What about all the stories about people who were not wearing a seat-belt, and who flew out of the car through the windshield?
I don't own a car, I've never been involved in such types of accidents - so I'm genuinely curious. Perhaps windshields are designed to break from the inside, but not the outside?
Our killer-feature is that we're able to use an instrument as if it were an extension of our body. This enables precise movements and enhances our capabilities.
A side-effect - sometimes we think these objects have a mind of their own.
I agree with you, and I think there's an easier way to get the point across.
A human cannot be perfectly rational. We have to rely on emotions (and other, not yet understood processes) to make decisions that shape our actions and choices.
If I ping 0.0.0.0 it still says that replies are coming from 127.0.0.1.
Intuitively, 0.0.0.0 should be slower, because typically this means "any available interface" - not just the loopback interface (so more interfaces are potentially involved). Your feedback will be greatly appreciated.
What you have in mind is an "isomorph problem". A nice example is provided by Donald Norman in "Things that make us smart".
First a problem is posed as a math game in which you play against an opponent and have to choose numbers from a set, such that their sum is N. Then, the same problem is presented in the form of tic-tac-toe, which is visual and can be solved almost instantly.
I teach at a university, my course is about network protocols and IT security. I prefer to trust my students rather than use punishment as a way to influence them. My attempts to eliminate cheating are quite effective, because the results of the exams are always within my expectations, i.e. a mediocre student never got an A out of the blue.
Here's a review of my methods: - The final grade is derived mostly from the practical assignments they get throughout the semester. In this context I get to talk to each of them and spend a lot of time interacting with everyone in my group; this is how I know what they know. - The final grade is computed as 60% = practical assignments and 20+20% = midterm and final exam. This way, even if you cheat at the exam, it won't help you very much, unless you also worked hard during the _entire_ semester.
- Formulate questions that don't take answers that can be copy/pasted from a book, the lecture notes or the Internet. Any question must require analysis. One who thought about it in the past will easily deal with it, one who has never been exposed to the ideas of the course won't be able to construct a good answer in a reasonable amount of time. - Give them more time than they need, to ensure that time is not a bottleneck of their performance.
When I mentioned social engineering, I relied on research by Daniel Ariely. You can influence people's behaviour in multiple ways: - a written commitment not to cheat - give them a moral problem to think of, before giving them the exam itself - adjust the environment (in your case, tell them that all the Internet traffic is logged - so they know that they _can_ get caught)
For example, I used these tasks in the previous semesters: - "write as many of the 10 commandments as you can remember" (taken "as is" from Ariely's experiment) - "actually, there were 11 commandments, but one of them was lost. Think about it and write down a rule which is worthy of being listed as the 11th commandment" - I once tried a written commitment too. Everyone who was in class signed it and smiled: https://www.facebook.com/photo.php?fbid=469536753019&set=a.453850808019.243204.739418019&type=3&theater Three years after that exam, people are still talking about it and are proud to be a part of that experience.
You may be interested in: - "Predictably irrational" and "The upside of irrationality" by Daniel Ariely - http://duke.edu/~dandan/Papers/BadApples.pdf - here's an example of a paper he wrote about cheating, there are other ones too.
Facial biometrics rely on a lot of data points, have a look at ANSI/NIST-ITL 1-2007 - a standard that defines how law enforcement agencies exchange data about tattoos, scars, fingerprints, faces... http://www.nist.gov/customcf/get_pdf.cfm?pub_id=51174 (free of charge, there are pictures:-)
I figured you meant this one, thanks for the confirmation.
This topic is covered in several interviews on a radio show called "The 7th avenue project", have a look here: http://7thavenueproject.com/ The podcasts are available for free, Robert Pollie invites a lot of different people to the programme, his interviews are great, I think that a typical slashdotter will enjoy the show.
Here's my list of recent books, it only covers items not mentioned elsewhere in this discussion.
- "The most human human" by Brian Christian. A great story about the human side of the Turing test, how to ensure judges think you're a human. You think that's easy? Think again! The book tells us interesting things about the brain, about society, about how computers work. A great read.
