If I can go to almost any bank machine in the world and be able to use it without needing to sign up for a new account, why can't I do the same with hot spots?
The banks had something of a head start in doing this, since they already had inter-bank facilities in place (for things like wire transfers and check clearing).
Also, when ATMs first became popular, the banks were very hesitant to allow the use of machines belonging to other institutions. At least in the US, it was the success of the NYCE network in and around New York City that really broke the ice.
Another interesting historical tidbit: when the banks first started to introduce ATMs, some of them went to a couple of big supermarket chains, and offered to put in the machines for a fee paid by the supermarket. The supermarkets said, "Guess again. We'll put in our machines, and charge you a fee when your customers use them." (At that time the largest holders of currency in the US were not banks, but supermarkets. I don't know if that's still true.)
I lived in Boston for a total of about ten years, and I will entirely concur with those people who have said that the old Central Artery (the elevated highway the Big Dig will replace) was truly a nightmare.
Still, my favorite response to the project came from Rep. Barney Frank. After hearing about the projected cost of the Big Dig, he remarked that, instead of putting the highway underground, it might be cheaper to raise the city.:-)
I was pushed out by a 3rd party vendor, who labeled me the major security risk, after performing a 'vulnerability assessment.'
Do you have anything in writing that says this? If you do, it might be worthwhile to have a quick chat with a lawyer. (If you can't afford one, your local employment assistance agency or legal aid society might be able to help.) IANAL, but I would think that making this kind of claim without any evidence to support it might be actionable.
If you pursue this route, I would not try to get the job back. You've found out the hard way that the people you worked for are intellectual and ethical cretins. Try for a cash settlement, and then find another job.
I was basing my statement about the hijackers on the Economist article:
The trouble is, it is not clear that these identity-verification systems are worth the cost and trouble of introducing them. All 19 of the September 11th hijackers entered the United States using valid visas, on their own passports, for example. Verifying their identities using biometric visas would have made no difference.
In any case, even if we had all the technology you describe, it would not solve the problem, because the problem is fundamentally not a technical problem. Consider the following:
How will the technology help catch people that just walk across the US/Canadian or US/Mexican border? Or those who come ashore in a rubber boat, or smuggled in a freight container? Maybe it will help at airports, but there are other ways to get into the country -- we do have a fair number of undocumented immigrants, you know.
What happens at the airport when the system goes down? The airplanes can't stay up indefinitely. Holding all the people at the airport is not a practical proposition. (Have you ever been at Heathrow or JFK at peak flight arrival times?)
All of this stuff costs money. Maybe the US can do it (after all, we don't seem to have a problem with spending money we don't have), but can every country, especially those from which a terrorist is likely to come? Will they want to do it? (How many potential terrorists do you think travel on British or Swiss passports?)
I agree with the Economist's view that this is a lot more about political posturing that it is about actual security.
It may be my weird sense of humour, but I liked this joke quoted in the article:
There is a joke in the airline industry that the future crew of an airliner will consist of a pilot and a dog. The pilot's job is to watch all the computers, and the dog's job is to bite the pilot if he tries to touch anything.
Among other things, the article makes the very good point that there are two ways to use biometrics: for identification (i.e., who is this J. Random Person), and for authentication (i.e., is this really Rich, as he claims to be).
Tests of face recognition for the first purpose have basically been miserable failures, as far as I can see. (As I'm sure most Slashdotters know, facial recognition is computationally a vey hard problem, even though we clever apes do it all the time.) For the second application, face recognition or fingerprints would seem more promising, since one is comparing them with, in effect, a known right answer.
The article also points out that all of this is being sold as a way to "increase security" -- but it would have done exactly nothing to prevent 9/11, since the hijackers entered the US and traveled as themselves.
In the same way, IT managers have been told they had lost control of their software development. In reality, they had lost control of their understanding of software development, and lost the will to catch up.
This says it all. The problem the author describes arises primarily because overall IT management is more or less clue-free. I have felt, and have said to anyone that would listen, that one cannot manage a technical staff without understanding what they do. The lack of understanding leads to a fear of losing control, which leads to the creation of more layers of rules and administration. This, of course, does not address the fundamental problem at all, but (the clueless hope) creates the illusion of activity and progress.
