Seriously, what aspect of the issue should be subjected to scientific scrutiny?
I think it's solely a political question, as in: are pupils to be *available* for telephone messages while in class or at school?
I think there is a good reason to say that they aren't. Certainly not while in class, and for that reason jamming cellphones in classrooms strikes me as totally reasonable. Whether cellphones should be jammed in the hallways or on the grounds is another matter though.
The proposed new rules (http://www.bnet.com/blog/technology-business/new-privacy-laws-in-india-and-china-could-make-it-outsourcing-ugly/10620) are:
* Those that hold personal data must receive explicit consent to divulge that data to third parties.
* There are specific restrictions ''during the collection, processing, use, transfer and maintenance of personal information.''
* Personal data cannot be exported unless specifically allowed by law or government authorities.
* A company must get written consent by letter, fax, or email for the collection of data.
* People can opt out at a later time and withdraw their consent.
* There are significant restrictions on disclosing personal data to third parties.
* When a person has given consent for the transfer of data, or it`s necessary by contract, a company can only send the data to an organization that provides the say level of security as the Indian regulations.
* People have the right to review their data and to correct it.
Reading the proposed new rules I totally fail to spot anything unreasonable. On the contrary, any bona-fide company that uses fair and transparent privacy rules will be in compliance without altering a thing about their operational procedures.
So tell me, precisely what part of those proposed rules sounds as if it would hamper a bona-fide company from carrying out its bona-fide processing of personal data they obtained with consent?
True, but not very relevant. What you really want to know in order to estimate how long we've got with liquid fossil fuels (oil) is the reserve-to-production rate.
You will note that the RtP rate remained approximately constant over the past 14-15 years. Now if you look at the price of oil (page 12 of the presentation), you'll notice a fairly steep price increase, except for the jolt caused by the 2008 banking crisis. This means that oil, whilst still *available* is getting more difficult (and hence expensive) to produce. If you factor in that the rate of consumption is growing and the rate of discovery of new sources is not, you'll see the problem.
Now, panicking (preceded of followed by running out) is not recommended, but neither is cultivating an "Oh but there's still oil aplenty" attitude.
Current trends of production and consumption all but guarantee continued high (and perhaps even higher) prices.
Now how can I state that in a way that is close to your heart? Ah yes. Let's put it this way: expect gasoline prices and your energy bills based on burning oil or gas to continue to rise in the next 20 years as they did in the past 10 years.
That means that alternative (especially renewable) energy sources definitely merit our attention, despite the increase in proven reserves.
Not to sound like a sourpuss, but this is nothing but grandstanding. Political grand-standing at that, and with clear ulterior motives.
Now how to I phrase that in a way which is close to your heart? Yes. Consider the funding. Why aren't there any private investors lining up to finance this scheme, eh? He pitched this idea at a petroleum conference, so plenty of parties with deep pockets. None stepped up so far.
So, the good (former) senator tacitly implied *public* funding for his scheme that private investors won't touch. What part of that do you like, as a tax payer?. I personally consider this an attempt to further a hobbyist agenda to revive moon travel, at the public expense, after it was canned. So count me out. There are better ways to spend public money (the best being not to spend it at all).
Secondly: why would we *need* such a boondoggle? We haven't even *got* nuclear fusion operational, despite about half a century of work. Interestingly, the first step in his grand plan is to build a $5 billion demonstration fusion reactor. Nice going! Amidst huge on-going research programmes and demonstration reactors being built (see e.g. http://en.wikipedia.org/wiki/ITER for magnetic confinement and http://en.wikipedia.org/wiki/Inertial_confinement_fusion#Inertial_confinement_fusion_as_an_energy_source for inertial confinement) our dear former senator proposes we go it alone and simply build a demo. How cute!
Personally I'm optimistic about nuclear fusion, but it's not going to help us meet our energy needs in the near or medium future. If we're getting away from fossil fuels, then how about first exhausting nuclear fission (yes, despite the Fukushima disaster) geothermal (think the magma reservoir under Yellowstone park; see http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/ ), and "alternative" energy sources like wind, tidal, and solar?
And lets not forget about energy efficiency, shall we? Energy you don't waste is energy you don't have to generate in the first place. Even now US energy efficiency in all walks of life is about one half to one third of what;s usual in e.g. Western Europe (which has a comparable standard of living). Think home insulation and building for energy efficiency. The usual homes and offices are basically sheds with an airco and a heater installed. Easy, simple, and very wasteful.