- "Intimate relationships" by Miller, Perlman, Brehm. I read it after Paul Bloom's recommendation (see the intro course to psychology on academicearth.org). Geeks will love this book, it is useful, it explains how relationships work and how they fail; it is based on research; there are charts and formula too.
- "The humane interface" by Jef Raskin is an excellent book about interfaces that don't suck. Raskin provides several fundamental ideas which describe a humane interface. He provides plenty of examples, the ideas are simple to grasp and they're awesome. A must read, if you are a fan of Donald Norman (I won't write about him, since others mentioned his books in other threads).
- "The evolution of cooperation" by Robert Axelrod is the book that describes the math and the ideas behind Dawkins' "Nice guys finish first". It is a great book about cooperation, why it matters.
- "On intelligence" by Jeff Hawkins provides an interesting point of view about the high level features of the brain, and some ideas about how these features are implemented. The brain is a prediction making device - it makes sense.
- "Drawing on the right side of the brain" by Betty Edwards is an interesting book about developing your drawing skills, with plenty of examples and exercises. The story revolves around the idea that we must learn to rely on our right hemisphere despite the fact that the left hemisphere tends to take over and rationalize things around us.
- "Night" by Elie Wiesel is the story of a Jewish boy who was taken to a concentration camp, along with his family. A touching book that describes how things worked in Auschwitz, how things turned from bad to worse.
- "Predictably irrational" and "Upside of irrationality" by Daniel Ariely - behavioural economics, relationships, very interesting stuff with a lot of experimetal data. Personally, I apply his tips at the university, to minimize the probability that my students are cheating at exams. They like the things I do, the method works. I strongly recommend Ariely's works. Papers published by him can be downloaded for free, look for them.
- "The power of a positive no" and "Getting to yes" and "getting past no" by William Ury are excellent books about negotiation. This applies to business, relationships and everything else. Have a look, they're very useful.
- "Systemantics" is an awesome book, I bet any engineer will love the humour in it.
My book list can be found here: http://goodreads.com/gr8dude, feel free to ask questions about any of them, I'll be glad to provide feedback.
I must confess that I also enjoy reading various papers, scholar.google.com is an awesome resource. All you need to do is make sure that the papers are related to a field you're interested in. I often get in touch with the authors and exchange ideas, the modern world is very interactive. Reading papers is fun!
I also enjoy reading poetry (and writing it too). This is an interesting exercise, because it makes you think in a different way, rely on metaphors... It is very unlikely that a typical Slashdotter is a speaker of Romanian, but if you are, have a look at poems written by Steliana Grama. For speakers of English, have a look at grooks by Piet Hein. Really, I insist, they're very short, here's a free sample { THE ROAD TO WISDOM
The road to wisdom?
-- Well, it's plain
and simple to express:
Err and err and err again
but less and less and less. }
One last bit I wish to mention - I live in Moldova and getting English books over here is
"RIM does not pre-install the CarrierIQ app on BlackBerry smartphones or authorize its carrier partners to install the CarrierIQ app [A] before sales or distribution," the company said in a statement. [B] "RIM also did not develop or commission the development of the CarrierIQ application, and has no involvement in the testing, promotion, or distribution of the app," the statement said"
[A] What about after? [B] No one said they were developing it or paying for its development. This part of the statement doesn't say there is no CarrierIQ for BlackBerry, it simply says "our company did not develop or test it".
Such verbosity can be a sign of the fact that they're attempting to cover something. They list multiple cases for which the answer is "no": test, develop, promote, pay for development) to distract you from an edge case for which the answer is "yes".
What nasty things can they do, without contradicting the above? - store the logs, - cooperate in altering the billing reports such that the CarrierIQ traffic is not counted - giving carriers the info they need to set up CarrierIQ after distribution. Note that the statement says "pre-install", what about "post-install"?
This won't work. Each time a scanner reads the biometric data of a person (fingerprint, iris, etc) - you always get different data. This is caused by varying factors such as lighting, temperature, angle at which the eye or finger faces the scanner, and so on.
If you use the raw biometric data as an AES key - you will simply not be able to generate the same key again.
The data obtained from a biometric scanner are processed and compared with a known template (obtained when the person was enrolled into the system), the result is a number - the probability that the templates are identical. This is good enough for some purposes, but this is not suitable for data encryption: in the case of AES-256, you need 256 bits for the key and 256 bits for the IV (initialization vector). Flip a bit and kiss your data goodbye!
