We have wifi infrastructure in place anyway, and many of the students have mobile devices. It's therefore not a lot of developer work to have our university mobile app be able to say "Yeah, I'm on the right network" on a daily basis, or on request when students are meant to be in lecture, or something. In comparison to fingerprint checks we don't have to equip every lecture theatre with fingerprint scanners (probably two, so we have a backup in case of problems) and computers (again, two) and then maintain that extra infrastructure.
The in depth checks are a right pain, but we legally have to do them, so nothing's going to change there either way.
Sorry, realised this is obvious to me, but requires explanation.
There are fixed things we absolutely have to check, such as checking visa & passport at the start of the academic year (might be each semester, not sure off hand), but there's a more flexible set of requirements in checking the student is generally attending the university.
What that means is we can tell students they need to be attending tutorials regularly and/or taking out books regularly or can be expected to be called in for an ID check if we haven't got any other proof they're actually attending the university. We don't want to spend time pulling students halfway across town so we can glance at their passport and tick a checkbox any more than they want to have to do so, so anything we can do to minimise the number we do that for is a good thing.
We do not have a general policy of failing students for not attending most lectures. There are exceptions; if you're doing Chemistry and completely fail to attend a safety briefing (I believe they're all either routinely repeated or can be repeated if there's a good reason why a student was absent), for example, that can basically be degree ending right there (you cannot be allowed into the lab, so cannot do coursework). There are similar examples in most sciences and Medicine.
What we're talking about is fulfilling a legal requirement in one case, and helping us manage resources in another (by providing additional assistance to students most likely to benefit from it).
From my point of view (as a non-academic who works on improving university administration), it matters for a few key reasons:
1. Students who don't turn up to lectures are more likely to drop out of university. This particularly goes for students whose attendance was good and tails off, so we want to spot them early on and ask if they need any help (academic or personal).
2. If a student turns up mid-way through semester with problems, we're inclined to be a lot more sympathetic (and devote more staff time to helping) if you've attended class. If you didn't attend class and then don't know the material, it could be argued that's rather your own fault.
That's fair, but I did want people to think about this.
My suggestion was that we do wifi-pinging from student mobiles to cover most cases (as in you download an app and it checks you're in-range of our wifi), and use attendance at tutorials and 2-3 annual full checks (as in turn up with your passport so we can double check everything) to cover the requirement for more in-depth checks. Having tried ID card based lecture attendance, we've found mostly it's a huge pain; even when it works correctly it creates long queues at the start of lectures, and it's more hardware we have to manage. I don't imagine Newcastle will be doing fingerprint checks for long, personally...
I'd have to check the specifics of what the requirements are (they're actually not terribly harsh, just more admin work we didn't need), but they are something that are imposed on universities.
As others have said, there is no official exchange rate. I've traded currencies (not very well, but I have), and have done UK tax returns based on the same. Unless there's a more applicable rate (as in, if you're trading at one rate, obviously you can't claim another), any consistent process for calculating the exchange rate can be used (so you can use the average of high/low from a Barclays as long as you always use that, you couldn't suddenly start using the high from another data source halfway through your calculations). Exchange rates can (and do) differ depending on which market you're trading on (although obviously the use of automated trading means inconsistencies last typically seconds at worst).
I am not qualified to give tax advice to others, so anyone depending on this should consult an actual professional. Tax laws will obviously also differ by country.
Agreed; the guy is exploiting the patent system in one of the most horrific mis-uses I've ever seen (applying an expired patent that was bought from another organisation to retro-actively sue people who had no idea they were infringing), however the use of a technology in a new scenario is not a new patent. While the references to old technology (for example modems) in the patent seem mildly comical from today's point of view, in terms of the patent itself personally I find it refreshing to actually see a well thought through implementation.
At the same time, I'm aware from a practical point of view very few people understand these tools, and that very very few companies using SSL have done so through anyone who understands how to ensure it's done correctly (understanding entropy sources, ensuring keys are created with the correct access permissions where applicable, etc.), so it's not really a new scary thing.
