Slashdot Mirror

azcoyote shares a report from Reuters: Tesla director Robyn Denholm, a telecoms executive who has worked for Toyota, has been promoted to chairwoman of the electric car company, tasked with regulating billionaire Elon Musk's regime after months of turbulence. An Australian accountant, Denholm is currently finance chief at telecoms firm Telstra and replaces Musk after he was forced to relinquish the role as part of a deal to head off charges of fraud by the Securities and Exchange Commission.

While she will resign from Telstra to take the role full-time, some analysts expressed concern that she may not be clearly enough removed from Musk to rein in the billionaire's public outbursts and bring more order to Tesla. Denholm, 55, has been an independent director of Tesla since 2014 and the head of its audit committee. She was paid almost $5 million, mainly in stock options, by the company last year, making her the highest remunerated of its board members. "I personally hope Denholm renames it Reynholm Industries," Slashdot reader azcoyote adds.

An anonymous reader quotes a report from Ars Technica: Since 2007, Pokemon Essentials has been a crucial part of the Pokemon fan game community. As a free mod for the paid RPG Maker software, Pokemon Essentials offers all the graphics, music, maps, and tilesets a fan game maker needs to craft their own Poke-adventure. Fans of the tool congregated around the PokeCommunity forums and a dedicated Pokemon Essentials wiki to download files, share creations, and discuss the scene. Earlier this week, however, PokeCommunity forum moderator Marin announced that "the Pokemon Essentials wikia and all downloads for it have been taken down due to a copyright claim by Nintendo of America." That means "we will not allow Pokemon Essentials or any of its assets to be hosted or distributed on PokeCommunity," the announcement reads. "We sincerely apologize that we have to do this, but there is no going around it." Fandom, the company that hosts the wiki, confirmed to the Verge that it had "received a DMCA notice on behalf of Nintendo notifying us of content that was in violation of its copyright holdings. After carefully assessing the violations in regards to the Pokemon Essentials wiki, we came to a decision to take it down."

The Debian Project has been liveblogging today's release of Debian 9 (Stretch) using the Twitter hashtag #releasingstretch. Some of the announcements:

• The oldstable suite (wheezy) has now been renamed to oldoldstable
• Debian jessie now been renamed to oldstable!
• The Debian stretch suites have now been renamed to stable!
• The draft debian-devel-announce post is ready, archive docs are being cleaned up

This release is named after that purple octopus in Toy Story 3, and more tantalizing tidbits of information keep appearing on Debian's micronews site:

• At least 1436 people and 18 teams contributed to Debian in 2017
• Stretch has 25,357 source packages with 9,808,465 source files
• There were 13 different themes proposed to be the official Debian stretch theme
• Debian Stretch ships with the free mathematical software SageMath, you can install it with apt
• During the stretch development, 101 contributors became Debian Developers, and 94 more become Debian Maintainers
• Debian Stretch will ship with the first release of the Debian Astro Pure Blend [for astronomers]
• Debian Popularity Contest gathers anonymous statistics about Debian packages usage from about 195,000 reports

After a North Korean system administrator misconfigured its nameserver allowing anyone to query it and get the list of the domains that exist for .kp, it was revealed that the secretive country only has 28 websites. That's 28 websites for a country with nearly 25 million people. Naturally, the story was published all across the web, including on Reddit, which resulted in a high number of users visiting North Korea's websites. Mirror.co.uk reports: When a list of North Korea's available websites was posted on Reddit, the surge of visitors to the reclusive state's online offering overloaded the servers. North Korea runs a completely locked-down version of the internet that consists of only 28 "websites" that the population is allowed to view. However, a technical slip-up allowed a GitHub user to work their way into the country's computer network and view the websites from the outside. As the GitHub user puts it: "One of North Korea's top level name servers was accidentally configured to allow global [Domain Name System] transfers. This allows anyone who performs [a zone transfer request] to the country's ns2.kptc.kp name server to get a copy of the nation's top level DNS data." Pretty soon, links to all the websites were posted on Reddit, where thousands of visitors took the opportunity to see what the web looks like from Pyongyang. Reddit's surge of traffic isn't the first time North Korea's internet has been knocked out. In 2014, the country suffered a distributed denial of service (DDoS) attack that was believed to have originated from the U.S. Redditor BaconBakin points out that while North Korea has 28 websites, GTA V has 83 websites. They added, "I think it's safe to say that San Andreas is more technologically advanced than North Korea."

An anonymous Slashdot reader writes: Leonard Nimoy's 59-year-old son released a trailer for his upcoming documentary, For The Love Of Spock. CBS released a video teaser for their upcoming Star Trek: Discovery series. And Schmaltz brewery released a "Trouble With Tribbles" beer.

It was all part of the festivities celebrating the 50th anniversary of CBS's original Star Trek series at this year's Comic-Con festival in San Diego, which culminated with an all-star panel of actors from previous Star Trek TV series. William Shatner, Michael Dorn, Brent Spiner, Jeri Ryan, and Scott Bakula all reminisced on the phenomenon of the show's fan culture, with Dorn telling the audience that Apple's iPad was inspired by Star Trek technology. And Brent Spiner told the audience, "We're in a time now where identity is under attack... Politicians could learn from Star Trek."

TigerPlish writes to note Variety's report on the death of actor Alan Rickman, who died after a short bout with cancer, and was surrounded by friends and family when he went. Rickman may be most familiar to you as Hans Gruber in Die Hard (especially in his final scene), or as Harry Potter's Snape, but his film career was long, crossing genre lines and extending into five decades.

MarkWhittington writes: NASASpaceFlight.com published the results of current NASA thinking concerning what needs to be launched and when to support a crewed mission to Phobos and two crewed missions to the Martian surface between 2033 and 2043. The result is a mind-numbingly complex operation involving dozens of launches to cis-lunar space and Mars using the heavy lift Space Launch System. The architecture includes a collection of habitation modules, Mars landers, propulsion units (both chemical rockets and solar electric propulsion) and other parts of a Mars ship.

imac.usr writes: I recently rewatched the Stonecutters episode of The Simpsons and laughed as always at the scene where Homer pulls into his parking space — right next to his house. It's such a great little comic moment. This time, though, it occurred to me that someone probably wrote in to complain that the power plant was normally in a completely different part of town, no doubt adding "I really hope somebody got fired for that blunder." And that got me to wondering: how do creators of serial media — books, web comics, TV shows, even movie serials — record their various continuities? Is there a story bible with the information, or a database of people/places/things, or even something scribbled on a 3x5 card. I know Slashdot is full of artists who must deal with this issue on a regular basis, so I'd be interested in hearing any perspectives on how (or even if) you manage it.

imac.usr writes: I recently rewatched the Stonecutters episode of The Simpsons and laughed as always at the scene where Homer pulls into his parking space — right next to his house. It's such a great little comic moment. This time, though, it occurred to me that someone probably wrote in to complain that the power plant was normally in a completely different part of town, no doubt adding "I really hope somebody got fired for that blunder." And that got me to wondering: how do creators of serial media — books, web comics, TV shows, even movie serials — record their various continuities? Is there a story bible with the information, or a database of people/places/things, or even something scribbled on a 3x5 card. I know Slashdot is full of artists who must deal with this issue on a regular basis, so I'd be interested in hearing any perspectives on how (or even if) you manage it.

A week ago you had the chance to ask Fark Founder Drew Curtis about wasting hours at work reading stories about Florida, and his Kentucky gubernatorial campaign. We'll be checking back with Drew as the race proceeds, but for now you can read his answers to your questions below. Culture Change
by eepok

There was a time when Fark Boobies links were mixed in with news links. Then it became its own tab. Then it was reborn as "Foobies"-- a wholly separate site. More recently, a strict "Anti-Misogyny" standard on Fark discussions was implemented which included the dis-allowance of the use of the word "rape" except in the academic sense, dis-allowing the use of demeaning terms in describing women, and suggesting that a female victim of a crime was somehow asking to be victimized.

Examples of dis-allowed uses include the meme "40 lbs. Box of Rape", references to the Whoopi Goldberg differentiation between "rape" and "rape rape", and Todd Akin's "legitimate rape" gaffe.

To say that the change was met with disdain would be an understatement. The ensuing threads were filled with battles back and forth between those who assert that such references and jocularity is proof a genuine hatred of women (misogyny) while others assert that lumping together edgy attempts at comedy with the genuine hatred of women is prejudicial and incredibly offensive.

Given Fark's historic culture of pushing/punching the boundaries of political correctness (see: "Welcome to Fark" memes) where almost nothing is so sacred that it cannot be joked about (see: "Window seat, please" memes), why was this decision made? Why were so many genuinely non-misogynistic actions/comments/memes lumped in with that term?

My partner and I have discussed the change at length. We're both fans of audacity humor, so we actually "get a kick out of the replies". Together, we came up with the following potential rationales. Which did we get right? Which didn't we?

• 1. I got older and my tastes have changed. I don't want to run a site that goes counter to my own sensibilities.
• 2. I received pressure from external organizations (other sites, special interests, advertisers).
• 3. I want to grow the site to be more inclusive of people who would be offended by such jokes.
• 4. I'm running for public office and Fark.com, if not cleaned up, would destroy my campaign.
• 5. I've received overwhelming negative feedback regarding the state of Fark comments and the numbers supporting a change greatly outnumber those who didn't like the change.
• 6. I actually believe that everyone who jokes about women hates women and they should be stopped.

Drew: It's a mix of several of these:

2. sort of - back in 2005 when we dipped our toes into direct ad sales we were told by media buyers they wouldn't touch us with a 10 ft pole with -links- to nudity. Which I still think is absurd. I argued like crazy that clearly-labeled links to nudity were no different in format than strip club advertisements in the phone book but made no headway whatsoever. So on the links note it was a business decision in 2005.

4. no impact whatsoever - in fact my instructions to the mods and admins were "change nothing". Part of my dislike for professional politicians is that they're manufactured people and we can all tell this is the case. I am a real person, I have flaws, and there is no way I'd be able to disguise my sense of humor from anyone paying attention.

5. this did happen - over the years stories rolled in about women being chased off the site by a very small percentage of men via behavior that we didn't expressly forbid. Our posting rules change was very slight and the vast majority of our community members had no problem adhering to it, probably because they were already in compliance anyhow.

It also fit with my general criteria for what makes taglines funny. I dislike rape jokes the same way I dislike puns - because as styles of humor go they're both too easy. I prefer more nuanced humor - especially slow burns.



Improving photoshop contests
by TWX

Fark used to have some of the best Photoshop contests, both in terms of what people came up with (thinking of the Lukket fake Rand Corporation computer as an example), and in the way that the in-line display and voting for the entries worked. What would you like to do with these going forward to get more involvement for these contests?

