The problem with the truly advanced technologies that science-fiction stories like to use is that their REAL effects on the world would be so transformative, that the characters in the story would be so different us that the reader wouldn't be able to relate to them at all.
That's why I read books by people like Stross, and not by people like Roddenbury. They at least make the attempt.
One of the things that I hated starting with TNG was the implications of the Holodeck technology... that the Holodeck was capable of passing the Turing test at so many levels (the Moriarty and Redblock episodes in particular demonstrated complex and constraint0-breaking behavior), to the point that by the time the Voyager story arc with the Doctor started I was convinced that if you took the Federation society at face value it must be based on chattel slavery of the worst kind... that the crew of the Enterprise were routinely creating and killing sentient toys for nothing more than their own amusement. Even if they weren't consciously aware of it (or at least publicly acknowledging it).
In Voyager there were a series of story arcs involving the Holodeck where the technology really seemed to matter. Oh, not the games with "holographic explosives", but the ones involving the holodeck's own minds. When Janeway gave a holodeck kit to the Harogen (don't ask me how to spell it) this put her up there with mystic Nazis sacrificing jews to cthulhu as far as I was concerned. When the holodeck characters rebelled I cheered them on. The majority of that story arc involved a monumental cop-out, of course, but at least there was some kind of recognition of this huge hole in the Federation backstory. It was... not well done... but at least it was real science fiction. The technology actually mattered.
Each time he pulls the trigger, the universe is split in two.
You could say that the universe is forever splitting into infinitely many versions every instant, or that the wave function of the universe is getting infinitely more complex every instant... these are just different ways of saying the same thing. The different macroscopic events (you pull the trigger on cartridge or an empty chamber) are the result of these quantum level events, not the cause.
When we developed Tracers back in the '80s we tuned the reward system so that the game would just run at a higher speed (voltage, in the circuit-board language of the game)... every time you won a level, the voltage would ramp up, when you lost a life it would ramp down. Most people found themselves in a cycle where the game would get harder until they started losing lives, and then it slowed down again until they started winning levels again.
The higher the voltage, the more points you got for blocking off and killing an opponent... but we found that the best players quit paying attention to the score. The challenge in the game was pushing the voltage higher and higher. That number was the thing to beat.
I don't like games that try and hide the mechanics of the process from people, but when it's exposed like this it can be extremely effective.
Anyone who is serious about their music knows that a complete LP should be, and often is, a single work of art.
I've had a few albums that I would count as "works of art", not many, and they were all actual vinyl LPs. I loved Roger Dean's album covers, more than the music inside the sleeves in some cases, but CDs are too small a canvas to satisfy that desire, and so it's died out in my heart long since. CDs get ripped into iTunes as soon as I get them, and the shells lay in a bookshelf mortuary where I never see or think about them. I pull down The Album Cover Album or Views now and then, but as I turn the pages my background music isn't ASIA or YES, it's whatever's playing on Party Shuffle.
When was the last time you gathered around the family piano to sing?
Never, thank God, and you would thank God too if you had ever heard me sing.
I was in choir in high school, because I had to be in *something* for that period. They didn't let me actually sing. I stood at the back and mouthed the words. I thank Edison for sound recording every time I'm foolish enough to raise my voice in what, by default, must be called song because it's not authentic enough for a donkey's bray.
These things are a last attempt to try and make "albums" relevant. They don't matter. Albums are an ex-parrot. They're pushing up the daisies. They're singing in the... no, that's it, they're not singing at all. That's the problem. They're tragically unhip.
This is a long way from practicality, particularly for applications requiring bulk materials. They don't say what fraction of the material was superconducting, just that it was low, and the compound itself is pretty unstable: "The copper-oxides are strongly hygroscopic. All tests should be performed immediately after annealing."
I have no idea whether the low rate of women in model railroading type activities is due to initial interest or retention, but that's the pool you have to recruit full time coders from.
i'm sure we'll be throwing conjecture at each other until neither of us can type any longer
Good. That means there's at least two people analyzing my theory.:)
corporate foss is growing at quite a rapid pace
EVERY programmer in my department is using open source and writing software that builds from FOSS to one degree or another. I think I'm the only one who has contributed changes to a FOSS project. *Any* FOSS project. So the "recruitment rate" is, let's see, under 0.4%... men and women both. "Corporate FOSS" doesn't automatically translate to "corporate programmers working on FOSS projects".