Endangering others through wilful ignorance of safety precautions is not okay, even if you're kinda curious to see what it does. They put warnings on these things for a reason.
> There's some really stupid shit that can get them in big trouble.
Yes, like permanently damaging someone's eyesight. I hear that's bad.
Okay, but the statistical odds that this unwanted child is a brilliant violinist/scientist/whatever are very, very slim. In fact, given that they're likely to be growing up in a single parent family or put up for adoption, odds are probably better that they'll grow up a traumatised mess.
There are at least even odds of brilliant violinist and serial killer.
If you want to help kids grow up into brilliant violinists, put your time and effort into the millions (billions?) of disadvantaged children who already exist.
Certainly, there's a huge lag in training new staff. Keep in mind a lecturer has typically two degrees (undergrad and PhD) then possibly several years of training as well.
>.xxx is being sold NOT as a.com domain but rather more as a portal. They are not ICANN, they are a registar that wants to be friends with the porn industry, want to look out for it, make.xxx a special place.
Certainly not how it worked out; basically it came across much more as an attempt to force a lot of people & companies to register extra domains before someone took them, and confused customers who were quite happy with the existing addresses... http://www.zdnet.com/blog/violetblue/numbers-show-dot-xxx-sites-are-a-sham/1279
Seriously though, it depends on what you're doing with your IT infrastructure. If you're doing nice simple predictable things, yes you're going to be happy with a small team. On the other hand I work in CS research and with 4 sysadmins the infrastructure is still the wobbliest thing going because there's so much damn weird/esoteric stuff going on.
You've just dodged half the questions, though. Failure of user's own equipment will be a nightmare, doubly so as it's virtually impossible to tell the difference between a genuine problem and someone who is just claiming the PC ate the file. Working at a university, we can manage a lot of this because we provide 24 hour access to tightly locked down systems that we know will work (or, if they don't, we'll know because we get a hundred support queries instead of just one).
I'll accept, we've never had a serious problem with staff-provided PDFs. For coursework submission though:
1. During first rollout, we had a significant number of students who saved their file to the desktop, opened the web application and clicked the "Upload" button. Apparently the step where they needed to tell the system what file to upload was a surprise. We now have to e-mail out cryptographically signed receipts when a file is uploaded, to confirm the system has the file.
2. Students rapidly figured out however that they could upload work, get a receipt, then delete it (as if to replace it with a new file) and claim the system had eaten it. So now we're also tracking all work submitted over time. Marks and feedback are also attached to the file uploaded (not the assignment due), so that if a student is allowed to re-submit after the due date, any marks entered are correctly preserved.
3. Students submit work to the wrong places, so now we have time locks (maximum number of weeks before work is due, that they can submit), and the ability to readily move work between assignments.
4. Students submit the wrong format, either because it's what they have, or because they haven't the faintest clue what they're doing. You would not believe how many people think they can convert.doc to.docx or.pdf by renaming the file.
5. Students submit files with distinct oddities. PDFs with security turned on and printing disabled for example. Word documents that open in some versions of Office and not others. Are these okay? Can they be filtered out?
6. Viruses; both Word and PDF documents can carry viruses, so now you have to virus scan incoming work. Can you reject work if it matches a virus signature, or do you have to keep a copy of it quarantined until a techy can examine it? If you reject work but the student's done it, is it late?
Also, are you suggesting that coursework doesn't need printing, or that the school prints it themselves? The former doesn't match the feedback we've received from academics (or; you try marking 30 essays on computer and tell me how you feel about the experience), the latter is an extra cost to the school.
Long story short, electronic coursework submission is a lot harder than it looks. Support is getting there, but this is really waiting on there being proper generic frameworks for supporting it.
What's the advantage to the school? You're talking about introducing highly complex IT systems that will require development and support, both of which are expensive. What's the school going to get out of this?
I work on (development, training, support, strategy, the whole lot) these sort of systems for a university, and even for us the list of "nice to have" features that aren't going to be implemented is huge (100+ items last time I looked). A lot of schools are adopting open source solutions such as Moodle ( http://moodle.org/ ), but we're still at the point that for many smaller institutions it just doesn't make sense on cost vs benefit.
