> but I've seen dev houses measure quality by doing over 10,000 lines a day, regardless of bugs.
I find that lines-of-code IS a good measure for me. If I can delete 10,000 lines of data transform and transport code and replace it with a direct connection in 12 lines of code, that's a very successful day.
As an example, a project I'll take on soon currently dumps data from a database into csv and transfers it to a server via FTP. Later, another server retrieves the csv via CVS, transforms it into XML, and makes it available via another protocol. It's then retrieved by another system which imports it into another database. I will replace these systems with the following: INSERT INTO destination.tablename SELECT... FROM source.table JOIN source.othertable.
Literally I'll replace hundreds or thousands of lines with one or two lines. That's a good day; getting rid of thousands of lines of code.
After 20 years in the business, I spend MUCH more time thinking about the problem and the best solutions than I do actually coding. If you're spending most of your time coding, that's probably mostly code I'll delete in a couple of years whwn I do it in a simpler, more elegant way.
I imagine the entertainment companies would quickly automate the counter-notices if they started recieving a ton of frivilous notices. They've already automated sending notices (starting a dispute), it seems that automatically filing a counter would be less risky for them. If I were them, I'd probably sue a few of the people filing frivilous notices too, to make an example of them.
The counter-notice includes an attestation under perjury of your name and contact information, so they'd know who to sue.
Perhaps more importantly, the resultant deluge of counter-notices would cause the important counter-notices against the media companies to get lost in the shuffle. That takes away our best defense against DMCA abuse.
I think there are three things that ordinary people can do to help make the situation better:
a) Spread the word about counter-notices. On platforms other than Youtube, these generally work very well and are easy to so.
b) Email your congressman when DMCA-related bills are being discussed, supporting stronger penalties for abuse.
c) Some people won't like this, but the following facts are true. There are 100 times as many independent artists than there are corporate-label artists promoted by record companies and other media companies. The media companies hire Rightscorp and other DMCA "enforcers" , and use DRM, because they see piracy damaging their business - if there was no piracy, Rightscorp would go out of business and DRM wouldn't exist. Therefore, rather than pirating a corporate artist (and giving Rightscorp a reason to exist), use songs and videos from independent artists. Many independent bands will let you have their music for free and use it in your videos, etc. If you do that rather than pirating Justin Bieber, you've taken away any reason for Rightscorp to exist, given MPAA the finger, followed the law (not stopping to their level), and possibly got better music too.
Yes, there was a recent major case on that. The recipient was a major cable TV company. The complainant sent a shit-ton of emails which looked like complaints, but didn't conform to DMCA requirements. Eventually, the cable company started directing email from that company to/dev/null. Complainant sued and the cable company was held liable.
The law, DMCA, nowhere has the words "except if the complaint comes from someone who sends a lot of junk complaints". The law directs how A complaint needs to be handled, without any reference to prior communications from the same person.
The cable company could have argued, and a different court might agree, that while the company did fail to comply with DMCA, the damages were CAUSED by the complainant's spammy deluge of bogus complaints. If some other court accepted that argument, they'd be "guilty", but not have to pay any damages. That's a theoretical argument they COULD make, to some other court. The actual judge in the real case said that every complaint has to be acted on, and the spammy complainant was awarded X million in damages.
Now I'm going to get pedantic and answer -exactly- the wording of what you asked. > Does the law prevent Youtube from...
Technically, they don't HAVE to follow the DMCA process, but if they don't, they become fully liable for any infringement by their users. Most people hosting content, such as web hosting companies, would say it would be insane to take on that kind of liability. Just follow the DMCA process and you're not liable to either party. Youtube has tip toed close to the line, potentially opening themselves up to liability.
> [Youtube should be blamed] mainly for failing to perform any checks to see if the party filing the DMCA notice actually has the authority
That's not the way the law works. Under DMCA, Youtube isn't the judge and jury, they don't have any subjective decisions they are allowed to make. Youtube has little to no choice here. Here's the process that the DMCA law specifies:
1. Complainant notifies hoster (youtube) that they claim infringement. 2. Youtube may immediately contact respondent (uploader). 3. Youtube temporarily disables the content. 4. Respondent may send Youtube a counter-notice, saying that they dispute the original DMCA notice. 5. Upon receiving counter-notice, Youtube re-enables the content. 6. Complainant may file suit in federal court (expensive).
