First, "admitted to practice before the US Patents and Trademark office" isn't what it sounds like. All this certification gives you is the ability to write patents. That's it. You can still litigate, license, attack, etc. patents.
Second, just because you have technical experience doesn't mean you qualify to practice before the USPTO. For example, I will be an IP lawyer in less than 9 months (thank God it's almost over!). Before law school, I was a software engineer for over 6 years. I know software. But, I don't qualify to write patents because I was self-taught and my undergrad degree wasn't in Computer Science.
A word of warning. The default law in the United States and most other common law countries (UK, Canada, Australia, etc.) is that any improvements belong to the landlord. Anything permanently attached to the wall is no longer yours. Technically, if you attach it and then take it down a week later, you're stealing from the landlord. Of course, your jurisdiction may vary.
Bar to employment. Many jobs require a certain degree to be considered for a job. A degree from almost anywhere will work.
Prestige. There are some universities that will get you a job. Harvard, Stanford, Yale, MIT, etc. Your interviewer will be damned impressed that you went to such a school. Of course, this is only helpful if you can actually get into (and afford) one of these schools.
Commonality. This is the most important reason for a college degree. Your interviewer will probably have a 4 year degree. She will remember what college was like. When she sees you with a 4 year degree, she will identify with you. You share a common bond. As such, she is more likely to hire you. If your interviewer knows that you went to an online university, and she did not, then there is no common bond, no identification. People don't get jobs because they are qualified. People get jobs because their interviewer likes them.
This preliminary decision does not mean that the US Supreme Court has decided to hear the case. They may or may not. Personal jurisdiction has changed quite a bit in the last 20 years. Personal jurisdiction and the Internet is a relatively new legal topic.
If the court hears the case, they will almost certainly overrule the California Supreme Court. The trend of the US Supreme Court has consistently been to increase the scope of personal jurisdiction. The case will then be remanded back down to the trial court, the Santa Clara Superior Court.
If the court does not hear the case or affirms the California Supreme Court, then the suit is still not over. The RIAA can then restart the entire suit in Texas.
No matter how you look at it, the RIAA either comes even or on top.
Freelancers sign contracts with the major media outlets for specific stories, photographs, creative works, etc. A few years ago, the media lawyers saw the possiblity of copyright infringement. For the last several years, all new contracts specifically grant the right to reproduce in multiple medias without royalty.
This court case only covers fairly old (like six or seven year old) content. It only covers work created before the new style of contracts. As such, it has very little affect on the overall web.
Try out Password Safe available through Counterpane. It's from Bruce Schneier's company. Bruce Schneier is the author of Applied Cryptography, Secrets and Lies, CryptoGram newsletter, and the blowfish and twofish algorithms (one of which was an AES finialist). He has personally code audited the software, so I trust it.
Have one password for the Password Safe and have it store the root passwords for your other computers. If you are very paranoid, keep the database on a floppy and lock the floppy in a safe when not in use.
One downside, only Windows. But, a Linux version is coming Any Day Now (tm) (it'll be Open Source to boot!).
My first suggestion is to get a lawyer. Since you've already said you cannot, my second suggestion is to contact a local paralegal firm. Around where I live, there is a place called "We the People" that offers legal services for cheap, but they aren't laywers.
My third suggestion is to find a NDA from someone else (who did consult a lawyer).
Lastly, if you can't do that, remember this rule. You are not a lawyer. Contracts written by non-lawyers can't reasonable be expected to be as comprehensive as those written by a professional. If you have to enforce the contract and you get a lenient judge (that's a big if), she might give you some credit for not being a lawyer. That being said, write your NDA in plain english. Don't try and sound like a lawyer. Don't use big words. Don't make it long. Make is short, simple, and crystal clear. Give it to a fifth grader and make sure they can understand it. If the intent is clear, you may be able to have it stand in court.
Social engineering can also be called conning. A con man is the classic social engineer. Con men play on psychological and sociological patterns. These patterns dictate how people act in certian situations. Essentially, they are fairly deterministic. As programmers know, anything that is deterministic can be measured and manipulated.
The safeguards that maggard noted above work not because they solve the problem of social engineering, but because they prevent the attacker from getting access to either an individual or information about individuals. They should be considered your first line of defense.
But, the real culprit is predictability. If I can predict how you are going to act in a particular situation, I can manipulate that situation and measure the results. If most people act in the same manner in particular situations, I can repeat the experiment to get a general rule. The way to prevent social engineering attacks is to reduce the predictability.
Unfortunately, predictibility and routine are important to both life and business. Your fellow employees like knowing that if they need to get an application installed, they call you on the phone. If you start randomly making up procedures about how to get a piece of software installed, you will reduce social engineering, but infuriate your users. "What do you mean I need to fill out a paper and get a signature from my supervisor? Last week I just needed to call you. John just installed some software and he needed to fax you. Debbie said she needed to fill out a web form."
Of course, the unpredictable model only works if one person is in control. Once you have two people, it makes the problem even worse.
