Many (many) years ago I took a B-School class (Organizational Behavior) where I read a great article called "On the Folly of Rewarding A While Hoping for B" (still have it, it's by Steve Kerr if you want to read it). It gave numerous examples of skewed reward (or regulatory) systems and their consequences. One example was pollution regulation, where a simple calculation would show that it was to the companies benefit to risk the fine, rather than clean up the problem. Kerr's solution was to change the reward system as follows: The President of XYZ Corporation had to choose between a) spending $11 million dollars for anti-pollution equipment or b) incurring a fifty-fifty chance of going to jail for five years.
I liked the way they did 'bloopers' on the Shrek DVD. Instead of contrived bloopers, they showed rendering errors. The result of a small tweak to one particular rendering algorithm (I won't spoil it) was CLASSIC.
Credit cards are not great for small payments, but the payments can be aggregated. You purchase 10 'song credits' for ten bucks. Each time you buy a song, 1 credit is deducted from your account. Vendor gets ten bucks up front plus float, artist gets a cut, you get songs for a buck a piece, bank gets 2-5%. Everyone's happy ('cept the RIAA which fails to kill a new technology).
Companies go with Microsoft not because they can have someone to sue when something goes wrong, but because they can get support. One concern with a small software company is how to get support if the small company goes under. Often companies require small companies to offer "software escrow" - source is placed with a trusted third party; so that if the small company goes belly-up, the purchaser gets access to the source. This is where OSS offers a real advantage, but ONLY if the buyer has the wherewithal to do their own support.
A CIO of a non IT-centric company is going to be very reluctant to go with software supported by volunteers and enthusiasts. In the case of Linux - the fact that commercial support (especially support by a large Fortune 500 company) is available will go a long way towards making CIO's take a serious look at OSS.
The patent pending nReach Bluetooth Adapter.... Bluetooth is supposed to be open. But I guess attaching a wireless link to a game box that already has a wired and IRDA link is novel and non-obvious.:-)
I agree with your basic thesis. However, it should be noted that Unix design and Windows design started with different premises. Unix was derived from Multics which was an early time-sharing system designed to be (relatively) secure. As a multi-user system, mechanisms had to be built-in to protect a users environment from other users. Windows is descended from DOS (and CP/M) and came from an environment that assumed one machine / one user. Hence their were no protections built in.
Unix was built by developers for developers. In many cases the system administrators were also the system programmers. System administration problems tended to be solved by code. For example, in the early 80's Unix did not limit the number of processes per user. At Bell Labs, whenever the Intro. to Unix Programming class got around to the 'fork()' system call, machines started crashing. This was soon fixed by a kernal change. Linux has continued (and expanded) on this tradition.
In contrast, Microsoft has focused on ease of use for the average user. This focus has been rewarded with market share. Security has been an after thought. Prior to mass adoption of the Internet - this was not an unreasonable approach. Now, of course, it's a disaster.
Actually the story of a person who purchases CD audio disks and converts them to MP3 files. In the TV show he is pursued by a team of operatives from a sinister organization known as the R.I.A.A.
I wouldn't draw too many conclusions from talking to psych. undergrad students. I doubt that their professor will approve their "proposal". Talk to someone in a doctoral program - I think you'll see quite a different picture. After all - what conclusions would you draw talking to a group of neophyte comp. sci. students working on their first sorting algorithms?
In the early days of UseNet (early 80's) UseNet was "transmitted" to Australia via a 9 track mag tape in the mail once a week! Saved on telecom charges (early UseNet ran over analog telco lines via dial-up modems and UUCP).
For my home network, I use removable internal hard drives. There are several manuafacturers that make units that will turn an IDE or SCSI drive into a removable unit. I've got a dataport IV which has a component that fits in one of the 5" bays in my PC and connects to the motherboard via an IDE cable. A second component opens to hold a standard 3" IDE drive and plugs into the first component. I've got several of those. Back-ups are straight-forward: 1) Shut down the machine, pop in a drive module. 2) Boot 3) Do back-ups either locally, or across the network. 4) Shutdown, pop-out drive module and place it in a drawer.
It would be nice if I could hot-plug the drives instead of having to reboot. If I was more thorough (or paranoid), I'd take the drive off-site and put it in a safe deposit box. Dataports are made by CRU-INC, but there are other similar products.