The process is pretty well set in stone by law. The one place where Youtube has some choice to make is that they have to disable/remove the content "quickly", but how quickly? A host can choose to contact the uploader and give them 24 hours to counter-notice before removal, or they can remove it right away and put it back when they get a counter-notice.
I wish more people understood the counter-notice part, meaning the content goes right back up if you dispute the notice. You just reply saying "this notice must have been sent by mistake" and sign it (forms are available online). If more people understood about counter-notices and an amendment to the law added statutory damages for reckless filing of improper notices, the system would probably work pretty well. As it is, reckless notices aren't penalized enough to matter, and most people seem to think that there's nothing they can do if they are on the wrong end of an erroneous notice. Just send back a counter-notice. You don't have to argue your case, just state that you think the notice is wrong and leave it at that.
> which outcome is better for society? > It's time people's courts... instead considered what benefits society most.
Should individual unelected judges make up laws based on what they think will turn out best?
I (and the framers of the Constitution) think that the legislature and the voters should carefully consider that when they create and pass laws. Judges should then read the law and apply determine how it applies to a particular case. Occasionally, the Supreme Court and other courts have pointed out "this law doesn't work well, the legislature should change it". I think that's the best approach.
* Here I'm not talking about cases in which the legislature tried to create a law which they had no authority to create. I'm referring to laws which the legislature properly passed, within their authority, but didn't do a very good job.
A year or two ago I would have said I'd never buy a little a tablet or smartphone. My one year old daughter ended up at a childcare place where they use ipads, and she got an iPad. Very soon she was counting to ten with Elmo, saying "Caillou throw ball", and other things that most kids don't do until after they are two years old. Now, at 24 months old, she's about 6-9 months ahead on most of her skills. That's "only" 6-9 months, but it's also about 30% ahead.
We put effort into teaching her, of course, taking her to see her favorite things (airplanes) and talking about them, talking about whatever we see in the world around us. I have to say, though, she has definitely learned from the apps she has on her iPad during car trips and chill time. Which means I have to be mindful of WHICH apps and web sites she's looking at in the next years. She will learn something from whatever she's looking at, so I'll need to pay attention to what she's learning.
My wife loves her Chromebook. Although it is set up to dual boot to Ubuntu, and she's comfortable with Linux, she has never needed it. ChromeOS does everything she wants to do. I was surprised how good the battery life is, too.
You don't HAVE to run Android apps on it just because you CAN.
> You seem like someone who would know that DOS competed with the GEM
First sentence of your Wikipedia link: The Graphical Environment Manager (GEM) was an operating environment created by Digital Research, Inc. (DRI) for use with the DOS operating system
GEM was a DOS application. The Macintosh, on the other hand, was a competing OS which had a GUI a year earlier than DOS got GEM.
Thank you for that excellent example of "Policy decisions matter for security - when you download the tor client, how do you know you're not getting a trojaned copy? " Many projects only publish a hash with which to verify that your copy is unaltered. The Tor project could have done the same. As you point out, that creates only the APPEARANCE of security, especially if TLS is already in use. By making a policy decision to use GPG signatures, Tor security was improved.
An established developer could well weigh in on such discussions either arguing that GPG/PGP improves security, or that it's a hassle that virtually nobody will actually use anyway. In that way, they can influence the security of the project apart from making any changes to the source code.
> If a drive is still under warranty, do I really care if it fails at time X versus 2*X?
I certainly do. Buying the drive costs maybe $130. Compare the cost to handle a failure:
Having a tech pull the pod, hook it up to the pod tester to find the bad drive, run that drive through the test sequence to prove (to the manufacturer) that it really is bad, fill out the RMA request, box it up and ship it, put a replacement drive in the pod, reinstall and activate the pod, handle receipt of new drive later.
Handling costs of a failure (under warranty or not) is probably $200. That's more significant than the purchase cost of a drive that's out of warranty.
The above description is for Backblaze. In my case, the procedure for a failed disk starts with "drive over to the datacenter". It ends with "hope that the firmware on the replacement drive doesn't have any glitches in my environment". I don't want to drive over there and deal with it. I'm more interested in drives that don't fail than drives that will be replaced under warranty.
