This doesn't quite make sense to me. Assuming the bots are smart enough to parse the earnings reports (highly plausible) wouldn't they react the same as if it were a proper release?
There tend to be many additional news stories that temper the results. The markets close at 4:00 PM. That is exactly the moment when the reports leave embargo. Within an hour or so there are human-considered reports hitting the news, and by the time the markets open at 9:30 AM the next day there is plenty of context to place around it.
In this case the bots only get a single source of information and instantly react. Then they are in a hyper-sensitive feedback loop and notice what other bots are doing, selling millions of stock based on a single data point.
When the markets are closed overnight the bots see news articles with both positive and negative reactions, with good words and bad words, building up many different data points, and they tend to take more balanced reactions.
The thing is wall street speculation is now highly automated.... and cause a sell-off run much more efficiently than humans reading twitter ever could.
This is exactly what triggered it. The page was up for forty five seconds. 45 seconds is not enough for humans to read and understand it, but that is plenty of time for bots.
During that 45 seconds, assorted stock-trading bots picked up on it, scanned it, and sold over 3M units, or $153M, of their stock. That's over 30x their normal trading levels.
The huge uptick in stock sales triggered another bunch of automated trades, and over the next 18 minutes they had more trades than they had seen all quarter -- the last trade spike that big was after their last earnings report, when the price jumped from about $37/share to around $50/share.
Then, about 18 minutes after the brief posting, trading stopped because of the anomaly. It is normally an effective tactic when trading bots go crazy.
20 minutes later trading was resumed for the remaining half hour of the day. There were over two million trades per minute over that half hour, and the stock price continued dropping from $51.24 to $42.27, with a slow but steady drop today down to $38.49. Days like this make me laugh at stupid investors. No point in selling now, the value is already lost. It is unlikely another bombshell will be dropped. Selling just reinforces your losses.
Of course, if you're a long term investor you'll note that nothing about the company changed; no deals were cancelled and they are still growing in ways that matter. Their stock is low, making it a good value to pick up.
In my experience, I haven't noticed any issues on mobile devices for websites using jQuery.
I can list of plenty of mobile websites with horrible experiences that use jQuery.
But I would not say jQuery itself is the reason for that.
jQuery itself is not inherently a problem. It can be leveraged to do many memory-hungry and processing-heavy actions that break mobile browsers, but that's not jQuery's fault. People can make memory-hungry and processing-heavy PC-centric websites using many different tools.
Or as is very likely the case, a company passes up on hiring him for something.
That's nifty and all, but that's not the actual lawsuit.
The key feature of the lawsuit is that the individual cannot show any specific harm was done, only that their legal rights were infringed. Most aspects of civil law require that the person show some sort of injury. In this case the specific law does not require damage. Damage to consumers is assumed as automatic if the company does not comply with the law. The wording of the law is only about compliance, not about harm.
The big data companies absolutely want to forbid standing in the case. If he could show specific harm he'd have a strong case but it would be a different case. This is about data aggregators being compelled to follow the law.
The first court dismissed it, claiming since he had no specific "actual or imminent harm" he couldn't sue.
The appeals court observed that the law required specific actions by the company, and the law tied failure to comply with the rules to a $100-$1000 fine for noncompliance. That's even the name of the section: "Civil liability for willful noncompliance". Again, the law specifies damages for failing to comply, not damages for actual harm. The appeals court ruled that since the law as written does not require any actual damages -- the law is about compliance by the company, with damages assigned to "any consumer" affected by non-compliance -- he can sue. He qualifies under the definition of "any customer", and the law is only about compliance, not about actual harm.
But let's turn it around. Frequently the courts will examine the consequences if the court rejects the arguments. If they turn it down, if they say consumers cannot have standing unless there is real harm, then they would effectively void sections 1681n and 1681o. There would only be civil liability for actual harm, there would not be any civil liability for noncompliance. Generally the SCOTUS relies on a Constitutional reason to void large chunks of law like that, but in this case there are several solid reasons for Congress to pass the law. If he doesn't have standing then SCOTUS is voiding the law since no other method is available for liability. The Justices tend to be careful about voiding the law, generally only voiding laws when it falls outside what the Constitution allows. I'm absolutely certain that will come up in the oral arguments: if they deny standing how else can the noncompliance law be applied? If they deny standing they seem to be voiding the law without a constitutional reason.
To be honest, I figured that it/had/ to be a bad ruling and...
No, it's all due to the stupid vague line between a "temporary stop", a "detention", and an "arrest". Our various branches of government have struggled with it for two centuries now.
Police need people to interact with them so the officers can do the job of investigating crimes. But legally in order to do that they must seize the thing, seize the person, seize the property, whatever. The requirements about due process, seizure of people and property, the law needed to allow for certain types of temporary seizures of people, and the balance is a hard one.
The traffic stop is just that, a stop. A temporary detention that can only last as long as necessary for the administrative task.
In the ruling (and according to most judges already), the officer stopped the individual and performed the task of writing a citation. Anything more than that is no longer a stop, it becomes either a detention or an arrest.
The ruling is clear on what the problem was here. The officer testified that they "had all their documents back and a copy of the written warning. I got all the reasons for the stop out of the way." Then after the stop was complete he did not allow the man to leave, even after the man asked to go, so the officer could call in a drug-sniffing dog. That was a second detention, done without probable cause (since he had already dealt with the reason for the stop), and was therefore unlawful.
And the HP and Lexmark toner cartridge cases which were just about embedded serialization
Yeah, no. This was specifically mentioned in the Lexmark v Static Control Components case. That was already dealt with in the 6th circuit and supported 9-0 by the SCOTUS. Copy of the decision.
Automobile manufacturers, for example, could control the entire market of
replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the
DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented
protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff
can show that a defendant circumvented protective measures for such a purpose, its claim should not be
allowed to go forward. If Lexmark wishes to utilize DMCA protections for (allegedly) copyrightable works,
it should not use such works to prevent competing cartridges from working with its printer.