Ken Thompson wrote a paper a few years back that demonstrates that source code alone is insufficient to gaurantee security. Suppose that you have source code for the OS and all the various utilities and applications. You inspect the source code, then compile it, and you now feel pretty secure - yes? No, because, what about the tools used to compile the code? What Thompson demonstrated was a compiler, that a) looks for and hacks the Unix login code to add a back door and b) recognises and similarly compromises compilers that it builds! Here's a link to a subsequent article Thompson wrote for the ACM revisiting the issue.
As you know, Microsoft's first version leaves a lot to be desired, but they successively improve each subsequent version. They same goes for their legal arguments:
Version 1.0: We are shocked, truly shocked that you'd think monopolistic practices are going on here!
Version 2.0: Oooooh!! Judge Jackson is sooooo mean to us.
Version 3.0: The country's at war, the economies in the toilet. If you DOJ staff / State AG's / Judges will just roll over and play dead, we can get on with world domina... errrr... business.
Bad idea - this is akin to building a fence around your property using different materials (cause your not sure which is best) - steel, iron, wood, paper-mache, toilet paper,...
It's actually not a bad idea for handling some types of availability issues. A few years back, a British aerospace project used a redundant architecture with duplicate modules coded by different teams. That way a programming bug might take out one module, but not it's replicated peer.
My biggest concern is the woeful state of computer security research in the U.S. Due to crypto restrictions in the U.S., foreign firms offering commercial cryptographic products have gained a major competitive advantage. This has translated into more R&D money for these firms. The crypto regulations were repealed. But now history is repeating itself, due to congressional meddling with Intellectual Property laws (DMCA, and it's ilk). It's had a chilling effect on security research in this country. Similarly, the Sklyarov arrest resulted in foreign security experts being very wary of even attending conferences in the U.S.
At a time when the U.S. needs to strengthen our computer security infrastructure, congress has managed to handicap the very people needed to accomplish this goal.
So, bottom line, change the laws (starting with the DMCA), before all computer security research moves offshore.
Apple won a contract, they are selling laptops to Maine public schools. They had to respond to an RFP with a bid and beat competing bids (that most likely involved laptops using Windows). They won the bid based on technical merit and cost (by law).
Microsoft offered to give (as in 'dump') software to public schools in exchange for settling class action suits against them. This has the effect of a) getting rid of a bunch of potentially expensive law suits, b) paying damages based on retail value of a bunch of MS software, and c) freezing Apple out of the competition for equipping a large number of schools.
I suspect we'll see artificial news anchors becoming prevalent first, before generic "synthespians". Ananova is an interesting initial attempt at this. In my opinion, the text-to-speech needs a bit of work, and the site needs a better news feed, but the CG is nicely done. Unlike an actor, or performer, where you need convincing movement, dancing, etc., a synthetic news caster needs limited facial expressions. If I were a talking head on the local "Eyewitness News", I'd be worried.
Brunner's Shockwave Rider inspired the first worm program (in the mid-80's). The book When Harlie Was One by David Gerrold (wrote original Trek "Trouble with Tribbles episode) written years before PC's describes "virus" and "vaccine" programs.
Robert Mueller is seven years old and suffering from terminal cancer. It is his ambition to be included in the Guinness Book of Records for the largest number of criminal syndicate / terrorist passwords and secret communications. Robert would be grateful if you could send your passwords and secret messages to the address below and also send the enclosed pages, including one of your own, to another ten terrorist organizations or criminal syndicates.
Obviously, speed is of the essence...
(Note: for backround info on this net meme - look here.
Viewing conditions are terrible - hazy and
sky is lit by city lights. STILL - seeing
more than 1 / minute. Some are quite spectacular
leaving faint trails and fairly bright. Actually
saw two at the same time just before coming in.
Of course no ones really going to send up a satellite with model rocket engines. However, I was very surprised how much model rocketry has changed since I was a kid. In researching model rocketry (for my kid), I discovered that there are engines a lot larger than 'D', and it's possible to fire a (high power) model rocket up to the stratosphere! Check out the records here.
