This sounds like the start of a patent argument. We've been doing this forever. We evaluate performance of employees and then adjust their hours and pay or terminate employment based on those evaluations. Comment cards from the customers influence that evaluation How does "collect evaluations via computer" make this a new and novel concept?
QUICK, PATENT IT!!!
Also, if this is Hunger Games, I expect the customers to start rating one another at some point and get banned from the restaurant as a result. What a catchy title image.
If we'd like to talk about flawed customer feedback, let's talk about that instead of some vague hand-waving at technology.
Sure. So did you find information in your research that's publicly available? No harm, no foul from what I understand.
How about information that is not publicly available? Now we're in a little different spot. Now let's add that you intentional disseminate that information publicly after having sold the privileged information to a third party who acted on that information to purchase a security with an expectation that your public release of the information will affect price of the security? From what I understand, now you're dealing with securities fraud. I am in no way an expert on the associated laws, but section 9.a.5 of the Securities Exchange Act of 1934 (page 87) seems to apply directly to this situation. You would have to prove intent with that section, but it seems pretty obvious in this case.
We'd be talking about the same thing if a member of Google Project Zero shorted Intel stock just before the public release of the Meltdown/Spectre fiasco. The purpose behind the regulation is to prevent an unfair advantage in cases where only a select group can be "in the know" and use that information to manipulate the stock price or act on expected changes to the price based on that privileged information.
I don't think the duration of the drop is really that relevant to the accusation being leveled against CTS Labs. More important is the volume of the drop, the knowledge that it is likely to occur and when it is most likely to occur. If there was indeed collusion and CTS Labs benefited financially from the timing of their announcement, that's illegal.
Yup, basically what I logged in to say. "Removing" software that already had administrative/root access to your systems after telling the vendor that you're going to do it a couple months down the road for a product that has auto-update capabilities built into it is borderline criminal negligence if you sincerely thought there was a legitimate risk to begin with. Silly.
In answer to your second question, no, there is not. And there can't be. The system can never be trusted until wiped down to the firmware level (and maybe not even then if you don't trust the hardware manufacturers or physical access was compromised in some way). Any tool you might build can be lied to by the underlying kernel and/or firmware that you must assume is already compromised.
Exactly. I've been watching for a choice that makes good sense for back-country power needs and solar just isn't there yet for my usage.
Warning, shoddy math ahead. TLDR; This new cell could save 9-10oz off of the current weight of a popular backpacking solar product bringing it in line with the power provided by a 10K mAh power pack over a 5 backpacking day trip. Yay, solar might finally be efficient enough to consider!
I pack a 10K mAh Anker lithium power pack that weighs about 8 ozs. A GoalZero Guide 10 needs to be charged around 4 times to full (plus the one full charge you started with) to match up with the power pack. That takes something like 24 hours of direct sunlight with the included Nomad 7 (7 watt) panel which is probably 4 or 5 days in an average sort of situation. The whole bundle weighs about 19 oz. If I instead bring two 10K mAh batteries at 16 oz, I'm closer to the same weight comparison. That means I need to be on a trip of 8-10 days or more to break even. Anything shorter and I'm better off just carrying charged lithium power packs. Any long periods of cloudy/bad weather, and I'm better off with the power packs. Solar is a tough sell right now.
If I instead was carrying a solar panel at 6g per watt, that would end up around 48g of panel for 7 watts plus whatever weight in fabric you want to hold the solar cells. Let's say we add a nice thick 500 denier cordura fabric backing at 8 oz per sq yard. Since I need about 1 sq ft of backing for the same size of panel as the Nomad 7, that ends up being about 25g of added fabric (heavy duty fabric...). So the new panel would weigh around 75-100g (3-4oz). The Nomad 7 panel weighs 363g (13oz) saving me 8oz or more off the overall weight of 19 oz. Now I'm comparing my 8 oz lithium power pack to an 11 oz solar solution that provides about the same energy over 4-5 days. Suddenly, solar is looking like a possibility for a reasonable length hike especially during months where you can expect better weather.