... By contrast, Lexmark would have us read this statute in such a way that any time a manufacturer
intentionally circumvents any technological measure and accesses a protected work it necessarily violates
the statute regardless of its “purpose.” Such a reading would ignore the precise language – “for the purpose
of” – as well as the main point of the DMCA – to prohibit the pirating of copyright-protected works such
as movies, music, and computer programs. If we were to adopt Lexmark’s reading of the statute,
manufacturers could potentially create monopolies for replacement parts simply by using similar, but more
creative, lock-out codes. Automobile manufacturers, for example, could control the entire market of
replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the
DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented
protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff
can show that a defendant circumvented protective measures for such a purpose, its claim should not be
allowed to go forward.
Yes it is a short line, but it seems rather bright-line to cite in this case.
But, then, I've never thought about starting the discussion with a drunk person.
Agreed.
The three causes are clear enough in the news report: Two drunken roommates around 1:00 AM were in a fight. That's it. What they were arguing about is irrelevant.
Having heard drunks argue, I can assure you it was not an articulate and well-reasoned discussion. The argument could have been about anything from a favorite phone operating system to a favorite sports team or a favorite color. The fact that they reached for the nearest beer bottle as a weapon is unsurprising.
It is only a problem when somebody (state/corp) has the advantage.
Those with the recordings and with the ability to use them, have the power.
That can be a government with cctv, or a business with cameras on the doors, windows, tellers, and product aisles. Or it can be a cell phone camera capturing a police shooting, or even google glass capturing a crime on the street or an abusive patron.
When the 'little people' have and use recordings it can be leveraged for many things, including social changes for better or worse, such as social pressure after injustice is found, or social pressure to keep your head down and mouth shut.
Ubiquitous cameras can mean a police state, they can also mean when an individual has been abused by government or officers there are plenty of cameras to tell the story from many viewpoints. It can be used to identify triggers, and assign blame, and ensure justice, and to correct policies.
The tricky thing is those same two details: Who has the recordings? What are they able to do with them?
Yes, its called graft or bribery and is illegal in most other developed countries.
Funny!
What other developed countries?
UK? Campaigners get government funds, political party funds, and unlimited contributions. There have been quite a few scandals in recent years where individuals receive over a quarter million pounds in a single donation, and it is all legal.
Germany? Again, government funds, plus government-mandated airtime distributed to the candidates. On top of that, individuals get whatever you can buy. No campaign contribution limits to corporations and the first roughly 3000 euro are tax deductible to encourage businesses to buy their local leaders.
France? Well, there are a huge number of tiny political factions, each well funded and owned by the local businesses. The small parties ensure the elections run favorably by making deals with other political parties (businesses).
Australia? Three decades ago they changed the law to move toward public funding in an attempt to remove private interests. The law was quickly and quietly revised to continue to allow both. Yet wikipedia claims over the last two decades, corporate donations have gone up 5x, from just under $30M to well over $130M publicly reported and millions more through other sources.
Italy? In most of the country, including the southern regions, the old families run everything. What most of the world terms "protection money" is considered basically a local tax. Corruption is rampant.
India? Greece? Just kidding, we all know these are above any form of political corruption.
Our world needs a unified tax code that applies evenly to everyone. No loopholes, no dodges. Everyone pays their share no matter how the company / individuals lives. My suggestion would be for the united states to make it simple. If you sell one product in the United states, you will pay US tax rates on your income. Period. If you have paid taxes somewhere else, you can deduct that amount from the amount you owe the US, but you cannot dodge paying those taxes somewhere. If a company doesn't like it, they are free to not sell products in the United states.
That is logical from several standpoints, but people's emotions prevent it.
People from a region want certain jobs, and they demand results from government leaders, not logic.
How can you get jobs? Entice businesses to move in or to form. How do you encourage business? Tax breaks and other government money. Money to entrepreneurs. Money to small businesses. Money to relocated or new offices.
In the short term that means results to the politicians, meaning re-election. In the short term it means more jobs. In the short term it means growth. In the short term it means an improvement in local life. In the short term it means getting re-elected. Most of society does not think about the long term handcuffs, but in the short term, it means the results most people want, so longer term consequences are ignored.
That's why the uniform taxes won't work. Not because it isn't logical in itself, but because it deprives governments of one of the most powerful incentives (rather than punishments) in their toolbox.
when the cashier told me the groceries cost $35.50, I told her that I would pay $20...
When I go to a restaurant I know sends out coupons, I will ask if they have any behind the counter, and they often do.
When I go to stores that are known for discounts, I ask for them.
Yesterday I needed new tires on my vehicle. At checkout I asked if they had any discounts available. He gave me 10% off.
About a month ago I went to a rock chip repair shop I asked if they had any deals running. The clerk said there was a radio special running and I needed to say their station name for a huge discount... Then he told me the name of the station and smiled, waiting for me to repeat it.
My DSL (vdsl2 modem) is 48 Mbps down 16 up. All the time, not a shared cable loop. My comcast friends pay a similar amount and have similar speeds --- but only during non-peak times. We found the cable loop is shared in the neighborhood, and peak evening hours most cable-using homes in my neighborhood struggle to get a steady 10 down.
While VDSL2 doesn't compare well against fiber to the home, it can compete well with most cable offerings.
Many people in various government and private organizations noticed. People were fired for playing games at work even though the game was inside excel, especially people at strict grunt-level jobs like calling centers where getting caught playing games on the clock was a terminal offense.
The question that many businesses and agencies immediately put to Microsoft were along the lines of "If there is the very large undocumented video game embedded in there without telling us, what else is secretly in your product?", and also "We needed to buy so many thousand machines up to this higher spec to make room for Office 97, how many of those megabytes are spent in the games rather than necessary components?"
I'm sure it was not a comfortable time for those product managers.
