I think that's something lost when people look at 'x%' and call it a day. Media is a very subjective thing, so you have to determine that the person or population you are dealing with aligns with your own.
With rotten tomatoes, you have a monolithic population. If a movie is well known (i.e. over-promoted), it mustn't be in any way polarizing because people will go to see it, even if they wouldn't have otherwise, and end up resenting the film as a result. If a movie is a touch more obscure, then generally random people won't mistakenly see it.
I've worked at several places with restaurants. The thing is, they tend to be whoever *paid* the most for the privilege to be there to get a big captive audience.
So the on-campus food tends to be overpriced, low quality, so people tend to go off campus.
Would be great to actually make the campus space available to outside businesses and customers, to save employees the drive to go somewhere.
I was mostly thinking about the NIS replacement side of it, less about the whole roaming profile stuff. My business device with Windows has no roaming profile, for example.
Incidentally, the nfs/home and similar can be frustrating with devices that communicate over WAN a lot, and replication and cached credentials are valuable. Though using something like nextcloud or seafile is generally a better experience than either remote 'home' or trying to be transparent replication (when replication takes a long time, better to have it out of the way of login and such).
The thing that frustrates those of us who can do VR without issue is people loudly shouting that it makes everyone sick and no one should even try it and scare off people from at least trying it themselves. The chilling effect on the market lessens the chance of the market having good content.
AR without motion sickness would preclude a great deal of experiences (vehicle simulators, any scenario requiring exploring an area bigger than you physically have to explore). If you enable any of these experiences, VR and AR are in the same boat.
AR may have some applications that are interesting, but probably more productivity oriented than entertainment, due to the physical limitations of having a 1:1 mapping of the AR world and the physical world.
Well one, it *can* be solved, and in fact for experiences that do not move the user at all, almost no one gets sick.
Those that place the user in a cockpit, and move the player around relative to the outside, but not the cockpit, sickness correlates closely with rate of motion sickness in cars and boats and such.
Even those that move around like crazy, sure more people get sick, but in my personal experience, I'm not even sure it's a majority.
The short of it is, if you are interested *demo* it for yourself. Don't just assume you will or will not get sick, because it's your own vestibular system and there's a great deal of variety.
Microsoft is also not really going straight for AR, they did do Hololense, but Windows Holographic is intended to support both VR and AR, and the affordable hardware is going to be VR first. AR still has a big problem of some technology that allows seeing the outside world and seeing the overlay. Problems with how ghosty the content is, and/or more critically ability to project over a wide field of view. In VR, they distort the hell out of the screen to get wide field of view, but in AR that can't be done because it will distort the real world. Also AR can't provide the same total immersion as VR if that's the goal (well it can, but by covering up the whole world, in which case it's really VR).
I'm not that invested either way in her, but Netflix has thrown her in my face a lot. I have better things to do than do whatever Netflix tells me to, so I haven't bothered, but the fact that I know about her netflix at all says something...
If someone is polarizing, *and* something like netflix promotes it and throws it in everyone's face, they shouldn't be surprised that overwhelming negative reviews come at them. Doesn't need to be a conspiracy. This is the problem with a lot of netflix original content, they are pushing it all so hard that it's hard to avoid. Even when the content runs against my general preferences, if it's a 'netflix original', somehow it dominants space in my 'recommended' viewing.
You do realize that most of the complaints you have are basically moving a Linux desktop more toward what MS has done with Windows desktop. PulseAudio bears no small resemblence to Windows Vista+ audio stack (in terms of architecture). systemd similarly resembles the way microsoft services work, journald resembles event viewer design, networkmanager is pretty much the same way Windows does network management, dconf acts a lot like the registry.
If anything, I'd say MS is worse at many of these. As much as I object to journald, event viewer is worse. systemd does make some things more complex, but not nearly so much as the way microsoft handles services. dconf is at least more straightforward and more powerful than windows registry.