Design them with a view to energy efficiency and you can make do with about 20% of the energy consumption of "dumb" buildings. Think efficient cars (this is already happening, albeit not through any foresight: the high price of gasoline is making fuel-efficient cars attractive). All of that is something we can do right now, it's proven technology, and it's cost-effective (at current oil prices).
In third place, just suppose we had nuclear fusion. Why-ever would we *need* Lunar hydrogen? The oceans are chock-full of hydrogen, and a lot of that is deuterium, which ''burns" just fine in nuclear fusion (see
http://en.wikipedia.org/wiki/Nuclear_fusion ). So why go all the way to the moon to get Helium-3 eh? Just to rekindle some moon-projects? Not with my money!
And don't forget the issue of ownership rights to the moon. If the US were to take its traditional point of view (being: "finders keepers", or "you get what you can grab"), it will now face *serious* competition from e.g. China. And what about the other BRIC (Brasil, Russia, India) countries? They're going to agree with the US and China ripping up the moon and unilaterally laying claim to all its minerals, are they?
So... perhaps it's time to re-discover how much we favour the "co
The (loaded) question of "Why are we teaching a generation of students to use crippled technology?" has a simple answer, which has everything to do with the question: "Why do we have exams?", which in turn is closely linked with the question of: "Why do we have education?"
You see, education of all sorts is about two things: training the the big natural neural network (NNN) that most of us carry with us on our shoulders, and verifying that people's NNN is up to a certain quality standard.
The programming is done to make sure that people's NNN's are capable of providing the right answer in real-life situations, while the verifying part is there to allow people to show to prospective employers that their NNN is of a certain grade, *before* they are let loose in a place where they can do harm, say, a hospital, an aircraft, a law office, a laboratory, or even an office.
With me so far? Ok, then for the last step. It's neigh impossible to measure the performance of someone's NNN in an exam if they can use their laptops or graphical calculators as crib-sheets or to get enough hints about the solution that they can guess the answer instead of deriving it, or looking it up on the Internet, asking someone else, or even paying someone to provide the answer.
It is for that very reason that we have e.g. closed-book exams, and exams that people are debarred from taking home.
In the same vein as the question about "Why are we teaching a generation of students to use crippled technology?" we might ask: why are we debarring a generation of students from using their friends and relatives to pass their exams and from buying their thesis on the Internet? And that question has the same answer.
This case, once again, nicely illustrates the principles underlying markets (both commercial and political) and parties that operate in them.
Producers of music simply want to charge as much as they can get away with. Consumers of music of course want everything for free. In particular the concepts of "fairness" or "reasonableness" have no practical meaning with respect to the desires of the parties.
What we see here is how this particular representative of music producers has discovered a (yet untapped) potential source of revenues. So they make demands (based on their interpretation of the rules under which both they and their consumers operate: laws) and forward proposals.
If no-one complains, then their proposals were apparently fair, reasonable, and justified and will be accepted by default. If people do complain, it depends on the strength and the support of the protest. If protests are isolated and feeble, they can be ignored. If they are widespread and intense, producers may decide to ask for less, drop the demand altogether. If protests are widespread but seem to be manageable, the issue may head for arbitration (e.g. a court of law) and then it may be enforced despite protests.
The final outcome is a price which music producers feel they cannot increase without loosing net revenue (e.g. by losing customers or by spending too much on enforcement). In other words: the market price.
This once again shows the need for vigilant monitoring of one's interests in society.
How about you or the author calculate the number of American jobs and wealth created by all those people in that list(that list is just the tip of the iceberg btw) and contrast that with the number of H1Bs granted?
What you are really asking is an estimate of the net economic value of those immigrants, which is a reasonable question.
I can't do that calculation, for a number of reasons.
(1) I don't have the author's dataset, and even if I had, it wouldn't contain the variables needed to calculate that. In addition, there are some difficulties in calculating the net economic benefits of the people mentioned because some of them founded companies, others merely filled positions within existing enterprises. Whilst in the first case it might be reasonable to attribute the entire value of the company created to the immigrant (as a company founded by someone likely wouldn't have been founded at all if that someone had remained abroad), how would you go about that in the second case? How do you calculate the net economic value of a VP of engineering? It can be done, but I don't know how to do it.