In short, use maggard's suggestions to remove the person from the equation where possible and, when not, remove the personal information. Other than that, you are dealing with people. There will always be con men.
The article states that the US works more than Japan. Actually, this isn't too new, a similar report came out in 1998. But, many people in sociology and international politics tell a different story. Work hours in Japan are institutionally under reported. Japan has been in an economic recession since the early to mid 90's. As a result, the government mandated that all Japanese major corporations reduce the number of hours their employees worked.
The theory was based on two assumptions. First, shorter work weeks would mean companies need to hire more people. This would help the rising unemployement. Second, Japanese business men were starting to get known for dying of heart attacks despite their general good health. The stress of work was killing the Japanese population.
In order to comply with regulations, many companies started blacking out their windows at the traditional closing time. They started under reporting their hours. Et voila. The official story shows a decline in the average work week of Japanese.
Americans are working more and more. But we still don't beat the Japanese.
The legislation prohibits the importation of clones. This is unconstitutional and will be struck down by the Supreme Court if ever enacted. Human clones are humans. The "all men are created equal" clause of the declaration of independance is a lens that the judicial branch uses to interpret law. Preventing the "importation" of a clone (would that be immigration?) would be treating the human clone differently than anyone else.
Furthermore, being a clone could be considered a medical condition. If successfully argued as such, then human clones have protection against discrimination from the government, private employeers, loan officers, etc.
Human clones are human. That's the point. They have all the same legal rights as any other human. Treating them specially for legal purposes will quickly be challenged and, probably, ruled unconstitutional.
I think you are placing the cart before the horse. You need to evaluate your real risks and concerns before implementing a solution. It sounds like you have a solution without really considering your problem.
First, is aquaculture your hobby or business? This is important because it judges the possible financial loss. If this is a business, buy insurance. Pure and simple. Get enough insurance to cover potential losses. If the premiums are too high, find a small insurance agency and start negotiating discounts for security systems, guards, safer marina, locks, etc. No amount of prevention is perfect and insurance is generally the best option for businesses.
If this is a hobby, then insurance is probably too cost prohibitive. You are on your own. So, first look at your potential enemies. Potential enemies include industrial sabatoge (perhaps a big aquaculture company doesn't like what you're doing), environment groups (if you are doing research involving transgenic fish), vandals, and anyone who hates you. Look for how to protect against these enemies.
There is nothing you can do to prevent industrial or environment sabatoge if this is your hobby. Forget it. Companies have too much money and destructive environmentalists are operating out of ethics. Nothing will stop them. Luckily, the liklihood of one of these groups targetting you is very slim.
Vandals commit crimes of opportunity. This act seems to be the act of vandals. A web cam won't prevent them, but a motion activated siren and
lights might. The idea of a dog is a pretty good one, actually. If the platform is large enough, considering investing in a good watchdog. Make sure they have enough room to run. Get some automated feeders and waterers for the dog and provide plenty of shelter. As long as you visit the dog every few days, this is a very cost effective preventative. Two dogs would give them company and actually reduce behavioral problems.
Any enemies you have would probably not be detered by the siren/lights combination. They would, however, think twice about murdering a dog or two. That's a pretty serious crime. If they are willing to go that far, however, you probably won't be able to stop them anyway.
Now, the camera idea would work for acting upon and investigating a crime. Acting upon a crime would require you to be notified when something was occurring. It could page or call you. You could then call the harbor police or coast guard to intercept the crime in progress. Investigation, while helpful to the police, really doesn't help you. You won't get your property back if you figure out who did it. All you may get back is satisfaction. If that is important to you, then go ahead with the cameras.
It is ironic that the asker of the question quotes 'Secrets and Lies' but fails to understand the point of the book. S&L's point is that there is no such thing as perfect security. Solely focussing on prevention is misguided because hackers will break in. Secrets will be revealed. Encryption will be compromised (especially through side-channel attacks such as this one).
Schneier's point is that building walls is not enough. The computer security model will follow the same model that all other security has historically followed. You will buy insurance. You will get discounts on your insurance by putting into place firewalls, PKI, intrusion detection, etc..
Ultimately, insurance, not security, will give peace of mind.
Seems like a lot of FUD - all we might be talking about to start with is a bit of extra metadata (in your META tags) that describes a few of your company's main pages, using Dublin Core vocabulary; the 'risk' is negligible.
When I said risk, I did not mean strategic risk. I meant economic risk. Adding new technology requires an outlay of resources. Resources should only be expended if the reward is greater than the cost. But, there is no way to ensure that companies will get any rewards that they percieve. That is risk. Economic risk is like saying "What is the chance that we will recoup our costs?" Almost every business decision involves risk. Smart businesses reduce their risk through control, knowledge, expertise, insurance, etc.. To better facilitate adoption, you need to reduce the barrier to entry, increase the rewards, or reduce a company's risk. The W3C has been notorious for ignoring the incentive to adopt new standards.
When language first developed in our species there were no endless debates about ontologies...