On a local PC, the process probably begins with "hope that the backups worked correctly last night, and that nothing goes wrong with the restore".
I don't work on Tor specifically. In the important / well organized open source software I've been involved with, submissions are typically read by 1-3 other people, and there are unit tests and/or regression tests.
When I say the code is "read", I mean the same way you might read this post. You aren't looking at individual letters and words, you're reading sentences and paragraphs. You could easily overlook typos (but you might catch some typos too).
Often the unit tests aren't 100% thorough. Especially, they tend to cover the expected/correct case. If the code is supposed to send an MMS message, it is tested that entering a phone number and a message causes the message to be sent. often untested is what happens if instead of a phone number some injection code is entered. What happens if the message is millions of characters long? If the disk is full or the network is unavailable what happens?
> Is inserting code the only way someone on the inside can undermine TOR?
There are several other ways. In systems intended to be secure, flaws in the design create problems just like flaws in the implementation can. Someone could undermine Tor by suggesting a feature that seems useful and good.
Policy decisions matter for security - when you download the tor client, how do you know you're not getting a trojaned copy? That's based on how the Tor project operates, separate from any code submitted.
Somebody has the tor.org TLS key. If a sophisticated attacker had the tor.org key, they could impersonate tor.org and cause a target to download a trojaned copy of the tor client. Even if the target checked the hash of the download, they would probably get the hash from tor.org, which is really the attacker. If I thought about for more than 60 seconds, I could probably think of some more ideas.
> You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
Isn't it interesting that Alzheimer's Reagan was one of the best presidents of the last 50 years. People complain about presidents Obama and Clinton not doing anything, but I'm starting to really think that's a good thing in a president; just not screwing things up and causing problems. Clinton came into office as the economy was starting to grow nicely and rather than mess with it, he spent his time chasing women. Worked out pretty well - the economic growth didn't slow much until his last year or two.
> Remember this FACT: We would not have had graphical desktops without Microsoft! We'd still be using DOS!
Clearly you're being sarcastic or something, but I can't quite parse. You seem like someone who would know that DOS competed with the Mac graphical UI.
> Funds are okay but the fees really add up. I've had good success buying mosting stocks which are in successful funds, avoiding all their fees.
Are you thinking about managed funds, as opposed to the index funds he mentioned? My main index fund, IVE, has an expense ratio of 0.18%. $1.80 per $1,000. If you invest monthly,the mutual fund is probably cheaper on fees than buying individual stocks. Even you buy individual stocks less often (and miss out on growth), transaction fees from the multiple transactions to buy multiple companies could easily be higher than index fund expenses. Plus you save time - no need to keep rebalancing between different companies each month you invest.
Managed funds are an entirely different thing. Expenses ARE frequently high, often high enough that the net return is better with an index fund.
We don't pay down any PRINCIPAL to pay it off. The INTEREST is a significant portion of what your tax dollars pay for. It comes out to $6,300 per year per worker, or about $500/month.
Per net taxpayer, it's about $9,000 per year. (Net taxpayer meaning people who pays more then zero taxes. Doesn't include someone who is charged $3,000 in taxes and gets a $4,500 credit, thereby receiving $1,500 from taxpayers.)
I'll be curious to see what kind of sentence he gets in August. The "faces up to" maximum theoretical penalties are less useful than Comcast's "up to 50 Mbps*" advertising.
* speed may be significantly lower during peak periods, business hours, evenings,nights, weekends, maintenance windows, and other times.
Certainly the near constant war in the region has been well documented since at least the wars with Rome around 100 BC, then the Persian empires and the Sasanians, the Seljuq Turks, the Mongols, the Ottomans, the Safavid...
You make a couple of good points. I think that's much more insightful than suggesting that waterboarding Khalid Sheikh Mohammed and the other perpetrators of 9/11 is just as raping innocent girls.
Also I should acknowledge that the economy did suck when they took they survey, near the end of 2008. I can understand why people felt that things were rough. They WERE rough compared to to the 1980s and1990s, but not at all compared to the 1960s and 1970s.
> but I've seen dev houses measure quality by doing over 10,000 lines a day, regardless of bugs.
I find that lines-of-code IS a good measure for me. If I can delete 10,000 lines of data transform and transport code and replace it with a direct connection in 12 lines of code, that's a very successful day.
