A Ponzi Scheme is something entirely different. It involves borrowing money, and paying that off with borrowed money, until you are long gone and too in debt for anyone to reclaim any of it.
I can't help but imagine that there is some kind of "advertising bubble" like a stock bubble, that is going on here. Is advertising *really* that valuable? I see ads, and they influence my purchases, and that is money to be made. (Well, shifted, since no new good was created.) So if they know my birth date and favorite color, they can target ads to me better. But how much better does that influence my purchases compared to the original ad they showed me? How much more money is there to be made from the more targeted ad? Is it worth a cent? A dollar? Ten dollars? Do advertisers really pay real dollars for that? Will companies really pay more for those targeted ads? Do they really really turn into profits somewhere?
I wonder if advertisers are using the concept of "targeted" ads to jack up advertising prices to the point where the ROI is not sustainable. I am hoping that it will turn out that targeted ads are not much better than regular ads, and there is a market "crash" that happens, and suddenly personal data becomes worthless.
This law is great, but without an oversight body how can someone determine if the manufacturer even bothered? That's the problem now: We assume Cisco routers are safe, then it turns out they have back doors. To make a law like this work, we need a body like the Consumer Product Safety Commission (CPSC) or Underwriters laboratory (UL) to look at the design of devices and certify them. Slap a label on them so people can tell "hey, someone actually look at this camera and said it was safe."
Earlier this year the CPSC asked for public comments on how to make IOT devices safe (Ex: Make sure gas pumps don't spew gasoline during firmware updates, stuff like that). Unfortunately they specifically excluded the discussion of security in those devices. I am glad California took this step. Now we need a body that can actually certify the devices.
P.S. The FDA does check security on medical device submissions now.
This post-meritocracy BS is a direct response to people *claiming* they run a meritocracy when they really don't. Linus was an exemple of this. Over the years he has made non-technical ad-hominem attacks on very smart people just because they disagreed with him technically. For example, Linus called C++ programmers "insane" and said that C++ code is "utter crap." If he chose not to use C++ that's fine, as there are valid criticisms of it. But to dismiss millions of high IQ people as "insane" and all their code as "utter crap" was not the act of a meritocracy. It rewarded single-mindedness and disenfranchised smart people who could have positively contributed to the project.
The resulting backlash has swung the pendulum to the complete opposite extreme. They now say there is no such thing as merit. And if there is no objective measure of success, then clearly all this is important is that we be inclusive. Success and quality are now irrelevant. I fear this path, and I will fight it, but we have to acknowledge how we got here or we will fall into it again and again.
If you don't want your project to become like this, treat people with respect and keep the discussions technical not personal. Apply real merit, not merit based on who you like and don't like.
I don't think those things have anything to do with being a contractor or not. P.S. Do they actually forbid you from doing TV game shows while on the clock for Uber? Totally reasonably, but hilarious.
Reprocessing is hard and it generates a lot of waste
Agreed.
Is it worth generating 100 Tons of highly radioactive material to reprocess a ton of nuclear material?
NOW we are having a discussion!:-)
It might be worth doing. The entire point of reprocessing is to produce highly dense highly radioactive material. It is easier to use and store than less dense less radioactive material. I do not know if it is worth it. But I DO know that freezing science in the year 1966 just because of their environmental policies is counterproductive.
So just because we tried it, polluted a huge area and generated a couple hundred metric tons of contaminated material it's all good, we just didn't do it right that time?
We sure didn't! 50 years ago the manufacture of steel dumped toxic chromium into waterways. Manufacturing pressure-treated lumber leaked arsenic that killed crops, fish, and people. But I am glad we didn't stop manufacturing those things. We just found better ways, and we controlled the waste we do produce. Lets do that instead of giving up.
Just because someone polluted the environment in 1966 doesn't mean we should abandon the technology forever. This kind of thinking is exactly why our nuclear arsenal is 50 years old.
Please mod up. Parent is exactly right: the image provided does not support the premise of the article. If anything, it refutes it.
In the image, the software identified a cup at 50% confidence and a chair with 81% confidence. Personally, I don't see he cup at all, and it is hard to tell if that is a couch, a chair, or a bean bag covered in a blanket. Basically, the image is a confusing wreck.
After adding the elephant, the software did *better* not worse! It decided the chair was a couch -- which I think is a closer guess. And it gave up in finding the cup. So this proves exactly nothing. And the phony elephant only impacted the categorization of things the elephant was touching or right next to.
The idea that image recognition algorithms are a bit of magic, and they don't know as much about the world as we do is entirely correct. But this article isn't doing a good job of making the point and the image doesn't help at all.