Drew: I'm open to suggestions here. P.S. contests evolved out of caption contest pretty early on - I hadn't intended to make them a feature but people really liked it so we kept it (much like caturday). I don't know what makes them tick - the main thing I did was not kill them off. Basically I have no idea what to do but I'd take a look at anything anyone suggested.



Four questions
by sandbagger

• Discussions on Fark don't go to infinity and beyond anymore. Is the attempt to make Fark more PC a response to that or a consequence?
• You're HTML 2.0 compliant, it seems. Ever planning on updating the back end?
• A few times a year there's a post to TFD asking for ideas on how to improve things. Nothing changes: why?
• The ethos of Fark used to be say anything --- smash any idols ---just be funny doing it. Has moving away from that basically made Fark no different from a lot of other discussion/aggregation sites?

Drew: There's no attempt to make Fark more PC. I think what happened is the rest of the Internet moved -far- past us on the anything-goes relative scale.

Backend: We're constantly updating things but we're very slow. I'm fine with that.

Nothing changes: What do you think we should have changed that was suggested?

The ethos of Fark was never say anything. Close though. My perfect Fark tagline is one that makes you initially gasp in horror, then on second reading you discover that the tagline hasn't actually crossed the line but damn it's right on the line and thinking about jumping.



Litigation
by bazmail

Hi Drew, what was the closest you ever came to shutting down FARK, due to litigation, threats from idiots you made famous, boredom, $$$ shortage etc?

Drew: We've almost been wiped out at least three times in the past 16 years. The worst was 2008-2009 when advertising all but dried up. I went without a salary for nearly two years. I was just about to pull the plug when all of the sudden right around xmas 2009 receivables skyrocketed out of nowhere.



Breaking Public Mindset
by Anonymous Coward

First off, thanks for Fark. Has killed many a hour of dull work! On to my question

For those of us techies immersed in the web, and those who have run across Fark on a given day, most of us will presumably know your background and to a point, your ideological leanings. How do you branch the divide with the public not versed on your background, with you being well versed on the tech. side of things, and translate that to Kentucky's highest elected position? And moreso, likely in the face of skeptics who might see you as an obscure 'Internet' site winner, and not someone who is versed in public policy, legalize, and politics in Kentucky?

Drew: It's correct that I'm not versed in public policy. However what's strange to me is that for some reason our elected officials, who should be far more well versed in publicly policy than I am, don't seem particularly intellectually curious about public policy ideas not backed by their own party. Democrats rarely budge from their set of talking points and neither do Republicans, but there's no way either side is 100% correct. campaign contributors impact this to a great degree.

But here's the thing - elected officials who belong to a political party are controlled by that party even while in office. Which means they can't (or won't) entertain the other party's public policy ideas while their own party is selling influence in the opposite direction.

This is ridiculous - if there's anything we all want it's the best solutions. Which have little to do with issues by the way - implementation matters far more than the issues. I haven't seen a candidate yet that can effectively separate the issues from the actual implementation.

For example, I'm all for smaller government but how's that going to work exactly? 20% off the top is a blunt implementation taken straight out of a late 1980s MBA textbook and it's a complete failure as a management strategy. Because meanwhile we still need roads, schools, and police that can function effectively. I'm not saying there isn't waste in government but let's go find it first before we cut blindly.

This is the crux of the problem - we are stuck with elected officials controlled by parties that sell influence to the highest bidder, usually in the form of ham-fisted solutions that have vast unintended (or intended) negative consequences.

So instead of doing the same thing we've always done, which no one thinks is actually working in the first place, how about we elect someone who's capable of investigating policy issues using data-driven analysis. And if the data can't tell us what to do, then let's just wait until we know for sure when more data arrives. Kentucky doesn't have to experiment - we can wait for other states to prove experimental ideas work. I want the legislature to send me exact copies of initiatives that have worked elsewhere.



Your biggest challenge to getting elected?
by gregorino

You and Ms. Curtis deserve tremendous credit for such a worthy effort. Thanks on behalf of US citizens eager for change -- or at least a demonstration that change is possible. Although some ambiguity remains, your site shows transparency, the application of sound business principles, a close examination of successful policies incorporated elsewhere, creativity, and an open ear for discussion from all sides. -- Which of the following is your greatest challenge to getting elected and how do you surmount it: (a) voter apathy, (b) lack of campaign funds, (c) misrepresentation or lack of presence in the media, (d) a self-described lack of political qualifications, (e) a lack of political experience, (f) lack of voter confidence, and (g) lack of voter advocacy?

Drew: Voter apathy. Everyone agrees the system doesn't work but no one thinks they can change it. There are 3.2 million registered voters in KY. Last gubernatorial election, 880k people voted. In a three way race it takes 300k-400k to win. Surely there are that many voters willing to try something different.

It's not apathy per se though - I've come to the conclusion that the parties actively don't want voters involved (other than ones loyal to their cause). It threatens their duopoly on selling influence.

Ask any party supporter in Kentucky and they'll tell you the same thing: that I can't win. What they're actually saying to you is don't vote. Give up. You're powerless to change -our- system.

Here are some interesting numbers however:

Last election, 9% of the electorate voted for an Independent whose positions aren't significantly different from my own.

At least 25% of democrats are voting against the main candidate as a protest vote. I don't believe he'll convince them to vote for him over me. Call that another 12%-15% of all voters (I'm fudging because 25% of Democrats are also undecided and he won't get all of them either).

Whoever wins the GOP will win with barely 30% of the vote if that. And it's been ugly. I don't know what percentage is available here but I'm easily sitting at 21%-24% in a race where I need 34%.

Which is 88,000-100,000 votes.

Those can come from any of the following pools:

• the ~100k undecided democrats who vote. I will get some of these.
• the remaining ~280k republicans who vote. I will get some of these.
• the 800k voters that number voted in the 2012 presidential election and did not vote in the 2011 gubernatorial election. I will get some of these - and the other candidates will not get many. These people were planning on staying home otherwise.
• anyone else who decides to jump in from the remaining 1.6m registered voter pool. I will get some of these - and the other candidates will not.

So we'll see.



Prevent Party Rollup
by Scottingham

Say your political campaign is successful. Do you have a plan in place to stop one of the "two" parties from co-opting your message and claiming to be a part of the same movement? I'm thinking Tea Party -> GOP and 'Occupy' -> Democrats. Both only 'sorta' worked (TheTea Party was much more successfully assimilated IMO), yet ultimately were co-opted.

Drew: This is why I'm running independent - so that doesn't happen. I'm wanting to encourage other independent candidates to run as well. The only thing we should all have in common is that our votes can't be bought and we'll take a look at any solution presented to us. Sharing a common ideology isn't a requirement.

And if they actually did co-opt the message because they implemented it, well good.



closet skeletons
by Anonymous Coward

Drew, what is the worst possible thing that a political opponent could dig up on you - what don't you want people to know?

Drew: Well in Kentucky it's probably the fact that I attended Duke's Talent Identification Program as a teenager for four years. I'm hoping my undying hatred of Duke's basketball team will help people over look that indiscretion.

First time accepted submitter Rabbit327 writes In a stunning announcement today scientists have announced that after millions of cycles of computing time on some of the largest super computers that they have discovered the meaning of life. On April 1st 2015 at approximately 03:42 GMT scientists discovered that a long running program had finished. The results stunned scientists who were having tea in the other room when the alarm went off. According to the scientific team the answer was stunning yet confusing. Quoting one scientist "It's amazing. It worked! But what does it mean?!? For heaven's sake we spent all this time calculating the answer to the ultimate question about life, the universe, and everything. This is the answer we get?!? This is the bloody answer we get?!?!??!?" after which the scientist promptly threw a keyboard across the room. According to inside sources the answer given by the computer was "42". What this means will be announced later according to a research representative.

First time accepted submitter Sigmon writes An unauthorized wave recently broadcast on the Cortex has revealed not only the existence of a previously unknown settlement on a far away border world called Miranda but also that the entire population of settlers was inadvertently wiped out by a top-secret Alliance program. Miranda was purportedly used as a testing ground for G-23 Paxilon Hydrochlorate, or simply "Pax" — a chemical agent designed to calm the population and weed out aggression. It seems the test did not go as planned. Also, reporters have been dispatched to the location of a battle not far from Miranda's location where the Alliance fleet has apparently suffered significant losses. It is unknown if the two events are related at this time. When contacted for comment on these events, government officials were very tight-lipped, however one official responded with a confusing statement about "Damming a river."

If you've spent time in the wasteland you've no doubt gone to Bartertown. Famous for its functioning walls, the oasis gives traders a chance to watch people battle to the death in a giant cage and deal busters spin The Wheel to learn their fate. While most wanderers enjoy watching the bloodsport many are now complaining that The Wheel is starting to feel old. "It's been around so long I think everyone has seen every option many times. You never know what's going to happen when someone is trying to smash someone else with a giant hammer, but The Wheel is getting predictable. It's worked so well that nobody has bothered to come up with new options," says one purveyor of slightly irradiated meat. His voice is just one in a growing chorus of dissatisfied wanderers. Another long-time resident adds: "I know it may not seems like a big deal, but part of the fun of living out here is the excitement. If the punishment to my eventual crime can't be fresh or creative I don't know what we're trying to build. These are not the values of the Bartertown I grew up in."

Locke writes: Our culture's military might has been unquestioned for years. But a new investigative report from the New England newsnet is casting an unpleasant light on military training efforts. What started out as a simple endeavor to track down a handful of kids for an unrelated story has turned into one of the most shocking scandals of our time, as reporters were unable to find the children literally anywhere on Earth. It's been revealed that a series of rocket launches has been carting classes of children off the planet to undergo intense battle preparations in null gravity. Calls for greater transparency have been met with silence, and several reporters visiting military bases for quotes have not returned. There could even be political ramifications — after ground-based telescopes sought out and found what appears to be an orbital training complex, the New Warsaw Pact has begun demanding answers. This could destabilize the fragile peace that has held far longer than anyone expected. The biggest remaining question is: why kids? There are plenty of adults willing to dedicate their lives to defending against the Bugger threat, so why spend an unfathomable amount of money to train undeveloped, uncoordinated children? Surely even the military understands kids are not mentally equipped to handle the pressures of real combat. More details to follow.

Mother_01101 writes: The Weyland-Yutani Corporation announced today one of the most fantastic discoveries in human existence: alien life! Colony LV-426 made first contact, and one of W-Y Corp's long-term research vessels, Nostromo, has gone to provide assistance and bring these life forms home to engage in peaceful learning and negotiation. Initial reports from Nostromo indicate all has gone well, though they're now under radio silence for security purposes. W-Y Corp says they will, of course, honor all quarantine procedures and do everything they can to make sure the transition goes smoothly. Their CEO reminded us: "Safety is paramount!"