Well, we don't really know that. Maybe there was; the world may never find out. But we do know the evolution of languages has left us with several hundred languages. Some are more similar than others. Allowing this evolutionary process on the web would create hundreds of little islands of ontological similarity.
I've been involved in creating ontologies. Top down ontologies work in situations where the either the ontology already exists (but has not been formally stated) or with a very small group of people. Bottom up ontologies work for some things.
It sounds like you are proposing a bottom up ontology creation process. Well, the web already has that for pages. They're called META tags. We have ALT tags for text and images. There is semantics in HTML. They are primitive, but flexible enough to allow evolution. These tags are currently used by search and indexing engines. But, they mean different things to different people.
Differences are fine for people. As the diagram you linked to shows, we have a personal semantic memory. I'd personally call that a personal semantic context, but the idea seems to be the same (or do we have an ontological conflict?). For value to be given to most people and corporations, the semantics must be machine parsable. They must give added value to machine and automated interaction. But, computers don't have a personal semantic memory. Despite AI advances, computers can not infer based on previous experience in any broad application. Even neural nets are limited to very strictly defined domains. A bottom up approach to ontology creation does not leave an ontology that is easily machine parsable.
My main point was one of adoption. People and corporations need incentive to make changes. People hate change and corporations see change as risky. People won't invest in learning and changing without believing that it will help them significantly. Without the added value of making the web more automated for "intelligent agents", businesses do not have an incentive to take on the risk of change. Even if they did, they would be opening up their websites to more automation. Many corporation do not see that as a good thing. Look at legal challenges to deep linking or their reaction to competitive bidding sites.
Automation of the process to reduce the cost of adopting new standards is always going to help. But, software makers (including myself) are notoriously bad about making complex user decisions simple for the end user.
Adoption of new W3C standards is slow and, normally, non-existant. This frustrates the W3C, academics, and many who wish to profit from the new standards. The semantic web, I believe, is no different. The vast majority of the web is created by two groups: amateurs who use the web to give information to others and corporations who use the web to futher their business strategy. Neither has a real incentive to adopt new standards.
Amateurs simply want to share information. They have at most a few hours a week and generally a very limited knowledge of HTML. Their HTML is generally rooted in version 3. They don't use version 4. They don't use DHTML or XHTML. They don't care. They care about sharing information, not the underlying technology. Learning HTML is a necessary evil to get a web page created. It is not an end in itself. How will a semantic web help the amateur enough to overcome their own laziness? Why should I spend even two hours learning the new semantic markups or finding out which terms in the ontology match my web page? I just want my friends to see pictures of my wedding!
For corporations, you have an even harder sell. The cost of training existing web page designers, hiring consultants, and retrofitting a normally large existing web site must be justified. The company must get something in return. But, the value of a semantic web is geometrically proportional to the number of sites that are a part of the semantic web.
The network penetration paradox says that you must have a certain amount of value to a network before people percieve the value to themselves. Until you reach that amount of value, people won't join. But, the only way to reach that value is to have users. So, how do you jumpstart a new network? Lower the barrier to entry or subsidize new users. Neither of these is likely to occur with a semantic web.
Lowering the barrier to entry entails reducing the cost of adoption. For a semantic web, this means that the new users shouldn't be subjected to seemingly endless debate about ontologies. Since ontologies are the basis of a semantic web, there will be endless debate. Debate about an ontology is inherent in ontology design because each user (person or corporation) has a different ontological model.
Alternatively, you could subsidize early adopters. This is unlikely since it isn't clear who would have an economic incentive to subsidize users. W3C can't afford it. The government doesn't care. Corporations can't control usage of the internet to reduce the risk of subsidy.
No, I don't think the semantic web will happen any time soon. If it does happen, it will look very different than our conceptions of what a semantic web is.
California is a beautiful place to work sometimes. According to the California Labor Code section 2870:
(a) Any provision in an employment agreement which provides that an employee shall assign or offer to assign any of his or her rights in an invention to his or her employer shall not apply to an invention that the employee developed entirely on his or her own time without using the employer's equipment, supplies, facilities, or trade secret information except for those inventions that either:
Relate at the time of conception or reduction to practice of the invention to the employer's business or actual or demonstrably anticipated research or development of employer.
Result from any work performed by the employee for the employer.
(b)To the extent a provision in an employment agreement purports to require an employee to assign an invention otherwise excluded from being required to be assigned under subdivision (a), the provision is against the public policy of this state and unenforcable."
So, if you work in California, you have additional rights. As long as your work is not in direct competition with your employeer or your work began before you knew your company was moving in that direction, you are probably safe.
Obviously this article is a fake, but it raises an interesting point. Iraq has had a computer embargo since 1989. Imagine what the state of the art was for computing circa 1989. The boxes are old. They probably had mostly mainframe and UNIX servers. Personal computers in that part of the world were quite rare back then. They have been cut off from maintenance repair people, tech support, and software updates for 11 years. They don't have an internet connection. It was cut off by the embargo.