So company A wants to downsize and replace with cheaper workers. If a company get H1Bs, then very shortly lays off people, then it's a flag.
So instead they outsource to company B. So far, they are playing by the rules. Company B has bid to provide the work cheaper than doing it in house.
Now company B says "I need some talent, I don't have enough staff', then *they* can claim there are no available local talent for what they need (for some *very* narrow definition, like 'software programmer ii' or something). They don't have layoffs to explain. When they are not your existing employees, it's easier to try to paint the labor market as somehow not applicable to the positions.
I said *one* of the big motivators. I know a lot of road truck trailers never touch a train or boat. Some definitely do. Some are going very directly from point A to B with a large amount of cargo that gets economies of scale and it makes sense to have a single big weighted thing. Some are driving convoluted delivery routes because it's cheaper than concurrently operating a lot of vehicles, and the convoluted delivery route with many stops becomes a burden compared to a hypothetical fleet of lightweight, more direct route vehicles.
Note that to the extent autonomous vehicles can offload driving, even the drivers who do 'safe' will be faced with a larger unemployment pool in general, if nothing attracts those now unemployed drivers to other work or otherwise don't feel the need to work.
FedEx/UPS Trucks driving over a long route may lose out to more point to point operation of small vehicles. A large chunk of the manufacturing capacity of a nation going to a particular port is another thing.
You have people stealing packages today (they get left out a lot). A vehicle could conceivably be constantly streaming location, cameras streaming security feed out, and so on. Sounding an alarm and notifying police is possible, keeping about the same level of risk/reward as stealing packages today. A vehicle capable of driving itself should be able to notice if something isn't right, indicating breakin, being forced to stop, or being moved, and alert human operators to scrutinize that particularly units state of affairs.
All shipping is already a game of different risk at different cost. Your random amazon purchase is at relatively high risk of loss or theft today. Money pickup from a store safe is an armored truck.
If vehicle + payload is less than a couple hundred pounds, about the size of a scooter, and doesn't go more than 35 MPH or so,
I explicitly said that in the beginning. I don't picture the future of delivery being giant trucks, but more scooter sized things in the scenario of humanless vehicles. It takes a lot of energy and fuel to move the giant trucks, so I imagine the balance for home delivered packages to be smaller than a passenger car, and the giant trucks reserved for large packages and similar special cases, and human occupancy for the foreseeable future for such vehicles.
We allow people on bicycles that can do about the same damage without requiring they prove themselves.
You can also regulate the design of it such that it's unlikely to do much damage to a typical pedestrian, even if things go very wrong. Think about how cars today in europe are required to give more to allow for pedestrian safety. Then amplify that further since you don't need to tradeoff against human visibility.
Think about commercial fleets/motor pools/rentals. Replaced every 2-3 years, in some scenarios many cars for relatively few drivers. Generally speaking, every driver gets *one* road test for their entire lifetime. Saying that they will operate 10 vehicles in their lifetime is probably *conservative*.
I wonder though how much that is currently done with big trucks will become smaller vehicles, but more numerous. One of the big motivators for piling tons of stuff onto one truck is because each vehicle needs an expensive driver.
Now there are other motivators, but in scenarios where the big truck is used because only because you need to amortize the large expense of a human driver, you'll probably see smaller things on the road when/if autonomous cargo transport happens.
If it's each and every car, then you've overwhelmed the DMV, mulitplying their load by maybe 10 fold.
Otherwise, the NHTSA approval is presumably pretty much that.
Although, the same standards don't necessarily work. Driving training and tests take a lot of human capability for granted. If you had something that could *just* pass the test, but otherwise have zero human capability, it could be still be a very dangerous vehicle operator.
If it is a 4,000 lb. passenger vehicle with human occupants going at 70 MPH, I agree. For a vehicle that will be carrying humans *anyway*, I don't see any need to remove the controls in the near future, even if they are not going to be used much. Maybe one day if you have unaccompanied humans who cannot be trusted with that option, but I think it's too early for that.
