Cool point. I imagine that, as is often the case, mass is a input into how much friction is in the system. More weight on the spindle creates more friction for the motor to overcome (although it also means that the disc has more momentum). Interestingly, the original article notes some other advantages of the technology as well.
The Mozilla team and some of the posters, should be embarrased by the attitudes displayed here and in the bugzilla threads when this was repoted back in **September**. I recently recommended Firefox to my parents, but now I think that was premature. The team doesn't have protecting my parents in mind.
Several things were missing from the response:
* The charge to protect regular, unsophisticated users. Regular users do not care whose fault a wide open security hole is. They only care whether they are safe when they are acting reasonably. In this case they weren't, but the team was ok with that for months.
* Security without usability is like a parachute you are not wearing. The Register article was the easiest way of finding the advisory and fix, imho. 1) Back in September, how did the team think I was supposed to know to disable shell: scripting? ESP? Reading all of bugzilla? 2) Where in fact would I have done this? Certainly nothing easy to find. 3) Even today, where is the super prominent link on the home page? Why does the home page (http://www.mozilla.org/products/firefox/)link to the 1.9.1 page, not the 1.9.2 page?
* Put products before the blame game. Why should mozilla not be embarrassed? There's a known hole in windows, that is only a problem when an untrusted source has a channel to access it. Mozilla provides that channel. Again, from a user perspective, who cares?
The community has lost a lot of trust with me today. Looks like a team that is no longer ready for prime-time.
The formula above assumes a simple risk-neutral actor, since the dollars are simply multiplied by probability. This is generally not the case for large negative events, like your house burning down or a major security breach. If it were, few of us would buy insurance, since
p(l) * V q
is rarely true, where p(l) is the probability of loss in the period, V is the value lost, and q is the value of premiums in the period.
In normal tort and contract law, there is a notion of 'reasonable' behavior and well understood 'duty.' Not so here. Thus, attempts at analogy do poorly.
In the 'real' world, it's clear who is supposed to do what. And if everyone is a good citizen, then everyone is pretty safe.
Example: If I sell you a sandwich, I have a duty to not poison it. I even have a duty to take reasonable steps to ensure that other people don't put poison into it. For example, if I saw someone lick it and put it back on the counter, it's reasonable to expect me to throw it away, and not resell it (and for me to get the perpetrator to pay me for it).
But that duty has reasonable limits. It is not reasonable to expect me to erect Fort Knox level security around my store, just to keep people from breaking in at night and adulterating the sandwiches.
These simple concepts apply to millions of practical applications, from product liability involving millions of consumers to simple traffic accidents. A few simple rules can actually implement a lot of what is required by 'common sense' or 'justice' or 'fairness' (thus, tort law is pretty efficient code).
But these concepts -- and our hence our analogies -- don't apply well to the internet, for two reasons. First, there is a notable lack of consensus as to what the duties of each party should be. Second, we have not identified what duties will actually protect us. As Graham and Staniford, Paxson, Weaver have pointed out, the pallative 'we all have a duty to keep everything patched' does not really help with fast worms. Even with a lot more patching going on, we remain very vulnerable to fast worms.
So, even if we are all good citizens, bad things can still happen (like expensive bandwidth being consumed by a fast worm). Thus, normal tort analogies will fall short. There are some extraordinary tort analogies that might work, like who pays for what after a tornado or other Act of God. (Your cow flew through my window, who pays?) But even those will rely on consensus views of what constitutes 'reasonable precautions' - views that have been forged over generations and generations. So that will take time.
In the meantime, we should consider new public services to protect society in ways that mere 'good citizens' cannot - like we do with epidemics, fires, and other Acts of God. Staniford, Paxson, Weaver have proposed a CDC of cyberspace. Seems like a very good idea.
Let me get this straight. There are two versions of slashdot. One has been edited by a group of experienced and knowledgable editors. The other has not.
I pay more for the first. I get the one that has taken more effort to produce for free. I think I know which I will choose.
Amusingly, the scheme places a *negative* economic value on the work of the editors, since it implies the market will pay more to get rid of their meddling. Even this takes 'information wants to be free' a little far.
Testing co's proprietary data are student answers
on
Closed-Source Tests
·
· Score: 3
Testing companies such as ETS and CTB quickly gain monopoly power because of a simple, but powerful, network externality:
As the company administers more tests, the company's database of questions and performance gets larger. Also, the company usually includes experimental questions on the same tests as calibrated questions -- giving powerful statistics on how the new questions will perform relative to older questions.
Thus as the company administers more tests, the company gets a bigger an bigger lead over its competitors. If a school switches testing companies, they won't be able to track trends from one side of the switch to the other.
Like other network externality markets -- think operating system -- the monopolist's proprietary edge comes not from the originality or sweat of the incumbent, but simply from the size of the adopted user base.
But the testing market is subtlely different. In testing, much of the proprietary value comes from the answers the students themselves give. Indeed, if the school districts considered these data 'proprietary' then the testing companies might have to 'buy' their monopoly position from the customer.
But even if the school retained ownership of its own pupils' data, the testing company would still have the power in the relationship. To truly move to 'tester portability' -- and thus competition -- schools would need 1) to be able to retain the actual wording of the tests (and share that with other testing companies) and 2) to be able to insert experimental questions from other testing companies into the testing, to allow for calibration if they were to switch vendors. The only hope I see for such an utter inversion of the relationship would be if districts comprising more than 50 percent of the testing market banded together. Possibly, if the U.S. Department of Education forced a change for a federal program.