Now, given that the weight of the panel is no longer a significant portion of the overall weight of the solution, it would make sense to increase the size a little to make it more weight effective. Double the size of the panel and the output to 14W which would add 3-4 more ozs bring it to ~15oz to provide the same power over 5 days that two 10K mAh lithium batteries supply at 16oz. If this "back of the napkin" math is even close, this change by itself will make solar relevant for shorter trips with lowish power needs (10-20K mAh is 4-8 full charges of my cell phone, for example).
Exactly what I was thinking. Hiring skilled people and paying them a reasonable salary to get work done for you only to handicap them with a terrible working environment is just silly. Qbertino really needs to read http://www.joelonsoftware.com/... and think about the impact of giving his developers an ultra-cheap environment. Heck, go to the library and check out Peopleware as well. The library is even cheaper than ultra-cheap and a thoughtful read through that book will help him use his resources more effectively.
Sure, so they divide and conquer. That doesn't address my question at all.
My question was how do they deal with the constant change? Do they have a standard way to review what has changed from revision to revision? If so, then the word "hidden" is beyond shady. If not, then why not? With the way the process seems to work, it seems strictly necessary to not have to start from scratch each time the document is changed.
It's almost funny from a programmer's perspective because dealing with this exact problem is something we do daily and, as an industry, have developed processes and tools to help us deal with it. And if the "problem" as described doesn't really exist and dealing with the differences and voting on them is straightforward and well understood, how does crap like this make it through on unrelated bills? It seems, this has to be either a broken processes or serves to highlight a fundamentally dishonest establishment. Either way, that's a sad way to be doing business.
So say that I'm a Rep that is really trying hard to do the right thing and represent my constituent properly. This bill shows up for a vote and it's a 2000 page document. I probably read the initial version of the bill from front to back and was happy with it. Now, that 2000 page document has been modified in some interesting way right before the vote. Am I expected to read the entire thing again and just happen to notice the changes or is some kind of "diff" system widely available and used so it's easy to pick up these changes and evaluate them?
It just seems like we read frequently about stuff being "hidden" or "snuck in." If some way to compare versions easily is available, then "hidden" is just a terrible excuse for someone not doing even a cursory review of the changes. If a way to compare versions isn't available, why the heck not?
Or they might be interested in hacking, security, etc. From the article, two things
help them make the right choices
You were already doing that as their parent, right?
and
There are also a number of organisations to help young people develop cyber skills:
Here, we'll list them below for you. Go on, click on the links. I mean, be trite and sarcastic if you like, but click on the links. TFA is linking to cyber security programs that your kids might be interested in. You know, for programmers and such. So much/facepalm.
So, your kid has "irregular sleeping patterns" and you don't have a conversation with them to find out why? It might not even involve a computer. It might be too much time playing games. You might find out that you have a fantastically talented author that just can't go to sleep with ideas bouncing around in their head.
They start making money online and you don't ask how or why? Aren't you even a little bit curious? Do you have a kid who built the next Silk Road or do you have a budding entrepreneur? Yes, yes, I know those two might be considered the same thing...
Your kid is becoming more socially isolated and you don't stop by their room to check in on them and find out how life is going? Are they being bullied at school? Probably:( Are they just going through that tough transition from childhood to the teenage years when they realize their idealistic view of the world as a child is shattered? Maybe they just aren't eating well and you're seeing lethargy from early blood sugar issues. Maybe they've found it's more comfortable to talk to people through a computer rather than in person.
I didn't suggest you should ban your kids from computers. I suggested talking to them, taking an interest in their life and noticing what's happening around you. Taking an interest in your kids and helping to guide and educate them is part of your job as a parent. If you don't understand their interests, try.... harder... Maybe parents should try giving a damn.
And if you find out they are taking an interest in computers, may I reference TFA again........
Ways to use cyber skills positively
Yep, there's a section in that article about where you might channel interests your kids have in technology. TFA and the/. summary are two entirely different movies.
If you actually pull up the article, it has a list of warning signs and then adds:
Many of these are just normal teenage behaviours and don't necessarily suggest a young person is at risk of getting involved in cyber crime. But if a young person is showing several of these signs, try and have a conversation with them about their online activities.
