Note the last paragraph in particular. I think everyone here should take pains to let the Congress know about the direct, measurable economic harm that will befall other industries if this type of legislation passes.
As a professional programmer, a movie and music afficionado, and a concerned citizen, I urge the committee to take care not to cater to the narrow interests of a single industry at the expense of the public good.
Most of the arguments put forth by the MPAA and RIAA for extra legislation to protect digital content are either red herrings or self-contradicting. Looking at a single one of their arguments is illustrative of their overall ingenuousness.
They argue that broadband needs to be promoted, and that the only way people will pay for broadband access is if there are an abundance of copyrighted works. At the same time, they argue that there's already IP theft of movies online on a massive scale, so digital creative works need to be protected.
So clearly, demand for broadband services is not in anyway tied to lack of availability of digital creative works online, since they are there already (and being illegally copied)
In fact, anyone who's studied the issue of broadband at all knows that the so-called "last mile" problems in the telecommunications industry (and the associated pricing, choice and quality issues) are much more likely to be stifling the growth of demand for broadband services than the ficticious shortage of quality creative digital content.
I am already paying a tax on blank CD's because of the RIAA's a priori belief that I'm a criminal; why should they be legally entitled to extra protection?
How will the congress protect me from abuse in the technological measures that the content industry is asking for? How, for instance, will the Congress assure that the technical measures adopted don't keep me from legally copying content from and to machines in my home? From a home machine to a internet-connected laptop when I'm on the road? What about the times when I want to record or play my own movies? Will I be forced to purchase expensive, professional-quality audio and video hardware and software just to edit my own 5-minute home movie?
I submit that the only beneficiaries from the type of legislation that the MPAA and RIAA are asking for will be the current powerhouses in the creative content distribution industry. The public as a whole will suffer.
And one last concrete note: I have spent thousands of dollars of my own personal money in the last several years on computer, audio and other electronic hardware. I've also made hundreds of dollars worth of purchases of CD's. I will not purchase any device or medium which I believe sqelches my own creativity and ability to do what I want with ideas, images, sounds and information which is mine (through lawful aquisition or the fruits of my own creative labor). I am sure I'm not alone. Ask your constituents in the software, computer, and consumer electronics manufacturing and retail industries how they feel about that outcome.
If you don't, your successor will have an easier time fixing the bug after you're fired.
Programmers fired for not updating documentation? What planet do you program on? I can't even get programmers fired for writing classes with single accessor methods for accessing multiple data fields (taking the fieldname as a string, of course).
In the iptables code (can't remember if it was the userland code or the kernel code), I remember seeing:
A comment to the effect "If you don't understand this code, DON'T FUCKING CHANGE IT"
a terse line of code which ignored the return value of a called function with a comment to the effect "Look at that: laziness, impatience and hubris, all on one line!"
So what happens when the code changes and breaks the assumptions so fastidiously outlined in the documentation?
It's less of an issue w/ Javadoc and Doxygen comments (which is embedded in the code) than external documentation, but the fact is that managers reward code changes, not documentation changes, and programmers are lazy.
Until you can change these basic, simple facts, what are you going to do? One strategy is to encourage self-documenting coding standards as well as encourage documentation updates. But people NEED to remain aware of the basic principle that the only authoritative documentation is the source code itself.
One of the great insights of the Agile Software Development movement, if you ask me, is the realization that a process which doesn't take into account the strengths and weaknesses of the people who will use it is flawed.
So, it's one thing to say "if they change the code, they MUST change the comments", but realize that unless you have the ability to force the issue (a tool to make you change comments before saving changes, managers who care more about firing programmers who don't follow code standards than avoiding schedule slippage -- hint: I've never seen one of these, EVER), 9 times out of 10, they just won't do it. It's like teaching abstinance as a method of reducing teen pregnancy.
Thus, the practice of having comments which are redundant w/ the code is simply setting the project up for failure as the parent poster pointed out.
I personally believe that code should be as self-documenting as possible; the "what" of what the code does should be explained to the extent practical by the variable, argument, function and method names (i.e. getAccountActivityForDisplay(const char *account, date_range from_to, account_formatter fmt)) and code structure.
