Slashdot Mirror


User: swillden

swillden's activity in the archive.

Stories
0
Comments
18,006
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 18,006

  1. Re:Mainframes on Virginia Rometty Selected As Next CEO of IBM · · Score: 1

    Except that increasingly, mainframes aren't the only way to get high reliability, or even the most cost-effective way.

    (Disclaimer: I worked for IBM from 1997 to 2011, and now work for Google, which is perhaps the posterchild for high availability on commodity hardware.)

  2. Has Google patented the unlock pattern? on Apple Granted Patent For Slide To Unlock · · Score: 1

    Because I think it's a far cleverer and more useful idea than Apple's slide to unlock idea. Having a unique, customizable unlock pattern gives you a significant degree of security (unless you often have greasy fingers) while at the same time being only slightly harder to execute than Apple's swipe. One of the things I like best about my Nexus S over my old iPhone is the ability to keep it secured while still being able to unlock it without looking at it.

  3. Re:IP addresses in URLs on Vint Cerf Answers Your Questions About IPv6 and More · · Score: 1

    There are important security reasons for not allowing too many representations for a host address, and there really aren't any compelling motivations for allowing it. The FF guys are right, and Vint didn't really contradict them; he just said that in the low-level protocols it's a pure number. That has nothing to do with the UI considerations that drive having a single, consistent representation.

  4. Re:LOL usage approved by Vint Cerf on Vint Cerf Answers Your Questions About IPv6 and More · · Score: 1

    It wasn't at all clear to me from your question what you expected .here to be for... your comparison to E911 made me think you were talking about regional resources, i.e. stuff within tens of miles, and it was really unclear to me how that would be useful, much less how it could be defined or implemented. But the analogy with RFC 1918 makes it much clearer... you're talking about subnet-local resources.

    That's really easy to build on top of IPv6, and you don't need a new .TLD to do it. Just define some canonical link local addresses. For example this draft RFC suggests defining fec0:000:0000:ffff::1, fec0:000:0000:ffff::2 and fec0:000:0000:ffff::3 as canonical local DNS servers. I think the current plans are to handle local DNS differently, with local multicast addresses, but you get the idea. With such a large address space it's easy to carve out bits of it that have specific canonical purposes. So there could be a fixed address for any sort of defined local resources, e.g. print servers. In addition, it would be a simple matter to pick an address for a "local resource registry". Hosts that provide specific services could contact this address to register their services and hosts that desire specific services could contact it to get a list of what's available.

    For identifying nearby hosts with names, the .local TLD already exists. Given a canonical way for hosts to reach a local DNS server, they should automatically register themselves whenever they join a network, so <yourhostname>.local can always be used to reach your machine. If in addition to that hosts registered their willingness to be advertised through a local resource registry it would be easy to discover the existence of a host and then resolve it through DNS. Many sites would probably configure their DNS resolvers to use ".local" as a default domain so in practice you'd really only need to type the hostname.

    IPv6 opens up a wealth of opportunities to create far better solutions to these problems than we ever had with IPv4.

  5. Re:Who's paying the bill for FTC monitoring? on FTC To Monitor Google's Privacy Practices For 20 Years · · Score: 2

    Well, what the FTC discovered when they investigated was that Google had stepped over the line, but had already recognized it and put policies in place to address the issues, policies which exceeded what the FTC would have imposed. That being the case they couldn't really justify a lot of fines or any significant interventions, so they fell back on "okay, we'll watch you for 20 years".

    As for who's paying, I don't know, but I doubt it costs that much. They don't really have to monitor everything Google does, they just have to monitor Google's policies, which is easy to do, and to randomly spot check policy compliance. Honestly, I doubt they really even need to do that... Google is full of geeks so there are lots and lots of internal watch dogs, and Google is a very bottom-up organization where it's really easy for any employee with a pointed question to get attention from the very top -- and to spread his or her complaints widely if Larry doesn't address them.