Biometrics can be an additional security factor - scan the iris, if there's a 95% match, go to the next phase. Typically, the next phase is to enter a password, which is used to decrypt the actual* encryption key. One can reverse engineer the system and make it bypass biometrics (jump directly to "next phase") - but no one can obtain the decryption key. No one, because that requires information not contained within the system itself.
If you rely exclusively on biometrics, it means that as soon as you perform the scan, if the templates match - you read the actual key from a database or some other location. In this case, the police can simply get access to the database and extract the key.
The thing to remember - biometrics: good for identification, not good for authentication.
* this key is randomly generated, to ensure it will be secure. A reasonable system will not encrypt the data directly with a person's password, because such passwords don't contain enough entropy. So, there is a distinction between "password" and "encryption key".
I have a question about the checkbox in installers. What we usually see is an unchecked "I agree" and "Next" is clickable only when the checkbox is ticked.
I teach a course about designing software, some parts of the course are about distributing applications. I also sell software for a living.
This week I held a class in which I discussed installers and the user experience of the installation process. My advice was to remove unnecessary steps: drop the checkbox and rename "Next" to "Agree and continue" (or something similar). The rationale is very simple - reduce the number clicks, bring people closer to their objective.
This is based purely on common sense and personal experience with other programs. Reason tells me that "Next" won't turn self-aware and click itself, thus if it was pressed - it was a conscious decision of the person using the computer.
However, the rest of the world relies on that checkbox... Am I missing anything? Is there some legal loophole that the checkbox covers? Is there a reason to do this, other than "everybody else does it"?
I wrote it myself, if you scroll to the end, you'll find an Easter egg, something in the lines of "now you can tell your friends you've actually read a EULA":-)
I checked ICAO's website, they are usually the ones who standardize these things, but they have no references to such a decision. I wonder where this "partial list of requirements" came from. All the search results point to the same press release, which lacks technical details.
Actually, you may have coined an interesting term: symbot - a symbiotic robot programmed for a specific purpose to be fulfilled inside the body of a host.
Many people wrote about Norman's books, they are indeed very useful. Only one person mentioned Raskin's "The humane interface", and that's a pity.
It is a very valuable resource, he shares his ideas in a very clear fashion. You will be exposed to concepts such as "interface monotony" or "modeless interface". Once you go through his examples, you will realize that these simple ideas can make a big difference.
If you liked that one, then you simply must read "The humane interface" by Jef Raskin. It offers several key ideas which will help you make a better interface (modeless interfaces, interface monotony, interface efficiency, etc); his examples are very clear. The book is fantastic, you'll really like it .
You can have a look at my list here: goodreads.com/gr8dude (the tags are not added to all the books, so you'll have to find the tech-ones by browsing the entire list).
Slashdot Mirror
What about all the stories about people who were not wearing a seat-belt, and who flew out of the car through the windshield?
I don't own a car, I've never been involved in such types of accidents - so I'm genuinely curious. Perhaps windshields are designed to break from the inside, but not the outside?
Can you recommend a book/paper that discusses in depth the effects of colour on the human psyche?
This could be a side-effect of who we are.
Our killer-feature is that we're able to use an instrument as if it were an extension of our body. This enables precise movements and enhances our capabilities.
A side-effect - sometimes we think these objects have a mind of their own.
I agree with you, and I think there's an easier way to get the point across.
A human cannot be perfectly rational. We have to rely on emotions (and other, not yet understood processes) to make decisions that shape our actions and choices.
Antonio Damasio explains how this works in his book - "Descartes' error" , he calls it "the somatic marker hypothesis": http://en.wikipedia.org/wiki/Somatic_marker_hypothesis
Basically, the idea is that "100% absence of magical thinking" is impossible by design, due to the constraints imposed by the design of the brain.
I once analyzed a related problem, a simplified review is posted here: /. story is about, but it provides the background necessary to understand the role of somatic markers.
http://railean.net/index.php/2010/10/21/human-brain-decisions-randomizers-data-structures. This is not exactly what this
Can you elaborate on this one?