Here is how to do it right:
For each significant business/organization unit, create a segment of the IT group, run by a senior technical manager, which is entirely responsible for that business unit's IT: development, admin, operations, the whole enchilada. The IT manager's overriding responsibility is the satisfaction of his/her customer, the head of the business unit. Thus, the IT manager has:
The technical background to do the job (by construction)
A clear mandate (from the business head)
The authority to make decisions and resolve conflicts (e.g., between developers and admins)
I have worked in this kind of environment (in financial services) as that technical manager, and it works. I signed a Service Level Agreement with my customer, specifying uptime requirements, project standards and timetables, support staffing, user responsibilities, etc. I had two reporting relationships: a formal one to the overall head of IT, and a less formal but more important one to the head of the business unit. Were there bumps in the road and occasional disagreements? Of course. But having a framework which everyone understood and had bought into was of enormous value.
With this kind of arrangement, there will still (usually) be a need for some centralized services (e.g., voice telecom), and this is a potential trouble spot. However, with the user management on board, the business area IT manager has much more clout in getting those centralized services set up in a reasonable way.
This is something I have been arguing since the whole kerfuffle over E-voting began. Any normally intelligent persons can understand the security / threat model for paper ballots and a ballot box. I would be willing to bet that only a tiny minority of election officials -- even those responsible for selecting the machines -- actually understand the model for the electronic device.
Mrs. Lamone's response is unspeakably condescending, but I think it also unconsciously reveals this: 'please, don't make people ask all these awkward questions about the system -- because I don't know how to answer them.'
I may be wrong, but I had always been told that once you have been infected by a virus, you can't be infected again.
This is true for many viruses, at least to the extent that, if you are exposed / infected again, your immune system can fight off the virus effectively enough that you'll display no symptoms of the infection. But it is certainly not true of all viruses. Usually, your immunity will be better than if you had never been exposed, but there's no guarantee that it will entirely prevent symptoms, let alone infection.
For example, I am told that, if you are infected with the herpes zoster virus (which causes chicken pox and shingles), you never get rid of it entirely; but in most people, the immune system keeps it in check.
This research is also reported in the current issue of The Economist, October 25-31. It is on page 73 of the print edition; here is a link to the online version.
Unless, of course, you're standing up and trying to take notes. Or trying to take notes in mathematics or physics.
Yep, I take your point, although I was talking about my personal situation. Technical notes (for math or physics) are probably most easily taken with pen and paper; that is certainly what I did when I was a student (back in ancient times around 1970), and probably what I would do today.
I'm not sure I agree that "searching the notes" is an issue. For one thing, the amount of information you are going to be able to take down is limited, and I'm not quite sure how you could usefully index a bunch of integral equations, to take your example. There are also many things for which I take notes (for example, project meetings) that are structured chronologically. So finding things really isn't such a big issue.
I've been using computers for 30+ years, and I still have (paper) project notes -- and a Filofax. And neither one needs batteries.:-)
It says the total cost difference between a tablet and comparable notebook is about $200.
I assume he's talking about the production cost. Certainly the retail price difference is more than $200.
It seems to me that the major reason tablet PCs are not selling well is that they are a solution in search of a problem. A tablet PC is bigger and heavier than a PDA; and, for that matter, a clipbboard. A notebook PC, of course, comes with a keyboard.
Personally, the only thing I can see that a tablet PC gives me over a notebook is the ability to do something I don't want to do -- write in longhand. I can type much faster than I can write; as a bonus, the result is legible, even to other people. And I can buy a notebook + PDA for the same or less money.
This is just further evidence that SCO's plan is one of legal extortion...
Exactly. The reason you can't buy a license is the same reason that SCO keeps stalling on discovery in the IBM case, and wants to delay the RedHat case: this has been nothing but a stock-pumping scam from Day 1.
SCO has no case, and Darl & Co know it. If they actually started to sell licenses by means of claims they know to be false, then they would have a big time, criminal legal exposure.