In comments, I think it's most helpful to explain the "why's" of the code, (i.e.:
SomeClass someObj = null;
try{
someObj = someFactoryMethod(someInput1);
}
catch(SomeExpectedException expected)
{ // log but do nothing, conditional block will // handle this along with related problem 2
LogMgr.logWarning(expected );
}
catch(Exception unexpected)
{
LogMgr.logError(unexpected ); // don't show the user our stack traces
rethrowUserSanitizedError( "User-sanitized message");
}
You do not need a college degree to be successful in the IT industry, particularly if what you want to do is be a SysAdmin.
However, there are a couple of questions I'd reccommend asking yourself.
Are you sure that you'll continue to be satisfied with Systems Administration? If you've been doing it for a short time, it's certainly possible that your interest in it stems from the novelty and discovery involved in mastering the subject. But once you've mastered it, is the lack of challenge going to sustain your interest/enjoyment? Most companies don't want a sysadmin who's going to experiment in wierd ways w/ their servers to pique their own interest. They just want uptime and some level of security.
Are you considering that there are other reasons besides career preparation for going to college? I know that in our material culture the idea of "bettering oneself" has largely fallen by the wayside...
If you're really passionate about Systems Administration and aren't concerned about the magic fading, then by all means, go for it.
However, if you're just thinking along the lines of "hey, there's money to be made here and I think I have the chops to cash in without spending any money/time" then I'd say:
Doing what you love is more important than making money;
computers aren't going away soon -- if you take the time to explore different things, "better yourself," and discover your true passion and it turns out it's still Systems Administration, we'll still need you!
My most concrete piece of advice is WRT college should you choose to go that route: pick a cheap one (that is, pick the cheapest one that's good enough to meet your needs).
So tell them that programmers aren't like lego blocks. They need to hear it or they'll be pissed later when the projects that get built using overseas labor are late, overbudget and don't deliver the correct functionality.
Unless you're working on something very different from what your company has done before, the two programmers who were fired will most likely be more productive than the 5 or 6 Indian programmers you'll hire -- because they'll be sitting next to you (or nearby), so the price of communication will be much lower and the frequency and quality of communication will be higher; you already know how to work w/ them efficiently; and most importantly, they already understand the business domain.
The problem with "unfiltered" information is simply that most people are unable to think critically. I think that this is a pervasive problem in many parts of the world, not the least of which is parts of Western society. People just aren't generally encouraged to think for themselves, or to question auhority. Even in the US, our whole system of public education is geared toward rote memorization and conformance to ideals handed down from authorities.
In fact, I think it's largely thanks to the canons of journalistic ethics (check & report sources, get confirmation, etc.) that we've managed to have as informed a public as we have in Western society as these practices at least impose some discipline on the "authority" that's providing information which people will inevitably swallow without a moment's reflection. So in a sense, we all owe The Western Press some small amount of gratitude.
However, Mr Friedman should really be directing his rant at the way we brainwash people into taking anything stated by someone wearing a suit, or on TV, or on the internet at face value.
I don't know how many times I've chastised my friends and family for forwarding inane spam about Congress on the verge of taxing email at 5 cents a message without even bothering to analize the claims for even the faintest patina of credibility (gee, according to thomas.loc.gov, that sponsoring senator doesn't exist, the number of the "bill" cited doesn't follow the bill numbering conventions for either house of congress, etc).
We need to find a way to teach people how to think. Of course, that's anathema to the power structure of our society (we can't have men between the ages of 15-24 realizing that drinking Mountain Dew won't cause silicone-enhanced sluts to fall from the sky and fawn over them, can we?) for that to ever happen.
Before talking about history, I suggest you learn some. Pretty much all religions had a horrific history.
I'd generally agree w/ that statement, but go a little farther and say "almost all human societies" in place of "all religions." You don't have to do anything more than open your local newspaper to see plenty of people doing horrible things to each other without any religious motivation (i.e., murder, assault, theft).
The fact is, people throughout history have had a difficult time getting along, particularly if there's some overt physical or cultural difference for the parties to focus on which allows them to abstract their rivals into a philosophical "them." I'd go so far as to suggest that linguistic differences are actually the basis of more prejudice and violence than any other difference including race and religion (though I think that the latter two often get conflated w/ linguistic differences -- it's a lot easier to hate someone who's a different color or religion when you have difficulty communicating w/ them).