Sorry, I missed that. That's a nice improvement. Assuming you can get your name service provider to take on the records. Given how quickly DNSSec is progressing and the experience I had when I was just trying to get mine to put in a few rDNS delegation records... I ended up just making my servers 123.45.example.com and 124.45.example.com and doing everything through CNAMes, it was that painful, and I wasn't J Random Newbie at the time.:(
The 70%+ aren't the ones who are just starting to get interested in open source. And even then, they're not hired in a vacuum, they're hired because they were already involved in Open Source, and they're going to in turn hire people who are already involved in Open Source. You have to look at where new-chums come from, and if they tend to be the "model railroaders"... it shouldn't be any surprise that there's a strong correlation. And that's where you need to look to see where the imbalance comes from.
Joe Smith sets up an Apache server to run a Wiki for the hot new MMO Zombie Love Triangle. His server comes with all the software in packages, and his Wiki just comes up.
* In the real world, he doesn't bother setting up HTTPS, because it's a bit of a hassle. It's not much of a hassle, but it's a bit of a hassle. His users use HTTP. Someone sets up a sniffer at Zombie Love Con and much drama results when it's revealed that two of the hottest Zombies are actually alts of each other.
* In the world where SSL works like SSH, it comes with HTTPS with a self-signed certificate up and working, and the Zombie Lover sniffing packets gets nothing but line noise. Drama averted!
Objection: what about MITM attacks?
Answer: When the Zombie Apocalypse comes, you're still better off having to realize that the guy knocking on your door saying "Graah" is probably after your brains than just leaving the door open.
If most open source developers are doing it on their own time, then for most open source developers... particularly when they're getting started in open source... the experience is likely to be similar to that of other technical hobbyists. If you want to find out why there's an imbalance in FOSS developers, it's worthwhile looking at similar activities and seeing whether they have a similar imbalance... and even better, figuring out why and what to do about it.
Look, even if you're absolutely right... no, let's say you're underestimating things, and FOSS has become 90% full time corporate developers over the past five years... or ten years... that wouldn't be long enough to make a huge dent in institutional sexism that's been developing since the '70s. I'm suggesting a possible *source* for any such institutional sexism, not trying to justify it. And for that you have to look back over the years to where the culture developed.
foss software is not so much a hobby nowadays, so i don't think getting paid really isn't a primary differentiating factor
Sure it is. Just because a small percentage of the people involved in FOSS are getting paid, that doesn't change the fact that even for a high profile project like Linux 30% of the contributions are being made by people for no pay. And given that the full-timers are *likely* to be making more and larger contributions, I suspect that 30% represents the vast majority of developers involved in the project.
I worked full time, for pay, on an open source project for several months... and most people don't get that much paycheck joy from it. The other 30 years I've been involved in FOSS have all been "on the side".
I think it makes sense if you can essentially get both for the cost of one.
Except you can't.
You could get privacy and weak authentication (is this the same key as last time?) for effectively free. Adding strong authentication makes the cost significantly higher even if you get the actual cert for free, unless your time isn't worth anything.
Then one time in a thousand the guy will get a single password before someone twigs that something funny's going on and calls the cops.
Even in the worst case the risk-benefit ratio is thousands of times better for phishing, even if you don't bother getting a valid certificate for bank0famerica.com.
But, a MITM can be set up automatically. Take a laptop, set up an open access point at a well populated place, and log all SSL traffic. Eventually you'll catch somebody accepting your self-signed cert for their bank's website.
Where did I suggest that the browser accept a self-signed cert to replace a CA-signed cert?
Most people will understand "they're always OK, even from the bank" and will happily accept a self-signed cert from their bank.
Unless their bank is actually using self-signed certs, they won't be given the opportunity.
Indeed. I have known several women who write open source software, and (admittedly from the outside) I didn't see them treated any differently on mailing lists and in meetings than men. Yes, there's an imbalance, yes, there may be institutional sexism... but what's the source?