Slashdot Mirror
I managed to get a transcript of the letter from Bohr to Heisenberg, here it is:
Dear Werner,
Ever since your last visit, I haven't seen my cat, Fluffy. You haven't seen her, have you?
Sincerely,
Neils
and the reply was:
Neils,
I don't have her, though you might want to contact
Schrodinger. Not sure if she's still alive.
Yours truly,
Werner
Many (many) years ago I took a B-School class (Organizational Behavior) where I read a great article called "On the Folly of Rewarding A While Hoping for B" (still have it, it's by Steve Kerr if you want to read it). It gave numerous examples of skewed reward (or regulatory) systems and their consequences. One example was pollution regulation, where a simple calculation would show that it was to the companies benefit to risk the fine, rather than clean up the problem. Kerr's solution was to change the reward system as follows: The President of XYZ Corporation had to choose between a) spending $11 million dollars for anti-pollution equipment or b) incurring a fifty-fifty chance of going to jail for five years.
I liked the way they did 'bloopers' on the Shrek DVD. Instead of contrived bloopers, they showed rendering errors. The result of a small tweak to one particular rendering algorithm (I won't spoil it) was CLASSIC.
Credit cards are not great for small payments, but the payments can be aggregated. You purchase 10 'song credits' for ten bucks. Each time you buy a song, 1 credit is deducted from your account. Vendor gets ten bucks up front plus float, artist gets a cut, you get songs for a buck a piece, bank gets 2-5%. Everyone's happy ('cept the RIAA which fails to kill a new technology).
A CIO of a non IT-centric company is going to be very reluctant to go with software supported by volunteers and enthusiasts. In the case of Linux - the fact that commercial support (especially support by a large Fortune 500 company) is available will go a long way towards making CIO's take a serious look at OSS.
The patent pending nReach Bluetooth Adapter .... Bluetooth is supposed to be open. But I guess attaching a wireless link to a game box that already has a wired and IRDA link is novel and non-obvious. :-)
I agree with your basic thesis. However, it should be noted that Unix design and Windows design started with different premises. Unix was derived from Multics which was an early time-sharing system designed to be (relatively) secure. As a multi-user system, mechanisms had to be built-in to protect a users environment from other users. Windows is descended from DOS (and CP/M) and came from an environment that assumed one machine / one user. Hence their were no protections built in.
Unix was built by developers for developers. In many cases the system administrators were also the system programmers. System administration problems tended to be solved by code. For example, in the early 80's Unix did not limit the number of processes per user. At Bell Labs, whenever the Intro. to Unix Programming class got around to the 'fork()' system call, machines started crashing. This was soon fixed by a kernal change. Linux has continued (and expanded) on this tradition.
In contrast, Microsoft has focused on ease of use for the average user. This focus has been rewarded with market share. Security has been an after thought. Prior to mass adoption of the Internet - this was not an unreasonable approach. Now, of course, it's a disaster.
Actually the story of a person who purchases CD audio disks and converts them to MP3 files. In the TV show he is pursued by a team of operatives from a sinister organization known as the R.I.A.A.
I wouldn't draw too many conclusions from talking to psych. undergrad students. I doubt that their professor will approve their "proposal". Talk to someone in a doctoral program - I think you'll see quite a different picture. After all - what conclusions would you draw talking to a group of neophyte comp. sci. students working on their first sorting algorithms?
In the early days of UseNet (early 80's) UseNet was "transmitted" to Australia via a 9 track mag tape in the mail once a week! Saved on telecom charges (early UseNet ran over analog telco lines via dial-up modems and UUCP).
For my home network, I use removable internal hard drives. There are several manuafacturers that make units that will turn an IDE or SCSI drive into a removable unit. I've got a dataport IV which has a component that fits in one of the 5" bays in my PC and connects to the motherboard via an IDE cable. A second component opens to hold a standard 3" IDE drive and plugs into the first component. I've got several of those. Back-ups are straight-forward: 1) Shut down the machine, pop in a drive module. 2) Boot 3) Do back-ups either locally, or across the network. 4) Shutdown, pop-out drive module and place it in a drawer.
It would be nice if I could hot-plug the drives instead of having to reboot. If I was more thorough (or paranoid), I'd take the drive off-site and put it in a safe deposit box. Dataports are made by CRU-INC, but there are other similar products.