I implemented an easter egg triggered by the konami code in an application written for my previous employer. I didn't do it as a goof, but as a means to performance-test a helper function I had written
For that type of thing I would document it
internally as a utility or debugging aid. Then it is no longer an undocumented feature, instead an obscure but documented testing aid.
Undocumented, unapproved, untested functionality is generally a bad thing. But fix it through a tiny bit of documentation, get approval to add a command sequence to get the debug information, and let the test team know the debug command exists, and you're good to go.
It all depends on who they happen to be, and how you define an Easter Egg.
I worked in games for many years and we included quite a few Easter Eggs. But they were not hidden from the studio. They were approved by management, tested by QA, and documented internally. We tried to keep them quiet to see how long it took for them to be found.
The article is right -- large corporations that are risk averse tend to crack down hard on undocumented Easter Eggs. I think that is correct for a business, to crack down hard on undocumented, unapproved, untested features.
The key detail is who knows about it, and how appropriate it is for the product.
Critically: Did it get approved and tested, and is it okay for the user? An Easter Egg that has been approved by designers and product managers, tested by QA, and is a happy surprise to the user is a good thing. If it was not approved, but the programmer intentionally threw in the feature without testing and without documentation, yes, the business should crack down.
The trickier ones are the ones that are approved and tested, but not quite what the customer expects. Microsoft's bouncing text screensaver used to have an Easter Egg that typing "volcano" for the text caused a cycle of volcano names. Fun, for sure, but if your screen savers were used for the machine name, and the machine name happened to be "volcano", then it is an unexpected negative behavior.
Someone working on Excel, a product used inside government agencies and nearly every major business, including secret unapproved features? Yeah, that's absolutely a fire-able offense.
Someone working in a smaller company, with management approval, adding in a small feature to change the color scheme to red and green on Christmas day? Potentially a fun little Easter egg... unless the user is making a major presentation on that day to group that doesn't respect the Christmas holiday, then better make sure there is a way to turn it off.
"Fun" events are good for morale...not just because oh hey minigolf is fun (or whatever), but because they say "we care enough about making our people happy, that we're canceling a day of work just for that". Acting like you care makes a difference. Again, it doesn't do the job for everyone, but the people it doesn't impact can be pretty toxic on a team.
When I interview after seasonal layoffs, one of the questions I ask of my potential employers is: "What is your company culture? What do you do around here?"
Some companies the people look confused for a moment, then say things like "we have standup meetings every morning, that is part of our culture. If you are asking about parties and such, we have a summer party and a christmas party. Is that what you mean?"
Other companies the workers get excited and start talking. "We have a monthly birthday bash with cake and icecream in the lunch room, in the summer months those are barbeque parties out on the grounds. Two or three times a year we go to the movies on a pre-release. Most of the cubicles have nerf guns and the secretary buys bulk packs of nerf darts when too many vanish behind cubicle walls. We have email distribution groups for people who visit the gym for lunch hour, people who play games and Magic the Gathering over lunch, a group for soccer players that usually play on Tuesdays, a group who play Ultimate on Wednesdays, a group who play golf every other Thursday,...."
I am much more interested in working at the latter.
The frustrating thing is that the EFF knows, or should know, that this was already decided in a previous case. They submitted applications that included both automobile parts and video games. I've contacted their legal team as a reminder, but here it is for the masses:
This was all dealt with in the Lexmark v Static Control Components case. Lexmark accused them of several things, but the most notable were the DMCA 1201 and the Lanham Act. The 6th circuit wrote an opinion on the matter, and the SCTOUTS ultimately held with the opinion 9-0. In the earlier opinion:
Generally speaking, “lock-out” codes fall on the functional-idea rather than the original-expression side of the copyright line. Manufacturers of interoperable devices such as computers and software, game consoles and video games, printers and toner cartridges, or automobiles and replacement parts may employ a security system to bar the use of unauthorized components. To “unlock” and permit operation of the primary device (i.e., the computer, the game console, the printer, the car), the component must contain either a certain code sequence or be able to respond appropriately to an authentication process. To the extent compatibility requires that a particular code sequence be included in the component device to permit its use, the merger and scènes à faire doctrines generally preclude the code sequence from obtaining copyright protection...
If we were to adopt Lexmark’s reading of the statute, manufacturers could potentially create monopolies for replacement parts simply by using similar, but more creative, lock-out codes. Automobile manufacturers, for example, could control the entire market of replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff can show that a defendant circumvented protective measures for such a purpose, its claim should not be allowed to go forward.
Both the 6th Circuit and SCOTUS were clear in the matter that the DMCA provision referred to copyright protections on creative content like books and movies, and not codes for operations of devices, explicitly mentioning automobile and replacement parts as exempt.
It was tried already. It doesn't work. Nobody wants to be a volunteer CA, which is effectively what the web of trust demands of people.
Actually it does work. Just not so well for web sites and servers.
For all their other issues, a CA network works reasonably well for hardware-level communications trust. I can look at the algorithm type selected and trust that math ensures that eavesdropping is hard. I can also have some degree of confidence that the site really is who they say they are... but I also know there is a high risk they may have been hacked or compromised by anyone from government agencies to skript kiddies. There is no need for a fake cert when it is easy for them to infiltrate their networks through legal or illegal means. A CA doesn't mean I can trust the server or their services, only that the connection is slightly more safe from eavesdropping.
A web of trust solves a different problem. It is focused mostly on authentication and social trust, not eavesdropping. I can give corporate secrets to my co-workers because people I already trust connected us, but I don't trust strangers on the street who claim to be co-workers because I cannot authenticate them as being part of the company.
When it comes to authenticating people under a WOT model, I have high trust in those I have personally verified, and progressively lower trust in those I have not personally verified. Those in HR or IT can use their own key to sign all their employee keys and I can set a level of trust on those because I have personally met the HR or IT person. It works much like real life social rules, my direct friends I can trust, the friends-of-friends less so, the friends-of-friends-of-friends I will be skeptical of. Key servers can (and do) provide easy access to see who else trusts an individual, letting me quickly build a web of trust, where just like in the physical world I can decide how much trust I give anybody I personally know, and I can decide to trust no one, to trust only those few people I know well, or to trust anybody who comes along.