    Google's privacy errors weren't a result of evil plans, they were a result of people not paying attention to the issue. Now, it's a big deal, and would be even without the FTC oversight, because Google had its nose publicly rubbed in some privacy mistakes.

    These days every design document is required to have a privacy impact analysis, and there are pretty stringent requirements for having things reviewed by the privacy office. In addition to that, there are mandatory privacy training courses for all new hires, mandatory annual privacy education for all employees, an annual privacy week with many privacy education, analysis and review events held throughout the week and a direct communication channel for any employees to report privacy concerns to the privacy office, who acts aggressively on them. And even without that, any Googler who's really worried can always just call the FTC. So, no, I don't think the FTC has to spend a lot of money on monitoring.

    Note that none of this privacy focus means that Google will stop trying to collect information about people. Rather the focus is on (a) ensuring that information is only used in ways that the users have agreed to (though the agreement is often implicit), (b) providing users with control of their data, including visibility into what Google collects about them, the ability to export it and/or delete it, and to opt out if they prefer (see google.com/privacy, and especially google.com/privacy/tools) and (c) ensuring that data does not leak (necessary for (a)). Google's hope is that they can provide you with so much value in exchange for your data that you'll want to give it to them, and that you'll trust them to manage it responsibly.

    (Disclaimer: I am a Google Engineer. I'm not in PR, I don't work in the privacy office or make privacy policy decisions -- though as an engineer with an extensive security and cryptography background much of what I do is related to privacy assurance -- and I'm not speaking for the company, or disclosing anything that isn't already public information. I'll also say that as someone who's always been a bit of a security and privacy zealot, including making it the primary focus of my 20-year software career, I'm personally quite impressed with the way Google handles privacy issues. In the 15 years I worked as a security and privacy consultant I saw huge problems at nearly every company I worked with, on an almost daily basis, while in the 8 months I've been with Google I've yet to see a bad decision. Further, I have full confidence that if I ever do see a bad decision my complaints will be heard. Compared to the banks I consulted for, who were paying $300 per hour to hear my opinions and then proceeded to completely ignore them, Google is privacy/security geek nirvana.)

  6. Re:"Free" money on Ron Paul Wants To End the Federal Student Loan Program · · Score: 1

    "There was a time when working part time over the summer would be enough to pay ALL college expenses,"

    Bullshit. Let us see some numbers and sources if you are going to make such wild claims.

    I did it. Though that wasn't so much because college was cheaper as because I chose to go to a cheaper college.

    I think the elimination of federal student loans would create a huge surge in enrollment at small state universities and community colleges, which even now have reasonably tuitions. It wouldn't affect the upper crust universities so much, many of which have endowments and many other funding sources they use to ensure that the small number of students who are accepted can pay. It would tremendously reduce enrollments at mid-tier universities, though... at least briefly until they figured out how to bring their tuition prices down.

    Personally, I think eliminating federal student loans would be a good thing.

  7. Re:Of course it does on Ron Paul Wants To End the Federal Student Loan Program · · Score: 5, Insightful

    On the other hand, why would employers be demanding a college education if they didn't see that it actually makes a significant difference in employee performance? They could hire people for less money if they didn't require a degree, so if less-educated employees could do the job, employers would be all over it.

    The only reasonable conclusion, IMO, is that it does matter. Of course, it's entirely possible, perhaps even likely, that the education isn't so much the cause of good performance as the education and good job performance both result from the habits and character of the individual. By that I mean that the sort of industrious, intelligent person who will be a good employee is also the sort of person who will pursue and achieve a good education.

    But I don't think so. My former employer, IBM, long had programs where they provided educational opportunities for factory workers so those people could advance within the company. I worked with a couple of gentlemen who had taken this route, starting on an assembly line, bolting computers together and ultimately achieving technical and managerial leadership positions in the company, getting the equivalent of a college education in the process. I noticed a couple of things about these people. The first was though they were given greater responsibilities at the same time they were getting their educations, those responsibilities were limited -- and even still they felt underqualified and somewhat overwhelmed by them. They, at least, felt that the education they received was essential in their ability to succeed.