We don't really think there's harm in having a conversation with our kids, do we?
And it very much depends on local regulations. If I wanted to shoot a rodent in my town, it is a misdemeanor to discharge a air rifle in city limits. It is also a misdemeanor to discharge a 30-06. Odd that I can make that choice without considering a difference in penalty...
But, even though I can't use Red Rider BB Gun, a 70 lb compound bow with hunting broadheads is perfectly acceptable. Crossbow is fair game too. Local regulations are often so strange.
And yet the HR filters bump me out if I don't "inflate" my resume. If you're looking for folks that lie on their resume, I'm afraid I'm not qualified anyway.
A number of years ago, I ran across a similar effort to develop a self sufficient system of tools and technologies to support a "town" called the Global Village Construction Set. It is found at http://opensourceecology.org/w... and it may be an interesting read for anyone thinking about these kinds of issues.
Absolutely, be we have a ways to go before we can solve the power problems. Even in the prescription glasses form-factor, power is not a solved problem.
Trying *both* Python and Ruby is a very good plan. They are both are scripting languages with large libraries and solid user communities and similar in a lot of ways. Oddly, every developer I've talked with that has tried both loves one of them to death and hates the other with an ever burning passion. To me, Ruby is completely backwards and nothing works as I would expect it to. Python seems to do everything I want to do in exactly the way I want to do it. Another guy I worked with felt exactly the opposite.
I suspect if you try both, one of them will feel breezy and the other will feel odd and clunky.
It's ironic how close P and R happen to be. Ruby fan, I take it?
If not Ruby, what do you use for a scripting language? Please don't tell me you decided long ago that if it's possible to do everything in assembly, it must be done in assembly.
Yep, I found it rather quickly myself. I'm not about to touch it myself with a 70 foot pole, but I wasn't looking to rip off any account info either.
As far as advice goes, you're in pretty deep already. Given the discussion here and the information that is already available, I don't think you're going to be able to back out now. You've already reported it to the company, but now it's publicly available and I worry that they might implicate you in damages. IMHO, get a lawyer. Now. They should be able to tell you what kind of liability you're facing. They should also be able to give you good advice on how to mitigate your own risk.
Frankly, I think it's stupid that someone pointing out a security flaw could be liable in any way, but that's the way our screwed up system works. Best of luck.
Nah, I have an older computer that I upgraded from 4GB to 12GB. In a few years when that computer no longer performs in the way I need for compiling code and running games, I'll get a new computer. At that point, my current computer turns into the family model for browsing the web and doing homework. Those tasks don't take next year's top end computer to run.
The point here is that some people still use hardware until it dies rather than buying a new computer every three years. For most tasks, older computers are perfectly capable. Some of us are already "lessening our impact" and have been doing so for years.
My phone is getting replaced at the two year mark this time because I caught the front end of the android market with a cheap android phone two years ago and the advance in hardware/software is too great to ignore. Once phones slow back down a little, I'll go back to long spans with a single phone (my last phone was 8 years old when I replaced it, good old Motorola V550). Stuff's just changing too fast right now for that to be realistic on phones.
On the computer front, it's now more realistic to run a computer for 5-10 years without upgrading. Current upgrades are pretty small jumps and even newly released games are running on much older hardware than they have before. I increased RAM on my desktop from 4GB to 12GB a couple days ago and that should extend the life of that machine by another 2-3 years before being handed down to my kids.
Slashdot Mirror
This sounds like the start of a patent argument. We've been doing this forever. We evaluate performance of employees and then adjust their hours and pay or terminate employment based on those evaluations. Comment cards from the customers influence that evaluation How does "collect evaluations via computer" make this a new and novel concept?
QUICK, PATENT IT!!!
Also, if this is Hunger Games, I expect the customers to start rating one another at some point and get banned from the restaurant as a result. What a catchy title image.
If we'd like to talk about flawed customer feedback, let's talk about that instead of some vague hand-waving at technology.
Sure. So did you find information in your research that's publicly available? No harm, no foul from what I understand.