The parallel with real life social trust is exactly why they work so well for email and similar social uses. That is how people have been doing it for ages.
The reason it doesn't work too well on random web sites is that the web of trust model cannot be automated, or used to verify servers rather than people.
What does it mean to trust a bank's signature? I may be able to verify my bank's digital certificate matches the card I got in their lobby. I probably have a WOT with a few friends and friends-of-friends that get me connected to individual workers at the bank. But that breaks down on a bigger scale when you are trusting servers rather than trusting people. I may know a teller at the bank as a human, but how does that give me any trust of the servers? Sure I probably know people who work at Discover Card's call centers, but just because I know some people why should I fully trust that DiscoverCard's servers have not been compromised? I may know some people working at Google, but does that mean I can trust that their million servers to not give up information to the NSA? No way, because the WOT method focuses on individuals and people rather than hardware.
WOT works well for social connections and personal identities. It doesn't work so well in other contexts. The need for a 'volunteer CA' is not the reason it breaks down. It breaks down because social trust models do not map well to hardware trust models. And for the interwebs that is okay because my trust level to any web site is incredibly low, I can assume they are likely hacked and NSA-backdoored, all I'm looking for is protection from casual eavesdropping.
8 character limits were common up until a few years ago. Today I still see 16 (and 15 because of broken front ends) effective limits. 32 seems to be the most common.
I still see them far too often. My normal password patterns are different than the ones presented but still several words long. Many places requiring accounts still greet me with "Password must be between 6-8 characters, and must contain at least one uppercase letter, lowercase letter, number, and symbol."
I also too-frequently get "Passwords must not contain a space". It prevents me from entering my password of "correct horse battery staple", which is really annoying.
in Britain, our telecoms monopoly (BT) is obliged to provide service for a standard connection fee.
Yes, that's the UK, where even farmland has a dense population.
Consider locations in the US like Wyoming (253,348 square km) compared to the entire UK (243,610 square km) but with a population of 584,153 compared to the UK's 64.1 million. Or states like Alaska, North and South Dakota, and Montana.
Wyoming is such a good comparison because the land mass is similar to the UK. Remove EVERYONE from the entire UK except the people of Cornwall, allow those in Cornwall to spread far and wide, wherever they want anywhere on the isles, and then hook them up with new infrastructure regardless of location. That's about how sparse one of the least populated states is.
Most Europeans fail to understand just how sparse the US really is. While the US is nowhere near as sparse as Australia or parts of Africa, except for a few cities most of the US is quite sparse. I've talked with quite a few people traveling from Europe who flew into Las Vegas and traveled to the Grand Canyon. It is a four hour drive -- 120 miles -- of desert, cactus, and sagebrush that most European visitors were shocked could even exist. Where are the people? How could there be so much empty space? Who owns the land? Google finds some images for comparison: Here is Alaska (the largest state) overlaid over Europe. Another, the lower 48 states overlaid over Europe. The trip from Lisbon to Copenhagen is just a portion of historic Route 66, and is less than half the distance of the country.
In these US states hooking up a single remote dwelling might mean deploying many miles, thirty miles, fifty miles, or even more, to reach the single dwelling. Nobody, not even the federal government, is going to mandate that kind of deployment for £130.
Linus is doing systems level work. At systems level work, there are a lot of mediocre and bad programmers who use the common language of C++. Those who know c well are unlikely to be the mediocre and bad programmers.
That is really a truism across all fields and languages.
In the business world with business logic, there are a lot of mediocre and bad programmers who use the common language of Java. You can filter out many of them by adding a skill requirement of some other less-used languages inside that realm of business software development.
In a field where everyone is doing Ruby development and you don't want mediocre/bad Ruby programmers? Require them to also demonstrate proficiency in another language.
In a field where everyone is using C#? Require them to also demonstrate proficiency in C++ or some other language.
If you only require a single thing you can get unskilled individuals with only a single skill. If you require multiple skills you are more likely to get more talented individuals, since the talented, higher producers tend to pick up a wide range of skills.
Not quite. That only applies if the government wrongfully acquired the documents, knew they were wrongfully obtained, and used them anyway. It is typically avoided by claiming they didn't realize they were wrongfully obtained and they were acting in good faith.
Wikimedia learned of the violations through legally available public documents.
The violations were more than just eavesdropping. The publicly available leaked documents claim the NSA falsified records and used the Wikipedia trademarks to help claim the validity of the pages. Even if part of the suit gets dropped, portions of it document clear civil violations.
While the government can do quite a lot to lie and convince others they are not the government, the Lanham Act is clear that the federal government is liable at the very least for their spying program disrupting the site and using their marks. Specifically in 15 USC 1114, it is against the law for "any person" to reproduce, counterfeit, copy, or imitate a registered mark when it is likely to cause confusion, or to cause mistake, or to deceive. Deception is exactly what the government did. The law continues: the term "any person" includes the United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, or other persons acting for the United States and with the authorization and consent of the United States, and any State, any instrumentality of a State, and any officer or employee of a State or instrumentality of a State acting in his or her official capacity. The United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, other persons acting for the United States and with the authorization and consent of the United States, and any State, and any such instrumentality, officer, or employee, shall be subject to the provisions of this chapter in the same manner and to the same extent as any nongovernmental entity.
That is quite clear, law twice declares that nobody in government is immune from that law. They stated it twice, just to be clear that it applies to everyone in government.:-)
Yet another reason to push shared providers for ECC memory. The error correcting memory is so far not vulnerable to this attack, all the researchers that have tried it report that ECC memory identifies and corrects the corruptions. Of course some attackers may have found a way, but ECC minimizes the risk
Slashdot Mirror
This doesn't quite make sense to me. Assuming the bots are smart enough to parse the earnings reports (highly plausible) wouldn't they react the same as if it were a proper release?