Sure, they can probably get some parts and computers through smugglers. They can probably get some connectivity through their decaying phone system. At 11 years old and counting, the hardware is probably only supported by the vendors. But, vendors aren't going to cooperate. Almost all UNIX and mainframe vendors are NATO/UN based and would face serious consequences for breaching the embargo. Imagine trying to get new parts through smugglers. "No no, I need a model M234412 not M234411! I can't install this software without an upgrade in the compiler!" Think about the technical expertise of smugglers.
Every year hundreds of security holes are found. Patches are created and posted. Imagine being 11 years behind on all of your security patches for all of the computers in your country.
Working for a DoD contractor who supplies software to the DoD, I can attest to the general lack of quality among their sysadmins. There are some amazingly good admins out there, but they are few and far between.
The DoD has tens of thousands of computers at thousands of locations. They have over 10,000 different software applications that they have had written for them. I'm not exaggerating. Organizations as large as the DoD need a lot of admins. But, the admins are, for the most part, civil servants. They fit into the standard scale of civil servants jobs and wages. In other words, they don't get paid very well.
Let's say your a good admin. Would you work for $70K at a computer company or for $40K for the DoD and have a BGen. screaming at you for not allowing him to receive his granddaughter's cute annimation in the mail even though you've explained that the latest DoD mandate forbade ActiveX in emails? Simple choice. Industry pays better and has a better working environment.
So, what are you left with? One of the admins we deal with (let's call her Betty) was a typist in the secretarial pool (yes, the DoD still has those). She was promoted to an admin. Why? Because of her vast knowledge of networking? Because of her ability to troubleshoot hardware? No. Because she could type fast. This is a real story. Only the name has been changed.
There are good DoD admins out there. They do it not for the environment or the money, but for the sense of pride out of helping the country. On average, the quality of the DoD admins is very low.
Dave.
P.S., this post does not reflect the opinions of my employeer.
> Similarly, there's a town on the central > coast whose name completely escapes me who is
> vigorously fighting a plan by the local PP
> owner to remove the existing (BIG) plant, and
> replace it with a smaller,lower-profile plant.
> The locals have decided they want it replaced
> with a bare lot. Another 500MW of capacity lost.
The city is Morro Bay and the local PP owner is Duke Electricity. Yes the town is opposing the plan. The current plant has caused a measurable deterioration of the air quality of the town.
The new plant has shorter stacks which will concentrate the pollutants in the town even further. That is combined with the stacks disrupting the scenic coast (Morro Bay is on the Pacific Ocean) which hurts tourism.
Loss of tourism $ + Cost of public health + Cost of environmental cleanup > Income from new plant
All this article presents are problems. Commercial software quality sucks. We already know that. Too many bugs end up in fielded applications forcing developers and tech support to expend extra effort. We already know that. Users only use 10% of features in large applications. We already know that. There is no silver bullet. We already know that.
We already know all of these things. So, where is the solution? As Brooks points out, it isn't in the process. To find a solution, we need to look at the cause of the problem.
The software industry rewards companies for quick production, not quality results. Quality doesn't effect market share. Furthermore, users only find about 10-25% of bugs that are shipped. Rather than try to reduce the number of bugs preshipping, many companies choose to focus on fixing the few post-production bugs that a large number of users support. The cost for tech support, programming, redistribution, and spin control can be less than the cost of testing, design, and programming to remove the majority of the bugs.
To change the software industry, you have to change the environment in which it operates.
As a resident of sunny California, I can attest that people proposing natural gas based backup generators should not rely on them for earthquakes. After a large earthquake, you can expect power to be out for at least a couple of hours (the '89 earthquake in the bay area left some people without power for a couple of days). You might think that a natural gas powered generator would keep you going for those couple of hours. However, the first thing you do after a major earthquake is shut off your gas line. A small crack in any part of your gas piping could be hazardous or explosive (especially with unpredictable power -- power comes back on and your damaged toaster starts sparking...). Diesal is is the only way to go for earthquake preparedness.
I disagree. I work for a government software contracter. Compatiblity? Hah! Compatibility does come, but not out of logic. The situation is normally as follows (in the DOD):
A general starts using computers. He uses Windows and Office. "Wow," he says to himself, "These are so easy to use. If everyone used this, it would make my life even easier!" So, he mandates that all agencies under him move to use Office under Windows. That is how compatibility comes in the government. I've seen it happen several times.
As for software vendors not fleeing? No, they will not flee. They will laugh and threaten to not sell. If Microsoft threatens to withhold products from France, then France will probably make an exemption for them. It is a hell of a lot easier to make an exemption for one company than to switch the entire platform of the government to free software. The idea of an entire government switching is pure idealism. It doesn't make fisical sense.
Information about minors (12 and under) can be collected with parental consent. But, the defination of parental consent is dependant on your usage of the information. If your usage is simply internal (i.e., you never disclose, give, or sell the infomation), then you can accept the information along with a parental email address. You then send an email to the parent with a link allowing them to opt-out. This opt-out would effectively cancel the user's registration.
If you plan on releasing, selling, or giving the information away (even to "affiliates"), you need to have much stricter rules. The rules can be so strict, in fact, as to pretty much destroy online registration unless you have a manned phone support team willing to call up parents and get permission.