If I ping 0.0.0.0 it still says that replies are coming from 127.0.0.1.
Intuitively, 0.0.0.0 should be slower, because typically this means "any available interface" - not just the loopback interface (so more interfaces are potentially involved). Your feedback will be greatly appreciated.
What you have in mind is an "isomorph problem". A nice example is provided by Donald Norman in "Things that make us smart".
First a problem is posed as a math game in which you play against an opponent and have to choose numbers from a set, such that their sum is N. Then, the same problem is presented in the form of tic-tac-toe, which is visual and can be solved almost instantly.
I teach at a university, my course is about network protocols and IT security. I prefer to trust my students rather than use punishment as a way to influence them. My attempts to eliminate cheating are quite effective, because the results of the exams are always within my expectations, i.e. a mediocre student never got an A out of the blue.
Here's a review of my methods:
- The final grade is derived mostly from the practical assignments they get throughout the semester. In this context I get to talk to each of them and spend a lot of time interacting with everyone in my group; this is how I know what they know.
- The final grade is computed as 60% = practical assignments and 20+20% = midterm and final exam. This way, even if you cheat at the exam, it won't help you very much, unless you also worked hard during the _entire_ semester.
- Formulate questions that don't take answers that can be copy/pasted from a book, the lecture notes or the Internet. Any question must require analysis. One who thought about it in the past will easily deal with it, one who has never been exposed to the ideas of the course won't be able to construct a good answer in a reasonable amount of time.
- Give them more time than they need, to ensure that time is not a bottleneck of their performance.
When I mentioned social engineering, I relied on research by Daniel Ariely. You can influence people's behaviour in multiple ways:
- a written commitment not to cheat
- give them a moral problem to think of, before giving them the exam itself
- adjust the environment (in your case, tell them that all the Internet traffic is logged - so they know that they _can_ get caught)
For example, I used these tasks in the previous semesters:
- "write as many of the 10 commandments as you can remember" (taken "as is" from Ariely's experiment)
- "actually, there were 11 commandments, but one of them was lost. Think about it and write down a rule which is worthy of being listed as the 11th commandment"
- I once tried a written commitment too. Everyone who was in class signed it and smiled: https://www.facebook.com/photo.php?fbid=469536753019&set=a.453850808019.243204.739418019&type=3&theater Three years after that exam, people are still talking about it and are proud to be a part of that experience.
You may be interested in:
- "Predictably irrational" and "The upside of irrationality" by Daniel Ariely
- http://duke.edu/~dandan/Papers/BadApples.pdf - here's an example of a paper he wrote about cheating, there are other ones too.
You must also make sure the students care about the course and want to learn, rather than just get a passing grade. Have a look at my notes of a book about this, "Punished by rewards" by Alfie Kohn: https://www.facebook.com/media/set/?set=a.10150475760123020.375546.739418019&type=3&l=70e1f3712e
I tried to ensure my assignments are not only useful, but also interesting and fun to play with. A basic requirement is to make sure some humour is always involved, with some references to Futurama or Monty Python or some sci-fi book or movie. Here are some examples:
http://info.railean.net/index.php?title=Lab2_-_HTTP_crawler
http://info.railean.net/index.php?title=Lab1_-_simple_client/server_application
At the moment I'm in the process of devising a very short code of ethics (if it is long, no one reads it). You can read the draft: https://docs.google.com/document/pub?id=115bLhvMUisnw
Facial biometrics rely on a lot of data points, have a look at ANSI/NIST-ITL 1-2007 - a standard that defines how law enforcement agencies exchange data about tattoos, scars, fingerprints, faces... http://www.nist.gov/customcf/get_pdf.cfm?pub_id=51174 (free of charge, there are pictures :-)
Here's the specific excerpt you're interested in (public pic, no need to have a Facebook profile to view it):
https://www.facebook.com/photo.php?fbid=10150344785953020&set=a.129747423019.106694.739418019&type=3&theater
> oh well, people use things like node.js too *shudder*
Can you elaborate on that? What is the matter with node.js?
I figured you meant this one, thanks for the confirmation.
This topic is covered in several interviews on a radio show called "The 7th avenue project", have a look here: http://7thavenueproject.com/
The podcasts are available for free, Robert Pollie invites a lot of different people to the programme, his interviews are great, I think that a typical slashdotter will enjoy the show.