There tend to be many additional news stories that temper the results. The markets close at 4:00 PM. That is exactly the moment when the reports leave embargo. Within an hour or so there are human-considered reports hitting the news, and by the time the markets open at 9:30 AM the next day there is plenty of context to place around it.
In this case the bots only get a single source of information and instantly react. Then they are in a hyper-sensitive feedback loop and notice what other bots are doing, selling millions of stock based on a single data point.
When the markets are closed overnight the bots see news articles with both positive and negative reactions, with good words and bad words, building up many different data points, and they tend to take more balanced reactions.
The thing is wall street speculation is now highly automated. ... and cause a sell-off run much more efficiently than humans reading twitter ever could.
This is exactly what triggered it. The page was up for forty five seconds. 45 seconds is not enough for humans to read and understand it, but that is plenty of time for bots.
During that 45 seconds, assorted stock-trading bots picked up on it, scanned it, and sold over 3M units, or $153M, of their stock. That's over 30x their normal trading levels.
The huge uptick in stock sales triggered another bunch of automated trades, and over the next 18 minutes they had more trades than they had seen all quarter -- the last trade spike that big was after their last earnings report, when the price jumped from about $37/share to around $50/share.
Then, about 18 minutes after the brief posting, trading stopped because of the anomaly. It is normally an effective tactic when trading bots go crazy.
20 minutes later trading was resumed for the remaining half hour of the day. There were over two million trades per minute over that half hour, and the stock price continued dropping from $51.24 to $42.27, with a slow but steady drop today down to $38.49. Days like this make me laugh at stupid investors. No point in selling now, the value is already lost. It is unlikely another bombshell will be dropped. Selling just reinforces your losses.
Of course, if you're a long term investor you'll note that nothing about the company changed; no deals were cancelled and they are still growing in ways that matter. Their stock is low, making it a good value to pick up.
In my experience, I haven't noticed any issues on mobile devices for websites using jQuery.
I can list of plenty of mobile websites with horrible experiences that use jQuery.
But I would not say jQuery itself is the reason for that.
jQuery itself is not inherently a problem. It can be leveraged to do many memory-hungry and processing-heavy actions that break mobile browsers, but that's not jQuery's fault. People can make memory-hungry and processing-heavy PC-centric websites using many different tools.
Or as is very likely the case, a company passes up on hiring him for something.
That's nifty and all, but that's not the actual lawsuit.
The key feature of the lawsuit is that the individual cannot show any specific harm was done, only that their legal rights were infringed. Most aspects of civil law require that the person show some sort of injury. In this case the specific law does not require damage. Damage to consumers is assumed as automatic if the company does not comply with the law. The wording of the law is only about compliance, not about harm.
The big data companies absolutely want to forbid standing in the case. If he could show specific harm he'd have a strong case but it would be a different case. This is about data aggregators being compelled to follow the law.
The first court dismissed it, claiming since he had no specific "actual or imminent harm" he couldn't sue.
The appeals court observed that the law required specific actions by the company, and the law tied failure to comply with the rules to a $100-$1000 fine for noncompliance. That's even the name of the section: "Civil liability for willful noncompliance". Again, the law specifies damages for failing to comply, not damages for actual harm. The appeals court ruled that since the law as written does not require any actual damages -- the law is about compliance by the company, with damages assigned to "any consumer" affected by non-compliance -- he can sue. He qualifies under the definition of "any customer", and the law is only about compliance, not about actual harm.
Because of the exact wording of the law, my money is on Robins on this one. The actual law does not rely on harm to the individual. The wording of the law is based entirely on compliance, with noncompliance resulting in liability. Additional harm is not mandated.
But let's turn it around. Frequently the courts will examine the consequences if the court rejects the arguments. If they turn it down, if they say consumers cannot have standing unless there is real harm, then they would effectively void sections 1681n and 1681o. There would only be civil liability for actual harm, there would not be any civil liability for noncompliance. Generally the SCOTUS relies on a Constitutional reason to void large chunks of law like that, but in this case there are several solid reasons for Congress to pass the law. If he doesn't have standing then SCOTUS is voiding the law since no other method is available for liability. The Justices tend to be careful about voiding the law, generally only voiding laws when it falls outside what the Constitution allows. I'm absolutely certain that will come up in the oral arguments: if they deny standing how else can the noncompliance law be applied? If they deny standing they seem to be voiding the law without a constitutional reason.
To be honest, I figured that it /had/ to be a bad ruling and ...
No, it's all due to the stupid vague line between a "temporary stop", a "detention", and an "arrest". Our various branches of government have struggled with it for two centuries now.
Police need people to interact with them so the officers can do the job of investigating crimes. But legally in order to do that they must seize the thing, seize the person, seize the property, whatever. The requirements about due process, seizure of people and property, the law needed to allow for certain types of temporary seizures of people, and the balance is a hard one.
The traffic stop is just that, a stop. A temporary detention that can only last as long as necessary for the administrative task.
In the ruling (and according to most judges already), the officer stopped the individual and performed the task of writing a citation. Anything more than that is no longer a stop, it becomes either a detention or an arrest.
The ruling is clear on what the problem was here. The officer testified that they "had all their documents back and a copy of the written warning. I got all the reasons for the stop out of the way." Then after the stop was complete he did not allow the man to leave, even after the man asked to go, so the officer could call in a drug-sniffing dog. That was a second detention, done without probable cause (since he had already dealt with the reason for the stop), and was therefore unlawful.
And the HP and Lexmark toner cartridge cases which were just about embedded serialization
Yeah, no. This was specifically mentioned in the Lexmark v Static Control Components case. That was already dealt with in the 6th circuit and supported 9-0 by the SCOTUS. Copy of the decision.
Automobile manufacturers, for example, could control the entire market of replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff can show that a defendant circumvented protective measures for such a purpose, its claim should not be allowed to go forward. If Lexmark wishes to utilize DMCA protections for (allegedly) copyrightable works, it should not use such works to prevent competing cartridges from working with its printer.