Keep in mind that this only applies to sites targetting children 12 and under. If your site is targetted to 13 or over, you are exempt. Of course, you may have to prove that you aren't targetting children 12 and under.
The safest route (in my opinion) is to have two registrations. The first is for people 13 and over. This is your basic registration. The second is for kids 12 and younger. On this form, you ask for parental email. Lastly, don't give away or sell the information. In a market where personal information is a commodity, this can be a tall order.
Virii scanners for Linux _do_ exist. I got my hands on a virus scanner from McAffee about a year ago. The main problem with it was the number of virii that it scanned for. So why haven't they been announced?
Imagine that you are the product manager for Virus Killer 2000. Your engineers tell you that they've ported the base application to Linux, but there are only two virii in their database that affect Linux. Would you announce the product? I surely wouldn't.
With the spread of Linux virii will come the virii scanners. It is a matter of market. Without the scare, no one will buy your product. You need a couple of good Linux virus stories before the managers will rush to buy your product.
Slashdot Mirror
First, "admitted to practice before the US Patents and Trademark office" isn't what it sounds like. All this certification gives you is the ability to write patents. That's it. You can still litigate, license, attack, etc. patents.
Second, just because you have technical experience doesn't mean you qualify to practice before the USPTO. For example, I will be an IP lawyer in less than 9 months (thank God it's almost over!). Before law school, I was a software engineer for over 6 years. I know software. But, I don't qualify to write patents because I was self-taught and my undergrad degree wasn't in Computer Science.
A word of warning. The default law in the United States and most other common law countries (UK, Canada, Australia, etc.) is that any improvements belong to the landlord. Anything permanently attached to the wall is no longer yours. Technically, if you attach it and then take it down a week later, you're stealing from the landlord. Of course, your jurisdiction may vary.
This preliminary decision does not mean that the US Supreme Court has decided to hear the case. They may or may not. Personal jurisdiction has changed quite a bit in the last 20 years. Personal jurisdiction and the Internet is a relatively new legal topic.
If the court hears the case, they will almost certainly overrule the California Supreme Court. The trend of the US Supreme Court has consistently been to increase the scope of personal jurisdiction. The case will then be remanded back down to the trial court, the Santa Clara Superior Court.
If the court does not hear the case or affirms the California Supreme Court, then the suit is still not over. The RIAA can then restart the entire suit in Texas.
No matter how you look at it, the RIAA either comes even or on top.
Freelancers sign contracts with the major media outlets for specific stories, photographs, creative works, etc. A few years ago, the media lawyers saw the possiblity of copyright infringement. For the last several years, all new contracts specifically grant the right to reproduce in multiple medias without royalty.
This court case only covers fairly old (like six or seven year old) content. It only covers work created before the new style of contracts. As such, it has very little affect on the overall web.
Dave
Try out Password Safe available through Counterpane. It's from Bruce Schneier's company. Bruce Schneier is the author of Applied Cryptography, Secrets and Lies, CryptoGram newsletter, and the blowfish and twofish algorithms (one of which was an AES finialist). He has personally code audited the software, so I trust it.
Have one password for the Password Safe and have it store the root passwords for your other computers. If you are very paranoid, keep the database on a floppy and lock the floppy in a safe when not in use.
One downside, only Windows. But, a Linux version is coming Any Day Now (tm) (it'll be Open Source to boot!).
Dave
My first suggestion is to get a lawyer. Since you've already said you cannot, my second suggestion is to contact a local paralegal firm. Around where I live, there is a place called "We the People" that offers legal services for cheap, but they aren't laywers.
My third suggestion is to find a NDA from someone else (who did consult a lawyer).
Lastly, if you can't do that, remember this rule. You are not a lawyer. Contracts written by non-lawyers can't reasonable be expected to be as comprehensive as those written by a professional. If you have to enforce the contract and you get a lenient judge (that's a big if), she might give you some credit for not being a lawyer. That being said, write your NDA in plain english. Don't try and sound like a lawyer. Don't use big words. Don't make it long. Make is short, simple, and crystal clear. Give it to a fifth grader and make sure they can understand it. If the intent is clear, you may be able to have it stand in court.
Dave
Social engineering can also be called conning. A con man is the classic social engineer. Con men play on psychological and sociological patterns. These patterns dictate how people act in certian situations. Essentially, they are fairly deterministic. As programmers know, anything that is deterministic can be measured and manipulated.
The safeguards that maggard noted above work not because they solve the problem of social engineering, but because they prevent the attacker from getting access to either an individual or information about individuals. They should be considered your first line of defense.
But, the real culprit is predictability. If I can predict how you are going to act in a particular situation, I can manipulate that situation and measure the results. If most people act in the same manner in particular situations, I can repeat the experiment to get a general rule. The way to prevent social engineering attacks is to reduce the predictability.
