New authentication scheme? This technique has been around for awhile--and not just in Morse code. I wrote working code that did this about 7 or 8 years ago. It was only 300 lines of C code. So, having first-hand experience, I am able to address some of the issues brought up here.
Typing patterns can change slightly over time or different keyboards, but some (if not most) of that variation can be accounted for statistically. Every time the user is correctly authenticated, you just add that pattern to the database. This won't handle drastic changes (like a broken hand), but it does pretty well for most cases. My system was originally trained on 10 training runs of typing the user's first name, last name, user name, and password. The login sequence required all of these, so it was a little bit longer than the standard username-password sequence.
Now, you probably can't tell your wife your password and have her log in for you, but the system could still be useful in government systems where per-user traceability is mandatory. The assumption here would be that the recognized failure modes would be acceptable, and sysadmins would be willing to handle them individually.
The system I wrote did not just measure typing speed. It actually looked at the latency patterns between each keystroke. By tweaking the similarity threshold, I could get it so that it would accept most of my attempts, but reject a lot of other people trying to log in as me. I type faster than 100 WPM, so just matching my speed was impossible for most people. I had a friend who was also a fast typist try to impersonate me. It took him a long time, but he was finally able to get in after many tries. His primary problem was typing my user name correctly and fast enough. This was difficult since it's a one-handed finger-twister. My impression after this test was that accomplished typists are consistent enough that there is minimal variation and that the recognition essentially degenerates to a speed measurement (although I don't have quantitative results to prove this). I did not do any testing on poor typists. I would have concerns about whether hunt-and-peckers would be recognized. The system did take into account the user's volatility, but it's possible that the keystroke latencies of poor typists are not normally distributed. This would pose a problem, but it might be ameliorated by using a dynamic threshold based on the users' consistency.
A few years ago, I was teaching a typing class for which I had written my own typing program when I decided to give dvorak a try. I fixed my typing program to automatically remap the keys for me and started practicing. I type about 120 WPM qwerty and was anxious to see how fast I could get with dvorak. After only a small amount of practice, I got so I could go 60-70 WPM with dvorak for normal English text. When I tried switching back to qwerty, it was very strange. When I was typing in my typing program right after switching back, I had a terrible time with qwerty. My brain just didn't want to do it. But the really strange thing was that when I was trying to type from my typing program (i.e. transcribing text from the screen) I had trouble, but when I would then type something straight out of my head (and not something dicated by my typing program) I had no trouble whatsoever. I could exit to a shell prompt and function just fine. But then when I went back into the typing program I still had trouble. It was a really weird feeling to have my brain not obey my wishes.
However, I only experienced this difficulty for a short period of time. A few minutes later I would be back to normal. Interestingly enough, this same phenomenon did not happen in reverse. I could pretty much always pick up dvorak immediately to my highest skill level. I have since let my dvorak slide so I can't type that same speed, but it's still not too hard to switch back. I just got 40 WPM after having not touched dvorak for several years.
Anyway, I really don't think you will have any trouble switching back and forth. This problem I just related to you really wasn't a problem since it only happened when I did a very abrupt transition from fast transcription in dvorak to attempted fast transcription in qwerty. Most of the time you're not transcribing and so this particular artifact of my brain shouldn't matter. And that's not to say that you might not experience the problem like I did. I'd be interested to know whether you do.
Give it a shot. The only reason that I haven't kept up with my dvorak is because I do a lot of coding and dvorak isn't quite as well-suited to that as it is to plain English. Also, using vim is difficult in dvorak.
It seems to me that the core issue here is that of the tradeoff between spreading the ubiquity of open source and preventing a few people from benefitting from something they didn't write. Nobody likes to see some big corporation make money off something they freely donated to the OSS community. But I think ESR's point is that while this does happen, it's only a small part of a much bigger picture. If the most important goal is to spread open source (and topple Microsoft in the irresistable tide of GNU/Linux), then maybe a few people making money off code they didn't write is an acceptable tradeoff.