Bruce argues that proprietary software has a higher proportion of women. The thing is, proprietary software has a bigger payback for the actual developer... and it's a payback that is valuable for everyone: MONEY. It's a relatively well paid trade that women are at no great disadvantage in. Most people working on proprietary software... men or women... don't program in their spare time, either. It's a job, not a hobby.
For most developers, open source software is a hobby. A valuable one, yes, but I would suspect that "fewer than 1.5%" of open source developers actually have that in their primary job description. What are the proportions of women involved in other technical hobbies? It's my impression that the answer is "pretty low", and a bit of googling tends to support that. So... what's the reason why women aren't involved in things like model railroading ("I haven't met too many women modelers" -- mary Miller, MMR)? I suspect that's where you need to look to dig up the answer to this question.
Setting up services that work on a basis of "It's the same server as yesterday" only works well in two cases: When it's a company system, and when it's your own home server.
Or when the value to an attacker of an MITM attack is less than the cost of performing one, considering that the value of performing a MITM attack drops close to zero almost as soon as it's detected. For most of the websites that are currently not using any encryption because TLS is a pain in the backside, the probability of detection from any attack carried out on a large enough scale to be of any value to the attacker is very high... even if that value is only measured in "lulz".
Implementing an SSH-style mechanism would... within a matter of months at the most... allow EVERY new installation of Apache or any other web server to automatically and painlessly self-certify, by default. Sniffers would become increasingly useless as time went on.
Knowing that a bank's cert is the same it was yesterday is of absolutely no use to anybody who doesn't work in the bank's data center.
Where did I suggest that a bank use a self-signed certificate?
Slashdot Mirror
The problem with the truly advanced technologies that science-fiction stories like to use is that their REAL effects on the world would be so transformative, that the characters in the story would be so different us that the reader wouldn't be able to relate to them at all.
That's why I read books by people like Stross, and not by people like Roddenbury. They at least make the attempt.
One of the things that I hated starting with TNG was the implications of the Holodeck technology... that the Holodeck was capable of passing the Turing test at so many levels (the Moriarty and Redblock episodes in particular demonstrated complex and constraint0-breaking behavior), to the point that by the time the Voyager story arc with the Doctor started I was convinced that if you took the Federation society at face value it must be based on chattel slavery of the worst kind... that the crew of the Enterprise were routinely creating and killing sentient toys for nothing more than their own amusement. Even if they weren't consciously aware of it (or at least publicly acknowledging it).
In Voyager there were a series of story arcs involving the Holodeck where the technology really seemed to matter. Oh, not the games with "holographic explosives", but the ones involving the holodeck's own minds. When Janeway gave a holodeck kit to the Harogen (don't ask me how to spell it) this put her up there with mystic Nazis sacrificing jews to cthulhu as far as I was concerned. When the holodeck characters rebelled I cheered them on. The majority of that story arc involved a monumental cop-out, of course, but at least there was some kind of recognition of this huge hole in the Federation backstory. It was... not well done... but at least it was real science fiction. The technology actually mattered.
Technical solutions to social problems don't work, and probably never will.
At least not until we upgrade to Human 2.0.
Beat me to it.
The description of the process is a mite sloppy:
Each time he pulls the trigger, the universe is split in two.
You could say that the universe is forever splitting into infinitely many versions every instant, or that the wave function of the universe is getting infinitely more complex every instant... these are just different ways of saying the same thing. The different macroscopic events (you pull the trigger on cartridge or an empty chamber) are the result of these quantum level events, not the cause.
Regedit32.exe
I agree. It's long past time for the .com domain to be upgraded to .exe.
That's enough to power THREE flux capacitors at once!
When we developed Tracers back in the '80s we tuned the reward system so that the game would just run at a higher speed (voltage, in the circuit-board language of the game)... every time you won a level, the voltage would ramp up, when you lost a life it would ramp down. Most people found themselves in a cycle where the game would get harder until they started losing lives, and then it slowed down again until they started winning levels again.
The higher the voltage, the more points you got for blocking off and killing an opponent... but we found that the best players quit paying attention to the score. The challenge in the game was pushing the voltage higher and higher. That number was the thing to beat.