(2) The benefit you're asking for is not the benefit of the entire population, but the benefit of a handful (less than 100) admittedly individuals. We have about 400,000 F1B visa's approved annually. I think that it would be reasonable to weigh the net benefit of those exceptional individuals against the wage-depression and the added effect on the current reluctance of US citizens to study STEM subjects, caused by the other 400,000. It's a little like say, the (illegal) immigrants from Mexico, who are prepared to work under conditions and for wages that US citizens wouldn't accept.
On the one hand they provide a source of dirt-cheap menial labourers that keep farmers in business and businesses competitive. On the other hand they really do substitute for simple jobs that otherwise (a) natives would do (in part), but against much higher wages (if they did them at all), or (b) would have to be automated, or (c) wouldn't be done at all. One of the effects is a dearth of low-skilled jobs at minimum wage level (and below). And that leads to unskilled natives being excluded from the workforce and making an appearance in the jail population.
So where is the net benefit? I don't know.
(3) Even though it might be doable, it would take me too much time to do in my spare time. And if I were to submit a grant proposal for such a study, I would be undercut by a number of economists who probably would know how to do it.
You can't have one easily without the other.
Well, yes and no, but it's about the net effect, not the effect of a hundred cherry-picked cases. Take a look at the post by "iamhassi".
At least some advisors appear specialise in the field of getting selected prospective F1B workers past the legal requirements for entry quite regardless of whether they do or do not supplant natives. In the video referred to the objective isn't to fill the post, the objective is to fill the post with a specific F1B candidate. Clearly some (US !) companies abuse the system simply to get cheaper workers in, and nevermind what that does to the economy or those who were unfairly excluded. If those companies would apply the law *as intended*, the negative effects would be largely offset. Only they don't want to do that, for obvious (cost) reasons.
Now, allowing in 400,000 foreign engineers while at the same time discouraging indiginous students from taking STEM subjects doesn't strike me as the best possible policy in the long run. Or do you think it is?
Smart people would stop coming to the US(and ratchet up student loans) if it is too much trouble for them to work in the US later and make the money back.
Yes, you are definitely right about that. The whole process of substituting mediocre and poorly educated US citizens in the workforce with bright a
I'm sorry, but the article really isn't so far out.
The cases you list are interesting, but they say very little (almost nothing) about what happens "in general". What you're doing, listing a number of foreign born people who made good in the US, is known as a casuistic approach. E.g. you look at a small number of cherry-picked cases.
Now that's not a bad approach when you want to get a feel for what *can* happen, but the sample you present here is *totally* un-representative for the total population of forein-born engineers. Meaning that it does not allow you to reach any useful conclusions about the population of foreign-born engineers at all.
If you want to draw conclusions about that population, you need to take a representative sample of that population (or even a census) and study that.
Now that's what the author of the original presentation supposedly (I didn't check his sampling method) did.
For people who don't have his dataset (i.e. his readers) he summarised his data using a linear regression model, the coefficients of which are on page 73 of his presentation, and which I have copied for you.
The model is like:
Salary = const. + coefficient_age x age + coef_age_x_age x age x age + coef_MS x I_MS + coef_PHD x I_PHD + coef_highCOL x I_highCOL + coef_origF1nonlC x I_origF1nonlC + coef_origF1chn x I_origF1chn + coef_origF1ind x I_origF1ind
If we trust the author to handle the mechanics of datacollection and model estimation correctly, this means that he took a representative dataset of wages and explanatory variables like age, degree obtained, location, indications of foreignership, and indications of coming from China or India, and he has checked that there are no other variables in his dataset that have a significant explanatory value (e.g school where graduated).
The model coefficients he presents are:
factor beta, marg. err.
const. -2640 +/- 18429
age 3369 +/- 865
age x age -33 +/- 10
MS 9948 +/- 2177
PhD 22667 +/- 4509
highCOL 8692 +/- 1917
origF1nonIC 4479 +/- 3847
origF1chn -6190 +/- 5632
origF1ind -978 +/- 5571
non-ICs paid > avg., about 0.5 MS eect
Chinese paid
This sums up several aspects of the data as the author notes. In my comments below I have taken the liberty of translating some of the factors (i.e. whether or not you're foreign, Chinese, Indian), into years of career development for easier comparison.