I'd say that one of the most insightful things that Chrisitanity and Islam both have to say (in slightly different ways -- "original sin" in Christianity, or the maxim that the devil is "as close as your heart" in Islam), is that humans are fundamentally f**ked up.
Be careful when you ascribe the destruction of Native American populations to actions "in the name of Christianity." While it may be true that many people used Christianizing as an excuse for cultural domination of indigenous peoples in the Americas, the simpler root cause of the oppression of native people is that European colonists wanted to exploit the riches of the new world, and any time native popluations made that more difficult (with claims on land or other natural resources), they we persecuted.
Really, this is no different than any other colonial power (Greece, Rome, China & it's neighbors at various times). It's about the money, not the religion. Religion (whatever the religion) is simply used as a pretext to convince people that the oppression which is going to happen no matter what is "justified."
Most of the prominent SD methodologies/philosophies are "geared toward teams" because it's axiomatic that the great problem of the successful organization of software projects is related to the challenge of effecively communicating compex requirements and designs between individuals.
Now, if you're the only programmer, presumably you don't need to communicate design at all -- aside from the spectre of the future mainetance programmer.
However, there are still other project stakeholders with whom you need to communicate; managers, users, etc. So, you can pick the bits of the other methodologies that deal with effective communication between developers and the other project stakeholders. For instance, use cases and working prototypes, or XP's "planning game" may be very useful tools to help you nail down the requirements or schedule deliverables.
The most important thing though (and as an adherent of the Agile philosophy, I'd say this goes for groups of developers of all sizes as well) is to pick the bits that work best for you. What works best w/ one customer may not work at all with another. Your best bet is to develop a toolset of techniques that have been successful for you before, and to keep an open mind about what the "best way" to do things is.
Govt. software requisitioner: "Hey, I don't need your product, at least I'm not sure if I do, but I'd like to buy $95 million worth of it anyway"
Oracle exec: "Well, even though I have a fiduciary duty to my shareholders to maximize profits, and -- as a private citizen not elected to any office -- no duty to the taxpayers to ensure that the government is efficient in its spending practices, I feel uncomfortable taking your money. Please call IBM."
In the absence of proof of any wrongdoing on the part of Oracle (so far about the worst you can say is that they inflated the estimated cost savings -- which is nothing more than typical "lies, damn lies, and statistics" that all businesses use to convice you that you need their product-you-don't-need).
And read the article, Oracle offered to terminate the deal, and is apparently standing by the offer; this is something that they're certainly not obligated to do legally (they may be obligated to do if from a PR standpoint, to deal with people like you who assume they've done something wrong before they're even done it).
Come on people, I'm as critical of big business as anyone (probably more so), but this is in fact just a case of Big Business as usual. It's like drunken sex with a stranger you don't like. It may make you feel icky, it may even be bad for you, but it's not illegal.
However, theirs was a somewhat special circumstance as they had a reasonable expectation of being sued by deep-pocketed organizations (MPAA, RIAA) whose motiviations are well known and have little to do with actual software security or quality.
1.<snip>Peoples lives do not depend on commodity software. Thats the bottom line. We demand more of products that hold peoples lives in the balance.
Sure, peoples lives do not depend on commodity software; not all software is commodity software, but there is no distiction in law, AFAIK, between types of software for liability purposes. Additionally, even commodity software can expose users to significant risks (leak of cc #'s or valuable proprietary business data, etc) which can result in real damage to the user. I have yet to see *one* cogent argument for why users of software should have no recourse in law for damages caused by negligence of their software vendor, when that is not the case for any other industry. Software may be different, meriting different fine details in liability legislation, but IMO it's not so different that it merits exemption from all liability whatsoever.
2. It is entirely possible to purchase software with the level of protection you need and require
I have no problem with this, but would add that all software should come with an explicit declaration of the level of reliability claimed by the author/vendor. If you don't warrant the software, you should *have* to declare that it is NOT FIT FOR ANY USE. Thems the breaks. If you can't stand by what you write, don't promote its use by others. I believe this covers point #3 as well.
4. This will have a chilling effect on software development. Individuals or small projects may never be released because of fear of liability.
Good! If some developer doesn't have any faith in their own ability to produce quality software, why the hell would I want to run it? Developers who are serious and believe in their abilities will purchase some limited amount of liability insurance and go boldly forth and code!