If vehicle + payload is less than a couple hundred pounds, about the size of a scooter, and doesn't go more than 35 MPH or so, then I think it could be reasonable to not mandate human controls. Think smallish delivery vehicle. No space or crash readiness for human passengers, low weight, size, and speed significantly mitigates the risk of an 'oops'. Vehicle wouldn't need the rigid passenger compartment and could take on more energy of a crash impact. Lower inertia means there's less damage for it to do.
I personally think that long term, delivery will move from passenger cars (food delivery) and big box trucks carrying a bunch of packages (really trying to optimize for number of drivers) to many small vehicles carrying a handful of deliveries. Also, away from flying drones to road vehicles. Flying drones are neat and all, but it's far easier and less energy to roll around.
Though even a bunch of addresses behind the same ip are unlikely to by trying to do an initial password authentication all at the same time and the vast majority of them be bad password attempts. So the risk of throwing out the baby with the bathwater by throttling such a source is somewhat reduced. Yes someone could DoS it from the inside by being a bad actor from their network, but there are balances to be struck.
If you make an attempt every 1.5 seconds, then your first request triggers a lockout for 2 seconds, your second request is dropped without even consideration, and does not reset the period, and 0.5 seconds later the account can be opened up for attempts again. So every two seconds at least *one* guess can get through from someone. Now attacker with resource can stack the deck so that they are almost certainly the ones to consume the guess still, but it's not quite as fatal as resetting the lockout every attempt, even if that attempt occurred during the lockout period.
Now even if it is not timer based, effectively password guesses *should* be an expensive toll on your authenticator (since it should be a one way salted hash with some sort of intentionally intensive delay). So under duress you have to find some way to thwart automation and allow humans to get priority (e.g. captchas, or better ideas).
But instead we have systems that after 3 guesses, lock someone out for an hour. Absolute insanity.
It's right there, "no composition rules". However, I do see one error, it should have said "no bullshit composition rules".
But you repeat yourself....
Also in there:
Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically) and SHOULD only require a change if the subscriber requests a change or there is evidence of compromise of the authenticator.
Holy crap, sanity!
Also need to scrap the minimum change interval some things impose (you *can't* change your password, even if you know you exposed it to someone accidently).
I'd also want to be very careful about account lockout policies. Yes, they are a tool to rate limit an attacker, but they are *also* a vector to DoS an account by locking it out on purpose.
Actually, it's not just about that. A good example is active directory.
On the open source side, if you can set up a decent directory service at all, you are pretty well equipped to handle very complex deployments as well as simple ones. You appreciate the power, transparency, and relative straightforwardness in dealing with complex needs. However, getting even a simple configuration going can be daunting to a newcomer. The newcomer experience is most often ignored in open source projects, since the target audience tends to be in the same ballpark as people able to write the software (at least in the best open source projects).
On the active directory side, it is dead simple to set up a simple configuration. So people getting started have an easier time. Now as your needs advance in complexity, you enter a hellish world of awkwardness in active directory and you'd be better off with the open source stack, but you started with AD and you are stuck with AD.
Commercial software tends to be easier to get started with and also working in common evaluation contexts. Open source tends to fare better when complexity increases and people are able to self-support and mold the overall project in an agreeable way.
The ubuntu on Windows is a gimped 'linux' that is strictly so that a Windows desktop can be used for Linux VM work on Azure. So no unix domain sockets, no sane integration with desktop for graphics, not really the best filesystem performance, no integration of the native authentication/permission structure... Being binary compatible with Linux is one of the least needed aspects of linux, and it's pretty much the only facet they focused on.
Slashdot Mirror
I think that's something lost when people look at 'x%' and call it a day. Media is a very subjective thing, so you have to determine that the person or population you are dealing with aligns with your own.