In the context of books, you may be interested in some of the non-fiction titles I listed in this comment: http://ask.slashdot.org/comments.pl?sid=2583994&cid=38590506
Here's my list of recent books, it only covers items not mentioned elsewhere in this discussion.
- "The most human human" by Brian Christian. A great story about the human side of the Turing test, how to ensure judges think you're a human. You think that's easy? Think again! The book tells us interesting things about the brain, about society, about how computers work. A great read.
- "Intimate relationships" by Miller, Perlman, Brehm. I read it after Paul Bloom's recommendation (see the intro course to psychology on academicearth.org). Geeks will love this book, it is useful, it explains how relationships work and how they fail; it is based on research; there are charts and formula too.
- "The humane interface" by Jef Raskin is an excellent book about interfaces that don't suck. Raskin provides several fundamental ideas which describe a humane interface. He provides plenty of examples, the ideas are simple to grasp and they're awesome. A must read, if you are a fan of Donald Norman (I won't write about him, since others mentioned his books in other threads).
- "The evolution of cooperation" by Robert Axelrod is the book that describes the math and the ideas behind Dawkins' "Nice guys finish first". It is a great book about cooperation, why it matters.
- "On intelligence" by Jeff Hawkins provides an interesting point of view about the high level features of the brain, and some ideas about how these features are implemented. The brain is a prediction making device - it makes sense.
- "Drawing on the right side of the brain" by Betty Edwards is an interesting book about developing your drawing skills, with plenty of examples and exercises. The story revolves around the idea that we must learn to rely on our right hemisphere despite the fact that the left hemisphere tends to take over and rationalize things around us.
- "Night" by Elie Wiesel is the story of a Jewish boy who was taken to a concentration camp, along with his family. A touching book that describes how things worked in Auschwitz, how things turned from bad to worse.
- "Predictably irrational" and "Upside of irrationality" by Daniel Ariely - behavioural economics, relationships, very interesting stuff with a lot of experimetal data. Personally, I apply his tips at the university, to minimize the probability that my students are cheating at exams. They like the things I do, the method works. I strongly recommend Ariely's works. Papers published by him can be downloaded for free, look for them.
- "The power of a positive no" and "Getting to yes" and "getting past no" by William Ury are excellent books about negotiation. This applies to business, relationships and everything else. Have a look, they're very useful.
- "Systemantics" is an awesome book, I bet any engineer will love the humour in it.
My book list can be found here: http://goodreads.com/gr8dude, feel free to ask questions about any of them, I'll be glad to provide feedback.
I must confess that I also enjoy reading various papers, scholar.google.com is an awesome resource. All you need to do is make sure that the papers are related to a field you're interested in. I often get in touch with the authors and exchange ideas, the modern world is very interactive. Reading papers is fun!
I also enjoy reading poetry (and writing it too). This is an interesting exercise, because it makes you think in a different way, rely on metaphors... It is very unlikely that a typical Slashdotter is a speaker of Romanian, but if you are, have a look at poems written by Steliana Grama. For speakers of English, have a look at grooks by Piet Hein. Really, I insist, they're very short, here's a free sample
{
THE ROAD TO WISDOM
The road to wisdom?
-- Well, it's plain
and simple to express:
Err and err and err again
but less and less and less.
}
One last bit I wish to mention - I live in Moldova and getting English books over here is
There are several books bearing the title "Not Even Wrong". Which one do you refer to?
Would you recommend "Social Engineering" to someone who read Mitnick's "The art of deception"? How much do these books overlap?
Because the sabre-toothed tiger had to switch contexts too!
[A] What about after?
[B] No one said they were developing it or paying for its development. This part of the statement doesn't say there is no CarrierIQ for BlackBerry, it simply says "our company did not develop or test it".
Such verbosity can be a sign of the fact that they're attempting to cover something. They list multiple cases for which the answer is "no": test, develop, promote, pay for development) to distract you from an edge case for which the answer is "yes".
What nasty things can they do, without contradicting the above?