As an example, a project I'll take on soon currently dumps data from a database into csv and transfers it to a server via FTP. Later, another server retrieves the csv via CVS, transforms it into XML, and makes it available via another protocol. It's then retrieved by another system which imports it into another database. I will replace these systems with the following: ... FROM source.table JOIN source.othertable.
INSERT INTO destination.tablename SELECT
Literally I'll replace hundreds or thousands of lines with one or two lines. That's a good day; getting rid of thousands of lines of code.
> wind up tossing the entire shebang
The entire shebang line?! That's like ten characters! :)
You might have heard of this little program called "the Linux kernel".
https://www.kernel.org/pub/lin...
After 20 years in the business, I spend MUCH more time thinking about the problem and the best solutions than I do actually coding. If you're spending most of your time coding, that's probably mostly code I'll delete in a couple of years whwn I do it in a simpler, more elegant way.
I imagine the entertainment companies would quickly automate the counter-notices if they started recieving a ton of frivilous notices. They've already automated sending notices (starting a dispute), it seems that automatically filing a counter would be less risky for them. If I were them, I'd probably sue a few of the people filing frivilous notices too, to make an example of them.
The counter-notice includes an attestation under perjury of your name and contact information, so they'd know who to sue.
Perhaps more importantly, the resultant deluge of counter-notices would cause the important counter-notices against the media companies to get lost in the shuffle. That takes away our best defense against DMCA abuse.
I think there are three things that ordinary people can do to help make the situation better:
a) Spread the word about counter-notices. On platforms other than Youtube, these generally work very well and are easy to so.
b) Email your congressman when DMCA-related bills are being discussed, supporting stronger penalties for abuse.
c) Some people won't like this, but the following facts are true. There are 100 times as many independent artists than there are corporate-label artists promoted by record companies and other media companies. The media companies hire Rightscorp and other DMCA "enforcers" , and use DRM, because they see piracy damaging their business - if there was no piracy, Rightscorp would go out of business and DRM wouldn't exist. Therefore, rather than pirating a corporate artist (and giving Rightscorp a reason to exist), use songs and videos from independent artists. Many independent bands will let you have their music for free and use it in your videos, etc. If you do that rather than pirating Justin Bieber, you've taken away any reason for Rightscorp to exist, given MPAA the finger, followed the law (not stopping to their level), and possibly got better music too.
Yes, there was a recent major case on that. The recipient was a major cable TV company. The complainant sent a shit-ton of emails which looked like complaints, but didn't conform to DMCA requirements. Eventually, the cable company started directing email from that company to /dev/null. Complainant sued and the cable company was held liable.
The law, DMCA, nowhere has the words "except if the complaint comes from someone who sends a lot of junk complaints". The law directs how A complaint needs to be handled, without any reference to prior communications from the same person.
The cable company could have argued, and a different court might agree, that while the company did fail to comply with DMCA, the damages were CAUSED by the complainant's spammy deluge of bogus complaints. If some other court accepted that argument, they'd be "guilty", but not have to pay any damages. That's a theoretical argument they COULD make, to some other court. The actual judge in the real case said that every complaint has to be acted on, and the spammy complainant was awarded X million in damages.
Now I'm going to get pedantic and answer -exactly- the wording of what you asked. ...
> Does the law prevent Youtube from
Technically, they don't HAVE to follow the DMCA process, but if they don't, they become fully liable for any infringement by their users. Most people hosting content, such as web hosting companies, would say it would be insane to take on that kind of liability. Just follow the DMCA process and you're not liable to either party. Youtube has tip toed close to the line, potentially opening themselves up to liability.
> [Youtube should be blamed] mainly for failing to perform any checks to see if the party filing the DMCA notice actually has the authority
That's not the way the law works. Under DMCA, Youtube isn't the judge and jury, they don't have any subjective decisions they are allowed to make. Youtube has little to no choice here. Here's the process that the DMCA law specifies:
1. Complainant notifies hoster (youtube) that they claim infringement.
2. Youtube may immediately contact respondent (uploader).
3. Youtube temporarily disables the content.
4. Respondent may send Youtube a counter-notice, saying that they dispute the original DMCA notice.
5. Upon receiving counter-notice, Youtube re-enables the content.
6. Complainant may file suit in federal court (expensive).
The process is pretty well set in stone by law. The one place where Youtube has some choice to make is that they have to disable/remove the content "quickly", but how quickly? A host can choose to contact the uploader and give them 24 hours to counter-notice before removal, or they can remove it right away and put it back when they get a counter-notice.