Yes it is a short line, but it seems rather bright-line to cite in this case.
But, then, I've never thought about starting the discussion with a drunk person.
Agreed.
The three causes are clear enough in the news report: Two drunken roommates around 1:00 AM were in a fight. That's it. What they were arguing about is irrelevant.
Having heard drunks argue, I can assure you it was not an articulate and well-reasoned discussion. The argument could have been about anything from a favorite phone operating system to a favorite sports team or a favorite color. The fact that they reached for the nearest beer bottle as a weapon is unsurprising.
It is only a problem when somebody (state/corp) has the advantage.
Those with the recordings and with the ability to use them, have the power.
That can be a government with cctv, or a business with cameras on the doors, windows, tellers, and product aisles. Or it can be a cell phone camera capturing a police shooting, or even google glass capturing a crime on the street or an abusive patron.
When the 'little people' have and use recordings it can be leveraged for many things, including social changes for better or worse, such as social pressure after injustice is found, or social pressure to keep your head down and mouth shut.
Ubiquitous cameras can mean a police state, they can also mean when an individual has been abused by government or officers there are plenty of cameras to tell the story from many viewpoints. It can be used to identify triggers, and assign blame, and ensure justice, and to correct policies.
The tricky thing is those same two details: Who has the recordings? What are they able to do with them?
Yes, its called graft or bribery and is illegal in most other developed countries.
Funny!
What other developed countries?
UK? Campaigners get government funds, political party funds, and unlimited contributions. There have been quite a few scandals in recent years where individuals receive over a quarter million pounds in a single donation, and it is all legal.
Germany? Again, government funds, plus government-mandated airtime distributed to the candidates. On top of that, individuals get whatever you can buy. No campaign contribution limits to corporations and the first roughly 3000 euro are tax deductible to encourage businesses to buy their local leaders.
France? Well, there are a huge number of tiny political factions, each well funded and owned by the local businesses. The small parties ensure the elections run favorably by making deals with other political parties (businesses).
Australia? Three decades ago they changed the law to move toward public funding in an attempt to remove private interests. The law was quickly and quietly revised to continue to allow both. Yet wikipedia claims over the last two decades, corporate donations have gone up 5x, from just under $30M to well over $130M publicly reported and millions more through other sources.
Italy? In most of the country, including the southern regions, the old families run everything. What most of the world terms "protection money" is considered basically a local tax. Corruption is rampant.
India? Greece? Just kidding, we all know these are above any form of political corruption.
Our world needs a unified tax code that applies evenly to everyone. No loopholes, no dodges. Everyone pays their share no matter how the company / individuals lives. My suggestion would be for the united states to make it simple. If you sell one product in the United states, you will pay US tax rates on your income. Period. If you have paid taxes somewhere else, you can deduct that amount from the amount you owe the US, but you cannot dodge paying those taxes somewhere. If a company doesn't like it, they are free to not sell products in the United states.
That is logical from several standpoints, but people's emotions prevent it.
People from a region want certain jobs, and they demand results from government leaders, not logic.
How can you get jobs? Entice businesses to move in or to form. How do you encourage business? Tax breaks and other government money. Money to entrepreneurs. Money to small businesses. Money to relocated or new offices.
In the short term that means results to the politicians, meaning re-election. In the short term it means more jobs. In the short term it means growth. In the short term it means an improvement in local life. In the short term it means getting re-elected. Most of society does not think about the long term handcuffs, but in the short term, it means the results most people want, so longer term consequences are ignored.
That's why the uniform taxes won't work. Not because it isn't logical in itself, but because it deprives governments of one of the most powerful incentives (rather than punishments) in their toolbox.
when the cashier told me the groceries cost $35.50, I told her that I would pay $20...
When I go to a restaurant I know sends out coupons, I will ask if they have any behind the counter, and they often do.
When I go to stores that are known for discounts, I ask for them.
Yesterday I needed new tires on my vehicle. At checkout I asked if they had any discounts available. He gave me 10% off.
About a month ago I went to a rock chip repair shop I asked if they had any deals running. The clerk said there was a radio special running and I needed to say their station name for a huge discount... Then he told me the name of the station and smiled, waiting for me to repeat it.
There are opportunities to negotiate everywhere.
No, it will continue.
Instead of negotiating for salary, it becomes a negotiation for pay grade.
"You are offering a job on pay grade #37, but I assure you, my background and history mean I should be on #43."
Same negotiation rules apply, just a different name for the salary.
Even in suburbia it can work out.
My DSL (vdsl2 modem) is 48 Mbps down 16 up. All the time, not a shared cable loop. My comcast friends pay a similar amount and have similar speeds --- but only during non-peak times. We found the cable loop is shared in the neighborhood, and peak evening hours most cable-using homes in my neighborhood struggle to get a steady 10 down.
While VDSL2 doesn't compare well against fiber to the home, it can compete well with most cable offerings.
Yes, for both.
Many people in various government and private organizations noticed. People were fired for playing games at work even though the game was inside excel, especially people at strict grunt-level jobs like calling centers where getting caught playing games on the clock was a terminal offense.
The question that many businesses and agencies immediately put to Microsoft were along the lines of "If there is the very large undocumented video game embedded in there without telling us, what else is secretly in your product?", and also "We needed to buy so many thousand machines up to this higher spec to make room for Office 97, how many of those megabytes are spent in the games rather than necessary components?"
I'm sure it was not a comfortable time for those product managers.
I implemented an easter egg triggered by the konami code in an application written for my previous employer. I didn't do it as a goof, but as a means to performance-test a helper function I had written
For that type of thing I would document it internally as a utility or debugging aid. Then it is no longer an undocumented feature, instead an obscure but documented testing aid.
Undocumented, unapproved, untested functionality is generally a bad thing. But fix it through a tiny bit of documentation, get approval to add a command sequence to get the debug information, and let the test team know the debug command exists, and you're good to go.
