funding campaign. Anonabox began with a modest goal of $7,500, but quickly reached its goal 82 times over. Then funders and interested parties began to scrutinize the project's claims, and that's when the project ran into trouble. From hardware that wasn't actually custom-made to software that didn't actually fulfill promises of privacy-focused routing on the internet, the facts regarding Anonabox proved that it was in blatant violation of Kickstarter's rules against false advertising. This project clearly failed, but if the support it initially garnered is any indication, the public is hungry for easy-to-use technology that encrypts and anonymizes all personal internet traffic. -
Python-LMDB In a High-Performance Environment
lkcl writes: In an open letter to the core developers behind OpenLDAP (Howard Chu) and Python-LMDB (David Wilson) is a story of a successful creation of a high-performance task scheduling engine written (perplexingly) in Python. With only partial optimization allowing tasks to be executed in parallel at a phenomenal rate of 240,000 per second, the choice to use Python-LMDB for the per-task database store based on its benchmarks, as well as its well-researched design criteria, turned out to be the right decision. Part of the success was also due to earlier architectural advice gratefully received here on Slashdot. What is puzzling, though, is that LMDB on Wikipedia is being constantly deleted, despite its "notability" by way of being used in a seriously-long list of prominent software libre projects, which has been, in part, motivated by the Oracle-driven BerkeleyDB license change. It would appear that the original complaint about notability came from an Oracle employee as well. -
Python-LMDB In a High-Performance Environment
lkcl writes: In an open letter to the core developers behind OpenLDAP (Howard Chu) and Python-LMDB (David Wilson) is a story of a successful creation of a high-performance task scheduling engine written (perplexingly) in Python. With only partial optimization allowing tasks to be executed in parallel at a phenomenal rate of 240,000 per second, the choice to use Python-LMDB for the per-task database store based on its benchmarks, as well as its well-researched design criteria, turned out to be the right decision. Part of the success was also due to earlier architectural advice gratefully received here on Slashdot. What is puzzling, though, is that LMDB on Wikipedia is being constantly deleted, despite its "notability" by way of being used in a seriously-long list of prominent software libre projects, which has been, in part, motivated by the Oracle-driven BerkeleyDB license change. It would appear that the original complaint about notability came from an Oracle employee as well. -
Debian Talks About Systemd Once Again
An anonymous reader writes: A couple of months ago the technical committee for Debian decided in favor of systemd. This is now a subject for discussion once again, and Ian Jackson says he wants a general resolution, so every developer within the Debian project can decide. After a short time, the required amount of supporters was reached, and the discussion can start once again. -
Google Fiber To Launch In Austin, Texas In December
retroworks writes WSJ blog reports on Austin, the third city to get fiber-optic high speed internet networks laid down by Google (Kansas City and Provo, UT were the first and second). The service averages 1 gigabit per second, about 100X the average US household speed, and costs $70-120 per month (depending on television). Google promotes the roll-outs by holding "rallies" in small neighborhoods. The sign-up process starts in December, focusing on south and southeastern parts of Austin, a Google spokeswoman said Wednesday. It was announced that fiber was coming to Austin back in April. -
Torvalds: I Made Community-Building Mistakes With Linux
electronic convict writes In a Q&A at LinuxCon Europe, Linux creator Linus Torvalds — no stranger to strong language and blunt opinions — acknowledged a "metric sh*#load" of interpersonal mistakes that unnecessarily antagonized others within the Linux community. In response to Intel's Dirk Hohndel, who asked him which decision he regretted most over the past 23 years, Torvalds replied: "From a technical standpoint, no single decision has ever been that important... The problems tend to be around alienating users or developers and I'm pretty good at that. I use strong language. But again there's not a single instance I'd like to fix. There's a metric sh*#load of those." It's probably not a coincidence that Torvalds said this just a few weeks after critics like Lennart Poettering started drawing attention to the abusive nature of some commentary within the open-source community. Poettering explicitly called out Torvalds for some of his most intemperate remarks and described open source as "quite a sick place to be in." Still, Torvalds doesn't sound like he's about to start making an apology tour. "One of the reasons we have this culture of strong language, that admittedly many people find off-putting, is that when it comes to technical people with strong opinions and with a strong drive to do something technically superior, you end up having these opinions show up as sometimes pretty strong language," he said. "On the Internet, nobody can hear you being subtle." -
Android On Intel x86 Tablet Performance Explored: Things Are Improving
MojoKid writes: For the past few years, Intel has promised that its various low-power Atom-based processors would usher in a wave of low-cost Android and Windows mobile products that could compete with ARM-based solutions. And for years, we've seen no more than a trickle of hardware, often with limited availability. Now, that's finally beginning to change. Intel's Bay Trail and Merrifield SoCs are starting to show up more in full-featured, sub-$200 devices from major brands. One of the most interesting questions for would-be x86 buyers in the Android tablet space is whether to go with a Merrifield or Bay Trail Atom-based device. Merrifield is a dual-core chip without Hyper-Threading. Bay Trail is a quad-core variant and a graphics engine derived from Intel's Ivy Bridge Core series CPUs. That GPU is the other significant difference between the two SoCs. With Bay Trail, Intel is still employing their own graphics solution, while Merrifield pairs a dual-core CPU with a PowerVR G6400 graphics core. So, what's the experience of using a tablet running Android on x86 like these days? Pretty much like using an ARM-based Android tablet currently, and surprisingly good for any tablet in the $199 or less bracket. In fact, some of the low cost Intel/Android solutions out there currently from the likes of Acer, Dell, Asus, and Lenovo, all compete performance-wise pretty well versus the current generation of mainstream ARM-based Android tablets. -