I wish more people understood the counter-notice part, meaning the content goes right back up if you dispute the notice. You just reply saying "this notice must have been sent by mistake" and sign it (forms are available online). If more people understood about counter-notices and an amendment to the law added statutory damages for reckless filing of improper notices, the system would probably work pretty well. As it is, reckless notices aren't penalized enough to matter, and most people seem to think that there's nothing they can do if they are on the wrong end of an erroneous notice. Just send back a counter-notice. You don't have to argue your case, just state that you think the notice is wrong and leave it at that.
> which outcome is better for society? ... instead considered what benefits society most.
> It's time people's courts
Should individual unelected judges make up laws based on what they think will turn out best?
I (and the framers of the Constitution) think that the legislature and the voters should carefully consider that when they create and pass laws. Judges should then read the law and apply determine how it applies to a particular case. Occasionally, the Supreme Court and other courts have pointed out "this law doesn't work well, the legislature should change it". I think that's the best approach.
* Here I'm not talking about cases in which the legislature tried to create a law which they had no authority to create. I'm referring to laws which the legislature properly passed, within their authority, but didn't do a very good job.
A year or two ago I would have said I'd never buy a little a tablet or smartphone. My one year old daughter ended up at a childcare place where they use ipads, and she got an iPad. Very soon she was counting to ten with Elmo, saying "Caillou throw ball", and other things that most kids don't do until after they are two years old. Now, at 24 months old, she's about 6-9 months ahead on most of her skills. That's "only" 6-9 months, but it's also about 30% ahead.
We put effort into teaching her, of course, taking her to see her favorite things (airplanes) and talking about them, talking about whatever we see in the world around us. I have to say, though, she has definitely learned from the apps she has on her iPad during car trips and chill time. Which means I have to be mindful of WHICH apps and web sites she's looking at in the next years. She will learn something from whatever she's looking at, so I'll need to pay attention to what she's learning.
You are quite right. By way of analogy, I'd rate the Ku Klux Klan zero. I'm not their target audience? So what? I still say they suck.
My wife loves her Chromebook. Although it is set up to dual boot to Ubuntu, and she's comfortable with Linux, she has never needed it. ChromeOS does everything she wants to do. I was surprised how good the battery life is, too.
You don't HAVE to run Android apps on it just because you CAN.
> You seem like someone who would know that DOS competed with the GEM
First sentence of your Wikipedia link:
The Graphical Environment Manager (GEM) was an operating environment created by Digital Research, Inc. (DRI) for use with the DOS operating system
GEM was a DOS application. The Macintosh, on the other hand, was a competing OS which had a GUI a year earlier than DOS got GEM.
Would you call this click bate?
Thank you for that excellent example of "Policy decisions matter for security - when you download the tor client, how do you know you're not getting a trojaned copy? " Many projects only publish a hash with which to verify that your copy is unaltered. The Tor project could have done the same. As you point out, that creates only the APPEARANCE of security, especially if TLS is already in use. By making a policy decision to use GPG signatures, Tor security was improved.
An established developer could well weigh in on such discussions either arguing that GPG/PGP improves security, or that it's a hassle that virtually nobody will actually use anyway. In that way, they can influence the security of the project apart from making any changes to the source code.
> If a drive is still under warranty, do I really care if it fails at time X versus 2*X?
I certainly do. Buying the drive costs maybe $130. Compare the cost to handle a failure:
Having a tech pull the pod, hook it up to the pod tester to find the bad drive, run that drive through the test sequence to prove (to the manufacturer) that it really is bad, fill out the RMA request, box it up and ship it, put a replacement drive in the pod, reinstall and activate the pod, handle receipt of new drive later.
Handling costs of a failure (under warranty or not) is probably $200. That's more significant than the purchase cost of a drive that's out of warranty.
The above description is for Backblaze. In my case, the procedure for a failed disk starts with "drive over to the datacenter". It ends with "hope that the firmware on the replacement drive doesn't have any glitches in my environment". I don't want to drive over there and deal with it. I'm more interested in drives that don't fail than drives that will be replaced under warranty.