Unfortunately, predictibility and routine are important to both life and business. Your fellow employees like knowing that if they need to get an application installed, they call you on the phone. If you start randomly making up procedures about how to get a piece of software installed, you will reduce social engineering, but infuriate your users. "What do you mean I need to fill out a paper and get a signature from my supervisor? Last week I just needed to call you. John just installed some software and he needed to fax you. Debbie said she needed to fill out a web form."
Of course, the unpredictable model only works if one person is in control. Once you have two people, it makes the problem even worse.
In short, use maggard's suggestions to remove the person from the equation where possible and, when not, remove the personal information. Other than that, you are dealing with people. There will always be con men.
Dave
The article states that the US works more than Japan. Actually, this isn't too new, a similar report came out in 1998. But, many people in sociology and international politics tell a different story. Work hours in Japan are institutionally under reported. Japan has been in an economic recession since the early to mid 90's. As a result, the government mandated that all Japanese major corporations reduce the number of hours their employees worked.
The theory was based on two assumptions. First, shorter work weeks would mean companies need to hire more people. This would help the rising unemployement. Second, Japanese business men were starting to get known for dying of heart attacks despite their general good health. The stress of work was killing the Japanese population.
In order to comply with regulations, many companies started blacking out their windows at the traditional closing time. They started under reporting their hours. Et voila. The official story shows a decline in the average work week of Japanese.
Americans are working more and more. But we still don't beat the Japanese.
The legislation prohibits the importation of clones. This is unconstitutional and will be struck down by the Supreme Court if ever enacted. Human clones are humans. The "all men are created equal" clause of the declaration of independance is a lens that the judicial branch uses to interpret law. Preventing the "importation" of a clone (would that be immigration?) would be treating the human clone differently than anyone else.
Furthermore, being a clone could be considered a medical condition. If successfully argued as such, then human clones have protection against discrimination from the government, private employeers, loan officers, etc.
Human clones are human. That's the point. They have all the same legal rights as any other human. Treating them specially for legal purposes will quickly be challenged and, probably, ruled unconstitutional.
Dave
I think you are placing the cart before the horse. You need to evaluate your real risks and concerns before implementing a solution. It sounds like you have a solution without really considering your problem.
First, is aquaculture your hobby or business? This is important because it judges the possible financial loss. If this is a business, buy insurance. Pure and simple. Get enough insurance to cover potential losses. If the premiums are too high, find a small insurance agency and start negotiating discounts for security systems, guards, safer marina, locks, etc. No amount of prevention is perfect and insurance is generally the best option for businesses.
If this is a hobby, then insurance is probably too cost prohibitive. You are on your own. So, first look at your potential enemies. Potential enemies include industrial sabatoge (perhaps a big aquaculture company doesn't like what you're doing), environment groups (if you are doing research involving transgenic fish), vandals, and anyone who hates you. Look for how to protect against these enemies.
There is nothing you can do to prevent industrial or environment sabatoge if this is your hobby. Forget it. Companies have too much money and destructive environmentalists are operating out of ethics. Nothing will stop them. Luckily, the liklihood of one of these groups targetting you is very slim.
Vandals commit crimes of opportunity. This act seems to be the act of vandals. A web cam won't prevent them, but a motion activated siren and
lights might. The idea of a dog is a pretty good one, actually. If the platform is large enough, considering investing in a good watchdog. Make sure they have enough room to run. Get some automated feeders and waterers for the dog and provide plenty of shelter. As long as you visit the dog every few days, this is a very cost effective preventative. Two dogs would give them company and actually reduce behavioral problems.
Any enemies you have would probably not be detered by the siren/lights combination. They would, however, think twice about murdering a dog or two. That's a pretty serious crime. If they are willing to go that far, however, you probably won't be able to stop them anyway.
Now, the camera idea would work for acting upon and investigating a crime. Acting upon a crime would require you to be notified when something was occurring. It could page or call you. You could then call the harbor police or coast guard to intercept the crime in progress. Investigation, while helpful to the police, really doesn't help you. You won't get your property back if you figure out who did it. All you may get back is satisfaction. If that is important to you, then go ahead with the cameras.
Good luck,
Dave
It is ironic that the asker of the question quotes 'Secrets and Lies' but fails to understand the point of the book. S&L's point is that there is no such thing as perfect security. Solely focussing on prevention is misguided because hackers will break in. Secrets will be revealed. Encryption will be compromised (especially through side-channel attacks such as this one).
Schneier's point is that building walls is not enough. The computer security model will follow the same model that all other security has historically followed. You will buy insurance. You will get discounts on your insurance by putting into place firewalls, PKI, intrusion detection, etc..
Ultimately, insurance, not security, will give peace of mind.
Dave
I've been involved in creating ontologies. Top down ontologies work in situations where the either the ontology already exists (but has not been formally stated) or with a very small group of people. Bottom up ontologies work for some things.
It sounds like you are proposing a bottom up ontology creation process. Well, the web already has that for pages. They're called META tags. We have ALT tags for text and images. There is semantics in HTML. They are primitive, but flexible enough to allow evolution. These tags are currently used by search and indexing engines. But, they mean different things to different people.