But, not to worry, on November 1 all will be sorted out. I'm sure it's entirely a coincidence that the sale restrictions on the stock given to many of the directors (as reported in the 10Q filing as of April 30) expire on October 31.
The reason most of the public knows MRI as MRI, and not NMR (Nuclear Magnetic Resonance), is because people would be scared of the term "nuclear" as radiation and would avoid them.
True, as far as I know. Certainly the technology was always called NMR back when I got my degree in physical chemistry in the early 1970s. (I actually wrote one of my final-year papers on the analysis of NMR data for a new compound my adviser had synthesized.)
The first, in case anyone is still in doubt about who is bankrolling the SCO FUD machine:
During the three months ended July 31, 2003, Microsoft Corporation ("Microsoft") accounted for approximately 25 percent of total revenue and Sun Microsystems, Inc. ('Sun") accounted for approximately 12 percent of total revenue. During the nine months ended July 31, 2003, Microsoft accounted for approximately 16 percent of total revenue and Sun accounted for approximately 12 percent, of total revenue.
The second is, on the basis of the evidence I've seen, highly questionable:
As a result of our assertion of our intellectual property rights, we have been subjected to several denial of service attacks on our website which prevented web users from accessing our website and doing business with us for a period of time.
I guess it's that good ol' DoS attack that only happens outside office hours and on weekends in Utah.
Finally, there is this little gem, which I find intriguing:
During the quarter ended July 31, 2003, the Company issued a warrant to a consultant, as part of an agreement to assist the Company with its SCOsource licensing initiative. The warrant allows the consultant to acquire 25,000 shares of the Company's common stock at an exercise price of $8.50 per share for a term of two years from the date of the agreement.
Anyone care to venture a guess as to the identity of the unnamed "consultant"?
It's not clear to me that this is any more "secure" (in quotes because the context hasn't been defined) than a conventional signature (for example, made with a stylus on a touch-sensitive pad -- these are used by some places here in the US for credit card transactions).
It does, though, raise a related issue which troubles me: is it a good idea to use technology to remove the transaction from the realm of ordinary human experience?
If you use a conventional signature, the person on the other side of the transaction can at least make a gross check that the signatures (as written, and as on the credit card, for example) match.
But, if I am understanding this proposal correctly, all the matching occurs "inside the machine". I worry a bit about the unintended side effects of this: "the machine is always right!"
(BTW, I think one has a very similar problem with some of the proposed electronic voting systems. Traditional ballot papers are not perfect, but I think that at least a normally intelligent person can understand the security model.)
If, in the course of testing the system, it is revealed that the system has costly failures that could possibly lead to the destruction of a shuttle, then those failures should be fixed.
No argument here; we are really not saying terribly different things. The difficulty, though, is that testing cannot be relied upon to uncover the low probability but catastrophic failures. (In fact, in the case of the shuttle, pieces of the insulating foam had come off on previous launches -- and the "optimists" took that to be a test.)
Similarly, as Bruce Schneier has frequently pointed out, testing is not a reliable way of detecting security flaws.
It seems to me that part of the problem is the need for us to adopt a different "mental perspective" than we normally do.
If I am trying to do an everyday task -- say, putting up a mailbox -- I will tend to think along the lines of , "If I do this, will it work?"
In thinking about these low-probability failures, though, the right question is more like, "If I do this, is there any possible way it can fail?"
Incidentally, the New York Times has another
Op-Ed article on the shuttle affair.
Focus on doing your best. If you made a mistake, fix it.
It goes without saying that you should do nothing less than your best, but I think you haven't thought enough about what Knuth was getting at. I think he refers, essentially, to trying to make it faster before you are sure that it works.
In making a decision, a rational person considers both the benefits of getting it right, and the penalties for getting it wrong.
If, in the case of a mistake, making the "fix"is trivial and cheap, then you are right: worrying a lot about failure is pointless.
(As Bob Townsend pointed out decades ago in Up the Organization, it is silly to spend a lot of time making a decision that can be trivially reversed if it turns out poorly: "Don't let the organization self-destruct while you vacillate between brown and powder-blue coffee cups.")