They can try all they want.
It all depends on who they happen to be, and how you define an Easter Egg.
I worked in games for many years and we included quite a few Easter Eggs. But they were not hidden from the studio. They were approved by management, tested by QA, and documented internally. We tried to keep them quiet to see how long it took for them to be found.
The article is right -- large corporations that are risk averse tend to crack down hard on undocumented Easter Eggs. I think that is correct for a business, to crack down hard on undocumented, unapproved, untested features.
The key detail is who knows about it, and how appropriate it is for the product.
Critically: Did it get approved and tested, and is it okay for the user? An Easter Egg that has been approved by designers and product managers, tested by QA, and is a happy surprise to the user is a good thing. If it was not approved, but the programmer intentionally threw in the feature without testing and without documentation, yes, the business should crack down.
The trickier ones are the ones that are approved and tested, but not quite what the customer expects. Microsoft's bouncing text screensaver used to have an Easter Egg that typing "volcano" for the text caused a cycle of volcano names. Fun, for sure, but if your screen savers were used for the machine name, and the machine name happened to be "volcano", then it is an unexpected negative behavior.
Someone working on Excel, a product used inside government agencies and nearly every major business, including secret unapproved features? Yeah, that's absolutely a fire-able offense.
Someone working in a smaller company, with management approval, adding in a small feature to change the color scheme to red and green on Christmas day? Potentially a fun little Easter egg... unless the user is making a major presentation on that day to group that doesn't respect the Christmas holiday, then better make sure there is a way to turn it off.
In short, treat them like fucking professionals.
I guess that works if you're a pimp.
In strangely relevant news this week: Nevada brothel seeking paid testers; men, women, and couples for quality assurance. Fucking professionals, indeed!
"Fun" events are good for morale...not just because oh hey minigolf is fun (or whatever), but because they say "we care enough about making our people happy, that we're canceling a day of work just for that". Acting like you care makes a difference. Again, it doesn't do the job for everyone, but the people it doesn't impact can be pretty toxic on a team.
When I interview after seasonal layoffs, one of the questions I ask of my potential employers is: "What is your company culture? What do you do around here?"
Some companies the people look confused for a moment, then say things like "we have standup meetings every morning, that is part of our culture. If you are asking about parties and such, we have a summer party and a christmas party. Is that what you mean?"
Other companies the workers get excited and start talking. "We have a monthly birthday bash with cake and icecream in the lunch room, in the summer months those are barbeque parties out on the grounds. Two or three times a year we go to the movies on a pre-release. Most of the cubicles have nerf guns and the secretary buys bulk packs of nerf darts when too many vanish behind cubicle walls. We have email distribution groups for people who visit the gym for lunch hour, people who play games and Magic the Gathering over lunch, a group for soccer players that usually play on Tuesdays, a group who play Ultimate on Wednesdays, a group who play golf every other Thursday, ...."
I am much more interested in working at the latter.
It's not a purchase, it's a license agreement.
The frustrating thing is that the EFF knows, or should know, that this was already decided in a previous case. They submitted applications that included both automobile parts and video games. I've contacted their legal team as a reminder, but here it is for the masses:
This was all dealt with in the Lexmark v Static Control Components case. Lexmark accused them of several things, but the most notable were the DMCA 1201 and the Lanham Act. The 6th circuit wrote an opinion on the matter, and the SCTOUTS ultimately held with the opinion 9-0. In the earlier opinion:
Generally speaking, “lock-out” codes fall on the functional-idea rather than the original-expression side of the copyright line. Manufacturers of interoperable devices such as computers and software, game consoles and video games, printers and toner cartridges, or automobiles and replacement parts may employ a security system to bar the use of unauthorized components. To “unlock” and permit operation of the primary device (i.e., the computer, the game console, the printer, the car), the component must contain either a certain code sequence or be able to respond appropriately to an authentication process. To the extent compatibility requires that a particular code sequence be included in the component device to permit its use, the merger and scènes à faire doctrines generally preclude the code sequence from obtaining copyright protection ...
If we were to adopt Lexmark’s reading of the statute, manufacturers could potentially create monopolies for replacement parts simply by using similar, but more creative, lock-out codes. Automobile manufacturers, for example, could control the entire market of replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff can show that a defendant circumvented protective measures for such a purpose, its claim should not be allowed to go forward.
Both the 6th Circuit and SCOTUS were clear in the matter that the DMCA provision referred to copyright protections on creative content like books and movies, and not codes for operations of devices, explicitly mentioning automobile and replacement parts as exempt.
It was tried already. It doesn't work. Nobody wants to be a volunteer CA, which is effectively what the web of trust demands of people.
Actually it does work. Just not so well for web sites and servers.
For all their other issues, a CA network works reasonably well for hardware-level communications trust. I can look at the algorithm type selected and trust that math ensures that eavesdropping is hard. I can also have some degree of confidence that the site really is who they say they are... but I also know there is a high risk they may have been hacked or compromised by anyone from government agencies to skript kiddies. There is no need for a fake cert when it is easy for them to infiltrate their networks through legal or illegal means. A CA doesn't mean I can trust the server or their services, only that the connection is slightly more safe from eavesdropping.
A web of trust solves a different problem. It is focused mostly on authentication and social trust, not eavesdropping. I can give corporate secrets to my co-workers because people I already trust connected us, but I don't trust strangers on the street who claim to be co-workers because I cannot authenticate them as being part of the company.
When it comes to authenticating people under a WOT model, I have high trust in those I have personally verified, and progressively lower trust in those I have not personally verified. Those in HR or IT can use their own key to sign all their employee keys and I can set a level of trust on those because I have personally met the HR or IT person. It works much like real life social rules, my direct friends I can trust, the friends-of-friends less so, the friends-of-friends-of-friends I will be skeptical of. Key servers can (and do) provide easy access to see who else trusts an individual, letting me quickly build a web of trust, where just like in the physical world I can decide how much trust I give anybody I personally know, and I can decide to trust no one, to trust only those few people I know well, or to trust anybody who comes along.