Differences are fine for people. As the diagram you linked to shows, we have a personal semantic memory. I'd personally call that a personal semantic context, but the idea seems to be the same (or do we have an ontological conflict?). For value to be given to most people and corporations, the semantics must be machine parsable. They must give added value to machine and automated interaction. But, computers don't have a personal semantic memory. Despite AI advances, computers can not infer based on previous experience in any broad application. Even neural nets are limited to very strictly defined domains. A bottom up approach to ontology creation does not leave an ontology that is easily machine parsable.
My main point was one of adoption. People and corporations need incentive to make changes. People hate change and corporations see change as risky. People won't invest in learning and changing without believing that it will help them significantly. Without the added value of making the web more automated for "intelligent agents", businesses do not have an incentive to take on the risk of change. Even if they did, they would be opening up their websites to more automation. Many corporation do not see that as a good thing. Look at legal challenges to deep linking or their reaction to competitive bidding sites.
Automation of the process to reduce the cost of adopting new standards is always going to help. But, software makers (including myself) are notoriously bad about making complex user decisions simple for the end user.
Dave
Adoption of new W3C standards is slow and, normally, non-existant. This frustrates the W3C, academics, and many who wish to profit from the new standards. The semantic web, I believe, is no different. The vast majority of the web is created by two groups: amateurs who use the web to give information to others and corporations who use the web to futher their business strategy. Neither has a real incentive to adopt new standards.
Amateurs simply want to share information. They have at most a few hours a week and generally a very limited knowledge of HTML. Their HTML is generally rooted in version 3. They don't use version 4. They don't use DHTML or XHTML. They don't care. They care about sharing information, not the underlying technology. Learning HTML is a necessary evil to get a web page created. It is not an end in itself. How will a semantic web help the amateur enough to overcome their own laziness? Why should I spend even two hours learning the new semantic markups or finding out which terms in the ontology match my web page? I just want my friends to see pictures of my wedding!
For corporations, you have an even harder sell. The cost of training existing web page designers, hiring consultants, and retrofitting a normally large existing web site must be justified. The company must get something in return. But, the value of a semantic web is geometrically proportional to the number of sites that are a part of the semantic web.
The network penetration paradox says that you must have a certain amount of value to a network before people percieve the value to themselves. Until you reach that amount of value, people won't join. But, the only way to reach that value is to have users. So, how do you jumpstart a new network? Lower the barrier to entry or subsidize new users. Neither of these is likely to occur with a semantic web.
Lowering the barrier to entry entails reducing the cost of adoption. For a semantic web, this means that the new users shouldn't be subjected to seemingly endless debate about ontologies. Since ontologies are the basis of a semantic web, there will be endless debate. Debate about an ontology is inherent in ontology design because each user (person or corporation) has a different ontological model.
Alternatively, you could subsidize early adopters. This is unlikely since it isn't clear who would have an economic incentive to subsidize users. W3C can't afford it. The government doesn't care. Corporations can't control usage of the internet to reduce the risk of subsidy.
No, I don't think the semantic web will happen any time soon. If it does happen, it will look very different than our conceptions of what a semantic web is.
Dave
So, if you work in California, you have additional rights. As long as your work is not in direct competition with your employeer or your work began before you knew your company was moving in that direction, you are probably safe.
Dave
P.S. IANAL, but I play one on the net...
Obviously this article is a fake, but it raises an interesting point. Iraq has had a computer embargo since 1989. Imagine what the state of the art was for computing circa 1989. The boxes are old. They probably had mostly mainframe and UNIX servers. Personal computers in that part of the world were quite rare back then. They have been cut off from maintenance repair people, tech support, and software updates for 11 years. They don't have an internet connection. It was cut off by the embargo.
Sure, they can probably get some parts and computers through smugglers. They can probably get some connectivity through their decaying phone system. At 11 years old and counting, the hardware is probably only supported by the vendors. But, vendors aren't going to cooperate. Almost all UNIX and mainframe vendors are NATO/UN based and would face serious consequences for breaching the embargo. Imagine trying to get new parts through smugglers. "No no, I need a model M234412 not M234411! I can't install this software without an upgrade in the compiler!" Think about the technical expertise of smugglers.
Every year hundreds of security holes are found. Patches are created and posted. Imagine being 11 years behind on all of your security patches for all of the computers in your country.
Iraq must be hurting for computers.
Working for a DoD contractor who supplies software to the DoD, I can attest to the general lack of quality among their sysadmins. There are some amazingly good admins out there, but they are few and far between.
The DoD has tens of thousands of computers at thousands of locations. They have over 10,000 different software applications that they have had written for them. I'm not exaggerating. Organizations as large as the DoD need a lot of admins. But, the admins are, for the most part, civil servants. They fit into the standard scale of civil servants jobs and wages. In other words, they don't get paid very well.
Let's say your a good admin. Would you work for $70K at a computer company or for $40K for the DoD and have a BGen. screaming at you for not allowing him to receive his granddaughter's cute annimation in the mail even though you've explained that the latest DoD mandate forbade ActiveX in emails? Simple choice. Industry pays better and has a better working environment.