But if the mistake is very costly; if it leads to the destruction of the shuttle and the deaths of all aboard, how do you propose to "fix" that?
I have found, in about 25 years of work in software engineering, that a reliable system has to be designed to be reliable from the start; reliability cannot just be added later, like putting a hat on a horse.
And I have also observed that, when an organization that is supposed to be doing engineering starts acting like the Marketing Department, the whole exercise is very likely to end in tears. To quote Richard Feynman:
For a successful technology, reality must take precedence over
public relations, for nature cannot be fooled.
And I think you are right to wonder. Articles along the lines of this one come out pretty regularly. And I agree that, for the home user (call her "Grandma") who wants to regard the computer as an appliance, a standardized environment is necessary. (I find it useful to remind myself that this is the AOL market.) My personal experience is that these users can't do much of anything, in Windows or (probably) any other environment, without hand-holding.
However, I'm not sure that going after that market is the best way to advance Linux. The original adoption of home PCs was by people who wanted a machine like the one they had at work, or at school. And, I think, that dynamic still applies, which makes much of this standardization issue moot.
I was working as an IT Director when the original PC appeared. People came and asked what they should get in order to have at home the same capability that they had at work. We were happy to tell them; in fact, we had a ~3 page writeup (or mini-HOWTO, if you prefer;-). It was certainly a hell of a lot easier than setting them up for remote access to the mainframe.
Of course, it would be a Good Thing if there were a common API for the windowing environment, which the different window managers implemented in their own ways. (By this I do not mean a common API to the exclusion of anything else.) I think, though, that the place to focus for advancing Linux is the corporate / business desktop market. I'd love to see Linux get a significant piece of that market.
Remember, Grandma didn't get her PC because she thought it would be cool to have one; she got it because she wanted to have E-mail and pics from the grandkids (and they probably set it up for her).
They're trying to say that if I create something (it doesn't have to be a software program, call it a book) that I can't allow other people to copy it?
That does appear to be their argument. IANAL, but I cannot imagine that any judge could be convinced that the provision of the copyright law that allows you to make a backup copy, even if you don't have the permission of the copyright owner, somehow constrains the owner from permitting you to make modifications or copies or whatever.
To me, this just makes it abundantly clear -- as if further proof were necessary -- that SCO has no desire for this lawsuit to ever see the inside of a courtroom.
I think SCO is beginning to feel cornered -- not before time. In their earnings webcast today, they presented a "defense" of the stock sales by corporate insiders, which somehow left out how all these pre-planned sales happened (coincidentally, I'm sure) to start right after the lawsuit was announced.
I've had a little experience with how the SEC works in this kind of situation. I wouldn't expect to see any overt enforcement action until there is some actual evidence that SCO's claims are bogus. Trading by corporate insiders is not, in itself, illegal, as long as they follow the rules (Form 4 filings, sale restrictions, etc.). What would be illegal (securities fraud, which is a criminal offense) would be SCO officers or directors knowingly making material false statements. (An SCO shareholder could also file a civil lawsuit.)
From the Securities Exchange Act 1934 (as amended), section 32:
any person who willfully and knowingly makes, or causes to be made, any statement in any application, report, or document required to be filed under this title or any rule or regulation thereunder or any undertaking contained in a registration statement as provided in subsection (d) of section 15, or by any self-regulatory organization in connection with an application for membership or participation therein or to become associated with a member thereof, which statement was false or misleading with respect to any material fact, shall upon conviction be fined not more than $5,000,000, or imprisoned not more than 20 years, or both.
The SEC has a good page sumarizing the relevant US Federal laws.
(Incidentally, according to Netcraft, www.sec.gov is running Linux. Do you suppose they've received their menacing letter and invoice from SCO yet?:-)
After October 15, SCO says they'll want $1399. Better buy now!