BeruHadItComing writes: Imperial investigators are still trying to piece together what happened in last week's horrifying terrorist attack on our largest orbital defense station. Over a million loyal citizens, scientists, and medical staff lost their lives in the grisly attack while the station was being put through training exercises near the Yavin system. Billions more are in mourning, while a number of powerful senators have renewed calls to increase defense spending. Initial reports have confirmed Rebel involvement, and officials are making inquiries about a young insurgent from Tatooine with known ties to religious fundamentalists.

An anonymous reader writes "Sunday was the birthday of the late great Gary Gygax, co-creator of Dungeons & Dragons and Futurama guest star. With the fifth edition of D&D soon to come out at Gen Con this year, Jon Peterson, author of Playing at the World, has released a new piece to answer a historical question: how was it, back in 1985, that Gary was ousted from TSR and control of D&D was taken away from him? Drawn from board meeting minutes, stock certificates, letters, and other first-hand sources, it's not a quick read or a very cheery one, but it shows how the greatest success of hobby games of the 1980s fell apart and marginalized its most famous designer."

First time accepted submitter TC+0 (3672227) writes "Inspired by comments regarding its first incarnation, the Terran Computational Calendar's recent redefinition now includes dynamic support for 'leap duration', 'year bases', and 'datemods'. Here's the new abstract from terrancalendar.com (wikia mirror) captured at 44.5.20,6.26.48 TC+7H:

Synchronized with the northern winter solstice, the terran computational calendar began roughly* 10 days before the UNIX Epoch. Each year is composed of 13 identical 28-day months, followed by a 'minimonth' that houses leap days (one most years and two every 4th but not 128th year) and leap seconds (issued by the IERS during that year). Each date is an unambiguous instant in time that exploits zero-based numbering and a handful of delimiters to represent the number of years and constant length months, days, hours, minutes, and seconds that have elapsed since 0TC (the calendar's starting point). An optional 'year base' may be applied to ignore erratic leap duration. Arithmetic date adjusting 'datemods' can be applied to define things like weeks, quarters, and regional times."

TuringTest (533084) writes "Popular culture website Wikia originally hosted its user-contributed content under a free, sharealike Commercial Commons license (CC-BY-SA). At least as soon as 2003, some specific wikis decided to use the non-commercial CC-BY-NC license instead: hey, this license supposedly protects the authors, and anyone is free to choose how they want to license their work anyway, right? However, in late 2012 Wikia added to its License terms of service a retroactive clause for all its non-commercial content, granting Wikia an exclusive right to use this content in commercial contexts, effectively making all CC-BY-NC content dual-licensed. And today, Wikia is publicizing a partnership with Sony to display Wikia content on Smart TVs, a clear commercial use. A similar event happened at TV Tropes when the site owners single-handedly changed the site's copyright notice from ShareAlike to the incompatible NonCommercial, without notifying nor requesting consent from its contributors. Is this the ultimate fate of all wikis? Do Creative Commons licenses hold any weight for community websites?"

TuringTest (533084) writes "Popular culture website Wikia originally hosted its user-contributed content under a free, sharealike Commercial Commons license (CC-BY-SA). At least as soon as 2003, some specific wikis decided to use the non-commercial CC-BY-NC license instead: hey, this license supposedly protects the authors, and anyone is free to choose how they want to license their work anyway, right? However, in late 2012 Wikia added to its License terms of service a retroactive clause for all its non-commercial content, granting Wikia an exclusive right to use this content in commercial contexts, effectively making all CC-BY-NC content dual-licensed. And today, Wikia is publicizing a partnership with Sony to display Wikia content on Smart TVs, a clear commercial use. A similar event happened at TV Tropes when the site owners single-handedly changed the site's copyright notice from ShareAlike to the incompatible NonCommercial, without notifying nor requesting consent from its contributors. Is this the ultimate fate of all wikis? Do Creative Commons licenses hold any weight for community websites?"

TuringTest (533084) writes "Popular culture website Wikia originally hosted its user-contributed content under a free, sharealike Commercial Commons license (CC-BY-SA). At least as soon as 2003, some specific wikis decided to use the non-commercial CC-BY-NC license instead: hey, this license supposedly protects the authors, and anyone is free to choose how they want to license their work anyway, right? However, in late 2012 Wikia added to its License terms of service a retroactive clause for all its non-commercial content, granting Wikia an exclusive right to use this content in commercial contexts, effectively making all CC-BY-NC content dual-licensed. And today, Wikia is publicizing a partnership with Sony to display Wikia content on Smart TVs, a clear commercial use. A similar event happened at TV Tropes when the site owners single-handedly changed the site's copyright notice from ShareAlike to the incompatible NonCommercial, without notifying nor requesting consent from its contributors. Is this the ultimate fate of all wikis? Do Creative Commons licenses hold any weight for community websites?"

First time accepted submitter chimeraha (3594169) writes "Synchronized with the northern winter solstice and the UNIX Epoch, the terran computational calendar contains 13 identical months of 28 days each in addition to a short Month Zero containing only new year's day and a single leap year day every four years (with the exception of every 128 years). The beginning of this zero-based numbering calendar, denoted as 0.0.0.0.0.0 TC, is on the solstice, exactly 10 days before the UNIX Epoch (effectively, December 22nd, 1969 00:00:00 UTC in the Gregorian Calendar). It's "terran" inception and unit durations reflect the human biological clock and align with astronomical cycles and epochs. Its "computational" notation, start date, and algorithm are tailored towards the mathematicians & scientists tasked with calendrical programming and precise time calculation.

There's a lot more information at terrancalendar.com including a date conversion form and a handfull of code-snipits & apps for implementing the terran computational calendar."

New submitter Jason Baker writes "It seems like a perennial question: 'How do we get more women involved in tech?' The open source community, like any other part of the technology industry, is grappling with finding solutions that are more than just talking the talk of diversity, but actually make some demonstrable difference in the numbers. While there have been numerous success stories, the gender gap is still rampant. The answer, at least to one freelance entrepreneur, is providing strong role models of women using open source to have fun and make money. But is that enough to make a difference?"

vikingpower writes "Randall Munroe, the comic author best known as the creator of the xkcd webcomic, reveals the secret backstory of his epic, 3099-panel 'Time' strip in an interesting interview with Wired. He says, 'In my comic, our civilization is long gone. Every civilization with written records has existed for less than 5,000 years; it seems optimistic to hope that the current one will last for 10,000 more ... The Earth’s axis wobbles over the millennia, and some individual stars move visibly, so I used a few different pieces of astronomy software–with a lot of hand correction and tweaking–to render the future night sky. When the Sun sets in the night sequence, one of the first things you see is the gap where Antares should be, which was the first clue that this is taking place in the far future. Later in the night–which lasted for several days of real time–more astronomical details let readers pin down the date more precisely.' The comic can be seen as an animation on YouTube. There is also a complete click-through version available on geekwagon. This comic inspired a dedicated wiki and has its own glossary."

vikingpower writes "Randall Munroe, the comic author best known as the creator of the xkcd webcomic, reveals the secret backstory of his epic, 3099-panel 'Time' strip in an interesting interview with Wired. He says, 'In my comic, our civilization is long gone. Every civilization with written records has existed for less than 5,000 years; it seems optimistic to hope that the current one will last for 10,000 more ... The Earth’s axis wobbles over the millennia, and some individual stars move visibly, so I used a few different pieces of astronomy software–with a lot of hand correction and tweaking–to render the future night sky. When the Sun sets in the night sequence, one of the first things you see is the gap where Antares should be, which was the first clue that this is taking place in the far future. Later in the night–which lasted for several days of real time–more astronomical details let readers pin down the date more precisely.' The comic can be seen as an animation on YouTube. There is also a complete click-through version available on geekwagon. This comic inspired a dedicated wiki and has its own glossary."

Fortran IV writes "Randall Munroe's xkcd webcomic has done some odd things before, but #1190, 'Time,' is something special. It's a time-lapse movie of two people building a sandcastle that's been updating just once an hour (twice an hour in the beginning) for well over a month (since March 25th), and after over a thousand frames shows no sign of ending; in a few days the number of frames will surpass the total number of xkcd comics. It's been mentioned in The Economist. Some of its readers have called it the One True Comic; others have called it a MMONS (Massively Multiplayer Online Nerd Sniping). It's sparked its own wiki, its own jargon (Timewaiters, newpix, Blitzgirling), and a thread on the xkcd user forum that runs to over 20,000 posts from 1100 distinct posters. Is 'Time' a fascinating work of art, a deep sociological experiment — or the longest-running shaggy-dog joke in history? Randall Munroe's not saying."

Adam Orth, creative director of Microsoft Studios, on Thursday tweeted that "doesn't get" objections to DRM schemes that require always-on internet connection to play console games. An anonymous reader writes "Microsoft on Friday released an official statement regarding the tweets: 'We apologize for the inappropriate comments made by an employee on Twitter yesterday. This person is not a spokesperson for Microsoft, and his personal views do not reflect the customer centric approach we take to our products or how we would communicate directly with our loyal consumers. We are very sorry if this offended anyone, however we have not made any announcements about our product roadmap, and have no further comment on this matter.'" I can't help reading those tweets in the voice of Sterling Archer.

Trailrunner7 writes "California, which set the standard for data breach notifications nationwide, is again seeking to set a precedent by becoming the first state in the nation to require companies upon request disclose to California consumers the data they've collected and to whom it was shared during the past year. ... The 'Right to Know Act of 2013,' AB 1291 was amended this week to boost its chances of success after being introduced in February by state Assembly member Bonnie Lowenthal. ... It applies to companies that are both on- and off- line Privacy advocacy groups such as the EFF wrote Tuesday that the bill could set a precedent for other states, much as California's 2002 Breach Notification Act requiring California data breach victims be notified was later replicated by almost all U.S. states." That's not all: you'd be able to request a copy of all the data they've stored about you too.

SchrodingerZ writes "Raymond Cusick, a production designer for the BBC show Doctor Who from 1963 to 1966, has died from illness. 'Terry Nation, who died in 1997, wrote the 1963 story The Daleks, in which the "satanic pepperpots" first appeared, but it was Cusick who came up with the machines' distinctive look, including the bobble-like sensors, eyestalk, sucker and exterminator weapons.' His horrid creation has remained a prime enemy in Doctor Who for over 50 years, and have remained relatively unchanged. His tireless work however was never fully awarded, as his only pay for the project was about £100. Cusick also worked on such shows as Z Cars, Dr Finlay's Casebook and The Forsyte Saga to The Duchess of Duke Street, When the Boat Comes In and Rentaghost. He officially retired in 1987. Claire Heawood, Cusick's daughter, has said that her father was 'suffering from an illness and died peacefully in his sleep on Thursday.'"