As a vendor who sells Windows pre-installed on my machines, I am outraged by this! Microsoft should be pre-installing MY bloatware, not someone else's bloatware! I demand that Microsoft automatically install 3 firewalls, 4 backup utilities, 2 CD burners, 30-day trials of all Intuit software, plus a free office suite that can't open any formats you've ever heard of.
Wait... Chrome didn't always do this? I just assumed, from the first day I saw a coworker "log in" to the browser (a concept that made no sense to me at all) it was just a way to automatically log you in to Google's services. Today, I have to use it because developers around me make web apps that only work on Chrome! It's becoming like the IE fiasco from the early 2000's all over again.
Chrome exists solely for the purpose of furthering Google's marketing efforts. While everyone is vilifying Apple and Microsoft, Google has quietly obtained control of the OS (Android), the browser (Chrome), search (Google), advertising (Adsense), and the web (Amp). The biggest advertiser on the planet has your phone numbers, your texts, your emails, recordings of your voice,...
Google didn't create Chrome because they needed a browser, or they wanted to optimize JavaScript, or they needed a debugger. They wanted client-side control of your machine, and it took a browser and an OS to do that.
Geeks need to go back to Firefox. It isn't made by an OS vendor or an advertising agency, it doesn't snoop on you, and it is completely open source.
Emails demanding deletion of the memo contained pixel trackers that notified human resource managers when their messages had been read, recipients determined.
I thought most mail applications blocked pixel trackers. And Gmail tends to download images from emails and re-host them, which makes pixel trackers useless. Or maybe Google disables the feature for their own trackers? What email program do Google employees use?
(P.S. to Slashdot editors - the summary has unicode quotation marks that don't work in Slashdot.)
What is the connection between Russians and network neutrality? I get that there were fake comments, but I thought they were forged by telecom companies or organizations that were fooled by telecom companies. Is the Russian angle just to get them release the records?
Yes, security costs money. And auditing companies to make sure they comply costs money. Today people demand the cheapest parts possible, so companies don't bother with proper security. If we want security, we have to pay for it. If I had the choice between a Western Digital Passport drive (regarding the story earlier today), and another vendor that had real security but cost twice as much, I would take the one with security. And if California wants secure devices, they should too. Hopefully, we can make a security mindset infectious and it is just the default behavior.
"Approved vendors", "preferred suppliers", and "government rates" because it takes so much paperwork.
Those things already exist so California is already paying for it. No new costs here.
This also excludes small companies who don't have staff dedicated to filling out government paperwork.
It definitely does not. I personally know several 1 to 10-person companies who have gone through that paperwork. Going back to your first point about government contracts being more expensive, this is why it is worth it for a small company to go through that paperwork.
You know what underwriters do? They back insurance risks. Fires are very expensive.
That's what UL was for back in the 1800s. Things do a lot more than fire safety these days.
There is no financial incentive behind consumer electronics security like there is for insurance agencies to prevent fires.
That's why all of my options included making security a liability for those companies. My last bullet point was explicit financial liability. The other options involved liability of the form "This is a liability because a large organization won't buy my product."
In general, legislating one particular best practice does not fix an industry. And there are better ways than writing laws. Some ideas:
* Require that government entities only purchase products from companies that have not had certain categories of security lapses in the last 6 months
* Require that government entities only purchase products from companies that have a policy of fixing security bugs within X amount of time
* Provide funding to startup a commercial product security certification organization, similar to what underwriters laboratory (UL) does for safety.
* Setup liability law so that any owner of a device that doesn't follow industry best practices can be sued by an owner of that product.
Any of the above would mean that, for example, California government would no longer buy Western Digital hard drives. These suggestions intentionally do not state what the specific best practices is, and other than the last one they don't require laws, which are slow to change. The specific practices can be defined by some of the many organizations that already do that. Ex: OWASP top 10, static analysis, pen testing, etc. This is similar to what the FDA did with medical devices, to make manufacturers stop doing idiotic things like using unauthenticated Wifi on insulin pumps so hackers could remotely kill people.
A few thoughts on this: 1) It might be that Linux running under Windows is faster than Windows running in Linux. This is especially important if you are using Windows for games where FPS matters. 1a) I suspect video game companies doing ports of games might want to operate this way since Visual Studio is their main development tool and corporate desktop environment. 2) Which VM? There's a variety of VMs that run in Linux.
Thank you for that reminder. I remember watching the documentary "Who killed the electric car?" which explained the CARB situation. So where is that EV1 research now? Time to dust-off those old manuals, or spin-off another company to bring it back.
Slashdot Mirror
Please elaborate.
A Ponzi Scheme is something entirely different. It involves borrowing money, and paying that off with borrowed money, until you are long gone and too in debt for anyone to reclaim any of it.