Got myself a copy (my employer appears to have a subscription), The really critical bit here is:
"Performing a fast scan on one of the drives resulted in a possible credit card hit as demonstrated in Image 10."
While they conclude that it's likely this is a credit card, based on the card identifier (first four numbers) and that it matches the Luhn algorithm (mis-spelt as "Luhr" in the article - that took a while to figure out!), however the Luhn algorithm isn't designed for this sort of use, it's primarily there to catch data entry mistakes. I'm fairly happy that the chances of a match like this on a multi-GB hard drive are fairly good, just through random chance. A good follow-up experiment here would be to buy new XBox 360s, buy points and then scan the hard drive for the card used.
IMHO their points raised about finding gamer tags, friend lists, etc. are probably far more relevant, especially in relation to this data not being destroyed when a factory reset is done.
There's some really odd bits, though... "In this particular instance, we can see NAT (Network Address Translation) rules for a site called Bungle.net[sic], where Halo players can have their stats tracked or purchase games and merchandise [36]." - which as far as I can tell is actually a list of errors you can get if your NAT setup is causing problems.
I'd also be more confident if the work had less odd errors; "Book and Nuke, by DBAN is", presumably refers to "Darik's Boot and Nuke", frequently abbreviated to "DBAN".
Slashdot Mirror
Erm, I'm fairly certain they were being sarcastic...
GoG.com 's been having a great sale, and is all DRM free, in case anyone's missed it so far...
We have wifi infrastructure in place anyway, and many of the students have mobile devices. It's therefore not a lot of developer work to have our university mobile app be able to say "Yeah, I'm on the right network" on a daily basis, or on request when students are meant to be in lecture, or something. In comparison to fingerprint checks we don't have to equip every lecture theatre with fingerprint scanners (probably two, so we have a backup in case of problems) and computers (again, two) and then maintain that extra infrastructure.
The in depth checks are a right pain, but we legally have to do them, so nothing's going to change there either way.
Sorry, realised this is obvious to me, but requires explanation.
There are fixed things we absolutely have to check, such as checking visa & passport at the start of the academic year (might be each semester, not sure off hand), but there's a more flexible set of requirements in checking the student is generally attending the university.
What that means is we can tell students they need to be attending tutorials regularly and/or taking out books regularly or can be expected to be called in for an ID check if we haven't got any other proof they're actually attending the university. We don't want to spend time pulling students halfway across town so we can glance at their passport and tick a checkbox any more than they want to have to do so, so anything we can do to minimise the number we do that for is a good thing.
Customers, technically, but anyway...
We do not have a general policy of failing students for not attending most lectures. There are exceptions; if you're doing Chemistry and completely fail to attend a safety briefing (I believe they're all either routinely repeated or can be repeated if there's a good reason why a student was absent), for example, that can basically be degree ending right there (you cannot be allowed into the lab, so cannot do coursework). There are similar examples in most sciences and Medicine.
What we're talking about is fulfilling a legal requirement in one case, and helping us manage resources in another (by providing additional assistance to students most likely to benefit from it).
> This has the advantage of not hassling students who feel that their time is better spent in the library instead of at lecture.
Which makes me think, why aren't we using book lending as an activity...
From my point of view (as a non-academic who works on improving university administration), it matters for a few key reasons:
1. Students who don't turn up to lectures are more likely to drop out of university. This particularly goes for students whose attendance was good and tails off, so we want to spot them early on and ask if they need any help (academic or personal).
2. If a student turns up mid-way through semester with problems, we're inclined to be a lot more sympathetic (and devote more staff time to helping) if you've attended class. If you didn't attend class and then don't know the material, it could be argued that's rather your own fault.
That's fair, but I did want people to think about this.
My suggestion was that we do wifi-pinging from student mobiles to cover most cases (as in you download an app and it checks you're in-range of our wifi), and use attendance at tutorials and 2-3 annual full checks (as in turn up with your passport so we can double check everything) to cover the requirement for more in-depth checks. Having tried ID card based lecture attendance, we've found mostly it's a huge pain; even when it works correctly it creates long queues at the start of lectures, and it's more hardware we have to manage. I don't imagine Newcastle will be doing fingerprint checks for long, personally...