5. <snipped nightmare scenario about all software becoming proprietary and encrypted>
There is no consensus about what the "easiest way" to security or product quality is, so these wild speculations are silly. Insurance companies will likey review the known incidents and develop a somewhat empirical set of best-practices guidelines. At this point, raves like this constitue FUD, nothing more.
6. The costs far outweight the benefits. People today can choose secure software (OpenBSD - four years without a remote hole). They just don't care to. What does this mean? People simply don't care.
NO! People don't know. Oracle advertises their software as "unbreakable." M$ adds feature beatific datacenters with hypnotic voiceovers describing the server software existing in a state of nirvanic bliss. Believe me, if M$ advertised IIS as "works great if unconnected the internet and you don't move any windows in the GUI", people would choose not to use it! See my answer to #2 for more on how merchantability claims should be spelled out.
I honestly believe that software liability would be a net win for the industry, admittedly with a little pain in the short term as people learned to live within the new system.
Kodak has a patent too, but they are so deeply into Batik [apache.org] it is hard to imagine them destroying all that to enforce their patent.
If their patent is of the "neccessary to implement the standard" variety, then it's easy to view their Batik work as aimed toward growing a large userbase of infringers to go after, thus recouping their investment in Batik development through infringement lawsuits. Their having given away code doesn't also mean they're giving away patent licenses. Remember, Unisys didn't start suing people until GIF had become the standard for images on the Web.
People have speculated the same motivation for some of IBM's OSS WebServices work.
Of course the IEEE doesnt want to take responsibility for any violations of any law on the part of the author. It shouldnt have to either
You're right, they shouldn't have to. Because the law in question sucks, bigtime, largely due to the "chilling effect" that it is likely to have on precisely the type of academic and professional research that the IEEE exists to publish.
But here's the rub: who besides the IEEE is in a position to fight this law, both because of their clout and their position as a "concerned party" WRT to this legislation which buys them a level of instant credibility that many other groups would have a hard time matching?
Face it, right now the IEEE and ACM are the closest things we have to a "geek lobby" (so far; I'm holding my breath to see what kind of influence we can exert through digitalconsumer.org and AOTC/GeekPAC); ACM has done the right thing and taken an official position against the DMCA and the IEEE should follow suit. It would suck for the IEEE to get sued because of the DMCA, but such an occurence would hopefully serve to bring the issue to the fore as much as the Felten case promised to, and one would hope that its membership would step up to make sure that it wasn't financially ruined as a result. I honestly don't think that the IEEE being wiped out as one poster predicted is a realistic outcome at all.
Re:fracturing effort?
on
GeekPAC
·
· Score: 4, Informative
I was under the impression tha the EFF was a 501(c)(3) (tax-exempt public charity). If so, they are prohibited from contributing to political campaigns or spending more than a certain amount lobbying to affect legislation.
There is a need for a non-tax-exempt PAC who can fill that role.
The big question in my mind is does this effort redundant given what digitalconsumer.org is doing?
It's also unclear to me that the GeekPAC people understand the tax status of organizations whose primary purpose is to lobby to affect legislation or to contribute to political campaigns. I don't believe that such contributions are tax-deductible.
If you want to give your work away, then do so. If not, then don't. Don't restrict it and claim you're giving it away.
So, what's my option if I want people to be able to *use* my work without compensating me, while preventing people from being *compensated* based on my work without compensating *me*?
GPL advocates don't claim that they're giving anything away; they claim there giving something away with restrictions.
And if you think its hypocritical to bash people for licensing code as they wish, why've you been fighting the GPL for 12 years?
Slashdot Mirror
That is NOT true. They ask the techs for their opinions, and then completely ignore them.
Um, if you want to avoid using introspection, why don't you just stop using Java Beans and access your object's methods and fields directly?
Spreadsheet
flight
simulator
It's less of an issue w/ Javadoc and Doxygen comments (which is embedded in the code) than external documentation, but the fact is that managers reward code changes, not documentation changes, and programmers are lazy.
Until you can change these basic, simple facts, what are you going to do? One strategy is to encourage self-documenting coding standards as well as encourage documentation updates. But people NEED to remain aware of the basic principle that the only authoritative documentation is the source code itself.