How about information that is not publicly available? Now we're in a little different spot. Now let's add that you intentional disseminate that information publicly after having sold the privileged information to a third party who acted on that information to purchase a security with an expectation that your public release of the information will affect price of the security? From what I understand, now you're dealing with securities fraud. I am in no way an expert on the associated laws, but section 9.a.5 of the Securities Exchange Act of 1934 (page 87) seems to apply directly to this situation. You would have to prove intent with that section, but it seems pretty obvious in this case.
We'd be talking about the same thing if a member of Google Project Zero shorted Intel stock just before the public release of the Meltdown/Spectre fiasco. The purpose behind the regulation is to prevent an unfair advantage in cases where only a select group can be "in the know" and use that information to manipulate the stock price or act on expected changes to the price based on that privileged information.
I don't think the duration of the drop is really that relevant to the accusation being leveled against CTS Labs. More important is the volume of the drop, the knowledge that it is likely to occur and when it is most likely to occur. If there was indeed collusion and CTS Labs benefited financially from the timing of their announcement, that's illegal.
https://www.w3.org/2005/10/Pro...
See 3.3 Concensus. I imagine a Formal Objection was part of the process. https://www.eff.org/pages/drm/... would seem to be that objection. Also at https://dev.w3.org/html5/statu...
Yup, basically what I logged in to say. "Removing" software that already had administrative/root access to your systems after telling the vendor that you're going to do it a couple months down the road for a product that has auto-update capabilities built into it is borderline criminal negligence if you sincerely thought there was a legitimate risk to begin with. Silly.
In answer to your second question, no, there is not. And there can't be. The system can never be trusted until wiped down to the firmware level (and maybe not even then if you don't trust the hardware manufacturers or physical access was compromised in some way). Any tool you might build can be lied to by the underlying kernel and/or firmware that you must assume is already compromised.
Exactly. I've been watching for a choice that makes good sense for back-country power needs and solar just isn't there yet for my usage.
Warning, shoddy math ahead. TLDR; This new cell could save 9-10oz off of the current weight of a popular backpacking solar product bringing it in line with the power provided by a 10K mAh power pack over a 5 backpacking day trip. Yay, solar might finally be efficient enough to consider!
I pack a 10K mAh Anker lithium power pack that weighs about 8 ozs. A GoalZero Guide 10 needs to be charged around 4 times to full (plus the one full charge you started with) to match up with the power pack. That takes something like 24 hours of direct sunlight with the included Nomad 7 (7 watt) panel which is probably 4 or 5 days in an average sort of situation. The whole bundle weighs about 19 oz. If I instead bring two 10K mAh batteries at 16 oz, I'm closer to the same weight comparison. That means I need to be on a trip of 8-10 days or more to break even. Anything shorter and I'm better off just carrying charged lithium power packs. Any long periods of cloudy/bad weather, and I'm better off with the power packs. Solar is a tough sell right now.
If I instead was carrying a solar panel at 6g per watt, that would end up around 48g of panel for 7 watts plus whatever weight in fabric you want to hold the solar cells. Let's say we add a nice thick 500 denier cordura fabric backing at 8 oz per sq yard. Since I need about 1 sq ft of backing for the same size of panel as the Nomad 7, that ends up being about 25g of added fabric (heavy duty fabric...). So the new panel would weigh around 75-100g (3-4oz). The Nomad 7 panel weighs 363g (13oz) saving me 8oz or more off the overall weight of 19 oz. Now I'm comparing my 8 oz lithium power pack to an 11 oz solar solution that provides about the same energy over 4-5 days. Suddenly, solar is looking like a possibility for a reasonable length hike especially during months where you can expect better weather.
Now, given that the weight of the panel is no longer a significant portion of the overall weight of the solution, it would make sense to increase the size a little to make it more weight effective. Double the size of the panel and the output to 14W which would add 3-4 more ozs bring it to ~15oz to provide the same power over 5 days that two 10K mAh lithium batteries supply at 16oz. If this "back of the napkin" math is even close, this change by itself will make solar relevant for shorter trips with lowish power needs (10-20K mAh is 4-8 full charges of my cell phone, for example).