After Negative User Response, ChromeOS To Re-Introduce Support For Ext{2,3,4}
NotInHere writes: Only three days after the public learned that the ChromeOS project was going to disable ext2fs support for external drives (causing Linux users to voice many protests on websites like Slashdot and the issue tracker), the ChromeOS team now plans to support it again. To quote Ben Goodger's comment: "Thanks for all of your feedback on this bug. We've heard you loud and clear. We plan to re-enable ext2/3/4 support in Files.app immediately. It will come back, just like it was before, and we're working to get it into the next stable channel release." -
Eggcyte is Making a Pocket-Sized Personal Web Server (Video)
Eggcyte has been working on this for two years. It's on Kickstarter now; a personal server you can use to share music, video, text, and just about anything else without resorting to cloud-based services where one weak password can put your private celebrity photos (you are a celebrity, right?) into the wrong hands. If you suddenly decide you don't want to share the information on your Egg any more, turn it off. If you suddenly have something new to share, like a video you just shot of the Loch Ness Monster capturing an alien spaceship, you can connect your Egg to the Internet anywhere you find a wireless access point. The main thing, say the Eggcyte people, is that your data is yours and should stay that way. Facebook and other cloud-based "sharing" companies use your data to learn about you. Here in the U.S. their primary purpose may be to show you ads for things you might want to buy. In more repressive countries, cloud-based sharing services may use your private data in ways that could be hazardous to your health. Of course, our government people would never keep track of what we post on Twitter and other online services... or would they? (Alternate Video Link) -
Tech Workers Oppose Settlement They Reached In Silicon Valley Hiring Case
itwbennett writes Tech workers have asked an appeals court not to approve a $324.5 million settlement in Silicon Valley's controversial employee hiring case, according to a document filed Tuesday. This move by the plaintiffs puts them in alignment with an earlier decision by Judge Lucy Koh of the federal district court in San Jose to throw out the settlement on the grounds that it wouldn't pay the workers enough. Attorneys for the defendants — Apple, Google, Adobe and Intel — subsequently appealed Koh's decision. -
Facebook and Apple Now Pay For Female Employees To Freeze Their Eggs
Dave Knott writes: While freezing eggs has become an increasingly popular practice for career-oriented women, the procedure comes at a steep price: Costs typically add up to at least $10,000 for every round, plus $500 or more annually for storage. Now two Silicon Valley giants are offering women a game-changing perk: Apple and Facebook will pay for employees to freeze their eggs. They appear to be the first major employers to offer this coverage for non-medical reasons, both offering to cover costs up to $20,000. Tech firms are hardly alone in offering generous benefits to attract and keep talent, but they appear to be leading the way with egg freezing.
Advocates say they've heard murmurs of large law, consulting, and finance firms helping to cover the costs, although no one is broadcasting this support. Companies may be concerned about the public relations implications of the benefit – in the most cynical light, egg-freezing coverage could be viewed as a ploy to entice women to sell their souls to their employer, sacrificing childbearing years for the promise of promotion. Will the perk pay off for companies? The benefit will likely encourage women to stay with their employer longer, cutting down on recruiting and hiring costs. And practically speaking, when women freeze their eggs early, firms may save on pregnancy costs in the long run. A woman could avoid paying to use a donor egg down the road, for example, or undergoing more intensive fertility treatments when she's ready to have a baby. But the emotional and cultural payoff may be more valuable, helping women be more productive human beings. -
The Great Robocoin Rip-off
FhnuZoag writes: Last year, Andrew Wilkinson, founder of MetaLab, bought a Robocoin Bitcoin ATM, figuring it would be a fun little side project and a good way to help move Bitcoin forward. It did not quite turn out that way. He has now written a timeline of the 10-month, $25,000(CAD) struggle. In short: there was a massive shipping delay, a $2,000 charge to clear customs, no knowledge base, unhelpful support, and the ATM itself flat out didn't work. -
Microsoft, Facebook Declare European Kids Clueless About Coding, Too
theodp writes: Having declared U.S. kids clueless about coding, Facebook and Microsoft are now turning their attention to Europe's young 'uns. "As stewards of Europe's future generations," begins the Open Letter to the European Union Ministers for Education signed by Facebook and Microsoft, "you will be all too aware that as early as the age of 7, children reach a critical juncture, when they are learning the core life skills of reading, writing and basic maths. However, to flourish in tomorrow's digital economy and society, they should also be learning to code. And many, sadly, are not." Released at the launch of the European Coding Initiative — aka All You Need is Code! (video) — in conjunction with the EU's Code Week, the letter closes, "As experts in our field, we owe it to Europe's youth to help equip them with the skills they will need to succeed — regardless of where life takes them."