So, it's one thing to say "if they change the code, they MUST change the comments", but realize that unless you have the ability to force the issue (a tool to make you change comments before saving changes, managers who care more about firing programmers who don't follow code standards than avoiding schedule slippage -- hint: I've never seen one of these, EVER), 9 times out of 10, they just won't do it. It's like teaching abstinance as a method of reducing teen pregnancy.
Thus, the practice of having comments which are redundant w/ the code is simply setting the project up for failure as the parent poster pointed out.
In comments, I think it's most helpful to explain the "why's" of the code, (i.e. :
SomeClass someObj = null;
// log but do nothing, conditional block will
// handle this along with related problem 2
// don't show the user our stack traces
try{
someObj = someFactoryMethod(someInput1);
}
catch(SomeExpectedException expected)
{
LogMgr.logWarning(expected );
}
catch(Exception unexpected)
{
LogMgr.logError(unexpected );
rethrowUserSanitizedError( "User-sanitized message");
}
if(someObj == null || !someObj2.someCondition(someInput2))
{
showInvalidInputMessage(so meInput1, someInput2)
}
I think this helps prevent another programmer's incomplete understanding of the "what" causing them to overlook consequences of making code changes.
However, there are a couple of questions I'd reccommend asking yourself.
- Are you sure that you'll continue to be satisfied with Systems Administration? If you've been doing it for a short time, it's certainly possible that your interest in it stems from the novelty and discovery involved in mastering the subject. But once you've mastered it, is the lack of challenge going to sustain your interest/enjoyment? Most companies don't want a sysadmin who's going to experiment in wierd ways w/ their servers to pique their own interest. They just want uptime and some level of security.
- Are you considering that there are other reasons besides career preparation for going to college? I know that in our material culture the idea of "bettering oneself" has largely fallen by the wayside...
If you're really passionate about Systems Administration and aren't concerned about the magic fading, then by all means, go for it.However, if you're just thinking along the lines of "hey, there's money to be made here and I think I have the chops to cash in without spending any money/time" then I'd say:
- Doing what you love is more important than making money;
- computers aren't going away soon -- if you take the time to explore different things, "better yourself," and discover your true passion and it turns out it's still Systems Administration, we'll still need you!
My most concrete piece of advice is WRT college should you choose to go that route: pick a cheap one (that is, pick the cheapest one that's good enough to meet your needs).Unless you're working on something very different from what your company has done before, the two programmers who were fired will most likely be more productive than the 5 or 6 Indian programmers you'll hire -- because they'll be sitting next to you (or nearby), so the price of communication will be much lower and the frequency and quality of communication will be higher; you already know how to work w/ them efficiently; and most importantly, they already understand the business domain.
In fact, I think it's largely thanks to the canons of journalistic ethics (check & report sources, get confirmation, etc.) that we've managed to have as informed a public as we have in Western society as these practices at least impose some discipline on the "authority" that's providing information which people will inevitably swallow without a moment's reflection. So in a sense, we all owe The Western Press some small amount of gratitude.
However, Mr Friedman should really be directing his rant at the way we brainwash people into taking anything stated by someone wearing a suit, or on TV, or on the internet at face value.
I don't know how many times I've chastised my friends and family for forwarding inane spam about Congress on the verge of taxing email at 5 cents a message without even bothering to analize the claims for even the faintest patina of credibility (gee, according to thomas.loc.gov, that sponsoring senator doesn't exist, the number of the "bill" cited doesn't follow the bill numbering conventions for either house of congress, etc).
We need to find a way to teach people how to think. Of course, that's anathema to the power structure of our society (we can't have men between the ages of 15-24 realizing that drinking Mountain Dew won't cause silicone-enhanced sluts to fall from the sky and fawn over them, can we?) for that to ever happen.
The fact is, people throughout history have had a difficult time getting along, particularly if there's some overt physical or cultural difference for the parties to focus on which allows them to abstract their rivals into a philosophical "them." I'd go so far as to suggest that linguistic differences are actually the basis of more prejudice and violence than any other difference including race and religion (though I think that the latter two often get conflated w/ linguistic differences -- it's a lot easier to hate someone who's a different color or religion when you have difficulty communicating w/ them).