You would have to take that up with the government, it's their requirement: http://www.bbc.co.uk/news/education-19425718
I'd have to check the specifics of what the requirements are (they're actually not terribly harsh, just more admin work we didn't need), but they are something that are imposed on universities.
If you're at the university on a visa, there's an expectation you're attending the university. Don't laugh, it happens.
If the UKBA feels the university isn't doing enough, this happens: http://www.bbc.co.uk/news/education-19425718
> claiming the scanners would 'turn universities into border checkpoints'
Bit late for that.
Seriously though; universities have to prove overseas students are actually attending the university. How would other suggest we do this?
As others have said, there is no official exchange rate. I've traded currencies (not very well, but I have), and have done UK tax returns based on the same. Unless there's a more applicable rate (as in, if you're trading at one rate, obviously you can't claim another), any consistent process for calculating the exchange rate can be used (so you can use the average of high/low from a Barclays as long as you always use that, you couldn't suddenly start using the high from another data source halfway through your calculations). Exchange rates can (and do) differ depending on which market you're trading on (although obviously the use of automated trading means inconsistencies last typically seconds at worst).
I am not qualified to give tax advice to others, so anyone depending on this should consult an actual professional. Tax laws will obviously also differ by country.
Agreed; the guy is exploiting the patent system in one of the most horrific mis-uses I've ever seen (applying an expired patent that was bought from another organisation to retro-actively sue people who had no idea they were infringing), however the use of a technology in a new scenario is not a new patent. While the references to old technology (for example modems) in the patent seem mildly comical from today's point of view, in terms of the patent itself personally I find it refreshing to actually see a well thought through implementation.
It scares me, anyway.
At the same time, I'm aware from a practical point of view very few people understand these tools, and that very very few companies using SSL have done so through anyone who understands how to ensure it's done correctly (understanding entropy sources, ensuring keys are created with the correct access permissions where applicable, etc.), so it's not really a new scary thing.
Endangering others through wilful ignorance of safety precautions is not okay, even if you're kinda curious to see what it does. They put warnings on these things for a reason.
> There's some really stupid shit that can get them in big trouble.
Yes, like permanently damaging someone's eyesight. I hear that's bad.
*head-desk*
Okay, but the statistical odds that this unwanted child is a brilliant violinist/scientist/whatever are very, very slim. In fact, given that they're likely to be growing up in a single parent family or put up for adoption, odds are probably better that they'll grow up a traumatised mess.
There are at least even odds of brilliant violinist and serial killer.
If you want to help kids grow up into brilliant violinists, put your time and effort into the millions (billions?) of disadvantaged children who already exist.
Certainly, there's a huge lag in training new staff. Keep in mind a lecturer has typically two degrees (undergrad and PhD) then possibly several years of training as well.
> .xxx is being sold NOT as a .com domain but rather more as a portal. They are not ICANN, they are a registar that wants to be friends with the porn industry, want to look out for it, make .xxx a special place.
Certainly not how it worked out; basically it came across much more as an attempt to force a lot of people & companies to register extra domains before someone took them, and confused customers who were quite happy with the existing addresses... http://www.zdnet.com/blog/violetblue/numbers-show-dot-xxx-sites-are-a-sham/1279
On a tenuously related note, what happens if Facebook is no longer the top Google result for "Facebook": http://www.mid.co.uk/blog/facebook_warning_for_web_designers/
> For example, the .tickets domain would be where Web users could expect to go to buy event tickets.
I regularly start with a TLD and work backwards when I'm looking for things, rather than searching Google...
*facepalm*
Not quite... we have 1,000 ideas for every coder, but a 1,000 coders for every good idea (and probably about 1:1 good ideas and good coders :-D )
Wait, where's your level 1 helpdesk!?