    The other was that I always felt they were less effective than they could have been if they'd had a "normal" college education. IBM didn't bother providing, or requiring, a liberal education curriculum and the result was people with deep knowledge and skill in a narrow focus. It was less problematic for the technical guy; he'd earned the equivalent of an MSCS, and within the context of software and hardware he knew his stuff -- but don't expect him to understand much about the social or historical context of his work. For the manager, he'd earned the equivalent of an MBA and again he knew business, negotiation and the economic theory of pricing, and again he lacked the broader education, but for him that lack really caused him to make some, IMO, poor decisions.

    But the key point of my anecdotes is this: IBM is big enough and at one time had a large pool of low-skilled employees they could search for capable people to educate in job-specific skills and advance. And you know what? They more or less abandoned that approach. Partly because they shipped all manufacturing overseas and no longer had many unskilled positions from which to draw, but I think also because those trained-up people, however motivated, intelligent and hardworking, were actually less effective than their college-educated counterparts. Instead IBM disbanded its "IBM University" programs and shifted to the more common method of offering to subsidize a normal college education.

    I'm convinced that they did this because they found that the sort of education offered by universities did a better job of preparing people to be effective technologists, businessmen and administrators.

  8. Re:It seems like there are three major questions. on Global Warming 'Confirmed' By Independent Study · · Score: 1

    Great post; one that harks back to the old days of /., when reasoned discussion was, if not exactly the norm, at least fairly common.

    One point, though: I think your question #3 is premature, skipping another important and very relevant question, and one that is perhaps easier to answer and one that may make the hard-to-answer #2 less important. Specifically, even if we assume that the warming is anthropogenic, we need to ask whether it's actually a problem.

    There are two parts to this question. To fully answer it we need to understand a) what will be the effect on humanity of warming and b) how anthropogenic warming will interact with the natural climate cycles.

    Taking the second part first, I think we have to keep in mind that Earth has been both much cooler and much warmer than it is now, and that it has been in both states many times. It's pretty clear that Earth's climate is a chaotically stable system that incorporates negative feedback loops which bring it back to a mean. There have been many natural events which produced huge environmental impacts, impacts which dwarf anything humanity can or has been able to do. Supervolcano eruptions put more particulates and carbon dioxide into the atmosphere over the course of days than we have in centuries. Large asteroid impacts throw up world-covering dust plumes and simultaneously directly add massive amounts of heat.

    Given that, were the climate a chaotically unstable system, it would have long since turned into an iceball or a furnace. But it hasn't. Why not? I think research into the mechanisms of temperature regulation is crucial, and that research may well tell us that we're making much ado about nothing, that the planet's mechanisms to overcome temperature increases far exceed our paltry ability to change the climate. Personally, I think this is likely the case. For example, it makes sense to me that rising temperatures will increase water evaporation and hence cloud formation, increasing the planet's albedo and reducing the heat input from the sun. Blocking even a small percentage of the sun's input would easily overcome any damage we're doing (indeed, some climatologists believe that in earlier decades we partially masked the effect of our CO2 production by also pumping lots of sun-blocking particulates into the atmosphere, and that the progress we've made in reducing particulate emissions have actually accelerated warming).

    So, I think it's important to gain an understanding of those mechanisms, and build models which will allow us to predict with some degree of certainty what temperatures will be reached. I suspect that such models may not even depend very much on the reason for the warming, that the cooling mechanisms function via processes which are orthogonal to the warming processes.

    Understanding the way in which the planet will cool itself again, and the expected shape of the temperature curve over the next centuries should then allow us to better evaluate what the likely impact of the temperature changes will be. We should be able to make some reasonable predictions about expected sea levels and the effects of warming on presently-cold regions of the planet, which should give us a much better basis for evaluating our response.