John "Jack" R. Horner is the Curator of Paleontology at the Museum of the Rockies, adjunct curator at the National Museum of Natural History, and one of the most famous paleontologists in the world. Known in the scientific community for his research on dinosaur growth and whether or not some species lived in social groups, he is most famous for his work on Jurassic Park and being the inspiration for the character of Alan Grant. Horner caused quite a stir with the publication of his book, How to Build a Dinosaur: Extinction Doesn't Have to Be Forever, in which he proposes creating a "chickensaurus" by genetically "nudging" the DNA of a chicken. Jack has agreed to step away from the genetics lab and put down the bones in order to answer your questions. As usual, you're invited to ask as many questions as you'd like, but please divide them, one question per post.

cervesaebraciator writes "A new species of heterodontosaur, called Pegomastax, has been identified. Paul Sereno, a University of Chicago paleontologist, published a description of this species in a recent issue of ZooKeys. Although this diminutive (60 cm or less) species was herbivorous, it also possessed a set of sharp, stabbing canines in its parrot-shaped beak. Dr. Sereno holds that these canines where likely 'for nipping and defending themselves, not for eating meat.' Perhaps the most imaginatively intriguing aspect of all, the body of the Pegomastix might have been covered in porcupine-like quills, making for perhaps the least attractive dinosaur of all time. You can almost hear Dieter Stark screaming 'Helvetes jävlar!'"

cylonlover writes "Valve has gained a reputation over the years not just for consistently putting out great games, but also for the slick trailers and promo videos that go along with them. But now the developer is turning the tables and handing over its own video-making tools to fans free of charge. With the Source Filmmaker, gamers will be able to direct, animate, and record their own videos as if they were shooting on location inside a video game."

Last Thursday, the Sawfish window manager project announced the availability of 1.8.92. The release brings several new features. Highlights include: support for MATE and Razor-Qt (along with better GNOME and KDE support), better edge action support, and improvements to the theming system. A new OS X style single window mode has been added, along with a really interesting shade stack feature: "Added shade-stack feature. It provides an alternative to iconify-window. Instead of iconifying a window or minizing it to a tray, the windows get shaded and sorted in a stack starting from the top-left corner (the number of columns can be changed). Combined with auto-unshade this offers — possibly — a better way of interacting with windows which aren't required at the moment. Original code by Luke Gorrie. [Christopher Bratusek]" This is the first release candidate for the new stable 1.9 series.

Last Thursday, the Sawfish window manager project announced the availability of 1.8.92. The release brings several new features. Highlights include: support for MATE and Razor-Qt (along with better GNOME and KDE support), better edge action support, and improvements to the theming system. A new OS X style single window mode has been added, along with a really interesting shade stack feature: "Added shade-stack feature. It provides an alternative to iconify-window. Instead of iconifying a window or minizing it to a tray, the windows get shaded and sorted in a stack starting from the top-left corner (the number of columns can be changed). Combined with auto-unshade this offers — possibly — a better way of interacting with windows which aren't required at the moment. Original code by Luke Gorrie. [Christopher Bratusek]" This is the first release candidate for the new stable 1.9 series.

Bananatree3 writes "While we have sci-fi visions of room temperature superconductors like in the movie Avatar, the question still remains: How would the discovery of a such a material impact our everyday lives? How would the nature of warfare change? How would the global economy react? What are the cultural pros and cons of such a technological shift?" And just as important, in what contexts would you want to see it first employed?

An anonymous reader writes "While Samsung has been accused of repeatedly borrowing everything from Apple's hardware, to packaging and accessories, it appears that all current iDevices share a port which is very similar to one found on a forty-year-old Polaroid camera. It gets more interesting when you realize that camera was the 'supreme achievement' of a man Steve Jobs idolized. Edwin Land was the creator of the Polaroid camera and, if Steve Jobs obsessed over Land's devices the way many do with iPhones, etc. today, there's a chance this similarity is not a coincidence."

briancarper writes "Vim is an open-source text editor with a power and flexibility matched only by the steepness of its learning curve. As the author of this book states, 'Vim Can Do Everything' but configuring it to do so is sometimes daunting. Hacking Vim 7.2 aims to help the average Vimmer get the most out of customizing Vim, for fun and productivity." Read on for the rest of briancarper's review. Hacking Vim 7.2 author Kim Schulz pages 244 publisher Packt Publishing rating 8 reviewer briancarper ISBN 1849510504 summary Customizing and scripting Vim 7.2 Vim has an overwhelming number of features. Its built-in help system and documentation are comprehensive and easy to navigate once you know what you're looking for, but knowing where to start is sometimes very difficult. The best you can hope for in a book is a broad outline to point the way toward features that you didn't know much about. Hacking Vim 7.2 achieves this goal.

No topic is covered in nearly the depth you'll find in the official documentation (or even on the Vim Wiki), but every topic is covered in enough detail to let you know that a feature exists and to point you in the right direction to begin using it. Most helpfully, throughout the book are references to things to look up in Vim's help system, as well as links to various relevant scripts.

This is not a book for an absolute Vim beginner; some familiarity with Vim is assumed. And for a Vim fanatic, much of the material may be common knowledge for you already. But any seasoned Vimmer will tell you that there are always things to learn about this editor, and I think nearly everyone will learn something from this book. For someone who uses Vim and is looking to master it, this book is a great starting point, though you'll still need to dive into the official reference material to really cement your knowledge.

The book starts on an odd note. Chapter 1 is a history of vi and the various vi clones released over the past couple decades. This information is interesting trivia and serves to give credit to programmers who paved the road to Vim, but it doesn't really help anyone "hack Vim" in any way. The book probably could've done without this chapter.

Chapter 2 deals with customizing the overall look and feel of Vim. How and where to edit vimrc is covered, with brief attention given to cross-platform issues. It covers the basics (changing font faces and colors, customizing menus and toolbars), as well as pointing out some more obscure settings, like highlighting the cursor row and column (creating a kind of "cursor crosshair"), and using the match feature to highlight multiple search terms at once. This chapter is a good foundation for later chapters and a good introduction for anyone who has never edited their own vimrc.

Chapter 3 is about text navigation. Sadly, the book doesn't go into as much detail on movement commands as I would've liked. The ability to move around and manipulate text quickly in Normal Mode by combining counts and motions/operators is one of Vim's most unique and powerful features, but it only gets a few paragraphs here.

There are some interesting key mappings provided, for example how to move up and down between "virtual" lines when lines are soft-wrapped. Search is covered briefly, both plain text search and multi-file search via vimgrep, but there's little information about Vim's powerful regular expressions, which I thought was a shame. Marks are discussed, both normal "hidden" marks as well as visible "signs", the latter being a feature I've never used.

Chapter 4 is about "production boosters" and covers a wide variety of topics. Much of the chapter is devoted to "templates" and "snippets", which allow you to build skeletons of commonly-used source code (with fill-in-the-blanks markers) that can be re-used when editing new files. A system for using these templates is built from scratch using Vim script, providing a clever and useful example of scripting in action.

Auto-completion is covered in a lot of detail. Some custom key mappings are provided to help make "omni-completion" in Vim a bit easier to invoke. This chapter also very thoroughly covers Vim's multiple copy/paste registers and how they work. Recording and using macros, pointed out as one of Vim's more overlooked features, gets a good, lengthy example.

"Undo branching" in Vim is wonderful, but difficult to understand. Chapter 4 gives a simple, step-by-step example of why it's useful and how it works. This chapter also briefly discusses folding, vimdiff, netrw (editing files remotely via SSH and other protocols), and ctags. There's lots of good stuff in this chapter and you're almost certain to learn something useful.

Chapter 5 covers text formatting, both using built-in Vim commands and by piping text through external tools like par and tidy. A lot of space is devoted to using Vim to prettify plaintext, for example by centering titles on a line, adding ASCII-art dashes for headers and making bulleted lists. If you edit plaintext in Vim often, this is probably a great chapter, but I didn't find much use for most of it.

For programmers, the book discusses the different indentation styles available in Vim and very briefly shows how to write your own indentation functions, and how to indent and reformat blocks or whole files of code all at once. "Paste mode" also gets a passing mention. Personally I think a programmer reading this book would've benefited from much more detail about Vim's myriad indentation and text-wrapping options and how they work together, as this can be one of the most frustrating parts of Vim to configure correctly.

I had high hopes for Chapter 6 and 7, which deal with Vim scripting, but I was largely disappointed. Chapter 6 deals with scripting basics, and is essentially a beginner's language tutorial. It explains which variable types exist in Vim script, how if/then/else works, how for- and while-loops work, how function parameters operate, and so on, but anyone who knows a modern scripting language will learn these things quickly without much effort. There's also some basic information about how to write a syntax-highlighting script from scratch, but there's not really enough information to allow you write one for a real programming language.

Chapter 7 is supposed to be about "extended scripting" topics, but serves largely as a style guide. It details how to structure a script to check for compiled-in features and Vim version number. This chapter touches briefly on using SID and PLUG to namespace functions, but the explanation and example left me puzzled. How to use the debugger and how to make Vimballs are both explored, and the book points out that you can use Perl, Python and Ruby to script Vim without going into much detail or giving solid examples.

If you're looking for any advancing information on writing your own functions in Vim script, you're mostly out of luck here. Previous chapters in the book do include some useful and practical functions, but those functions are never really taken apart or explained in detail.

Finally there are two appendices, one of which lists a bunch of games you can play in Vim (again this could've been left out of the book and I wouldn't have missed it), as well as examples of using Vim as a mail, chat, and Twitter client. There's also a feature-by-feature comparison of Vim to MS Visual Studio, showing that many of Visual Studio's abilities can be provided in Vim given the proper scripts. I thought it was an interesting demonstration that Vim really can do everything, just in case the reader had any doubts at this point. The last appendix is a style guide for keeping your vimrc clean, mostly via common sense and splitting your configuration into multiple files.

Overall, stylistically the book is a bit dry and humorless, but it's easy enough to read and it gets its information across clearly. There were a few typos and editing errors, including a few rather glaring typos in some code examples, but overall the author seems extremely knowledgeable about Vim. The best parts of the book are where the author says "this was useful to me personally, so here's how I do X". This book is clearly written by someone who uses Vim all the time, and most of the information provided is practical and immediately usable.

I do feel the book should've gone into more detail in many areas. At 244 pages, the book is short and gives a rather shallow view of many of Vim's features. But the book hits all the right notes and leaves few features entirely unexplored.

I'd recommend this book to any person who uses Vim and wants to explore features they may have been missing. There's nothing in this book you won't find in Vim's built-in documentation, but this book lays everything out in an easy-to-read format, and should serve as a good starting point to customizing and mastering Vim.