Seriously though, it depends on what you're doing with your IT infrastructure. If you're doing nice simple predictable things, yes you're going to be happy with a small team. On the other hand I work in CS research and with 4 sysadmins the infrastructure is still the wobbliest thing going because there's so much damn weird/esoteric stuff going on.
You've just dodged half the questions, though. Failure of user's own equipment will be a nightmare, doubly so as it's virtually impossible to tell the difference between a genuine problem and someone who is just claiming the PC ate the file. Working at a university, we can manage a lot of this because we provide 24 hour access to tightly locked down systems that we know will work (or, if they don't, we'll know because we get a hundred support queries instead of just one).
I'll accept, we've never had a serious problem with staff-provided PDFs. For coursework submission though:
1. During first rollout, we had a significant number of students who saved their file to the desktop, opened the web application and clicked the "Upload" button. Apparently the step where they needed to tell the system what file to upload was a surprise. We now have to e-mail out cryptographically signed receipts when a file is uploaded, to confirm the system has the file.
2. Students rapidly figured out however that they could upload work, get a receipt, then delete it (as if to replace it with a new file) and claim the system had eaten it. So now we're also tracking all work submitted over time. Marks and feedback are also attached to the file uploaded (not the assignment due), so that if a student is allowed to re-submit after the due date, any marks entered are correctly preserved.
3. Students submit work to the wrong places, so now we have time locks (maximum number of weeks before work is due, that they can submit), and the ability to readily move work between assignments.
4. Students submit the wrong format, either because it's what they have, or because they haven't the faintest clue what they're doing. You would not believe how many people think they can convert .doc to .docx or .pdf by renaming the file.
5. Students submit files with distinct oddities. PDFs with security turned on and printing disabled for example. Word documents that open in some versions of Office and not others. Are these okay? Can they be filtered out?
6. Viruses; both Word and PDF documents can carry viruses, so now you have to virus scan incoming work. Can you reject work if it matches a virus signature, or do you have to keep a copy of it quarantined until a techy can examine it? If you reject work but the student's done it, is it late?
Also, are you suggesting that coursework doesn't need printing, or that the school prints it themselves? The former doesn't match the feedback we've received from academics (or; you try marking 30 essays on computer and tell me how you feel about the experience), the latter is an extra cost to the school.
Long story short, electronic coursework submission is a lot harder than it looks. Support is getting there, but this is really waiting on there being proper generic frameworks for supporting it.
What's the advantage to the school? You're talking about introducing highly complex IT systems that will require development and support, both of which are expensive. What's the school going to get out of this?
I work on (development, training, support, strategy, the whole lot) these sort of systems for a university, and even for us the list of "nice to have" features that aren't going to be implemented is huge (100+ items last time I looked). A lot of schools are adopting open source solutions such as Moodle ( http://moodle.org/ ), but we're still at the point that for many smaller institutions it just doesn't make sense on cost vs benefit.
Got myself a copy (my employer appears to have a subscription), The really critical bit here is:
"Performing a fast scan on one of the drives resulted in a possible credit card hit as demonstrated in Image 10."
While they conclude that it's likely this is a credit card, based on the card identifier (first four numbers) and that it matches the Luhn algorithm (mis-spelt as "Luhr" in the article - that took a while to figure out!), however the Luhn algorithm isn't designed for this sort of use, it's primarily there to catch data entry mistakes. I'm fairly happy that the chances of a match like this on a multi-GB hard drive are fairly good, just through random chance. A good follow-up experiment here would be to buy new XBox 360s, buy points and then scan the hard drive for the card used.
IMHO their points raised about finding gamer tags, friend lists, etc. are probably far more relevant, especially in relation to this data not being destroyed when a factory reset is done.
There's some really odd bits, though... "In this particular instance, we can see NAT (Network Address Translation) rules for a site called Bungle.net[sic], where Halo players can have their stats tracked or purchase games and merchandise [36]." - which as far as I can tell is actually a list of errors you can get if your NAT setup is causing problems.
I'd also be more confident if the work had less odd errors; "Book and Nuke, by DBAN is", presumably refers to "Darik's Boot and Nuke", frequently abbreviated to "DBAN".