    Of course, such climate research isn't the job of months or years, but decades. But I think it's crucial, and something that we should be funding at least one or two orders of magnitude more than we are. In the meantime, I think it also makes sense to begin taking some reasonable precautions, providing some incentives to reduce output of the gases we suspect are harmful. I really like the tax-based approach proposed by benhattman's response to your post, with the caveat that I'm always suspicious of proposals to "shift" taxation. There's a strong tendency for the new taxes to be put in place without the removal of the previous taxes they were intended to displace. Such shifts are also difficult politically, because they invariably benefi

  9. Re:What's it doing in there? on Android ICS Will Require 16GB RAM To Compile · · Score: 1

    What is it actually doing that needs 16GB of RAM to compile?

    Read the article, please- the summary is shit. That RAM recommendation (NOT "requirement") is for if you don't have a SSD. That's how much you'll need to keep the whole compile running in RAM without paging to disk.

    I don't think it's so much to eliminate paging as it is to enable lots of file caching.

  10. Re:What's it doing in there? on Android ICS Will Require 16GB RAM To Compile · · Score: 1

    What is it actually doing that needs 16GB of RAM to compile?

    Exploiting a great deal of parallelism and file caching to get the wall clock build time down to 25 minutes.

  11. Re:Copyright is as out of control as ever on Universal Uses DMCA To Get Bad Lip Reading Parody Taken Down · · Score: 1

    Blah blah blah, it's still illegal

    Non-profit reviews that don't affect the market for the game (note that informing people the game is lousy does not constitute affecting the market) are squarely in the center of the Fair Use provisions of copyright law. I strongly doubt any court would rule such use as infringing.

  12. Re:Google Apps has similar limits on Microsoft's Office365 Limits Emails To 500 Recipients · · Score: 1

    Google Apps has similar limits: 500 external recipients per day for free users. 3000 external recipients if you have a biz or edu account.

    Sending limits: http://www.google.com/support/a/bin/answer.py?answer=166852

    Not really.

    • Google's limit is 3000 vs 500.
    • Google's limit is per user, Microsoft's is per domain. This means one user sending a lot of e-mail can shut down e-mail for the whole company.
    • Google's limit applies only to external addresses. There is no limit on e-mails within the domain.
    • Google offers multiple ways to work around the limit, including using mailing lists (Google Groups), buying a 3rd party App Engine mail-sending app (or writing one), or using your own SMTP server.

    It's also worth noting that Google's service is cheaper. Obviously there's a lot more to both services than just e-mail, so perhaps Microsoft offers some features that justify the higher price. But based on their e-mail services it's hard to see why someone would choose Microsoft.

  13. Re:Is that right? on Jobs Wanted To Destroy Android · · Score: 1

    Maybe Google starts issuing stricter hardware guidelines in the future

    Android is open source. Google has no control over who puts it on what device.

    The only leverage Google has is to give device manufacturers who will agree to do things Google's way a leg up, in the form of earlier access to the next version of the code. But device makers can always take the released sourced code and do whatever they like.

  14. Re:Android has it's flaws on Ballmer Slams Android As Cheap and Overcomplicated · · Score: 1

    You should have gotten a Google Nexus S, rather than a phone that's loaded up with carrier crapware and restrictions. "True" Android doesn't have most of those problems.

    I recently moved from an iPhone to a Nexus S, and I honestly expected the Nexus S to be less polished and occasionally annoying. But I was very pleasantly surprised. I like the Nexus S a lot better than my iPhone 4.

  15. Re:"you don't need to be a computer scientist" on Ballmer Slams Android As Cheap and Overcomplicated · · Score: 1

    Only questions I get now is when she accidentally drags the Gnome bar somewhere

    That's why I put my father-in-law on Kubuntu. KDE allows you to lock down the UI so the user can't mess it up.