Slashdot Mirror
yes, but will they be able to randomly shift the frequency of the field to keep the borg at bay?
Cool point. I imagine that, as is often the case, mass is a input into how much friction is in the system. More weight on the spindle creates more friction for the motor to overcome (although it also means that the disc has more momentum). Interestingly, the original article notes some other advantages of the technology as well.
The Mozilla team and some of the posters, should be embarrased by the attitudes displayed here and in the bugzilla threads when this was repoted back in **September**. I recently recommended Firefox to my parents, but now I think that was premature. The team doesn't have protecting my parents in mind.
Several things were missing from the response:
* The charge to protect regular, unsophisticated users. Regular users do not care whose fault a wide open security hole is. They only care whether they are safe when they are acting reasonably. In this case they weren't, but the team was ok with that for months.
* Security without usability is like a parachute you are not wearing. The Register article was the easiest way of finding the advisory and fix, imho. 1) Back in September, how did the team think I was supposed to know to disable shell: scripting? ESP? Reading all of bugzilla? 2) Where in fact would I have done this? Certainly nothing easy to find. 3) Even today, where is the super prominent link on the home page? Why does the home page (http://www.mozilla.org/products/firefox/)link to the 1.9.1 page, not the 1.9.2 page?
* Put products before the blame game. Why should mozilla not be embarrassed? There's a known hole in windows, that is only a problem when an untrusted source has a channel to access it. Mozilla provides that channel. Again, from a user perspective, who cares?
The community has lost a lot of trust with me today. Looks like a team that is no longer ready for prime-time.
. . . pretty sure that I saw an episode when I was 8, where the bad guy used really low sounds to make people feel creepy.
"I would have published in a peer-reviewed journal, too, if it weren't for you meddling kids!"
The formula above assumes a simple risk-neutral actor, since the dollars are simply multiplied by probability. This is generally not the case for large negative events, like your house burning down or a major security breach. If it were, few of us would buy insurance, since
p(l) * V q
is rarely true, where p(l) is the probability of loss in the period, V is the value lost, and q is the value of premiums in the period.
see here
isn't that close enough? does that mean I deserve one? cool!
In normal tort and contract law, there is a notion of 'reasonable' behavior and well understood 'duty.' Not so here. Thus, attempts at analogy do poorly.
In the 'real' world, it's clear who is supposed to do what. And if everyone is a good citizen, then everyone is pretty safe.
Example: If I sell you a sandwich, I have a duty to not poison it. I even have a duty to take reasonable steps to ensure that other people don't put poison into it. For example, if I saw someone lick it and put it back on the counter, it's reasonable to expect me to throw it away, and not resell it (and for me to get the perpetrator to pay me for it).
But that duty has reasonable limits. It is not reasonable to expect me to erect Fort Knox level security around my store, just to keep people from breaking in at night and adulterating the sandwiches.
These simple concepts apply to millions of practical applications, from product liability involving millions of consumers to simple traffic accidents. A few simple rules can actually implement a lot of what is required by 'common sense' or 'justice' or 'fairness' (thus, tort law is pretty efficient code).
But these concepts -- and our hence our analogies -- don't apply well to the internet, for two reasons. First, there is a notable lack of consensus as to what the duties of each party should be. Second, we have not identified what duties will actually protect us. As Graham and Staniford, Paxson, Weaver have pointed out, the pallative 'we all have a duty to keep everything patched' does not really help with fast worms. Even with a lot more patching going on, we remain very vulnerable to fast worms.
So, even if we are all good citizens, bad things can still happen (like expensive bandwidth being consumed by a fast worm). Thus, normal tort analogies will fall short. There are some extraordinary tort analogies that might work, like who pays for what after a tornado or other Act of God. (Your cow flew through my window, who pays?) But even those will rely on consensus views of what constitutes 'reasonable precautions' - views that have been forged over generations and generations. So that will take time.
In the meantime, we should consider new public services to protect society in ways that mere 'good citizens' cannot - like we do with epidemics, fires, and other Acts of God. Staniford, Paxson, Weaver have proposed a CDC of cyberspace. Seems like a very good idea.
Let me get this straight. There are two versions of slashdot. One has been edited by a group of experienced and knowledgable editors. The other has not.
I pay more for the first. I get the one that has taken more effort to produce for free. I think I know which I will choose.
Amusingly, the scheme places a *negative* economic value on the work of the editors, since it implies the market will pay more to get rid of their meddling. Even this takes 'information wants to be free' a little far.
Testing companies such as ETS and CTB quickly gain monopoly power because of a simple, but powerful, network externality:
Thus as the company administers more tests, the company gets a bigger an bigger lead over its competitors. If a school switches testing companies, they won't be able to track trends from one side of the switch to the other.
Like other network externality markets -- think operating system -- the monopolist's proprietary edge comes not from the originality or sweat of the incumbent, but simply from the size of the adopted user base.
But the testing market is subtlely different. In testing, much of the proprietary value comes from the answers the students themselves give. Indeed, if the school districts considered these data 'proprietary' then the testing companies might have to 'buy' their monopoly position from the customer.
But even if the school retained ownership of its own pupils' data, the testing company would still have the power in the relationship. To truly move to 'tester portability' -- and thus competition -- schools would need 1) to be able to retain the actual wording of the tests (and share that with other testing companies) and 2) to be able to insert experimental questions from other testing companies into the testing, to allow for calibration if they were to switch vendors. The only hope I see for such an utter inversion of the relationship would be if districts comprising more than 50 percent of the testing market banded together. Possibly, if the U.S. Department of Education forced a change for a federal program.