Commercial for-profit businesses are in some way involved in a huge portion of the total software world. ESR is saying that if we make ourselves more desireable to the commercial sector, we'll make more progress than we would have otherwise.
But if the thought of someone making money off your code keeps you up at night, then the GPL is definitely for you.
Above you said that the government should not ensure healthy food for everyone because the lack thereof is an indirect threat. I showed that lack of health insurance is an indirect threat. (In fact, lack of most anything is indirect.) Now you say that the government should supply health insurance. You're contradicting yourself.
BTW, there are plenty of ways to reduce the cost of health insurance other than by making it government run. One would be to cap damages for malpractice. Doctors' insurance premiums would go way down. You can still provide adaquate punishment for negligence by taking away their license to practice.
And you know, despite everything I've been saying, I'm not completely opposed to a national insurance program...provided that enrollment is optional and if I'm not enrolled, I don't have to pay for it. That would be a great way to find out whether your claims of lower cost and increased access are really true. My guess is that the bloated government bureaucracy would create so much overhead that it wouldn't be competitive with private insurance. But I could be wrong. Miracles sometimes happen.
Ok, it sounds like you're suggesting that we regulate the direct threats (e.g. sickness, disease, grotesque accidents) and not regulate the indirect threats (e.g. lack of food). That makes perfect sense to me.
Now, imagine you are out in the middle of nowhere in the Southwest and get shot/knifed/beat up by some thugs. You don't die right away, but you suffer from another problem. You are nowhere near a hospital where you can get care. You bleed to death. The direct threat was getting shot/knifed. The indirect threat was lack of access to proper medical care. Would you have us make a law that there must be medical care within some close distance of every point in our country? I doubt you would advocate this just like you didn't advocate legislation of food.
Now let's take a closer look at disease, disaster, and accidents. The actual sickness, disaster, or accident is the direct threat. Lack of access to medical care is the indirect threat. We can't make a law against the direct threat of disease or natural disaster like we did with other threats (murder, rape). You already implied that we shouldn't make laws for indirect threats, but that also applies to health care and insurance.
Also, if you try to have government ensure monetary access to medical care through insurance, it is just as important to ensure physical access to medical care. The absurdity of the latter sheds light on the foolishness of the former.
1. To engage in "Life, Liberty, and the Pursuit of Happiness", one must have, above all, Life
2. To adequately sustain one's Life in the modern age, one must eat. In addition to this, one must eat healthy foods in reasonable quantity.
3. More and more healthy people are not eating healthfully. They eat at fast food restaurants, often because they cannot afford expensive health foods or do not have the time to make healthy food themselves.
If your logic holds, then the government should also provide healthy food for every citizen. Not only should they provide healthy food, but they should also prevent people from consuming unhealthy food that would reduce their ability to engage in "Life, Liberty, and the Pursuit of Happiness". Since the government should obviously not regulate your eating habits, it follows that your logic does not hold either.
I support Gilmore, but it looks like a gray area to me (IANAL). An airline is a corporation, not a government.
The issue here is about the TSA (a government agency) requiring the airlines to require ID. If the airlines are doing this of their own accord, then that is perfectly fine. In this case, people like Gilmore wouldn't need to go to courts, they would just boycott the airline(s). I would say that there may be a big market for a hassle-free airline that doesn't require ID. It's up to enterprising entrepreneurs to discover this demand.
I'm sure glad there are people like you around to do the programming tasks that I as a CS/math person find dull and tedious.
The fact of the matter is, some of the CS people in your school probably were scientists. After all, it is called Computer SCIENCE. The problem is that most people perceive Computer Scientists as programmers. This is not the case. There needs to be an across the board restructuring of computing educational curriculums. People like you who could care less about the math and science end of things should major in Software Engineering, not Computer Science. Software Engineering is the practice, Computer Science is the theory.
Instead of being sickened about CS churning out people who took calculus, you should be promoting the concept of a Software Engineering major that would be what you're looking for.