So the price is going to go up in October. And it just so happens that the restrictions on the common stock that was given to the SCO directors expire on October 31. (Once the restrictions expire, they can sell it.) Here is the relevant paragraph from SCO's 10-Q filing with the SEC:
During the six months ended April 30, 2003, the Company issued 218,000 shares of restricted stock to certain key employees and 150,000 shares of restricted common stock to members of the Company's board of directors. The restricted common stock issued to the board of directors was in lieu of cash compensation for their services to the Company during the 2003 fiscal year and the restrictions lapse at October 31, 2003. The restrictions on the restricted stock awards granted to key employees lapse over a period of 24 months. The fair value of the restricted stock awards granted of $549,000 was recorded as a component of deferred compensation and is amortized to stock-based compensation as the restrictions lapse or as the services are performed.
Isn't it odd how these strange coincidences occur?
There is a serious error of fact in the FT article:
SCO's legal team has adopted an interesting legal strategy, choosing to claim contract violation instead of copyright or patent infringement, which would be governed by federal laws. Because it is a contract dispute, the case will probably be tried by a local court in Utah, where SCO is based, which could be friendlier to local companies.
This is just plain wrong. SCO v. IBM will be tried in the Federal District Court in Utah. Because of the amount in dispute (more than $75,000), and because IBM and SCO are incorporated in different states (IBM in New York, SCO in Delaware), IBM has the right to have the trial moved to Federal court. They filed the "Notice of Removal" on March 25.
Slashdot Mirror
The banks had something of a head start in doing this, since they already had inter-bank facilities in place (for things like wire transfers and check clearing).
Also, when ATMs first became popular, the banks were very hesitant to allow the use of machines belonging to other institutions. At least in the US, it was the success of the NYCE network in and around New York City that really broke the ice.
Another interesting historical tidbit: when the banks first started to introduce ATMs, some of them went to a couple of big supermarket chains, and offered to put in the machines for a fee paid by the supermarket. The supermarkets said, "Guess again. We'll put in our machines, and charge you a fee when your customers use them." (At that time the largest holders of currency in the US were not banks, but supermarkets. I don't know if that's still true.)
Still, my favorite response to the project came from Rep. Barney Frank. After hearing about the projected cost of the Big Dig, he remarked that, instead of putting the highway underground, it might be cheaper to raise the city. :-)
Do you have anything in writing that says this? If you do, it might be worthwhile to have a quick chat with a lawyer. (If you can't afford one, your local employment assistance agency or legal aid society might be able to help.) IANAL, but I would think that making this kind of claim without any evidence to support it might be actionable.
If you pursue this route, I would not try to get the job back. You've found out the hard way that the people you worked for are intellectual and ethical cretins. Try for a cash settlement, and then find another job.
The trouble is, it is not clear that these identity-verification systems are worth the cost and trouble of introducing them. All 19 of the September 11th hijackers entered the United States using valid visas, on their own passports, for example. Verifying their identities using biometric visas would have made no difference.
In any case, even if we had all the technology you describe, it would not solve the problem, because the problem is fundamentally not a technical problem. Consider the following:
-
How will the technology help catch people that just walk across the US/Canadian or US/Mexican border? Or those who come ashore in a rubber boat, or smuggled in a freight container? Maybe it will help at airports, but there are other ways to get into the country -- we do have a fair number of undocumented immigrants, you know.
-
What happens at the airport when the system goes down? The airplanes can't stay up indefinitely. Holding all the people at the airport is not a practical proposition. (Have you ever been at Heathrow or JFK at peak flight arrival times?)
-
All of this stuff costs money. Maybe the US can do it (after all, we don't seem to have a problem with spending money we don't have), but can every country, especially those from which a terrorist is likely to come? Will they want to do it? (How many potential terrorists do you think travel on British or Swiss passports?)
I agree with the Economist's view that this is a lot more about political posturing that it is about actual security.There is a joke in the airline industry that the future crew of an airliner will consist of a pilot and a dog. The pilot's job is to watch all the computers, and the dog's job is to bite the pilot if he tries to touch anything.
Among other things, the article makes the very good point that there are two ways to use biometrics: for identification (i.e., who is this J. Random Person), and for authentication (i.e., is this really Rich, as he claims to be).