With rotten tomatoes, you have a monolithic population. If a movie is well known (i.e. over-promoted), it mustn't be in any way polarizing because people will go to see it, even if they wouldn't have otherwise, and end up resenting the film as a result. If a movie is a touch more obscure, then generally random people won't mistakenly see it.
I've worked at several places with restaurants. The thing is, they tend to be whoever *paid* the most for the privilege to be there to get a big captive audience.
So the on-campus food tends to be overpriced, low quality, so people tend to go off campus.
Would be great to actually make the campus space available to outside businesses and customers, to save employees the drive to go somewhere.
I was mostly thinking about the NIS replacement side of it, less about the whole roaming profile stuff. My business device with Windows has no roaming profile, for example.
Incidentally, the nfs /home and similar can be frustrating with devices that communicate over WAN a lot, and replication and cached credentials are valuable. Though using something like nextcloud or seafile is generally a better experience than either remote 'home' or trying to be transparent replication (when replication takes a long time, better to have it out of the way of login and such).
The thing that frustrates those of us who can do VR without issue is people loudly shouting that it makes everyone sick and no one should even try it and scare off people from at least trying it themselves. The chilling effect on the market lessens the chance of the market having good content.
AR without motion sickness would preclude a great deal of experiences (vehicle simulators, any scenario requiring exploring an area bigger than you physically have to explore). If you enable any of these experiences, VR and AR are in the same boat.
AR may have some applications that are interesting, but probably more productivity oriented than entertainment, due to the physical limitations of having a 1:1 mapping of the AR world and the physical world.
Well one, it *can* be solved, and in fact for experiences that do not move the user at all, almost no one gets sick.
Those that place the user in a cockpit, and move the player around relative to the outside, but not the cockpit, sickness correlates closely with rate of motion sickness in cars and boats and such.
Even those that move around like crazy, sure more people get sick, but in my personal experience, I'm not even sure it's a majority.
The short of it is, if you are interested *demo* it for yourself. Don't just assume you will or will not get sick, because it's your own vestibular system and there's a great deal of variety.
Microsoft is also not really going straight for AR, they did do Hololense, but Windows Holographic is intended to support both VR and AR, and the affordable hardware is going to be VR first. AR still has a big problem of some technology that allows seeing the outside world and seeing the overlay. Problems with how ghosty the content is, and/or more critically ability to project over a wide field of view. In VR, they distort the hell out of the screen to get wide field of view, but in AR that can't be done because it will distort the real world. Also AR can't provide the same total immersion as VR if that's the goal (well it can, but by covering up the whole world, in which case it's really VR).
I'm not that invested either way in her, but Netflix has thrown her in my face a lot. I have better things to do than do whatever Netflix tells me to, so I haven't bothered, but the fact that I know about her netflix at all says something...
If someone is polarizing, *and* something like netflix promotes it and throws it in everyone's face, they shouldn't be surprised that overwhelming negative reviews come at them. Doesn't need to be a conspiracy. This is the problem with a lot of netflix original content, they are pushing it all so hard that it's hard to avoid. Even when the content runs against my general preferences, if it's a 'netflix original', somehow it dominants space in my 'recommended' viewing.
You do realize that most of the complaints you have are basically moving a Linux desktop more toward what MS has done with Windows desktop. PulseAudio bears no small resemblence to Windows Vista+ audio stack (in terms of architecture). systemd similarly resembles the way microsoft services work, journald resembles event viewer design, networkmanager is pretty much the same way Windows does network management, dconf acts a lot like the registry.
If anything, I'd say MS is worse at many of these. As much as I object to journald, event viewer is worse. systemd does make some things more complex, but not nearly so much as the way microsoft handles services. dconf is at least more straightforward and more powerful than windows registry.
If they want to do it, they can do it.
So company A wants to downsize and replace with cheaper workers. If a company get H1Bs, then very shortly lays off people, then it's a flag.