I graduated with a double major in Computer Science and Math. I now work as a software engineer in a large defense company. Many people interchange the terms Computer Science and programming. These terms are not interchangeable. Computer Science is the theory which provides the building blocks that programmers use (often with no underlying knowledge of what is going on). The act of programming really falls more into the term Software Engineering.
Computer Science is theory. In most fields, the theoretical people make heavy use of math. The same is true in Computer Science. Algorithm and development is inextricably linked dependant on math. So if the question is "Does CS have that much to do with math?", the answer is a resounding yes.
Programming or Software Engineering arguably doesn't have as much to do with math. As other posts mention, there are programming/software engineering jobs that use little to no math. However, there are a very large number of jobs that need math. Whether you have one of these jobs or not, you can still benefit from having taken more math.
The issue is not that you took a class that taught you how to do the math that you need to accomplish the job. The issue is the critical thinking skills that math develops. When I started my software engineering job after graduating, the first project that I was assigned to required lots of math that I had never seen in school even though I was a math major. I was able to do the work not because of something I learned, but because of the critical thinking and logical reasoning skills that my math classes had helped develop. My math background also gave me a familiarity with the basic mathematical tools that I needed.
There will always be new problems that school has not prepared you for. If you go to school to learn how to solve the problems you will encounter in the workplace, then you are in for a big surprise. The important thing to get out of school is the ability to think critically and learn new concepts.
You have a good point. However, the original post has a good point as well. It just depends on what your needs are.
If you are John Q. Internetuser, who wants to reduce the amount of spam that he/she sees in the inbox, then Bayesian filtering is perfect.
However, it is not feasible for use by an ISP trying to reduce bandwidth consumption. Bayesian's content-based nature is wrong for this application--not to mention too intensive.
You also cannot ignore that blacklisting has huge problems. Any time a whole group of people gets blocked because one person in their IP range voluntarily or involuntarily spammed, there is a problem.
The unfortunate thing is that these seem to be some of the best solutions that are available right now.
Slashdot Mirror
New authentication scheme? This technique has been around for awhile--and not just in Morse code. I wrote working code that did this about 7 or 8 years ago. It was only 300 lines of C code. So, having first-hand experience, I am able to address some of the issues brought up here.
Typing patterns can change slightly over time or different keyboards, but some (if not most) of that variation can be accounted for statistically. Every time the user is correctly authenticated, you just add that pattern to the database. This won't handle drastic changes (like a broken hand), but it does pretty well for most cases. My system was originally trained on 10 training runs of typing the user's first name, last name, user name, and password. The login sequence required all of these, so it was a little bit longer than the standard username-password sequence.
Now, you probably can't tell your wife your password and have her log in for you, but the system could still be useful in government systems where per-user traceability is mandatory. The assumption here would be that the recognized failure modes would be acceptable, and sysadmins would be willing to handle them individually.
The system I wrote did not just measure typing speed. It actually looked at the latency patterns between each keystroke. By tweaking the similarity threshold, I could get it so that it would accept most of my attempts, but reject a lot of other people trying to log in as me. I type faster than 100 WPM, so just matching my speed was impossible for most people. I had a friend who was also a fast typist try to impersonate me. It took him a long time, but he was finally able to get in after many tries. His primary problem was typing my user name correctly and fast enough. This was difficult since it's a one-handed finger-twister. My impression after this test was that accomplished typists are consistent enough that there is minimal variation and that the recognition essentially degenerates to a speed measurement (although I don't have quantitative results to prove this). I did not do any testing on poor typists. I would have concerns about whether hunt-and-peckers would be recognized. The system did take into account the user's volatility, but it's possible that the keystroke latencies of poor typists are not normally distributed. This would pose a problem, but it might be ameliorated by using a dynamic threshold based on the users' consistency.