Tests of face recognition for the first purpose have basically been miserable failures, as far as I can see. (As I'm sure most Slashdotters know, facial recognition is computationally a vey hard problem, even though we clever apes do it all the time.) For the second application, face recognition or fingerprints would seem more promising, since one is comparing them with, in effect, a known right answer.
The article also points out that all of this is being sold as a way to "increase security" -- but it would have done exactly nothing to prevent 9/11, since the hijackers entered the US and traveled as themselves.
Here is the link to the actual page containing the report card.
This says it all. The problem the author describes arises primarily because overall IT management is more or less clue-free. I have felt, and have said to anyone that would listen, that one cannot manage a technical staff without understanding what they do. The lack of understanding leads to a fear of losing control, which leads to the creation of more layers of rules and administration. This, of course, does not address the fundamental problem at all, but (the clueless hope) creates the illusion of activity and progress.
Here is how to do it right:
For each significant business/organization unit, create a segment of the IT group, run by a senior technical manager, which is entirely responsible for that business unit's IT: development, admin, operations, the whole enchilada. The IT manager's overriding responsibility is the satisfaction of his/her customer, the head of the business unit. Thus, the IT manager has:
- The technical background to do the job (by construction)
- A clear mandate (from the business head)
- The authority to make decisions and resolve conflicts (e.g., between developers and admins)
I have worked in this kind of environment (in financial services) as that technical manager, and it works. I signed a Service Level Agreement with my customer, specifying uptime requirements, project standards and timetables, support staffing, user responsibilities, etc. I had two reporting relationships: a formal one to the overall head of IT, and a less formal but more important one to the head of the business unit. Were there bumps in the road and occasional disagreements? Of course. But having a framework which everyone understood and had bought into was of enormous value.With this kind of arrangement, there will still (usually) be a need for some centralized services (e.g., voice telecom), and this is a potential trouble spot. However, with the user management on board, the business area IT manager has much more clout in getting those centralized services set up in a reasonable way.
Rich
SCO delenda est
Mrs. Lamone's response is unspeakably condescending, but I think it also unconsciously reveals this: 'please, don't make people ask all these awkward questions about the system -- because I don't know how to answer them.'
This is true for many viruses, at least to the extent that, if you are exposed / infected again, your immune system can fight off the virus effectively enough that you'll display no symptoms of the infection. But it is certainly not true of all viruses. Usually, your immunity will be better than if you had never been exposed, but there's no guarantee that it will entirely prevent symptoms, let alone infection.
For example, I am told that, if you are infected with the herpes zoster virus (which causes chicken pox and shingles), you never get rid of it entirely; but in most people, the immune system keeps it in check.
SCO delenda est.
But Windows would fit in very well in another sense. As Tom Clancy put it, "Any ship can be a minesweeper. Once."
This research is also reported in the current issue of The Economist, October 25-31. It is on page 73 of the print edition; here is a link to the online version.
Yep, I take your point, although I was talking about my personal situation. Technical notes (for math or physics) are probably most easily taken with pen and paper; that is certainly what I did when I was a student (back in ancient times around 1970), and probably what I would do today.
I'm not sure I agree that "searching the notes" is an issue. For one thing, the amount of information you are going to be able to take down is limited, and I'm not quite sure how you could usefully index a bunch of integral equations, to take your example. There are also many things for which I take notes (for example, project meetings) that are structured chronologically. So finding things really isn't such a big issue.
I've been using computers for 30+ years, and I still have (paper) project notes -- and a Filofax. And neither one needs batteries. :-)
I assume he's talking about the production cost. Certainly the retail price difference is more than $200.
It seems to me that the major reason tablet PCs are not selling well is that they are a solution in search of a problem. A tablet PC is bigger and heavier than a PDA; and, for that matter, a clipbboard. A notebook PC, of course, comes with a keyboard.
Personally, the only thing I can see that a tablet PC gives me over a notebook is the ability to do something I don't want to do -- write in longhand. I can type much faster than I can write; as a bonus, the result is legible, even to other people. And I can buy a notebook + PDA for the same or less money.