  16. Re:You don't own facts about yourself. Get over it on Facebook Is Building Shadow Profiles of Non-Users · · Score: 2

    Somehow I think getting a restraining order against FaceBook, Google, etc. will be a little more difficult despite the fact that they are stalking the entire world.

    No need for an order against Google. Go look at Google's privacy tools page (there's a link on the bottom of the search page). You can see everything Google is tracking about you and Google provides ways to opt out of all tracking and even tools to ensure that your opt-outs don't get lost. Try it. You'll see that you start seeing more generic advertising and your search result quality will decline a little.

  17. Re:Some deal on Google Switching to SSL By Default For Logged-In Users · · Score: 3, Insightful

    They are able to charge a premium for that targeted advertising because other people selling products feel they are getting better bang for their buck (as opposed to blanket advertising on television, or spam/UCE) due to the higher conversion rates.

    It's actually more direct than that.

    The vast majority of Google's advertising revenue comes from pay-per-click advertising, and the ad that is shown is selected based both on your likely interests and on a real-time auction among advertisers. So, Google's goal is to put in front of you the highest-paying ad that you are likely to find sufficiently interesting that you click on it. More precisely, you can think of each possible ad you could see as having an expected value to Google, which is determined by the amount the advertiser will pay Google if you click on it times the probability that you will click on it, and Google's goal is to display the ads with the highest expected value.

    Thus, the more Google knows about who you are and what you're looking for right now, the better job it can do at estimating the click probability function for each ad.

    From Google's perspective, this is a win-win-win. It's a win for Google, obviously, because it's the way they make the most money. It's a win for the winning advertiser because the advertiser got an interested (at least enough to click) person to their site, for a price that's a little less than what they offered to pay -- plus Google also provides advertisers with extensive feedback that helps them optimize the effectiveness of their ads and even their site (but doesn't share any user info). Finally, it's a win for the user because it provides ads about things that are interesting and useful to him/her.

    In Google's view, if Google shows you an ad that you don't click on, that's a failure. That means Google fails most of the time, but really hard problems are like that. It also means that it's better to display no ads than ads that the user won't care about. If Google were able to do its job perfectly, you'd click on every single ad Google shows you, and proceed to buy from each advertiser -- and you'd be happy about it because in each case you found just what you were looking for.

    The perhaps non-obvious implication of all of this is that users are not Google's product. Not from Google's perspective. Rather, advertisers and users are both customers, and Google maximizes its income by serving both effectively, by pointing users towards products they actually want to buy. The service Google sells is a sort of digital matchmaking service, and while it's the advertisers who pay Google, the users are at least as important -- since they're the ones who ultimately pay the bills.

    At least that's true for pay-per-click advertising. Google does do some pay-per-impression advertising, and that's different. In the pay-per-impression model the goal is to build brand recognition or to steer consumer perception, and there the user is definitely the product. That's a pretty small piece of Google's business, though.

    (Disclaimer: I work for Google, but not in anything ad-related, and everything I've said above is public knowledge.)

  18. Re:Should Have Included David Gerrold on SF Authors Predict Computing's Future · · Score: 1

    How is it better to have to have all your important data tied to a unique physical object?

    Security.

    Your "secret passphrase" isn't secret any more as soon as you type it in to some random computer, not to mention the problem that the intersection between the set of passphrases that average people can remember and manage and the set of passphrases which can't be easily searched by a computer is rapidly decreasing and will soon be the empty set.

    The advantage of a physical object is that it can store cryptographic keys which few humans can remember and execute cryptographic computations which no human could perform. This allows for authentication protocols which don't reveal any information to any intermediate entities, such as the computer you're using.

  19. Re:"Ask Shatner"..... on William Shatner Answers, in 826 Words · · Score: 2

    Yes, but it's Shatner. Would you expect anything less shameless?

    I think I'd be disappointed in anything less shameless.