You can purchase Hacking Vim 7.2 from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

An anonymous reader writes "Researchers from the University of Liege in Belgium have been able to perform real-time video analysis on a regular Canon digicam (video link) without any hardware modification. The results are shown directly on the digicam's screen. They use a hacked version of a popular open-source alternative firmware for Canon cameras: CHDK. This is a proof-of-concept that computer vision algorithms can now be embedded on regular Canon digicams with little effort (CHDK is coded in C). What other popular vision algorithms could be implemented? For what purpose?" You can get some idea about ViBe from this abstract at IEEE; basically, it allows background extraction in moving images.

tramm writes "I've released an extension for the Canon 5D Mark II DSLR's video mode to enable functions that are useful for independent film makers. While the camera produces a great movie out of the box, the audio is a severely limited. My code adds features that should have been in the software, like on-screen stereo audio meters, live audio monitoring, reduced audio noise and crop marks for different formats. An introductory video shows the new features in use and an audio evaluation compares it to the stock firmware with very good results. It's similar to the incredibly flexible CHDK software for Canon's point-and-shoot cameras, but targeted at the film makers using the 5D. The Magic Lantern firmware is GPLed and new features will be written to make the camera even more useful on set. There is a wiki for documentation and development."

tramm writes "I've released an extension for the Canon 5D Mark II DSLR's video mode to enable functions that are useful for independent film makers. While the camera produces a great movie out of the box, the audio is a severely limited. My code adds features that should have been in the software, like on-screen stereo audio meters, live audio monitoring, reduced audio noise and crop marks for different formats. An introductory video shows the new features in use and an audio evaluation compares it to the stock firmware with very good results. It's similar to the incredibly flexible CHDK software for Canon's point-and-shoot cameras, but targeted at the film makers using the 5D. The Magic Lantern firmware is GPLed and new features will be written to make the camera even more useful on set. There is a wiki for documentation and development."

Pig Hogger writes "If you're stuck with a cheap Canon point-and-shoot camera and have feature envy over the neighbor's sophisticated latest model, fret not! According to this LifeHacker article, the CHDK project allows nearly complete programmatic control of cheap Canon point-and-shoot cameras, enabling users to add features, up to and including games and BASIC scripting."

babooo404 writes "Jimmy Wales' latest project, Search Wikia has launched into alpha this morning. Most reviews have been negative. The system is a 'social search' and uses the Nutch search algorithm. You can friend people along with creating profiles, and the system uses a Wikipedia-style format for 'mini articles.'"

Frequent Slashdot contributor Bennett Haselton gives the full-disclosure treatment to the widely known and surprisingly simple technique for finding treasure-troves of credit card numbers online. He points out how the credit-card companies could plug this hole at trivial expense, saving themselves untold millions in losses from bogus transactions, and saving their customers some serious hassles. Read on for Bennet's article.
Some "script kiddie" tricks still work after all: Take the first 8 digits of a standard 16-digit credit card number. Search for them on Google in "nnnn nnnn" form. Since the 8-digit prefix of a given card number is often shared with many other cards, about 1/4 of credit card numbers in my random test, turned up pages that included other credit card numbers, and about 1 in 10 turned up a "treasure trove" of card numbers that were exposed through someone's sloppily written Web app. If the numbers were displayed along with people's names and phone numbers, sometimes I would call the users to tell them that I'd found their cards on the Internet, and many of them said that the cards were still active and that this was the first they'd heard that the numbers had been compromised.

Now, before this gets a lot of people mad, let me say that at first I was planning on holding off writing about this for months if necessary, to give the credit card companies time to do something about it. In other words, I actually had the presumptuousness to think that I had been the first one to discover it, but only because the credit card numbers that I found were still active. (If the trick had been widely known, I reasoned, surely the credit card companies would have found any credit card numbers listed in Google before I did, and gotten them cancelled.) Then I found that the trick had been publicized about three years earlier in a C-Net article by Robert Lemos and was probably widely known even before that. (The article stops just short of describing the actual technique, but one reader posted the full details in a follow-up comment.) Another article from that year in CRM Daily describes an even more efficient trick: Googling for number ranges like 4060000000000000..4060999999999999 to find Visa card numbers beginning with "4060". Google has now blocked that trick, so that trying that as a Google search leads to an error page. But the basic technique of Googling for working credit card numbers, apparently still works. In other words, credit card companies have apparently known about this technique for at least three years, probably longer, and presumably have hoped it would continue being swept under the rug.

At this point, I think the right thing to do is to shine a light on the problem and insist that they fix it as soon as possible. It may result in a short-term spike in people using this technique, but if it results in the problem being fixed, then the total number of fraud incidents will probably be less in the long run.

It would be simple for companies like Visa, MasterCard, and Discover to take a list of the most common 8-digit prefixes, query for them every day on Google, and de-activate any new credit card numbers that were found that way. (American Express cards are apparently not vulnerable to this trick, because when their 15-digit card numbers are written with spaces, they are usually written in the format "3xxx xxxxxx xxxxx", and Googling for the first 10 digits as "3xxx xxxxxx" didn't yield anything in my random test of ten AmEx numbers. But this is still their problem too, since the searches that turn up "treasure troves" of card numbers usually include AmEx numbers as well.) A Perl programmer could write a script in one afternoon that could run through all the known 8-digit prefixes, parse the search results, and pick out any URLs that weren't listed as matches the day before. From there, the search results would have to be reviewed by a human, in order to spot any situations where one credit card number was exposed at one URL, and a slight variation on the same URL (such as varying an order ID number) would expose other credit card numbers as well, which was the case with several of the hits that I found. Simple, but time-consuming with so many different 8-digit prefixes -- but every minute of effort expended on tracking down and canceling leaked credit card numbers, would save time and grief later by preventing the numbers from being used by criminals. If it would save them time in the long run and help prevent fraud, then why don't they do this?

It's considered good etiquette among security researchers, when finding a new security hole, to give the affected companies a chance to fix the issue before publicizing it. When I first contacted the credit card companies and described exactly how the exploit worked and how to block it, after getting a polite "We can't comment" from each one, I figured I'd give them a few months to get a system in place that could find leaked cards on a daily basis and de-activate them before they could be used. But then I found the C-Net article from 2004, and figured that if the card companies hadn't taken action in three years, it was fair game to publicize the trick in order to increase the pressure on them to plug the gap. Of course, it's not the card companies' fault that these card numbers are leaked onto the Web; it's the fault of the merchants that allowed them to get leaked. But the credit card companies are the only ones who are in a position to do something about it.

I did try the "Good Samaritan" approach, calling the credit card companies when I found one of their customers' card numbers on the Web. For each of the four major card companies, I called their security departments and reported two of the cards that I had found compromised, and then a week later, called the cardholders themselves to see if the card companies had notified them. Surprisingly, of the four companies, American Express was the only one whose customers in this experiment, when I called them a week later, said that AmEx had contacted them and told them to change their numbers. But even if all four credit card companies were more proactive about acting on reports of leaked numbers, the problems with scaling this approach are that (a) I usually had to wait on hold for a few minutes with each company and then spell out each card number that I'd found, which doesn't scale for a large number of stolen card numbers, and (b) if lots of people started doing this, then the credit card companies would be inundated with duplicate reports about the "low-hanging fruit", card numbers with common prefixes that appear near the top of some Google search result. Both problems could be avoided if the card companies simply ran their own script that queried Google and brought up a list of any indexed card numbers, whereupon an employee could copy and paste the numbers into an interface that would flag the cards instantly.

Google does have a feature where you can request the removal of pages that contain credit card numbers and other personal data such as Social Security Numbers. Any pages that I found containing credit card data, I submitted for removal, and Google did handle each removal request within two days. But this doesn't guard against the possibility that someone might have found the credit card information before it was removed, and of course it doesn't mean that other search engines like Alta Vista (remember Alta Vista?) might not have indexed the same pages. Running a sample of 8-digit prefix searches on Alta Vista, I found about as many credit cards as I found through Google, including some pages that were not in the Google index (maybe Google never indexed them, or maybe they had removed them already). So removing a page from any engine's search results is more like covering up a symptom of a problem than fixing the problem itself, which is the fact that the card number was leaked to the Web in the first place.

If nothing else, this is another reminder of how terrible the security model is for credit card numbers as a token of payment -- one universal piece of information shared with every merchant, that can be used for unlimited unauthorized charges if it gets compromised, until someone notices. About the only desirable property of credit card numbers from a security point of view is that they can be changed, and most of your existing recurring billing relationships will carry over, but even that is a hassle. Several credit card companies do provide the ability to generate single-use credit card numbers, each one authorized only for a limited purchase amount. The problem with that is that as any security analyst will tell you, if it takes even one extra step, most people won't bother -- as long as all-purpose credit card numbers are the default, that's what most people will use. Perhaps incidents like this will push people towards more 21st-century-aware styles of payment (like PayPal, but without all the horror stories), where you can pay a bill through a system that debits your card or your bank account, without sharing all your information with the merchant.

But in the short term, as long as credit card numbers are still with us, the card companies should make more proactive efforts to find and deactivate the ones that have been leaked on the Internet. If the card numbers are found to be leaked by a clumsy Web interface on one company's site, then that company should be chastised by the card companies that issued them a merchant account. If the numbers are found together in a list posted on some third-party forum, then the companies can cross-reference the charge history against each card in the list, to narrow down which merchant may have been responsible for the leak. I'm sure the card companies do something like this already when they find a list of leaked cards; what they don't seem to be doing is acting aggressively enough to find the leaked numbers in the first place.

Maybe the real moral is not the insecurity of credit card numbers, but the value of transparency and online community relations. If MasterCard had been a hip company like Wikia, some volunteer probably would have discovered this attack very early, and another volunteer would have written an open-source tool to find and deactivate leaked MasterCard numbers automatically, and the problem would have been solved ten years ago. In fact many tech companies, if you report a security problem to them, will thank you and fix it immediately, and some of them will even offer you cash if you find any more, like Netscape used to do with their $1,000 Bugs Bounty program. We get so used to big companies having obvious holes in their security practices and answering every question about security with a flat "No comment", that we forget it doesn't have to be that way -- transparency is not just trendy, it works. After years of having bug hunters poke at the Netscape browser, the security may not have been perfect, but it didn't have any security holes that were as simple and obvious as to be analogous to finding credit card numbers on Google.

akintayo writes "The New York Times reports that in response to the recent brouhaha, some technology bloggers have suggested raising the level of civility on tech blogs by implementing a code of conduct. Kathy Sierra, a technology blogger and friend of O'Reilly was subjected to threats and insults from readers and other bloggers. In partial response, O'Reilly and others have proposed a code of conduct which could include restrictions like the outlawing of anonymous accounts."

Ars Technica reports on the intention of the Wikia group to create a wiki-based open source gaming magazine. The gaming.wikia site is intended to be a fully editable source of information for game news consumers. From the lips of Dan Lewis, VP of business development at Wikia: "The 'open-source magazines' we're unveiling today are focused largely around topics where passionate people have already started collaborating online. The launch of Tunes, Cars, Gaming and Health is a continuation of our mission to open-source the creation and development of content around every topic imaginable — so we are obviously not stopping here."