A few years ago, I was teaching a typing class for which I had written my own typing program when I decided to give dvorak a try. I fixed my typing program to automatically remap the keys for me and started practicing. I type about 120 WPM qwerty and was anxious to see how fast I could get with dvorak. After only a small amount of practice, I got so I could go 60-70 WPM with dvorak for normal English text. When I tried switching back to qwerty, it was very strange. When I was typing in my typing program right after switching back, I had a terrible time with qwerty. My brain just didn't want to do it. But the really strange thing was that when I was trying to type from my typing program (i.e. transcribing text from the screen) I had trouble, but when I would then type something straight out of my head (and not something dicated by my typing program) I had no trouble whatsoever. I could exit to a shell prompt and function just fine. But then when I went back into the typing program I still had trouble. It was a really weird feeling to have my brain not obey my wishes.
However, I only experienced this difficulty for a short period of time. A few minutes later I would be back to normal. Interestingly enough, this same phenomenon did not happen in reverse. I could pretty much always pick up dvorak immediately to my highest skill level. I have since let my dvorak slide so I can't type that same speed, but it's still not too hard to switch back. I just got 40 WPM after having not touched dvorak for several years.
Anyway, I really don't think you will have any trouble switching back and forth. This problem I just related to you really wasn't a problem since it only happened when I did a very abrupt transition from fast transcription in dvorak to attempted fast transcription in qwerty. Most of the time you're not transcribing and so this particular artifact of my brain shouldn't matter. And that's not to say that you might not experience the problem like I did. I'd be interested to know whether you do.
Give it a shot. The only reason that I haven't kept up with my dvorak is because I do a lot of coding and dvorak isn't quite as well-suited to that as it is to plain English. Also, using vim is difficult in dvorak.
It seems to me that the core issue here is that of the tradeoff between spreading the ubiquity of open source and preventing a few people from benefitting from something they didn't write. Nobody likes to see some big corporation make money off something they freely donated to the OSS community. But I think ESR's point is that while this does happen, it's only a small part of a much bigger picture. If the most important goal is to spread open source (and topple Microsoft in the irresistable tide of GNU/Linux), then maybe a few people making money off code they didn't write is an acceptable tradeoff.
Commercial for-profit businesses are in some way involved in a huge portion of the total software world. ESR is saying that if we make ourselves more desireable to the commercial sector, we'll make more progress than we would have otherwise.
But if the thought of someone making money off your code keeps you up at night, then the GPL is definitely for you.
Above you said that the government should not ensure healthy food for everyone because the lack thereof is an indirect threat. I showed that lack of health insurance is an indirect threat. (In fact, lack of most anything is indirect.) Now you say that the government should supply health insurance. You're contradicting yourself.
BTW, there are plenty of ways to reduce the cost of health insurance other than by making it government run. One would be to cap damages for malpractice. Doctors' insurance premiums would go way down. You can still provide adaquate punishment for negligence by taking away their license to practice.
And you know, despite everything I've been saying, I'm not completely opposed to a national insurance program...provided that enrollment is optional and if I'm not enrolled, I don't have to pay for it. That would be a great way to find out whether your claims of lower cost and increased access are really true. My guess is that the bloated government bureaucracy would create so much overhead that it wouldn't be competitive with private insurance. But I could be wrong. Miracles sometimes happen.
Ok, it sounds like you're suggesting that we regulate the direct threats (e.g. sickness, disease, grotesque accidents) and not regulate the indirect threats (e.g. lack of food). That makes perfect sense to me.
Now, imagine you are out in the middle of nowhere in the Southwest and get shot/knifed/beat up by some thugs. You don't die right away, but you suffer from another problem. You are nowhere near a hospital where you can get care. You bleed to death. The direct threat was getting shot/knifed. The indirect threat was lack of access to proper medical care. Would you have us make a law that there must be medical care within some close distance of every point in our country? I doubt you would advocate this just like you didn't advocate legislation of food.
Now let's take a closer look at disease, disaster, and accidents. The actual sickness, disaster, or accident is the direct threat. Lack of access to medical care is the indirect threat. We can't make a law against the direct threat of disease or natural disaster like we did with other threats (murder, rape). You already implied that we shouldn't make laws for indirect threats, but that also applies to health care and insurance.