I can't help but imagine that there is some kind of "advertising bubble" like a stock bubble, that is going on here. Is advertising *really* that valuable? I see ads, and they influence my purchases, and that is money to be made. (Well, shifted, since no new good was created.) So if they know my birth date and favorite color, they can target ads to me better. But how much better does that influence my purchases compared to the original ad they showed me? How much more money is there to be made from the more targeted ad? Is it worth a cent? A dollar? Ten dollars? Do advertisers really pay real dollars for that? Will companies really pay more for those targeted ads? Do they really really turn into profits somewhere?
I wonder if advertisers are using the concept of "targeted" ads to jack up advertising prices to the point where the ROI is not sustainable. I am hoping that it will turn out that targeted ads are not much better than regular ads, and there is a market "crash" that happens, and suddenly personal data becomes worthless.
Update from the future: The law passed
Update from the future: The law passed.
This law is great, but without an oversight body how can someone determine if the manufacturer even bothered? That's the problem now: We assume Cisco routers are safe, then it turns out they have back doors. To make a law like this work, we need a body like the Consumer Product Safety Commission (CPSC) or Underwriters laboratory (UL) to look at the design of devices and certify them. Slap a label on them so people can tell "hey, someone actually look at this camera and said it was safe."
Earlier this year the CPSC asked for public comments on how to make IOT devices safe (Ex: Make sure gas pumps don't spew gasoline during firmware updates, stuff like that). Unfortunately they specifically excluded the discussion of security in those devices. I am glad California took this step. Now we need a body that can actually certify the devices.
P.S. The FDA does check security on medical device submissions now.
*facepalm*
This post-meritocracy BS is a direct response to people *claiming* they run a meritocracy when they really don't. Linus was an exemple of this. Over the years he has made non-technical ad-hominem attacks on very smart people just because they disagreed with him technically. For example, Linus called C++ programmers "insane" and said that C++ code is "utter crap." If he chose not to use C++ that's fine, as there are valid criticisms of it. But to dismiss millions of high IQ people as "insane" and all their code as "utter crap" was not the act of a meritocracy. It rewarded single-mindedness and disenfranchised smart people who could have positively contributed to the project.
The resulting backlash has swung the pendulum to the complete opposite extreme. They now say there is no such thing as merit. And if there is no objective measure of success, then clearly all this is important is that we be inclusive. Success and quality are now irrelevant. I fear this path, and I will fight it, but we have to acknowledge how we got here or we will fall into it again and again.
If you don't want your project to become like this, treat people with respect and keep the discussions technical not personal. Apply real merit, not merit based on who you like and don't like.
I don't think those things have anything to do with being a contractor or not.
P.S. Do they actually forbid you from doing TV game shows while on the clock for Uber? Totally reasonably, but hilarious.
...a number Mislove has never provided to Facebook...
The article explains how Facebook got the phone number indirectly because another company had the phone number.
Blink and Chromium are open source, so what problem you are anticipating?
I'm astounded they don't use them in Antartica
I dunno about Antartica, but they have lots of them in Antarctica.
Color me skeptical
Fine.
Reprocessing is hard and it generates a lot of waste
Agreed.
Is it worth generating 100 Tons of highly radioactive material to reprocess a ton of nuclear material?
NOW we are having a discussion! :-)
It might be worth doing. The entire point of reprocessing is to produce highly dense highly radioactive material. It is easier to use and store than less dense less radioactive material. I do not know if it is worth it. But I DO know that freezing science in the year 1966 just because of their environmental policies is counterproductive.
So just because we tried it, polluted a huge area and generated a couple hundred metric tons of contaminated material it's all good, we just didn't do it right that time?
We sure didn't! 50 years ago the manufacture of steel dumped toxic chromium into waterways. Manufacturing pressure-treated lumber leaked arsenic that killed crops, fish, and people. But I am glad we didn't stop manufacturing those things. We just found better ways, and we controlled the waste we do produce. Lets do that instead of giving up.
Just because someone polluted the environment in 1966 doesn't mean we should abandon the technology forever. This kind of thinking is exactly why our nuclear arsenal is 50 years old.
Please mod up. Parent is exactly right: the image provided does not support the premise of the article. If anything, it refutes it.
In the image, the software identified a cup at 50% confidence and a chair with 81% confidence. Personally, I don't see he cup at all, and it is hard to tell if that is a couch, a chair, or a bean bag covered in a blanket. Basically, the image is a confusing wreck.
After adding the elephant, the software did *better* not worse! It decided the chair was a couch -- which I think is a closer guess. And it gave up in finding the cup. So this proves exactly nothing. And the phony elephant only impacted the categorization of things the elephant was touching or right next to.