Exactly what I was thinking. Hiring skilled people and paying them a reasonable salary to get work done for you only to handicap them with a terrible working environment is just silly. Qbertino really needs to read http://www.joelonsoftware.com/... and think about the impact of giving his developers an ultra-cheap environment. Heck, go to the library and check out Peopleware as well. The library is even cheaper than ultra-cheap and a thoughtful read through that book will help him use his resources more effectively.
Sure, so they divide and conquer. That doesn't address my question at all.
My question was how do they deal with the constant change? Do they have a standard way to review what has changed from revision to revision? If so, then the word "hidden" is beyond shady. If not, then why not? With the way the process seems to work, it seems strictly necessary to not have to start from scratch each time the document is changed.
It's almost funny from a programmer's perspective because dealing with this exact problem is something we do daily and, as an industry, have developed processes and tools to help us deal with it. And if the "problem" as described doesn't really exist and dealing with the differences and voting on them is straightforward and well understood, how does crap like this make it through on unrelated bills? It seems, this has to be either a broken processes or serves to highlight a fundamentally dishonest establishment. Either way, that's a sad way to be doing business.
So say that I'm a Rep that is really trying hard to do the right thing and represent my constituent properly. This bill shows up for a vote and it's a 2000 page document. I probably read the initial version of the bill from front to back and was happy with it. Now, that 2000 page document has been modified in some interesting way right before the vote. Am I expected to read the entire thing again and just happen to notice the changes or is some kind of "diff" system widely available and used so it's easy to pick up these changes and evaluate them?
It just seems like we read frequently about stuff being "hidden" or "snuck in." If some way to compare versions easily is available, then "hidden" is just a terrible excuse for someone not doing even a cursory review of the changes. If a way to compare versions isn't available, why the heck not?
Where is that quote from? It looks like it was loosely copied from the /. summary?
Or they might be interested in hacking, security, etc. From the article, two things
help them make the right choices
You were already doing that as their parent, right?
and
There are also a number of organisations to help young people develop cyber skills:
Here, we'll list them below for you. Go on, click on the links. I mean, be trite and sarcastic if you like, but click on the links. TFA is linking to cyber security programs that your kids might be interested in. You know, for programmers and such. So much /facepalm.
So, your kid has "irregular sleeping patterns" and you don't have a conversation with them to find out why? It might not even involve a computer. It might be too much time playing games. You might find out that you have a fantastically talented author that just can't go to sleep with ideas bouncing around in their head.
They start making money online and you don't ask how or why? Aren't you even a little bit curious? Do you have a kid who built the next Silk Road or do you have a budding entrepreneur? Yes, yes, I know those two might be considered the same thing...
Your kid is becoming more socially isolated and you don't stop by their room to check in on them and find out how life is going? Are they being bullied at school? Probably :( Are they just going through that tough transition from childhood to the teenage years when they realize their idealistic view of the world as a child is shattered? Maybe they just aren't eating well and you're seeing lethargy from early blood sugar issues. Maybe they've found it's more comfortable to talk to people through a computer rather than in person.
I didn't suggest you should ban your kids from computers. I suggested talking to them, taking an interest in their life and noticing what's happening around you. Taking an interest in your kids and helping to guide and educate them is part of your job as a parent. If you don't understand their interests, try.... harder... Maybe parents should try giving a damn.
And if you find out they are taking an interest in computers, may I reference TFA again........
Ways to use cyber skills positively
Yep, there's a section in that article about where you might channel interests your kids have in technology. TFA and the /. summary are two entirely different movies.
If you actually pull up the article, it has a list of warning signs and then adds:
Many of these are just normal teenage behaviours and don't necessarily suggest a young person is at risk of getting involved in cyber crime. But if a young person is showing several of these signs, try and have a conversation with them about their online activities.
We don't really think there's harm in having a conversation with our kids, do we?
And it very much depends on local regulations. If I wanted to shoot a rodent in my town, it is a misdemeanor to discharge a air rifle in city limits. It is also a misdemeanor to discharge a 30-06. Odd that I can make that choice without considering a difference in penalty...