Also, if you try to have government ensure monetary access to medical care through insurance, it is just as important to ensure physical access to medical care. The absurdity of the latter sheds light on the foolishness of the former.
Consider the following:
1. To engage in "Life, Liberty, and the Pursuit of Happiness", one must have, above all, Life
2. To adequately sustain one's Life in the modern age, one must eat. In addition to this, one must eat healthy foods in reasonable quantity.
3. More and more healthy people are not eating healthfully. They eat at fast food restaurants, often because they cannot afford expensive health foods or do not have the time to make healthy food themselves.
If your logic holds, then the government should also provide healthy food for every citizen. Not only should they provide healthy food, but they should also prevent people from consuming unhealthy food that would reduce their ability to engage in "Life, Liberty, and the Pursuit of Happiness". Since the government should obviously not regulate your eating habits, it follows that your logic does not hold either.
Come on, giving one counterexample does not disprove a statement about a general trend.
I support Gilmore, but it looks like a gray area to me (IANAL). An airline is a corporation, not a government.
The issue here is about the TSA (a government agency) requiring the airlines to require ID. If the airlines are doing this of their own accord, then that is perfectly fine. In this case, people like Gilmore wouldn't need to go to courts, they would just boycott the airline(s). I would say that there may be a big market for a hassle-free airline that doesn't require ID. It's up to enterprising entrepreneurs to discover this demand.
I'm sure glad there are people like you around to do the programming tasks that I as a CS/math person find dull and tedious.
The fact of the matter is, some of the CS people in your school probably were scientists. After all, it is called Computer SCIENCE. The problem is that most people perceive Computer Scientists as programmers. This is not the case. There needs to be an across the board restructuring of computing educational curriculums. People like you who could care less about the math and science end of things should major in Software Engineering, not Computer Science. Software Engineering is the practice, Computer Science is the theory.
Instead of being sickened about CS churning out people who took calculus, you should be promoting the concept of a Software Engineering major that would be what you're looking for.
I graduated with a double major in Computer Science and Math. I now work as a software engineer in a large defense company. Many people interchange the terms Computer Science and programming. These terms are not interchangeable. Computer Science is the theory which provides the building blocks that programmers use (often with no underlying knowledge of what is going on). The act of programming really falls more into the term Software Engineering.
Computer Science is theory. In most fields, the theoretical people make heavy use of math. The same is true in Computer Science. Algorithm and development is inextricably linked dependant on math. So if the question is "Does CS have that much to do with math?", the answer is a resounding yes.
Programming or Software Engineering arguably doesn't have as much to do with math. As other posts mention, there are programming/software engineering jobs that use little to no math. However, there are a very large number of jobs that need math. Whether you have one of these jobs or not, you can still benefit from having taken more math.
The issue is not that you took a class that taught you how to do the math that you need to accomplish the job. The issue is the critical thinking skills that math develops. When I started my software engineering job after graduating, the first project that I was assigned to required lots of math that I had never seen in school even though I was a math major. I was able to do the work not because of something I learned, but because of the critical thinking and logical reasoning skills that my math classes had helped develop. My math background also gave me a familiarity with the basic mathematical tools that I needed.
There will always be new problems that school has not prepared you for. If you go to school to learn how to solve the problems you will encounter in the workplace, then you are in for a big surprise. The important thing to get out of school is the ability to think critically and learn new concepts.
You have a good point. However, the original post has a good point as well. It just depends on what your needs are.
If you are John Q. Internetuser, who wants to reduce the amount of spam that he/she sees in the inbox, then Bayesian filtering is perfect.
However, it is not feasible for use by an ISP trying to reduce bandwidth consumption. Bayesian's content-based nature is wrong for this application--not to mention too intensive.
You also cannot ignore that blacklisting has huge problems. Any time a whole group of people gets blocked because one person in their IP range voluntarily or involuntarily spammed, there is a problem.
The unfortunate thing is that these seem to be some of the best solutions that are available right now.