The idea that image recognition algorithms are a bit of magic, and they don't know as much about the world as we do is entirely correct. But this article isn't doing a good job of making the point and the image doesn't help at all.
As a vendor who sells Windows pre-installed on my machines, I am outraged by this! Microsoft should be pre-installing MY bloatware, not someone else's bloatware! I demand that Microsoft automatically install 3 firewalls, 4 backup utilities, 2 CD burners, 30-day trials of all Intuit software, plus a free office suite that can't open any formats you've ever heard of.
Wait... Chrome didn't always do this? I just assumed, from the first day I saw a coworker "log in" to the browser (a concept that made no sense to me at all) it was just a way to automatically log you in to Google's services. Today, I have to use it because developers around me make web apps that only work on Chrome! It's becoming like the IE fiasco from the early 2000's all over again.
Chrome exists solely for the purpose of furthering Google's marketing efforts. While everyone is vilifying Apple and Microsoft, Google has quietly obtained control of the OS (Android), the browser (Chrome), search (Google), advertising (Adsense), and the web (Amp). The biggest advertiser on the planet has your phone numbers, your texts, your emails, recordings of your voice, ...
Google didn't create Chrome because they needed a browser, or they wanted to optimize JavaScript, or they needed a debugger. They wanted client-side control of your machine, and it took a browser and an OS to do that.
Geeks need to go back to Firefox. It isn't made by an OS vendor or an advertising agency, it doesn't snoop on you, and it is completely open source.
Emails demanding deletion of the memo contained pixel trackers that notified human resource managers when their messages had been read, recipients determined.
I thought most mail applications blocked pixel trackers. And Gmail tends to download images from emails and re-host them, which makes pixel trackers useless. Or maybe Google disables the feature for their own trackers? What email program do Google employees use?
(P.S. to Slashdot editors - the summary has unicode quotation marks that don't work in Slashdot.)
What is the connection between Russians and network neutrality? I get that there were fake comments, but I thought they were forged by telecom companies or organizations that were fooled by telecom companies. Is the Russian angle just to get them release the records?
...pays twice as much...
Yes, security costs money. And auditing companies to make sure they comply costs money. Today people demand the cheapest parts possible, so companies don't bother with proper security. If we want security, we have to pay for it. If I had the choice between a Western Digital Passport drive (regarding the story earlier today), and another vendor that had real security but cost twice as much, I would take the one with security. And if California wants secure devices, they should too. Hopefully, we can make a security mindset infectious and it is just the default behavior.
"Approved vendors", "preferred suppliers", and "government rates" because it takes so much paperwork.
Those things already exist so California is already paying for it. No new costs here.
This also excludes small companies who don't have staff dedicated to filling out government paperwork.
It definitely does not. I personally know several 1 to 10-person companies who have gone through that paperwork. Going back to your first point about government contracts being more expensive, this is why it is worth it for a small company to go through that paperwork.
You know what underwriters do? They back insurance risks. Fires are very expensive.
That's what UL was for back in the 1800s. Things do a lot more than fire safety these days.
There is no financial incentive behind consumer electronics security like there is for insurance agencies to prevent fires.
That's why all of my options included making security a liability for those companies. My last bullet point was explicit financial liability. The other options involved liability of the form "This is a liability because a large organization won't buy my product."
In general, legislating one particular best practice does not fix an industry. And there are better ways than writing laws. Some ideas:
Any of the above would mean that, for example, California government would no longer buy Western Digital hard drives. These suggestions intentionally do not state what the specific best practices is, and other than the last one they don't require laws, which are slow to change. The specific practices can be defined by some of the many organizations that already do that. Ex: OWASP top 10, static analysis, pen testing, etc. This is similar to what the FDA did with medical devices, to make manufacturers stop doing idiotic things like using unauthenticated Wifi on insulin pumps so hackers could remotely kill people.
The last time they were told of a trivial exploit like this they ignored it for 6 months.
Clearly Western Digital doesn't care whatsoever about security. (That vulnerability is also mentioned at the end of the article.)
A few thoughts on this:
1) It might be that Linux running under Windows is faster than Windows running in Linux. This is especially important if you are using Windows for games where FPS matters.
1a) I suspect video game companies doing ports of games might want to operate this way since Visual Studio is their main development tool and corporate desktop environment.
2) Which VM? There's a variety of VMs that run in Linux.
Thank you for that reminder. I remember watching the documentary "Who killed the electric car?" which explained the CARB situation. So where is that EV1 research now? Time to dust-off those old manuals, or spin-off another company to bring it back.