So, what are you left with? One of the admins we deal with (let's call her Betty) was a typist in the secretarial pool (yes, the DoD still has those). She was promoted to an admin. Why? Because of her vast knowledge of networking? Because of her ability to troubleshoot hardware? No. Because she could type fast. This is a real story. Only the name has been changed.
There are good DoD admins out there. They do it not for the environment or the money, but for the sense of pride out of helping the country. On average, the quality of the DoD admins is very low.
Dave.
P.S., this post does not reflect the opinions of my employeer.
> Similarly, there's a town on the central > coast whose name completely escapes me who is
> vigorously fighting a plan by the local PP
> owner to remove the existing (BIG) plant, and
> replace it with a smaller,lower-profile plant.
> The locals have decided they want it replaced
> with a bare lot. Another 500MW of capacity lost.
The city is Morro Bay and the local PP owner is Duke Electricity. Yes the town is opposing the plan. The current plant has caused a measurable deterioration of the air quality of the town.
The new plant has shorter stacks which will concentrate the pollutants in the town even further. That is combined with the stacks disrupting the scenic coast (Morro Bay is on the Pacific Ocean) which hurts tourism.
Loss of tourism $ + Cost of public health + Cost of environmental cleanup > Income from new plant
Simple equation, NIMBY my ass.
All this article presents are problems. Commercial software quality sucks. We already know that. Too many bugs end up in fielded applications forcing developers and tech support to expend extra effort. We already know that. Users only use 10% of features in large applications. We already know that. There is no silver bullet. We already know that.
We already know all of these things. So, where is the solution? As Brooks points out, it isn't in the process. To find a solution, we need to look at the cause of the problem.
The software industry rewards companies for quick production, not quality results. Quality doesn't effect market share. Furthermore, users only find about 10-25% of bugs that are shipped. Rather than try to reduce the number of bugs preshipping, many companies choose to focus on fixing the few post-production bugs that a large number of users support. The cost for tech support, programming, redistribution, and spin control can be less than the cost of testing, design, and programming to remove the majority of the bugs.
To change the software industry, you have to change the environment in which it operates.
As a resident of sunny California, I can attest that people proposing natural gas based backup generators should not rely on them for earthquakes. After a large earthquake, you can expect power to be out for at least a couple of hours (the '89 earthquake in the bay area left some people without power for a couple of days). You might think that a natural gas powered generator would keep you going for those couple of hours. However, the first thing you do after a major earthquake is shut off your gas line. A small crack in any part of your gas piping could be hazardous or explosive (especially with unpredictable power -- power comes back on and your damaged toaster starts sparking...). Diesal is is the only way to go for earthquake preparedness.
I disagree. I work for a government software contracter. Compatiblity? Hah! Compatibility does come, but not out of logic. The situation is normally as follows (in the DOD):
A general starts using computers. He uses Windows and Office. "Wow," he says to himself, "These are so easy to use. If everyone used this, it would make my life even easier!" So, he mandates that all agencies under him move to use Office under Windows. That is how compatibility comes in the government. I've seen it happen several times.
As for software vendors not fleeing? No, they will not flee. They will laugh and threaten to not sell. If Microsoft threatens to withhold products from France, then France will probably make an exemption for them. It is a hell of a lot easier to make an exemption for one company than to switch the entire platform of the government to free software. The idea of an entire government switching is pure idealism. It doesn't make fisical sense.
Information about minors (12 and under) can be collected with parental consent. But, the defination of parental consent is dependant on your usage of the information. If your usage is simply internal (i.e., you never disclose, give, or sell the infomation), then you can accept the information along with a parental email address. You then send an email to the parent with a link allowing them to opt-out. This opt-out would effectively cancel the user's registration.
If you plan on releasing, selling, or giving the information away (even to "affiliates"), you need to have much stricter rules. The rules can be so strict, in fact, as to pretty much destroy online registration unless you have a manned phone support team willing to call up parents and get permission.
Keep in mind that this only applies to sites targetting children 12 and under. If your site is targetted to 13 or over, you are exempt. Of course, you may have to prove that you aren't targetting children 12 and under.
The safest route (in my opinion) is to have two registrations. The first is for people 13 and over. This is your basic registration. The second is for kids 12 and younger. On this form, you ask for parental email. Lastly, don't give away or sell the information. In a market where personal information is a commodity, this can be a tall order.
Virii scanners for Linux _do_ exist. I got my hands on a virus scanner from McAffee about a year ago. The main problem with it was the number of virii that it scanned for. So why haven't they been announced?
Imagine that you are the product manager for Virus Killer 2000. Your engineers tell you that they've ported the base application to Linux, but there are only two virii in their database that affect Linux. Would you announce the product? I surely wouldn't.
With the spread of Linux virii will come the virii scanners. It is a matter of market. Without the scare, no one will buy your product. You need a couple of good Linux virus stories before the managers will rush to buy your product.
If you build the virii, the scanners will come.