Exactly. The reason you can't buy a license is the same reason that SCO keeps stalling on discovery in the IBM case, and wants to delay the RedHat case: this has been nothing but a stock-pumping scam from Day 1. SCO has no case, and Darl & Co know it. If they actually started to sell licenses by means of claims they know to be false, then they would have a big time, criminal legal exposure.
But, not to worry, on November 1 all will be sorted out. I'm sure it's entirely a coincidence that the sale restrictions on the stock given to many of the directors (as reported in the 10Q filing as of April 30) expire on October 31.
True, as far as I know. Certainly the technology was always called NMR back when I got my degree in physical chemistry in the early 1970s. (I actually wrote one of my final-year papers on the analysis of NMR data for a new compound my adviser had synthesized.)
During the three months ended July 31, 2003, Microsoft Corporation ("Microsoft") accounted for approximately 25 percent of total revenue and Sun Microsystems, Inc. ('Sun") accounted for approximately 12 percent of total revenue. During the nine months ended July 31, 2003, Microsoft accounted for approximately 16 percent of total revenue and Sun accounted for approximately 12 percent, of total revenue.
The second is, on the basis of the evidence I've seen, highly questionable:
As a result of our assertion of our intellectual property rights, we have been subjected to several denial of service attacks on our website which prevented web users from accessing our website and doing business with us for a period of time.
I guess it's that good ol' DoS attack that only happens outside office hours and on weekends in Utah.
Finally, there is this little gem, which I find intriguing:
During the quarter ended July 31, 2003, the Company issued a warrant to a consultant, as part of an agreement to assist the Company with its SCOsource licensing initiative. The warrant allows the consultant to acquire 25,000 shares of the Company's common stock at an exercise price of $8.50 per share for a term of two years from the date of the agreement.
Anyone care to venture a guess as to the identity of the unnamed "consultant"?
Rich
SCO delenda est.
It does, though, raise a related issue which troubles me: is it a good idea to use technology to remove the transaction from the realm of ordinary human experience?
If you use a conventional signature, the person on the other side of the transaction can at least make a gross check that the signatures (as written, and as on the credit card, for example) match. But, if I am understanding this proposal correctly, all the matching occurs "inside the machine". I worry a bit about the unintended side effects of this: "the machine is always right!"
(BTW, I think one has a very similar problem with some of the proposed electronic voting systems. Traditional ballot papers are not perfect, but I think that at least a normally intelligent person can understand the security model.)
Rich
SCO delenda est.
No argument here; we are really not saying terribly different things. The difficulty, though, is that testing cannot be relied upon to uncover the low probability but catastrophic failures. (In fact, in the case of the shuttle, pieces of the insulating foam had come off on previous launches -- and the "optimists" took that to be a test.)
Similarly, as Bruce Schneier has frequently pointed out, testing is not a reliable way of detecting security flaws.
It seems to me that part of the problem is the need for us to adopt a different "mental perspective" than we normally do. If I am trying to do an everyday task -- say, putting up a mailbox -- I will tend to think along the lines of , "If I do this, will it work?" In thinking about these low-probability failures, though, the right question is more like, "If I do this, is there any possible way it can fail?"
Incidentally, the New York Times has another Op-Ed article on the shuttle affair.
Rich
SCO delenda est.
It goes without saying that you should do nothing less than your best, but I think you haven't thought enough about what Knuth was getting at. I think he refers, essentially, to trying to make it faster before you are sure that it works.
In making a decision, a rational person considers both the benefits of getting it right, and the penalties for getting it wrong. If, in the case of a mistake, making the "fix"is trivial and cheap, then you are right: worrying a lot about failure is pointless. (As Bob Townsend pointed out decades ago in Up the Organization, it is silly to spend a lot of time making a decision that can be trivially reversed if it turns out poorly: "Don't let the organization self-destruct while you vacillate between brown and powder-blue coffee cups.")
But if the mistake is very costly; if it leads to the destruction of the shuttle and the deaths of all aboard, how do you propose to "fix" that?