ToiletDuck writes "Wikipedia co-founder Jimbo Wales appears to have changed his mind concerning Essjay, the administrator who was caught lying about his academic credentials. Wales issued a statement today on his User Talk page requesting that EssJay voluntarily step down. Wales defended his earlier comment about EssJay, claiming 'I only learned this morning that EssJay used his false credentials in content disputes ... I want to make it perfectly clear that my past support of EssJay in this matter was fully based on a lack of knowledge about what has been going on.' Wales did not comment on whether EssJay would continue to serve in his paid position at Wikia, the for-profit cousin of Wikipedia."

An anonymous reader writes "A prominent Wikipedia administrator and Wikia employee has been caught lying to the media and 'other' professors about his academic credentials. Wikipedia's Essjay has been representing himself as 'a tenured professor of theology at a private university in the eastern United States; I teach both undergraduate and graduate theology. My Academic Degrees: Bachelor of Arts in Religious Studies (B.A.), Master of Arts in Religion (M.A.R.), Doctorate of Philosophy in Theology (Ph.D.), Doctorate in Canon Law (JCD).' His real identity came to light after Wikia offered him a job: It turns out that he is really 24 years old with no degree living in Louisville, KY. Wikipedia's co-founder, Jimbo Wales, says 'I regard it as a pseudonym and I don't really have a problem with it.' How will this affect Wikipedia's already shaky reputation with the academic world?"

Slashdot contributor Bennett Haselton writes "When Jimmy Wales recently announced the Search Wikia project, an attempt to build an open-source search engine around the user-driven model that gave birth to Wikipedia, he said his goal was to create "the search engine that changes everything", as he underscored in a February 5 talk at New York University. I think it could, although not for the same main reasons that Wales has put forth -- I think that for a search engine to be truly meritocratic would be more of a revolution than for a search engine to be open-source, although both would be large steps forward. Indeed, if a search engine could be built that really returned results in order of average desirability to users, and resisted efforts by companies to "game" the system (even if everyone knew precisely how the ranking algorithm worked), it's hard to overstate how much that would change things both for businesses and consumers. The key question is whether such an algorithm could be created that wouldn't be vulnerable to non-merit-based manipulation. Regardless of what algorithms may be currently under consideration by thinkers within the Wikia company, I want to argue logically for some necessary properties that such an algorithm should have in order to be effective. Because if their search engine becomes popular, they will face such huge efforts from companies trying to manipulate the search results, that it will make Wikipedia vandalism look like a cakewalk." The rest of his essay follows.

This will be a trip into theory-land, so it may be frustrating to users who dislike talk about "vaporware" and want to see how something works in practice. I understand where you're coming from, but I submit it's valuable to raise these questions early. This is in any case not intended to supplant discussion about how things are things are currently progressing.

First, though, consider the benefits that such a search engine could bring, both to content consumers and content providers, if it really did return results sorted according to average community preferences. Suppose you wanted to find out if you had a knack for publishing recipes online and getting some AdSense revenue on the side. You take a recipe that you know, like apple pie, and check out the current results for "apple pie". There are some pretty straightforward recipes online, but you believe you can create a more complete and user-friendly one. So you write up your own recipe, complete with photographs of the process showing how ingredients should be chopped and what the crust mixture should look like, so that the steps are easier to follow. (Don't you hate it when a recipe says "cut into cubes" and you want to throttle the author and shout, "HOW BIG??" It drove me crazy until I found CookingForEngineers.com.) Anyway, you submit your recipe to the search engine to be included in the results for "apple pie", and if the sorting process is truly meritocratic, your recipe page rises to the top. Until, that is, someone decides to surpass you, and publishes an even more user-friendly recipe, perhaps with a link to a YouTube video of them showing how to make the pie, which they shot with a tripod video camera and a clip-on mike in their well-lit kitchen. In a world of perfect competition, content providers would be constantly leapfrogging each other with better and better content within each category (even a highly specific one like apple pie recipes), until further efforts would no longer pay for themselves with increased traffic revenue. (The more popular search terms, of course, would bring greater rewards for those listed at the top, and would be able to pay for greater efforts to improve the content within that category.) But this constant leapfrogging of better and better content requires efficient and speedy sorting of search results in order to work. It doesn't work if the search results can be gamed by someone willing to spend effort and money (not worth it for the author of a single apple pie recipe, but worth it for a big money-making recipe site), and it doesn't work if it's impossible for new entrants to get hits when the established players already dominate search results.

Efficient competition benefits consumers even more for results that are sorted by price (assuming that among comparable goods and services, the community promotes the cheapest-selling ones to the top of the search results, as "most desirable"). If you were a company selling dedicated Web hosting, for example, you would submit your site to the engine to be included in results for "dedicated hosting". If you could demonstrate to the community that your prices and services were superior to your competitors', and if the ranking algorithm really did rank sites according to the preferences of the average user, your site could quickly rise to the top, and you'd make a bundle on new sales -- until, of course, someone else had the same idea and knocked you out of the top spot by lowering their prices or improving their services. The more efficient the marketplace, the faster prices fall and service levels rise, until the prices just covered the cost of providing the service and compensating the business owner for their time. It would be a pure buyer's market.

It's important to precisely answer the question: Why would this system be better than a system like Google's search algorithm, which can be "gamed" by enterprising businesses and which doesn't always return the results first that the user would like the most? You might be tempted to answer that in an inefficient marketplace created by an inefficient search result sorting algorithm, a user sometimes ends up paying $79/month for hosting, instead of the $29/month that they might pay if the marketplace were perfectly efficient. But this by itself is not necessarily wasteful. The extra $50 that the user pays is the user's loss, but it's also the hosting company's gain. If we consider costs and benefits across all parties, the two cancel out. The world as a whole is not poorer because someone overpaid for hosting.

The real losses caused by an inefficient search algorithm, are the efforts spent by companies to game the search results (e.g. paying search engine optimization firms to try and get them to the top Google spot), and the reluctance of new players to enter that market if they don't have the resources to play those games. If two companies each spend $5,000 trying to knock each other off of the top spot for a search like "weddings", that's $5,000 worth of effort that gets burned up with no offsetting amount of goods and services added to the world. This is what economists call a deadweight loss, with no corresponding benefit to any party. The two wedding planners might as well have smashed their pastel cars into each other. Even if a single company spends the effort and money to move from position #50 to position #1, that gain to them is offset by the loss to the other 49 companies that each moved down by one position, so the net benefit across all parties is zero, and the effort that the company spent to raise their position would still be a deadweight loss.

On the other hand, if search engine results were sorted according to a true meritocracy, then companies that wanted to raise their rankings would have to spend effort improving their services instead. This is not a deadweight loss, since these efforts result in benefits or savings to the consumer.

I've been a member of several online entrepreneur communities, and I'd conservatively estimate that members spend less than 10% of the time talking about actually improving products and services, and more than 90% of the time talking about how to "game" the various systems that people use to find them, such as search engines and the media. I don't blame them, of course; they're just doing what's best for their company, in the inefficient marketplace that we live in. But I feel almost lethargic thinking of that 90% of effort that gets spent on activities that produce no new goods and services. What if the information marketplace really were efficient, and business owners spent nearly 100% of their efforts improving goods and services, so that every ounce of effort added new value to the world?

Think of how differently we'd approach the problem of creating a new Web site and driving traffic to it. A good programmer with a good idea could literally become an overnight success. If you had more modest goals, you could shoot a video of yourself preparing a recipe or teaching a magic trick, and just throw it out there and watch it bubble its way up the meritocracy to see if it was any good. You wouldn't have to spend any time networking or trying to rig the results, you just create good stuff and put it out there. No, despite whatever cheer-leading you may have heard, it doesn't quite work that way yet -- good online businessmen still talk about the importance of networking, advertising, and all the other components of gaming the system that don't relate to actually improving products and services. But there is no reason, in principle, why a perfectly meritocratic content-sorting engine couldn't be built. Would it revolutionize content on the Internet? And, could Search Wikia be the project to do it, or play a part in it?

Whatever search engine the Wikia company produced, it would probably have such a large following among the built-in open-source and Wikipedia fan base, that traffic wouldn't be a problem -- companies at the top of popular search results would definitely benefit. The question is whether the system can be designed so that it cannot be gamed. I agree with Jimmy Wales's stated intention to make the algorithm completely open, since this makes it easier for helpful third parties to find weaknesses and get them fixed, but of course it also makes it easier for attackers to find those weaknesses and exploit them. If you think Microsoft paying a blogger to edit Wikipedia is a problem, imagine what companies will do to try and manipulate the search results for a term like "mortgage". So what can be done?

The basic problem with any community that makes important decisions by "consensus" is that it can be manipulated by someone who creates multiple phantom accounts all under their control. Then if a decision is influenced by voting -- for example, the relative position of a given site in a list of search results -- then the attacker can have the phantom accounts all vote for one preferred site. You can look for large numbers of accounts created from the same IP address, but the attacker could use Tor and similar systems to appear to be coming from different IPs. You could attempt to verify the unique identity of each account holder, by phone for example, but this requires a lot of effort and would alienate privacy-conscious users. You could require a Turing test for each new account, but all this means is that an attacker couldn't use a script to create their 1,000 accounts -- an attacker could still create the accounts if they had enough time, or if they paid some kid in India to create the accounts. You could give users voting power in proportion to some kind of "karma" that they had built up over time by using the site, but this gives new users little influence and little incentive to participate; it also does nothing to stop influential users from "selling out" their votes (either because they became disillusioned, or because they signed up with that as their intent from the beginning!).

So, any algorithm designed to protect the integrity of the Search Wikia results would have to deal with this type of attack. In a recent article about Citizendium, a proposed Wikipedia alternative, I argued that you could deal with conventional wiki vandalism by having identity-verified experts sign off on the accuracy of an article at different stages. That's practical for a subject like biology, where you could have a group of experts whose collective knowledge covers the subject at the depth expected in an encyclopedia, but probably not for a topic like "dedicated hosting" where the task is to sift through tens of thousands of potential matches and find the best ones to list first. You need a new algorithm to harness the power of the community. I don't know how many possible solutions there are, but here is one way in which it could be done.

Suppose a user submits a requested change to the search results -- the addition of their new Site A, or the proposal that Site A should be ranked higher. This decision could be reviewed by a small subset of registered users, selected at random from the entire user population. If a majority of the users rate the new site highly enough as a relevant result for a particular term, then the site gets a high ranking. If not, then the site is given a low ranking, possibly with feedback being sent to the submitter as to why the site was not rated highly. The key is that the users who vote on the site have to be selected at random from among all users, instead of letting users self-select to vote on a particular decision.