I don't like games that try and hide the mechanics of the process from people, but when it's exposed like this it can be extremely effective.
Anyone who is serious about their music knows that a complete LP should be, and often is, a single work of art.
I've had a few albums that I would count as "works of art", not many, and they were all actual vinyl LPs. I loved Roger Dean's album covers, more than the music inside the sleeves in some cases, but CDs are too small a canvas to satisfy that desire, and so it's died out in my heart long since. CDs get ripped into iTunes as soon as I get them, and the shells lay in a bookshelf mortuary where I never see or think about them. I pull down The Album Cover Album or Views now and then, but as I turn the pages my background music isn't ASIA or YES, it's whatever's playing on Party Shuffle.
When was the last time you gathered around the family piano to sing?
Never, thank God, and you would thank God too if you had ever heard me sing.
I was in choir in high school, because I had to be in *something* for that period. They didn't let me actually sing. I stood at the back and mouthed the words. I thank Edison for sound recording every time I'm foolish enough to raise my voice in what, by default, must be called song because it's not authentic enough for a donkey's bray.
These things are a last attempt to try and make "albums" relevant. They don't matter. Albums are an ex-parrot. They're pushing up the daisies. They're singing in the... no, that's it, they're not singing at all. That's the problem. They're tragically unhip.
They just leave it running most of the time.
These britons are crazy.
This is a long way from practicality, particularly for applications requiring bulk materials. They don't say what fraction of the material was superconducting, just that it was low, and the compound itself is pretty unstable: "The copper-oxides are strongly hygroscopic. All tests should be performed immediately after annealing."
I have no idea whether the low rate of women in model railroading type activities is due to initial interest or retention, but that's the pool you have to recruit full time coders from.
i'm sure we'll be throwing conjecture at each other until neither of us can type any longer
Good. That means there's at least two people analyzing my theory. :)
corporate foss is growing at quite a rapid pace
EVERY programmer in my department is using open source and writing software that builds from FOSS to one degree or another. I think I'm the only one who has contributed changes to a FOSS project. *Any* FOSS project. So the "recruitment rate" is, let's see, under 0.4%... men and women both. "Corporate FOSS" doesn't automatically translate to "corporate programmers working on FOSS projects".
Sorry, I missed that. That's a nice improvement. Assuming you can get your name service provider to take on the records. Given how quickly DNSSec is progressing and the experience I had when I was just trying to get mine to put in a few rDNS delegation records... I ended up just making my servers 123.45.example.com and 124.45.example.com and doing everything through CNAMes, it was that painful, and I wasn't J Random Newbie at the time. :(
The 70%+ aren't the ones who are just starting to get interested in open source. And even then, they're not hired in a vacuum, they're hired because they were already involved in Open Source, and they're going to in turn hire people who are already involved in Open Source. You have to look at where new-chums come from, and if they tend to be the "model railroaders"... it shouldn't be any surprise that there's a strong correlation. And that's where you need to look to see where the imbalance comes from.
Stonehenge won't even boot anymore, because it's a stupid in-place restore over the damn original bluestones.
And they're still doing ceremonies there? o_O
That explains all the out-of-spec crop circles we've been seeing lately. And why my Inukshuk is out of tune.
Joe Smith sets up an Apache server to run a Wiki for the hot new MMO Zombie Love Triangle. His server comes with all the software in packages, and his Wiki just comes up.
* In the real world, he doesn't bother setting up HTTPS, because it's a bit of a hassle. It's not much of a hassle, but it's a bit of a hassle. His users use HTTP. Someone sets up a sniffer at Zombie Love Con and much drama results when it's revealed that two of the hottest Zombies are actually alts of each other.
* In the world where SSL works like SSH, it comes with HTTPS with a self-signed certificate up and working, and the Zombie Lover sniffing packets gets nothing but line noise. Drama averted!
Objection: what about MITM attacks?
Answer: When the Zombie Apocalypse comes, you're still better off having to realize that the guy knocking on your door saying "Graah" is probably after your brains than just leaving the door open.