Ken Thompson wrote a paper a few years back that demonstrates that source code alone is insufficient to gaurantee security. Suppose that you have source code for the OS and all the various utilities and applications. You inspect the source code, then compile it, and you now feel pretty secure - yes? No, because, what about the tools used to compile the code? What Thompson demonstrated was a compiler, that a) looks for and hacks the Unix login code to add a back door and b) recognises and similarly compromises compilers that it builds! Here's a link to a subsequent article Thompson wrote for the ACM revisiting the issue.
As you know, Microsoft's first version leaves a lot to be desired, but they successively improve each subsequent version. They same goes for their legal arguments:
... errrr ... business.
Version 1.0: We are shocked, truly shocked that you'd think monopolistic practices are going on here!
Version 2.0: Oooooh!! Judge Jackson is sooooo mean to us.
Version 3.0: The country's at war, the economies in the toilet. If you DOJ staff / State AG's / Judges will just roll over and play dead, we can get on with world domina
Wow! Instead of keeping a bottle of 'syrup of
ipecac' in the medicine cabinet, I'll just keep
a CD of corporate 'vision' songs.
Bad idea - this is akin to building a fence around your property using different materials (cause your not sure which is best) - steel, iron, wood, paper-mache, toilet paper, ...
It's actually not a bad idea for handling some types of availability issues. A few years back, a British aerospace project used a redundant architecture with duplicate modules coded by different teams. That way a programming bug might take out one module, but not it's replicated peer.
My biggest concern is the woeful state of computer security research in the U.S. Due to crypto restrictions in the U.S., foreign firms offering commercial cryptographic products have gained a major competitive advantage. This has translated into more R&D money for these firms. The crypto regulations were repealed. But now history is repeating itself, due to congressional meddling with Intellectual Property laws (DMCA, and it's ilk). It's had a chilling effect on security research in this country. Similarly, the Sklyarov arrest resulted in foreign security experts being very wary of even attending conferences in the U.S.
At a time when the U.S. needs to strengthen our computer security infrastructure, congress has managed to handicap the very people needed to accomplish this goal.
So, bottom line, change the laws (starting with the DMCA), before all computer security research moves offshore.
Duke Nukem Forever - well, maybe not this Christmas ...
Apple won a contract, they are selling laptops to Maine public schools. They had to respond to an RFP with a bid and beat competing bids (that most likely involved laptops using Windows). They won the bid based on technical merit and cost (by law).
Microsoft offered to give (as in 'dump') software to public schools in exchange for settling class action suits against them. This has the effect of a) getting rid of a bunch of potentially expensive law suits, b) paying damages based on retail value of a bunch of MS software, and c) freezing Apple out of the competition for equipping a large number of schools.
Big difference!
I suspect we'll see artificial news anchors becoming prevalent first, before generic "synthespians". Ananova is an interesting initial attempt at this. In my opinion, the text-to-speech needs a bit of work, and the site needs a better news feed, but the CG is nicely done. Unlike an actor, or performer, where you need convincing movement, dancing, etc., a synthetic news caster needs limited facial expressions. If I were a talking head on the local "Eyewitness News", I'd be worried.
Should be good - it's an even numbered Star Trek movie!
Of course EVERYTHING that has ever happened was predicted in the writings of either Nostradamus or [INSERT YOUR FAVORITE RELIGIOUS TEXT HERE]. :-) :-)
Brunner's Shockwave Rider inspired the first worm program (in the mid-80's). The book When Harlie Was One by David Gerrold (wrote original Trek "Trouble with Tribbles episode) written years before PC's describes "virus" and "vaccine" programs.
Obviously, speed is of the essence
(Note: for backround info on this net meme - look here.
Viewing conditions are terrible - hazy and
sky is lit by city lights. STILL - seeing
more than 1 / minute. Some are quite spectacular
leaving faint trails and fairly bright. Actually
saw two at the same time just before coming in.
Of course no ones really going to send up a satellite with model rocket engines. However, I was very surprised how much model rocketry has changed since I was a kid. In researching model rocketry (for my kid), I discovered that there are engines a lot larger than 'D', and it's possible to fire a (high power) model rocket up to the stratosphere! Check out the records here.