On a local PC, the process probably begins with "hope that the backups worked correctly last night, and that nothing goes wrong with the restore".
I don't work on Tor specifically. In the important / well organized open source software I've been involved with, submissions are typically read by 1-3 other people, and there are unit tests and/or regression tests.
When I say the code is "read", I mean the same way you might read this post. You aren't looking at individual letters and words, you're reading sentences and paragraphs. You could easily overlook typos (but you might catch some typos too).
Often the unit tests aren't 100% thorough. Especially, they tend to cover the expected/correct case. If the code is supposed to send an MMS message, it is tested that entering a phone number and a message causes the message to be sent. often untested is what happens if instead of a phone number some injection code is entered. What happens if the message is millions of characters long? If the disk is full or the network is unavailable what happens?
> Is inserting code the only way someone on the inside can undermine TOR?
There are several other ways. In systems intended to be secure, flaws in the design create problems just like flaws in the implementation can. Someone could undermine Tor by suggesting a feature that seems useful and good.
Policy decisions matter for security - when you download the tor client, how do you know you're not getting a trojaned copy? That's based on how the Tor project operates, separate from any code submitted.
Somebody has the tor.org TLS key. If a sophisticated attacker had the tor.org key, they could impersonate tor.org and cause a target to download a trojaned copy of the tor client. Even if the target checked the hash of the download, they would probably get the hash from tor.org, which is really the attacker. If I thought about for more than 60 seconds, I could probably think of some more ideas.
> You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
Isn't it interesting that Alzheimer's Reagan was one of the best presidents of the last 50 years. People complain about presidents Obama and Clinton not doing anything, but I'm starting to really think that's a good thing in a president; just not screwing things up and causing problems. Clinton came into office as the economy was starting to grow nicely and rather than mess with it, he spent his time chasing women. Worked out pretty well - the economic growth didn't slow much until his last year or two.
> Remember this FACT: We would not have had graphical desktops without Microsoft! We'd still be using DOS!
Clearly you're being sarcastic or something, but I can't quite parse. You seem like someone who would know that DOS competed with the Mac graphical UI.
>> Always index funds
> Funds are okay but the fees really add up. I've had good success buying mosting stocks which are in successful funds, avoiding all their fees.
Are you thinking about managed funds, as opposed to the index funds he mentioned? My main index fund, IVE, has an expense ratio of 0.18%. $1.80 per $1,000. If you invest monthly,the mutual fund is probably cheaper on fees than buying individual stocks. Even you buy individual stocks less often (and miss out on growth), transaction fees from the multiple transactions to buy multiple companies could easily be higher than index fund expenses. Plus you save time - no need to keep rebalancing between different companies each month you invest.
Managed funds are an entirely different thing. Expenses ARE frequently high, often high enough that the net return is better with an index fund.
We don't pay down any PRINCIPAL to pay it off. The INTEREST is a significant portion of what your tax dollars pay for. It comes out to $6,300 per year per worker, or about $500/month.
Per net taxpayer, it's about $9,000 per year. (Net taxpayer meaning people who pays more then zero taxes. Doesn't include someone who is charged $3,000 in taxes and gets a $4,500 credit, thereby receiving $1,500 from taxpayers.)
I'll be curious to see what kind of sentence he gets in August. The "faces up to" maximum theoretical penalties are less useful than Comcast's "up to 50 Mbps*" advertising.
* speed may be significantly lower during peak periods, business hours, evenings,nights, weekends, maintenance windows, and other times.
> Funny the same thing can be said for the US the entire time of it's existence.
That's only because of Montenegro has been doing. If it weren't for Montenegro, the US would have eternal peace and harmony.
Certainly the near constant war in the region has been well documented since at least the wars with Rome around 100 BC, then the Persian empires and the Sasanians, the Seljuq Turks, the Mongols, the Ottomans, the Safavid ...
You make a couple of good points. I think that's much more insightful than suggesting that waterboarding Khalid Sheikh Mohammed and the other perpetrators of 9/11 is just as raping innocent girls.
Also I should acknowledge that the economy did suck when they took they survey, near the end of 2008. I can understand why people felt that things were rough. They WERE rough compared to to the 1980s and1990s, but not at all compared to the 1960s and 1970s.