So instead they outsource to company B. So far, they are playing by the rules. Company B has bid to provide the work cheaper than doing it in house.
Now company B says "I need some talent, I don't have enough staff', then *they* can claim there are no available local talent for what they need (for some *very* narrow definition, like 'software programmer ii' or something). They don't have layoffs to explain. When they are not your existing employees, it's easier to try to paint the labor market as somehow not applicable to the positions.
I said *one* of the big motivators. I know a lot of road truck trailers never touch a train or boat. Some definitely do. Some are going very directly from point A to B with a large amount of cargo that gets economies of scale and it makes sense to have a single big weighted thing. Some are driving convoluted delivery routes because it's cheaper than concurrently operating a lot of vehicles, and the convoluted delivery route with many stops becomes a burden compared to a hypothetical fleet of lightweight, more direct route vehicles.
Note that to the extent autonomous vehicles can offload driving, even the drivers who do 'safe' will be faced with a larger unemployment pool in general, if nothing attracts those now unemployed drivers to other work or otherwise don't feel the need to work.
There's a balance.
FedEx/UPS Trucks driving over a long route may lose out to more point to point operation of small vehicles. A large chunk of the manufacturing capacity of a nation going to a particular port is another thing.
You have people stealing packages today (they get left out a lot). A vehicle could conceivably be constantly streaming location, cameras streaming security feed out, and so on. Sounding an alarm and notifying police is possible, keeping about the same level of risk/reward as stealing packages today. A vehicle capable of driving itself should be able to notice if something isn't right, indicating breakin, being forced to stop, or being moved, and alert human operators to scrutinize that particularly units state of affairs.
All shipping is already a game of different risk at different cost. Your random amazon purchase is at relatively high risk of loss or theft today. Money pickup from a store safe is an armored truck.
If vehicle + payload is less than a couple hundred pounds, about the size of a scooter, and doesn't go more than 35 MPH or so,
I explicitly said that in the beginning. I don't picture the future of delivery being giant trucks, but more scooter sized things in the scenario of humanless vehicles. It takes a lot of energy and fuel to move the giant trucks, so I imagine the balance for home delivered packages to be smaller than a passenger car, and the giant trucks reserved for large packages and similar special cases, and human occupancy for the foreseeable future for such vehicles.
We allow people on bicycles that can do about the same damage without requiring they prove themselves.
You can also regulate the design of it such that it's unlikely to do much damage to a typical pedestrian, even if things go very wrong. Think about how cars today in europe are required to give more to allow for pedestrian safety. Then amplify that further since you don't need to tradeoff against human visibility.
Think about commercial fleets/motor pools/rentals. Replaced every 2-3 years, in some scenarios many cars for relatively few drivers. Generally speaking, every driver gets *one* road test for their entire lifetime. Saying that they will operate 10 vehicles in their lifetime is probably *conservative*.
I wonder though how much that is currently done with big trucks will become smaller vehicles, but more numerous. One of the big motivators for piling tons of stuff onto one truck is because each vehicle needs an expensive driver.
Now there are other motivators, but in scenarios where the big truck is used because only because you need to amortize the large expense of a human driver, you'll probably see smaller things on the road when/if autonomous cargo transport happens.
The specific instance or the software platform?
If it's each and every car, then you've overwhelmed the DMV, mulitplying their load by maybe 10 fold.
Otherwise, the NHTSA approval is presumably pretty much that.
Although, the same standards don't necessarily work. Driving training and tests take a lot of human capability for granted. If you had something that could *just* pass the test, but otherwise have zero human capability, it could be still be a very dangerous vehicle operator.
If it is a 4,000 lb. passenger vehicle with human occupants going at 70 MPH, I agree. For a vehicle that will be carrying humans *anyway*, I don't see any need to remove the controls in the near future, even if they are not going to be used much. Maybe one day if you have unaccompanied humans who cannot be trusted with that option, but I think it's too early for that.