- store the logs,
- cooperate in altering the billing reports such that the CarrierIQ traffic is not counted
- giving carriers the info they need to set up CarrierIQ after distribution. Note that the statement says "pre-install", what about "post-install"?
What about Vatican?
This won't work. Each time a scanner reads the biometric data of a person (fingerprint, iris, etc) - you always get different data. This is caused by varying factors such as lighting, temperature, angle at which the eye or finger faces the scanner, and so on.
If you use the raw biometric data as an AES key - you will simply not be able to generate the same key again.
The data obtained from a biometric scanner are processed and compared with a known template (obtained when the person was enrolled into the system), the result is a number - the probability that the templates are identical. This is good enough for some purposes, but this is not suitable for data encryption: in the case of AES-256, you need 256 bits for the key and 256 bits for the IV (initialization vector). Flip a bit and kiss your data goodbye!
Biometrics can be an additional security factor - scan the iris, if there's a 95% match, go to the next phase. Typically, the next phase is to enter a password, which is used to decrypt the actual* encryption key. One can reverse engineer the system and make it bypass biometrics (jump directly to "next phase") - but no one can obtain the decryption key. No one, because that requires information not contained within the system itself.
If you rely exclusively on biometrics, it means that as soon as you perform the scan, if the templates match - you read the actual key from a database or some other location. In this case, the police can simply get access to the database and extract the key.
The thing to remember - biometrics: good for identification, not good for authentication.
* this key is randomly generated, to ensure it will be secure. A reasonable system will not encrypt the data directly with a person's password, because such passwords don't contain enough entropy. So, there is a distinction between "password" and "encryption key".
I have a question about the checkbox in installers. What we usually see is an unchecked "I agree" and "Next" is clickable only when the checkbox is ticked.
I teach a course about designing software, some parts of the course are about distributing applications. I also sell software for a living.
This week I held a class in which I discussed installers and the user experience of the installation process. My advice was to remove unnecessary steps: drop the checkbox and rename "Next" to "Agree and continue" (or something similar). The rationale is very simple - reduce the number clicks, bring people closer to their objective.
Here's a EULA I wrote for one of our products: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-SIMple-EULA.png (used on http://sim-reader.com/ there is a checkbox, but it is for customizing the installation settings, it is not related to the agreement. Here's another example, just a "Next" button: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-Private-Disk-EULA.png
This is based purely on common sense and personal experience with other programs. Reason tells me that "Next" won't turn self-aware and click itself, thus if it was pressed - it was a conscious decision of the person using the computer.
However, the rest of the world relies on that checkbox... Am I missing anything? Is there some legal loophole that the checkbox covers? Is there a reason to do this, other than "everybody else does it"?
Here's another one that follows the same principles: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-SIMple-EULA.png
I wrote it myself, if you scroll to the end, you'll find an Easter egg, something in the lines of "now you can tell your friends you've actually read a EULA" :-)
Can anyone point me to the specs?
I checked ICAO's website, they are usually the ones who standardize these things, but they have no references to such a decision. I wonder where this "partial list of requirements" came from. All the search results point to the same press release, which lacks technical details.
An interesting bit about this song is that it took 5 people to write it. That must have been very challenging.
Actually, you may have coined an interesting term: symbot - a symbiotic robot programmed for a specific purpose to be fulfilled inside the body of a host.
Many people wrote about Norman's books, they are indeed very useful. Only one person mentioned Raskin's "The humane interface", and that's a pity.
It is a very valuable resource, he shares his ideas in a very clear fashion. You will be exposed to concepts such as "interface monotony" or "modeless interface". Once you go through his examples, you will realize that these simple ideas can make a big difference.
http://www.amazon.com/Humane-Interface-Directions-Designing-Interactive/dp/0201379376/ref=sr_1_1?ie=UTF8&qid=1317979903&sr=8-1
It is: http://thinking-forth.sourceforge.net/
If you liked that one, then you simply must read "The humane interface" by Jef Raskin. It offers several key ideas which will help you make a better interface (modeless interfaces, interface monotony, interface efficiency, etc); his examples are very clear. The book is fantastic, you'll really like it .
You can have a look at my list here: goodreads.com/gr8dude (the tags are not added to all the books, so you'll have to find the tech-ones by browsing the entire list).