The parallel with real life social trust is exactly why they work so well for email and similar social uses. That is how people have been doing it for ages.
The reason it doesn't work too well on random web sites is that the web of trust model cannot be automated, or used to verify servers rather than people.
What does it mean to trust a bank's signature? I may be able to verify my bank's digital certificate matches the card I got in their lobby. I probably have a WOT with a few friends and friends-of-friends that get me connected to individual workers at the bank. But that breaks down on a bigger scale when you are trusting servers rather than trusting people. I may know a teller at the bank as a human, but how does that give me any trust of the servers? Sure I probably know people who work at Discover Card's call centers, but just because I know some people why should I fully trust that DiscoverCard's servers have not been compromised? I may know some people working at Google, but does that mean I can trust that their million servers to not give up information to the NSA? No way, because the WOT method focuses on individuals and people rather than hardware.
WOT works well for social connections and personal identities. It doesn't work so well in other contexts. The need for a 'volunteer CA' is not the reason it breaks down. It breaks down because social trust models do not map well to hardware trust models. And for the interwebs that is okay because my trust level to any web site is incredibly low, I can assume they are likely hacked and NSA-backdoored, all I'm looking for is protection from casual eavesdropping.
8 character limits were common up until a few years ago. Today I still see 16 (and 15 because of broken front ends) effective limits. 32 seems to be the most common.
I still see them far too often. My normal password patterns are different than the ones presented but still several words long. Many places requiring accounts still greet me with "Password must be between 6-8 characters, and must contain at least one uppercase letter, lowercase letter, number, and symbol."
I also too-frequently get "Passwords must not contain a space". It prevents me from entering my password of "correct horse battery staple", which is really annoying.
in Britain, our telecoms monopoly (BT) is obliged to provide service for a standard connection fee.
Yes, that's the UK, where even farmland has a dense population.
Consider locations in the US like Wyoming (253,348 square km) compared to the entire UK (243,610 square km) but with a population of 584,153 compared to the UK's 64.1 million. Or states like Alaska, North and South Dakota, and Montana.
Wyoming is such a good comparison because the land mass is similar to the UK. Remove EVERYONE from the entire UK except the people of Cornwall, allow those in Cornwall to spread far and wide, wherever they want anywhere on the isles, and then hook them up with new infrastructure regardless of location. That's about how sparse one of the least populated states is.
Most Europeans fail to understand just how sparse the US really is. While the US is nowhere near as sparse as Australia or parts of Africa, except for a few cities most of the US is quite sparse. I've talked with quite a few people traveling from Europe who flew into Las Vegas and traveled to the Grand Canyon. It is a four hour drive -- 120 miles -- of desert, cactus, and sagebrush that most European visitors were shocked could even exist. Where are the people? How could there be so much empty space? Who owns the land? Google finds some images for comparison: Here is Alaska (the largest state) overlaid over Europe. Another, the lower 48 states overlaid over Europe. The trip from Lisbon to Copenhagen is just a portion of historic Route 66, and is less than half the distance of the country.
In these US states hooking up a single remote dwelling might mean deploying many miles, thirty miles, fifty miles, or even more, to reach the single dwelling. Nobody, not even the federal government, is going to mandate that kind of deployment for £130.
Linus is doing systems level work. At systems level work, there are a lot of mediocre and bad programmers who use the common language of C++. Those who know c well are unlikely to be the mediocre and bad programmers.
That is really a truism across all fields and languages.
In the business world with business logic, there are a lot of mediocre and bad programmers who use the common language of Java. You can filter out many of them by adding a skill requirement of some other less-used languages inside that realm of business software development.
In a field where everyone is doing Ruby development and you don't want mediocre/bad Ruby programmers? Require them to also demonstrate proficiency in another language.
In a field where everyone is using C#? Require them to also demonstrate proficiency in C++ or some other language.
If you only require a single thing you can get unskilled individuals with only a single skill. If you require multiple skills you are more likely to get more talented individuals, since the talented, higher producers tend to pick up a wide range of skills.
Not quite. That only applies if the government wrongfully acquired the documents, knew they were wrongfully obtained, and used them anyway. It is typically avoided by claiming they didn't realize they were wrongfully obtained and they were acting in good faith.
Wikimedia learned of the violations through legally available public documents.
The violations were more than just eavesdropping. The publicly available leaked documents claim the NSA falsified records and used the Wikipedia trademarks to help claim the validity of the pages. Even if part of the suit gets dropped, portions of it document clear civil violations.
While the government can do quite a lot to lie and convince others they are not the government, the Lanham Act is clear that the federal government is liable at the very least for their spying program disrupting the site and using their marks. Specifically in 15 USC 1114, it is against the law for "any person" to reproduce, counterfeit, copy, or imitate a registered mark when it is likely to cause confusion, or to cause mistake, or to deceive. Deception is exactly what the government did. The law continues: the term "any person" includes the United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, or other persons acting for the United States and with the authorization and consent of the United States, and any State, any instrumentality of a State, and any officer or employee of a State or instrumentality of a State acting in his or her official capacity. The United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, other persons acting for the United States and with the authorization and consent of the United States, and any State, and any such instrumentality, officer, or employee, shall be subject to the provisions of this chapter in the same manner and to the same extent as any nongovernmental entity.
That is quite clear, law twice declares that nobody in government is immune from that law. They stated it twice, just to be clear that it applies to everyone in government. :-)
Yet another reason to push shared providers for ECC memory. The error correcting memory is so far not vulnerable to this attack, all the researchers that have tried it report that ECC memory identifies and corrects the corruptions. Of course some attackers may have found a way, but ECC minimizes the risk
Amazon says it uses ECC in their AWS machines, but other big hosts like Equinix say that ECC memory is "available". Be careful about your hosting, folks.