  20. Re:Lethal dose vs. lethal? on Can the Hottest Peppers In the World Kill You? · · Score: 1

    Before this becomes a flame war, please note: I'm not trying to put down down Mexico or say that India is better or worse. Just saying that the complexity of Mexican culture and food is comparable to the complexity of the culture and food of an Indian state - in terms of population, size, history, and complexity. Another side note: Most Indian states have a different language AND a different script with their own grammar, literature, history, etc. They're THAT diverse. As an Indian, I'm as much of a stranger living in another Indian state as a Mexican or a Frenchman.

    For that matter, the GP may be a Mexican, but he doesn't know that much about Mexican food... because Mexico is also quite diverse and there are regions where the chiles are in fact the center of the meal, both in terms of volume and flavor, and there's lots of competition to see who can eat the most/hottest. Not saying it's comparable to India, but I think there's a lot more diversity in Mexico that most people realize -- even most Mexicans.

  21. Re:Is that how that works? on US Bishop Charged For Not Reporting Priest's Child Porn To Police · · Score: 1

    Larry Clark's images are often of underage people, but I haven't seen any I would call children.

  22. Re:Thanks, I needed that laugh on NASA CTO Says Help Desks May Disappear · · Score: 1

    Yes, we get crap-tons of calls from users about mobile devices. Tom is out of touch with "real" users, he's suffering (benefiting?) from massive selection bias here. His sample base is nowhere near representative of your average corporate IT user.

    I think he's out of touch with his own users, too. At least, he's out of touch with their needs. They may be rocket scientists, and perfectly capable of figuring out, with the help of their peers, how to diagnose and correct their issues, but that's not their job and time spent fiddling with that crap reduces their effectiveness.

    I also work for a company whose employees have a higher than average ability to self-support, Google. And you know what? Google has help desks. Lots of them, well-staffed with bright people who spend all day every day troubleshooting problems with desktops, laptops, netbooks, tablets and mobile phones. The most complex and time-consuming issue they solved for me was related to my iPhone (though the problem was actually a bug in PGP Desktop on OS X 10.6 that prevented successful installation of iTunes) and the solution was sufficiently arcane that it would have taken me a long time to find and apply the workaround via self-support.

    The reason for having a help desk isn't just that your employees aren't capable of solving their own problems... it's about efficiency. Even if the employees can self-support, the fact is that specialists can get the job done faster, allowing the employees to get back to doing the stuff they're paid to do. In the absence of a help desk what will happen is that ad hoc help desks will self-organize. People with particularly deep knowledge in certain areas will become the "go to guy/gal" for related problems. Internal on-line support fora will spring up. The net result will be that the problems will mostly get solved, but at a tremendous hidden cost to productivity because the employees will spend a lot of their time solving their IT problems and/or supporting their peers.

    Not having help desks at a place like JPL doesn't reduce costs, it just moves them. It externalizes them from the CTOs department and shifts them to all of the projects, increasing the total cost in the process.

    IOW, it's stupid even at JPL. And it would be an absolute disaster at a typical corporation, where the employees aren't rocket scientists.

  23. Re:The overhead is high on IRS Auditing Google · · Score: 1

    Plus for most sole proprietorships it's a moot point anyway. So what if the company isn't taxed? Every penny taken out to buy groceries, make house and car payments, etc., will be. There's no difference between taxing the company and taxing the owner because they're the same thing.

  24. Re:Like Their Lawyers Would Let Something Slip on IRS Auditing Google · · Score: 1

    Hmmm, maybe I'll just transfer all my profits to Bermuda ... oh, right, I'm poor. We pay taxes. Corporations and people rich enough to afford shifty accountants don't.

    According to Google's 3Q earnings report, they paid income taxes of around 19% of their profits.

  25. Re:oops on IRS Auditing Google · · Score: 1

    On twitter every day there are people screaming about the U.S. "high corporate tax rate" and they always forget to mention that NOBODY pays that rate... to many ways around it.

    Google must be really lousy at this, then, because according to their just-released 3Q earnings report, they paid, IIRC, 19% income tax.