The nice property of this system is that an attacker can't manipulate the voting simply by having a large number of accounts at their control -- they would have to control a significant proportion of accounts across the entire user population, in order to ensure that when the voters were selected randomly from the user population, the attacker controlled enough of those accounts to influence the outcome. (If an attacker ever really did spend the resources to reach that threshold point, and it became apparent that they were manipulating the votes, those votes could be challenged and overridden by a vote of users whose identities were known to the system. This would allow the verified-identity users to be used as an appeal of last resort to block abuse by a very dedicated adversary, while not requiring most users to verify their identity. This is basically what Jimmy Wales does when he steps in and arbitrates a Wikipedia dispute, acting as his own "user whose identity is known".)

This algorithm for an "automated meritocracy" (automeritocracy? still not very catchy at 7 syllables) could be extended to other types of user-built content sites as well. Musicians could submit songs to a peer review site, and the songs would be pushed out to a random subset of users interested in that genre, who would then vote on the songs. (If most users were too apathetic to vote, the site could tabulate the number of people who heard the song and then proceeded to buy or download it, and count those as "votes" in favor.) If the votes for the song are high enough, it gets pushed out to all users interested in that genre; if not, then the song doesn't make it past the first stage. If there are 100,000 users subscribed to a particular genre, but it only takes ratings from 100 users to determine whether or not a song is worth pushing out to everybody, that means that when "good" content is sent out to all 100,000 people but "bad" content only wastes the time of 100 users, the average user gets 1,000 pieces of "good" content for every 1 piece of "bad" content. New musicians wouldn't have to spend any time networking, promoting, recruiting friends to vote for them -- all of which have nothing to do with making the music better, and which fall into the category of deadweight losses described above.

An automeritocracy-like system could even be used as a spam filter for a large e-mail site. Suppose you want to send your newsletter to 100,000 Hotmail users (who really have signed up to receive it). Hotmail could allow your IP to send mail to 100,000 users the first time, and then if they receive too many spam complaints, block your future mailings as junk mail. But if that's their practice, there's nothing to stop you from moving to a new, unblocked IP and repeating the process from there. So instead, suppose that Hotmail stores your 100,000 received messages temporarily into users' "Junk Mail" folders, but selectively releases a randomly selected subset of 100 messages into users' inboxes. Suppose for arguments' sake that when a message is spam, 20% of users click the "This is spam" button, but if not, then only 1% of users click it. Out of the 100 users who see the message, if the number who click "This is spam" looks close to 1%, then since those 100 users were selected as a representative sample of the whole population, Hotmail concludes that the rest of the 100,000 messages are not spam, and moves them retroactively to users' inboxes. If the percentage of those 100 users who click "This is spam" is closer to 20%, then the rest of the 100,000 messages stay in Junk Mail. A spammer could only rig this system if they controlled a significant proportion of the 100,000 addresses on their list -- not impossible, but difficult, since you have to pass a Turing test to create each new Hotmail account.

The problem is, there's a huge difference between systems that implement this algorithm, and systems that implement something that looks superficially like this algorithm but actually isn't. Specifically, any site like HotOrNot, Digg, or Gather that lets users decide what to vote on, is vulnerable to the attack of using friends or phantom users to vote yourself up (or to vote someone else down). In a recent thread on Gather about a new contest that relied on peer ratings, many users lamented the fact that it was essentially rigged in favor of people with lots of friends who could give them a high score (or that ratings could be offset unfairly in the other direction by "revenge raters" giving you a 1 as payback for some low rating you gave them). I assume that the reason such sites were designed that way is that it just seemed natural that if your site is driven by user ratings, and if people can see a specific piece of content by visiting a URL, they should have the option on that page to vote on that content. But this unfortunately makes the system vulnerable to the phantom-users attack.

(Spam filters on sites like Hotmail also probably have the same problem. We don't know for sure what happens when the user clicks "This is spam" on a piece of mail, but it's likely that if a high enough percentage of users click "This is spam" for mail coming from a particular IP address, then future mails from that IP are blocked as spam. This means you could get your arch-rival Joe's newsletter blacklisted, by creating multiple accounts, signing them up for Joe's newsletter, and clicking "This is spam" when his newsletters come in. This is an example of the same basic flaw -- letting users choose what they want to vote on.)

So if the Wikia search site uses something like this "automeritocracy" algorithm to guard the integrity of its results, it's imperative not to use an algorithm vulnerable to the hordes-of-phantom-users attack. Some variation of selecting random voters from a large population of users would be one way to handle that.

Finally, there is a reason why it's important to pay attention to getting the algorithm right, rather than hoping that the best algorithm will just naturally "emerge" from the "marketplace of ideas" that results from different wiki-driven search sites competing with each other. The problem is that competition between such sites is itself highly inefficient -- a given user may take a long time to discover which site provides better search results on average, and in any case, it may be that Wiki-Search Site "B" has a better design but Wiki-Search Site "A" had first-mover advantage and got a larger number of registered users. When I wrote earlier about why I thought the Citizendium model was better than Wikipedia, several users pointed out that it may be a moot point, for two main reasons. First, most users will not switch to a better alternative if it never occurs to them. Second, for sites that are powered by a user community, it's very hard for a new competitor to gain ground, even with a superior design, if the success of your community depends on lots of people starting to use it all at once. You could write a better eBay or a better Match.com, but who would use it? Your target market will go to the others because that's where everybody else is. Citizendium is, I think, a special case, since they can fork articles that started life on Wikipedia, so Wikipedia doesn't have as huge of an advantage over them as they would if Citizendium had to start from scratch. But the general rule about imperfect competition still applies.

It's a chicken-and-egg problem: You can have Site A that works as a pure meritocracy, and Site B that works as an almost-meritocracy but can be gamed with some effort. But Site B may still win because the larger environment in which they compete with each other, is not itself a meritocracy. So we just have to cross our fingers and hope that Search Wikia gets it right, because if they don't, there's no guarantee that a better alternative will rise to take its place. But if they get it right, I can hardly wait to see what changes it would bring about.

Slashdot contributor Bennett Haselton writes "When Jimmy Wales recently announced the Search Wikia project, an attempt to build an open-source search engine around the user-driven model that gave birth to Wikipedia, he said his goal was to create "the search engine that changes everything", as he underscored in a February 5 talk at New York University. I think it could, although not for the same main reasons that Wales has put forth -- I think that for a search engine to be truly meritocratic would be more of a revolution than for a search engine to be open-source, although both would be large steps forward. Indeed, if a search engine could be built that really returned results in order of average desirability to users, and resisted efforts by companies to "game" the system (even if everyone knew precisely how the ranking algorithm worked), it's hard to overstate how much that would change things both for businesses and consumers. The key question is whether such an algorithm could be created that wouldn't be vulnerable to non-merit-based manipulation. Regardless of what algorithms may be currently under consideration by thinkers within the Wikia company, I want to argue logically for some necessary properties that such an algorithm should have in order to be effective. Because if their search engine becomes popular, they will face such huge efforts from companies trying to manipulate the search results, that it will make Wikipedia vandalism look like a cakewalk." The rest of his essay follows.

This will be a trip into theory-land, so it may be frustrating to users who dislike talk about "vaporware" and want to see how something works in practice. I understand where you're coming from, but I submit it's valuable to raise these questions early. This is in any case not intended to supplant discussion about how things are things are currently progressing.

First, though, consider the benefits that such a search engine could bring, both to content consumers and content providers, if it really did return results sorted according to average community preferences. Suppose you wanted to find out if you had a knack for publishing recipes online and getting some AdSense revenue on the side. You take a recipe that you know, like apple pie, and check out the current results for "apple pie". There are some pretty straightforward recipes online, but you believe you can create a more complete and user-friendly one. So you write up your own recipe, complete with photographs of the process showing how ingredients should be chopped and what the crust mixture should look like, so that the steps are easier to follow. (Don't you hate it when a recipe says "cut into cubes" and you want to throttle the author and shout, "HOW BIG??" It drove me crazy until I found CookingForEngineers.com.) Anyway, you submit your recipe to the search engine to be included in the results for "apple pie", and if the sorting process is truly meritocratic, your recipe page rises to the top. Until, that is, someone decides to surpass you, and publishes an even more user-friendly recipe, perhaps with a link to a YouTube video of them showing how to make the pie, which they shot with a tripod video camera and a clip-on mike in their well-lit kitchen. In a world of perfect competition, content providers would be constantly leapfrogging each other with better and better content within each category (even a highly specific one like apple pie recipes), until further efforts would no longer pay for themselves with increased traffic revenue. (The more popular search terms, of course, would bring greater rewards for those listed at the top, and would be able to pay for greater efforts to improve the content within that category.) But this constant leapfrogging of better and better content requires efficient and speedy sorting of search results in order to work. It doesn't work if the search results can be gamed by someone willing to spend effort and money (not worth it for the author of a single apple pie recipe, but worth it for a big money-making recipe site), and it doesn't work if it's impossible for new entrants to get hits when the established players already dominate search results.

Efficient competition benefits consumers even more for results that are sorted by price (assuming that among comparable goods and services, the community promotes the cheapest-selling ones to the top of the search results, as "most desirable"). If you were a company selling dedicated Web hosting, for example, you would submit your site to the engine to be included in results for "dedicated hosting". If you could demonstrate to the community that your prices and services were superior to your competitors', and if the ranking algorithm really did rank sites according to the preferences of the average user, your site could quickly rise to the top, and you'd make a bundle on new sales -- until, of course, someone else had the same idea and knocked you out of the top spot by lowering their prices or improving their services. The more efficient the marketplace, the faster prices fall and service levels rise, until the prices just covered the cost of providing the service and compensating the business owner for their time. It would be a pure buyer's market.

It's important to precisely answer the question: Why would this system be better than a system like Google's search algorithm, which can be "gamed" by enterprising businesses and which doesn't always return the results first that the user would like the most? You might be tempted to answer that in an inefficient marketplace created by an inefficient search result sorting algorithm, a user sometimes ends up paying $79/month for hosting, instead of the $29/month that they might pay if the marketplace were perfectly efficient. But this by itself is not necessarily wasteful. The extra $50 that the user pays is the user's loss, but it's also the hosting company's gain. If we consider costs and benefits across all parties, the two cancel out. The world as a whole is not poorer because someone overpaid for hosting.

The real losses caused by an inefficient search algorithm, are the efforts spent by companies to game the search results (e.g. paying search engine optimization firms to try and get them to the top Google spot), and the reluctance of new players to enter that market if they don't have the resources to play those games. If two companies each spend $5,000 trying to knock each other off of the top spot for a search like "weddings", that's $5,000 worth of effort that gets burned up with no offsetting amount of goods and services added to the world. This is what economists call a deadweight loss, with no corresponding benefit to any party. The two wedding planners might as well have smashed their pastel cars into each other. Even if a single company spends the effort and money to move from position #50 to position #1, that gain to them is offset by the loss to the other 49 companies that each moved down by one position, so the net benefit across all parties is zero, and the effort that the company spent to raise their position would still be a deadweight loss.