But, even though I can't use Red Rider BB Gun, a 70 lb compound bow with hunting broadheads is perfectly acceptable. Crossbow is fair game too. Local regulations are often so strange.
(And WTF is with the top-of-screen page refreshes now, Dice? I suspect it has something to do with the cheesy side videos...)
I finally got irritated enough to disable ads today. Here's a greasemonkey script that knocks out the flash/html5 ones.
var remove_classes=['railad', 'adwrap'];
for(var i=0; i<remove_classes.length; i++) {
var nodes = document.evaluate("//*[@class='" + remove_classes[i] + "']", document, null, XPathResult.UNORDERED_NODE_SNAPSHOT_TYPE, null);
for(var j=0; j<nodes.snapshotLength; j++) {
nodes.snapshotItem(j).parentNode.removeChild(nodes.snapshotItem(j));
}
}
Slashdot, I was happy to leave them enabled until it started jumping me back to the top of the page while I was trying to read comments. Well played.
And yet the HR filters bump me out if I don't "inflate" my resume. If you're looking for folks that lie on their resume, I'm afraid I'm not qualified anyway.
A number of years ago, I ran across a similar effort to develop a self sufficient system of tools and technologies to support a "town" called the Global Village Construction Set. It is found at http://opensourceecology.org/w... and it may be an interesting read for anyone thinking about these kinds of issues.
Predators are far short of 100% efficient (citation needed; I am lazy!),
Empirical evidence is pretty strong ;)
Absolutely, be we have a ways to go before we can solve the power problems. Even in the prescription glasses form-factor, power is not a solved problem.
Trying *both* Python and Ruby is a very good plan. They are both are scripting languages with large libraries and solid user communities and similar in a lot of ways. Oddly, every developer I've talked with that has tried both loves one of them to death and hates the other with an ever burning passion. To me, Ruby is completely backwards and nothing works as I would expect it to. Python seems to do everything I want to do in exactly the way I want to do it. Another guy I worked with felt exactly the opposite.
I suspect if you try both, one of them will feel breezy and the other will feel odd and clunky.
The LED is "consuming" external heat to produce the additional light. The article is pretty clear and an enjoyable read.
It's ironic how close P and R happen to be. Ruby fan, I take it?
If not Ruby, what do you use for a scripting language? Please don't tell me you decided long ago that if it's possible to do everything in assembly, it must be done in assembly.
Yep, I found it rather quickly myself. I'm not about to touch it myself with a 70 foot pole, but I wasn't looking to rip off any account info either.
As far as advice goes, you're in pretty deep already. Given the discussion here and the information that is already available, I don't think you're going to be able to back out now. You've already reported it to the company, but now it's publicly available and I worry that they might implicate you in damages. IMHO, get a lawyer. Now. They should be able to tell you what kind of liability you're facing. They should also be able to give you good advice on how to mitigate your own risk.
Frankly, I think it's stupid that someone pointing out a security flaw could be liable in any way, but that's the way our screwed up system works. Best of luck.
Nah, I have an older computer that I upgraded from 4GB to 12GB. In a few years when that computer no longer performs in the way I need for compiling code and running games, I'll get a new computer. At that point, my current computer turns into the family model for browsing the web and doing homework. Those tasks don't take next year's top end computer to run.
The point here is that some people still use hardware until it dies rather than buying a new computer every three years. For most tasks, older computers are perfectly capable. Some of us are already "lessening our impact" and have been doing so for years.
Agreed, but phones are a poor example right now.
My phone is getting replaced at the two year mark this time because I caught the front end of the android market with a cheap android phone two years ago and the advance in hardware/software is too great to ignore. Once phones slow back down a little, I'll go back to long spans with a single phone (my last phone was 8 years old when I replaced it, good old Motorola V550). Stuff's just changing too fast right now for that to be realistic on phones.
On the computer front, it's now more realistic to run a computer for 5-10 years without upgrading. Current upgrades are pretty small jumps and even newly released games are running on much older hardware than they have before. I increased RAM on my desktop from 4GB to 12GB a couple days ago and that should extend the life of that machine by another 2-3 years before being handed down to my kids.