I'd say that one of the most insightful things that Chrisitanity and Islam both have to say (in slightly different ways -- "original sin" in Christianity, or the maxim that the devil is "as close as your heart" in Islam), is that humans are fundamentally f**ked up.
Really, this is no different than any other colonial power (Greece, Rome, China & it's neighbors at various times). It's about the money, not the religion. Religion (whatever the religion) is simply used as a pretext to convince people that the oppression which is going to happen no matter what is "justified."
Most of the prominent SD methodologies/philosophies are "geared toward teams" because it's axiomatic that the great problem of the successful organization of software projects is related to the challenge of effecively communicating compex requirements and designs between individuals.
Now, if you're the only programmer, presumably you don't need to communicate design at all -- aside from the spectre of the future mainetance programmer.
However, there are still other project stakeholders with whom you need to communicate; managers, users, etc. So, you can pick the bits of the other methodologies that deal with effective communication between developers and the other project stakeholders. For instance, use cases and working prototypes, or XP's "planning game" may be very useful tools to help you nail down the requirements or schedule deliverables.
The most important thing though (and as an adherent of the Agile philosophy, I'd say this goes for groups of developers of all sizes as well) is to pick the bits that work best for you. What works best w/ one customer may not work at all with another. Your best bet is to develop a toolset of techniques that have been successful for you before, and to keep an open mind about what the "best way" to do things is.
- Govt. software requisitioner: "Hey, I don't need your product, at least I'm not sure if I do, but I'd like to buy $95 million worth of it anyway"
- Oracle exec: "Well, even though I have a fiduciary duty to my shareholders to maximize profits, and -- as a private citizen not elected to any office -- no duty to the taxpayers to ensure that the government is efficient in its spending practices, I feel uncomfortable taking your money. Please call IBM."
In the absence of proof of any wrongdoing on the part of Oracle (so far about the worst you can say is that they inflated the estimated cost savings -- which is nothing more than typical "lies, damn lies, and statistics" that all businesses use to convice you that you need their product-you-don't-need).And read the article, Oracle offered to terminate the deal, and is apparently standing by the offer; this is something that they're certainly not obligated to do legally (they may be obligated to do if from a PR standpoint, to deal with people like you who assume they've done something wrong before they're even done it).
Come on people, I'm as critical of big business as anyone (probably more so), but this is in fact just a case of Big Business as usual. It's like drunken sex with a stranger you don't like. It may make you feel icky, it may even be bad for you, but it's not illegal.
However, theirs was a somewhat special circumstance as they had a reasonable expectation of being sued by deep-pocketed organizations (MPAA, RIAA) whose motiviations are well known and have little to do with actual software security or quality.
I honestly believe that software liability would be a net win for the industry, admittedly with a little pain in the short term as people learned to live within the new system.
People have speculated the same motivation for some of IBM's OSS WebServices work.
Will you be making your PCB designs and software available, by chance?
But here's the rub: who besides the IEEE is in a position to fight this law, both because of their clout and their position as a "concerned party" WRT to this legislation which buys them a level of instant credibility that many other groups would have a hard time matching?
Face it, right now the IEEE and ACM are the closest things we have to a "geek lobby" (so far; I'm holding my breath to see what kind of influence we can exert through digitalconsumer.org and AOTC/GeekPAC); ACM has done the right thing and taken an official position against the DMCA and the IEEE should follow suit. It would suck for the IEEE to get sued because of the DMCA, but such an occurence would hopefully serve to bring the issue to the fore as much as the Felten case promised to, and one would hope that its membership would step up to make sure that it wasn't financially ruined as a result. I honestly don't think that the IEEE being wiped out as one poster predicted is a realistic outcome at all.
total MS security man-years = ((9000 employees * (2 months * 120 work-hours/month)) - (9000 employees * 4 hours "security re-training")) / 1440 work-hours/year = 1475.
There is a need for a non-tax-exempt PAC who can fill that role.
The big question in my mind is does this effort redundant given what digitalconsumer.org is doing? It's also unclear to me that the GeekPAC people understand the tax status of organizations whose primary purpose is to lobby to affect legislation or to contribute to political campaigns. I don't believe that such contributions are tax-deductible.
GPL advocates don't claim that they're giving anything away; they claim there giving something away with restrictions.
And if you think its hypocritical to bash people for licensing code as they wish, why've you been fighting the GPL for 12 years?