On the other hand, if search engine results were sorted according to a true meritocracy, then companies that wanted to raise their rankings would have to spend effort improving their services instead. This is not a deadweight loss, since these efforts result in benefits or savings to the consumer.

I've been a member of several online entrepreneur communities, and I'd conservatively estimate that members spend less than 10% of the time talking about actually improving products and services, and more than 90% of the time talking about how to "game" the various systems that people use to find them, such as search engines and the media. I don't blame them, of course; they're just doing what's best for their company, in the inefficient marketplace that we live in. But I feel almost lethargic thinking of that 90% of effort that gets spent on activities that produce no new goods and services. What if the information marketplace really were efficient, and business owners spent nearly 100% of their efforts improving goods and services, so that every ounce of effort added new value to the world?

Think of how differently we'd approach the problem of creating a new Web site and driving traffic to it. A good programmer with a good idea could literally become an overnight success. If you had more modest goals, you could shoot a video of yourself preparing a recipe or teaching a magic trick, and just throw it out there and watch it bubble its way up the meritocracy to see if it was any good. You wouldn't have to spend any time networking or trying to rig the results, you just create good stuff and put it out there. No, despite whatever cheer-leading you may have heard, it doesn't quite work that way yet -- good online businessmen still talk about the importance of networking, advertising, and all the other components of gaming the system that don't relate to actually improving products and services. But there is no reason, in principle, why a perfectly meritocratic content-sorting engine couldn't be built. Would it revolutionize content on the Internet? And, could Search Wikia be the project to do it, or play a part in it?

Whatever search engine the Wikia company produced, it would probably have such a large following among the built-in open-source and Wikipedia fan base, that traffic wouldn't be a problem -- companies at the top of popular search results would definitely benefit. The question is whether the system can be designed so that it cannot be gamed. I agree with Jimmy Wales's stated intention to make the algorithm completely open, since this makes it easier for helpful third parties to find weaknesses and get them fixed, but of course it also makes it easier for attackers to find those weaknesses and exploit them. If you think Microsoft paying a blogger to edit Wikipedia is a problem, imagine what companies will do to try and manipulate the search results for a term like "mortgage". So what can be done?

The basic problem with any community that makes important decisions by "consensus" is that it can be manipulated by someone who creates multiple phantom accounts all under their control. Then if a decision is influenced by voting -- for example, the relative position of a given site in a list of search results -- then the attacker can have the phantom accounts all vote for one preferred site. You can look for large numbers of accounts created from the same IP address, but the attacker could use Tor and similar systems to appear to be coming from different IPs. You could attempt to verify the unique identity of each account holder, by phone for example, but this requires a lot of effort and would alienate privacy-conscious users. You could require a Turing test for each new account, but all this means is that an attacker couldn't use a script to create their 1,000 accounts -- an attacker could still create the accounts if they had enough time, or if they paid some kid in India to create the accounts. You could give users voting power in proportion to some kind of "karma" that they had built up over time by using the site, but this gives new users little influence and little incentive to participate; it also does nothing to stop influential users from "selling out" their votes (either because they became disillusioned, or because they signed up with that as their intent from the beginning!).

So, any algorithm designed to protect the integrity of the Search Wikia results would have to deal with this type of attack. In a recent article about Citizendium, a proposed Wikipedia alternative, I argued that you could deal with conventional wiki vandalism by having identity-verified experts sign off on the accuracy of an article at different stages. That's practical for a subject like biology, where you could have a group of experts whose collective knowledge covers the subject at the depth expected in an encyclopedia, but probably not for a topic like "dedicated hosting" where the task is to sift through tens of thousands of potential matches and find the best ones to list first. You need a new algorithm to harness the power of the community. I don't know how many possible solutions there are, but here is one way in which it could be done.

Suppose a user submits a requested change to the search results -- the addition of their new Site A, or the proposal that Site A should be ranked higher. This decision could be reviewed by a small subset of registered users, selected at random from the entire user population. If a majority of the users rate the new site highly enough as a relevant result for a particular term, then the site gets a high ranking. If not, then the site is given a low ranking, possibly with feedback being sent to the submitter as to why the site was not rated highly. The key is that the users who vote on the site have to be selected at random from among all users, instead of letting users self-select to vote on a particular decision.

The nice property of this system is that an attacker can't manipulate the voting simply by having a large number of accounts at their control -- they would have to control a significant proportion of accounts across the entire user population, in order to ensure that when the voters were selected randomly from the user population, the attacker controlled enough of those accounts to influence the outcome. (If an attacker ever really did spend the resources to reach that threshold point, and it became apparent that they were manipulating the votes, those votes could be challenged and overridden by a vote of users whose identities were known to the system. This would allow the verified-identity users to be used as an appeal of last resort to block abuse by a very dedicated adversary, while not requiring most users to verify their identity. This is basically what Jimmy Wales does when he steps in and arbitrates a Wikipedia dispute, acting as his own "user whose identity is known".)

This algorithm for an "automated meritocracy" (automeritocracy? still not very catchy at 7 syllables) could be extended to other types of user-built content sites as well. Musicians could submit songs to a peer review site, and the songs would be pushed out to a random subset of users interested in that genre, who would then vote on the songs. (If most users were too apathetic to vote, the site could tabulate the number of people who heard the song and then proceeded to buy or download it, and count those as "votes" in favor.) If the votes for the song are high enough, it gets pushed out to all users interested in that genre; if not, then the song doesn't make it past the first stage. If there are 100,000 users subscribed to a particular genre, but it only takes ratings from 100 users to determine whether or not a song is worth pushing out to everybody, that means that when "good" content is sent out to all 100,000 people but "bad" content only wastes the time of 100 users, the average user gets 1,000 pieces of "good" content for every 1 piece of "bad" content. New musicians wouldn't have to spend any time networking, promoting, recruiting friends to vote for them -- all of which have nothing to do with making the music better, and which fall into the category of deadweight losses described above.

An automeritocracy-like system could even be used as a spam filter for a large e-mail site. Suppose you want to send your newsletter to 100,000 Hotmail users (who really have signed up to receive it). Hotmail could allow your IP to send mail to 100,000 users the first time, and then if they receive too many spam complaints, block your future mailings as junk mail. But if that's their practice, there's nothing to stop you from moving to a new, unblocked IP and repeating the process from there. So instead, suppose that Hotmail stores your 100,000 received messages temporarily into users' "Junk Mail" folders, but selectively releases a randomly selected subset of 100 messages into users' inboxes. Suppose for arguments' sake that when a message is spam, 20% of users click the "This is spam" button, but if not, then only 1% of users click it. Out of the 100 users who see the message, if the number who click "This is spam" looks close to 1%, then since those 100 users were selected as a representative sample of the whole population, Hotmail concludes that the rest of the 100,000 messages are not spam, and moves them retroactively to users' inboxes. If the percentage of those 100 users who click "This is spam" is closer to 20%, then the rest of the 100,000 messages stay in Junk Mail. A spammer could only rig this system if they controlled a significant proportion of the 100,000 addresses on their list -- not impossible, but difficult, since you have to pass a Turing test to create each new Hotmail account.

The problem is, there's a huge difference between systems that implement this algorithm, and systems that implement something that looks superficially like this algorithm but actually isn't. Specifically, any site like HotOrNot, Digg, or Gather that lets users decide what to vote on, is vulnerable to the attack of using friends or phantom users to vote yourself up (or to vote someone else down). In a recent thread on Gather about a new contest that relied on peer ratings, many users lamented the fact that it was essentially rigged in favor of people with lots of friends who could give them a high score (or that ratings could be offset unfairly in the other direction by "revenge raters" giving you a 1 as payback for some low rating you gave them). I assume that the reason such sites were designed that way is that it just seemed natural that if your site is driven by user ratings, and if people can see a specific piece of content by visiting a URL, they should have the option on that page to vote on that content. But this unfortunately makes the system vulnerable to the phantom-users attack.

(Spam filters on sites like Hotmail also probably have the same problem. We don't know for sure what happens when the user clicks "This is spam" on a piece of mail, but it's likely that if a high enough percentage of users click "This is spam" for mail coming from a particular IP address, then future mails from that IP are blocked as spam. This means you could get your arch-rival Joe's newsletter blacklisted, by creating multiple accounts, signing them up for Joe's newsletter, and clicking "This is spam" when his newsletters come in. This is an example of the same basic flaw -- letting users choose what they want to vote on.)

So if the Wikia search site uses something like this "automeritocracy" algorithm to guard the integrity of its results, it's imperative not to use an algorithm vulnerable to the hordes-of-phantom-users attack. Some variation of selecting random voters from a large population of users would be one way to handle that.

Finally, there is a reason why it's important to pay attention to getting the algorithm right, rather than hoping that the best algorithm will just naturally "emerge" from the "marketplace of ideas" that results from different wiki-driven search sites competing with each other. The problem is that competition between such sites is itself highly inefficient -- a given user may take a long time to discover which site provides better search results on average, and in any case, it may be that Wiki-Search Site "B" has a better design but Wiki-Search Site "A" had first-mover advantage and got a larger number of registered users. When I wrote earlier about why I thought the Citizendium model was better than Wikipedia, several users pointed out that it may be a moot point, for two main reasons. First, most users will not switch to a better alternative if it never occurs to them. Second, for sites that are powered by a user community, it's very hard for a new competitor to gain ground, even with a superior design, if the success of your community depends on lots of people starting to use it all at once. You could write a better eBay or a better Match.com, but who would use it? Your target market will go to the others because that's where everybody else is. Citizendium is, I think, a special case, since they can fork articles that started life on Wikipedia, so Wikipedia doesn't have as huge of an advantage over them as they would if Citizendium had to start from scratch. But the general rule about imperfect competition still applies.

It's a chicken-and-egg problem: You can have Site A that works as a pure meritocracy, and Site B that works as an almost-meritocracy but can be gamed with some effort. But Site B may still win because the larger environment in which they compete with each other, is not itself a meritocracy. So we just have to cross our fingers and hope that Search Wikia gets it right, because if they don't, there's no guarantee that a better alternative will rise to take its place. But if they get it right, I can hardly wait to see what changes it would bring about.

KingJawa writes "Wikipedia blew away Encyclopedia Brittanica, but can the model be used to upset the magazine industry? Jimmy Wales, founder of Wikipedia, thinks so. His company, Wikia, today announced three open-source magazine-style sites where users can write about news, opinion and gossip — one magazine wiki each for politics, entertainment, and local interests. Each open-source magazine hands total editorial control to the readers, allowing them to read, write, edit, and dictate the editorial feel for each topic."