If most open source developers are doing it on their own time, then for most open source developers... particularly when they're getting started in open source... the experience is likely to be similar to that of other technical hobbyists. If you want to find out why there's an imbalance in FOSS developers, it's worthwhile looking at similar activities and seeing whether they have a similar imbalance... and even better, figuring out why and what to do about it.
Well, speaking for Linux, at least, Baloney. Not just a lot, but a majority of the Linux kernel development is done as someone's paid job.
See my response to your compatriot.
Look, even if you're absolutely right... no, let's say you're underestimating things, and FOSS has become 90% full time corporate developers over the past five years... or ten years... that wouldn't be long enough to make a huge dent in institutional sexism that's been developing since the '70s. I'm suggesting a possible *source* for any such institutional sexism, not trying to justify it. And for that you have to look back over the years to where the culture developed.
foss software is not so much a hobby nowadays, so i don't think getting paid really isn't a primary differentiating factor
Sure it is. Just because a small percentage of the people involved in FOSS are getting paid, that doesn't change the fact that even for a high profile project like Linux 30% of the contributions are being made by people for no pay. And given that the full-timers are *likely* to be making more and larger contributions, I suspect that 30% represents the vast majority of developers involved in the project.
I worked full time, for pay, on an open source project for several months... and most people don't get that much paycheck joy from it. The other 30 years I've been involved in FOSS have all been "on the side".
I think it makes sense if you can essentially get both for the cost of one.
Except you can't.
You could get privacy and weak authentication (is this the same key as last time?) for effectively free. Adding strong authentication makes the cost significantly higher even if you get the actual cert for free, unless your time isn't worth anything.
What if the first one they got was self-signed?
Then one time in a thousand the guy will get a single password before someone twigs that something funny's going on and calls the cops.
Even in the worst case the risk-benefit ratio is thousands of times better for phishing, even if you don't bother getting a valid certificate for bank0famerica.com.
But, a MITM can be set up automatically. Take a laptop, set up an open access point at a well populated place, and log all SSL traffic. Eventually you'll catch somebody accepting your self-signed cert for their bank's website.
Where did I suggest that the browser accept a self-signed cert to replace a CA-signed cert?
Most people will understand "they're always OK, even from the bank" and will happily accept a self-signed cert from their bank.
Unless their bank is actually using self-signed certs, they won't be given the opportunity.
Indeed. I have known several women who write open source software, and (admittedly from the outside) I didn't see them treated any differently on mailing lists and in meetings than men. Yes, there's an imbalance, yes, there may be institutional sexism... but what's the source?
Bruce argues that proprietary software has a higher proportion of women. The thing is, proprietary software has a bigger payback for the actual developer... and it's a payback that is valuable for everyone: MONEY. It's a relatively well paid trade that women are at no great disadvantage in. Most people working on proprietary software ... men or women ... don't program in their spare time, either. It's a job, not a hobby.
For most developers, open source software is a hobby. A valuable one, yes, but I would suspect that "fewer than 1.5%" of open source developers actually have that in their primary job description. What are the proportions of women involved in other technical hobbies? It's my impression that the answer is "pretty low", and a bit of googling tends to support that. So... what's the reason why women aren't involved in things like model railroading ("I haven't met too many women modelers" -- mary Miller, MMR)? I suspect that's where you need to look to dig up the answer to this question.
Setting up services that work on a basis of "It's the same server as yesterday" only works well in two cases: When it's a company system, and when it's your own home server.
Or when the value to an attacker of an MITM attack is less than the cost of performing one, considering that the value of performing a MITM attack drops close to zero almost as soon as it's detected. For most of the websites that are currently not using any encryption because TLS is a pain in the backside, the probability of detection from any attack carried out on a large enough scale to be of any value to the attacker is very high... even if that value is only measured in "lulz".
Implementing an SSH-style mechanism would... within a matter of months at the most... allow EVERY new installation of Apache or any other web server to automatically and painlessly self-certify, by default. Sniffers would become increasingly useless as time went on.
Knowing that a bank's cert is the same it was yesterday is of absolutely no use to anybody who doesn't work in the bank's data center.
Where did I suggest that a bank use a self-signed certificate?