If vehicle + payload is less than a couple hundred pounds, about the size of a scooter, and doesn't go more than 35 MPH or so, then I think it could be reasonable to not mandate human controls. Think smallish delivery vehicle. No space or crash readiness for human passengers, low weight, size, and speed significantly mitigates the risk of an 'oops'. Vehicle wouldn't need the rigid passenger compartment and could take on more energy of a crash impact. Lower inertia means there's less damage for it to do.
I personally think that long term, delivery will move from passenger cars (food delivery) and big box trucks carrying a bunch of packages (really trying to optimize for number of drivers) to many small vehicles carrying a handful of deliveries. Also, away from flying drones to road vehicles. Flying drones are neat and all, but it's far easier and less energy to roll around.
My chance to shine has been ruined.
Though even a bunch of addresses behind the same ip are unlikely to by trying to do an initial password authentication all at the same time and the vast majority of them be bad password attempts. So the risk of throwing out the baby with the bathwater by throttling such a source is somewhat reduced. Yes someone could DoS it from the inside by being a bad actor from their network, but there are balances to be struck.
If you make an attempt every 1.5 seconds, then your first request triggers a lockout for 2 seconds, your second request is dropped without even consideration, and does not reset the period, and 0.5 seconds later the account can be opened up for attempts again. So every two seconds at least *one* guess can get through from someone. Now attacker with resource can stack the deck so that they are almost certainly the ones to consume the guess still, but it's not quite as fatal as resetting the lockout every attempt, even if that attempt occurred during the lockout period.
Now even if it is not timer based, effectively password guesses *should* be an expensive toll on your authenticator (since it should be a one way salted hash with some sort of intentionally intensive delay). So under duress you have to find some way to thwart automation and allow humans to get priority (e.g. captchas, or better ideas).
But instead we have systems that after 3 guesses, lock someone out for an hour. Absolute insanity.
It's right there, "no composition rules". However, I do see one error, it should have said "no bullshit composition rules".
But you repeat yourself....
Also in there:
Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically) and SHOULD only require a change if the subscriber requests a change or there is evidence of compromise of the authenticator.
Holy crap, sanity!
Also need to scrap the minimum change interval some things impose (you *can't* change your password, even if you know you exposed it to someone accidently).
I'd also want to be very careful about account lockout policies. Yes, they are a tool to rate limit an attacker, but they are *also* a vector to DoS an account by locking it out on purpose.
Actually, it's not just about that. A good example is active directory.
On the open source side, if you can set up a decent directory service at all, you are pretty well equipped to handle very complex deployments as well as simple ones. You appreciate the power, transparency, and relative straightforwardness in dealing with complex needs. However, getting even a simple configuration going can be daunting to a newcomer. The newcomer experience is most often ignored in open source projects, since the target audience tends to be in the same ballpark as people able to write the software (at least in the best open source projects).
On the active directory side, it is dead simple to set up a simple configuration. So people getting started have an easier time. Now as your needs advance in complexity, you enter a hellish world of awkwardness in active directory and you'd be better off with the open source stack, but you started with AD and you are stuck with AD.
Commercial software tends to be easier to get started with and also working in common evaluation contexts. Open source tends to fare better when complexity increases and people are able to self-support and mold the overall project in an agreeable way.
The ubuntu on Windows is a gimped 'linux' that is strictly so that a Windows desktop can be used for Linux VM work on Azure. So no unix domain sockets, no sane integration with desktop for graphics, not really the best filesystem performance, no integration of the native authentication/permission structure... Being binary compatible with Linux is one of the least needed aspects of linux, and it's pretty much the only facet they focused on.
text editors should be enhanced with a feature to scale any leading spaces on each line to arbitrary widths
Nice idea, but will fall apart with the convention of tab indentation to indicate code block, then spaces to visually align continuation.
Changing tabstop depending on situation is the primary reason I think tabs are useful.