I have found, in about 25 years of work in software engineering, that a reliable system has to be designed to be reliable from the start; reliability cannot just be added later, like putting a hat on a horse.
And I have also observed that, when an organization that is supposed to be doing engineering starts acting like the Marketing Department, the whole exercise is very likely to end in tears. To quote Richard Feynman:
For a successful technology, reality must take precedence over public relations, for nature cannot be fooled.
Rich
SCO delenda est.
And I think you are right to wonder. Articles along the lines of this one come out pretty regularly. And I agree that, for the home user (call her "Grandma") who wants to regard the computer as an appliance, a standardized environment is necessary. (I find it useful to remind myself that this is the AOL market.) My personal experience is that these users can't do much of anything, in Windows or (probably) any other environment, without hand-holding.
However, I'm not sure that going after that market is the best way to advance Linux. The original adoption of home PCs was by people who wanted a machine like the one they had at work, or at school. And, I think, that dynamic still applies, which makes much of this standardization issue moot.
I was working as an IT Director when the original PC appeared. People came and asked what they should get in order to have at home the same capability that they had at work. We were happy to tell them; in fact, we had a ~3 page writeup (or mini-HOWTO, if you prefer ;-). It was certainly a hell of a lot easier than setting them up for remote access to the mainframe.
Of course, it would be a Good Thing if there were a common API for the windowing environment, which the different window managers implemented in their own ways. (By this I do not mean a common API to the exclusion of anything else.) I think, though, that the place to focus for advancing Linux is the corporate / business desktop market. I'd love to see Linux get a significant piece of that market.
Remember, Grandma didn't get her PC because she thought it would be cool to have one; she got it because she wanted to have E-mail and pics from the grandkids (and they probably set it up for her).
Rich
SCO delenda est.
That does appear to be their argument. IANAL, but I cannot imagine that any judge could be convinced that the provision of the copyright law that allows you to make a backup copy, even if you don't have the permission of the copyright owner, somehow constrains the owner from permitting you to make modifications or copies or whatever.
To me, this just makes it abundantly clear -- as if further proof were necessary -- that SCO has no desire for this lawsuit to ever see the inside of a courtroom.
I think SCO is beginning to feel cornered -- not before time. In their earnings webcast today, they presented a "defense" of the stock sales by corporate insiders, which somehow left out how all these pre-planned sales happened (coincidentally, I'm sure) to start right after the lawsuit was announced.
From the Securities Exchange Act 1934 (as amended), section 32:
The SEC has a good page sumarizing the relevant US Federal laws. (Incidentally, according to Netcraft, www.sec.gov is running Linux. Do you suppose they've received their menacing letter and invoice from SCO yet? :-)
So the price is going to go up in October. And it just so happens that the restrictions on the common stock that was given to the SCO directors expire on October 31. (Once the restrictions expire, they can sell it.) Here is the relevant paragraph from SCO's 10-Q filing with the SEC:
During the six months ended April 30, 2003, the Company issued 218,000 shares of restricted stock to certain key employees and 150,000 shares of restricted common stock to members of the Company's board of directors. The restricted common stock issued to the board of directors was in lieu of cash compensation for their services to the Company during the 2003 fiscal year and the restrictions lapse at October 31, 2003. The restrictions on the restricted stock awards granted to key employees lapse over a period of 24 months. The fair value of the restricted stock awards granted of $549,000 was recorded as a component of deferred compensation and is amortized to stock-based compensation as the restrictions lapse or as the services are performed.
Isn't it odd how these strange coincidences occur?
SCO's legal team has adopted an interesting legal strategy, choosing to claim contract violation instead of copyright or patent infringement, which would be governed by federal laws. Because it is a contract dispute, the case will probably be tried by a local court in Utah, where SCO is based, which could be friendlier to local companies.
This is just plain wrong. SCO v. IBM will be tried in the Federal District Court in Utah. Because of the amount in dispute (more than $75,000), and because IBM and SCO are incorporated in different states (IBM in New York, SCO in Delaware), IBM has the right to have the trial moved to Federal court. They filed the "Notice of Removal" on March 25.