(1) in general, salary level increases with age, but being too old has a negative effect (the term for age squared is negative)
(2) people with PhD's reliably get into jobs where they earn substantially more than those with MS degrees.
(3) in general, foreign-born engineers earn a salary comparable to that of US borns 2 years their junior
(4) but not if you're Chinese, then your salary is likely to lag that of your peers by 3 years.
(5) if you're Indian, your salary lags that of US borns by about 1/2 year
This is how his dataset looks.
In particular, all other things being equal, Chinese and Indians really do work for lower pay than native engineers or other foreigners (e.g. Europeans). No doubt about that. And that holds for the total population he surveyed (which ought to be the total population of foreign-born engineers in CS and EE).
This squarely supports the thesis that US companies are using F1B visa simply as a negotiating tool to lower people's salaries, in view of the fact that engineers salaries have flat-lined over the past 10 or so years (meaning there can't be a serious shortage). Ok?
That's the pernicious thing about this proposed bill. It sounds "fair enough" to someone who doesn't know what it means.
To be sure, discrimination is the whole point of academia, that is discrimination on basis of academic merit. People who cannot show academic rigour are vigorously discriminated against (e.g. they will not get tenure, they will not get their articles published in the mainstream journals, and they will not get recognition). Only in that way are shoddy work and pseudo-science kept at bay. Most of the time.
And yes, that's all very "elitist" because Joe Sixpack simply no more capable of judging is someone is or is not academically capable than he is of analysing a mathematical proof, a statistical test, a laboratory result, or judging if a medical diagnosis is right. If Joe Sixpack were so clued-up he'd be hired as a researcher or a professional. Only he isn't, for excellent reasons.
As Creationism lacks all and any academic merit, it is no more than reasonable to be able to refuse people who subscribe to it from joining the Biology faculty.
Despite its name, "Evolution Theory" is not a mere "theory". On the contrary. There is both an enormous existing body of solid and well-documented evidence for Evolution Theory, and it is corroborated on a continuous basis by just about every on-going field research (from bacteria to beetles to birds to elephants and all kind of plant life). This makes it a *well-tested* and *well-verified* theory, which is why it is at the basis of contemporary Biology.
It wouldn't be a problem is a creationist joined a liberal arts faculty, the maths faculty, or the civil engineering department. Those academic fields are sufficiently fare removed from creationism that they will not be impacted.
But for those who would join the Biology faculty the standard is somewhat higher: they must first show that they know in detail that they know what they are talking about (as in passing exams). After that, if they wish to dispute the foundations of the subject area they wish to don a mantle of authority on, they must first *disprove* with specificity what they dispute, in a scientifically acceptable way. For example in the course of their PhD research.
Then and only then can they be admitted (and they usually will be).
All this is needed to ensure that no *religious* arguments creep into the debate, because religion has no overlap with science and should not be confused with it.
Most of the world gets this, only the US (well certain groups within the US) is in the unique position that it starts blurring the line again centuries after the separation between Church and State and the decoupling of Theology from the Sciences during the Renaissance. It is interesting to note that in this the US finds itself in the company of Islamic Extremists, who too wish to assert the authority of their particular interpretation of word of their particular deity as paramount over reason, dispute, or evidence.
I really don't think so. The fact of the matter is that most legislation concerning the balance between commercial rights and individual ones (especially on IP-related issues) that is pioneered in the US is sooner or later adopted by countries in Europe, Japan, Korea, Taiwan, and even China. Especially if it is supported by lobbyists. The delay typically is about 5-10 years in the case of Europe.
Alas, this temporary restraining order is but the latest salvo in a war over control of computing devices in general.
A war for which, I'm afraid, there can be only one of two outcomes:
(a) control is wrested from end-users by legal means; the balance between free speech and commercial interests is decided in favour of commercial interests, with all its implications for free speech
(b) control remains with end-users, which implies that free speech trumps commercial interests with the result that manufacturers will find it difficult to continue to use "razorblade" sales models, and content providers cannot enforce copyright protection for their content.
If the thoughts underlying the temporary restraining order become enshrined in Law, then I believe it's highly unlikely that closed systems will actually stop at games consoles. If fear that PCs will be targeted next. After all, we have seen in Palladium (see e.g. http://en.wikipedia.org/wiki/Next-Generation_Secure_Computing_Base ) that it's technically feasible.
Now there are three crucial aspects for this to happen:
(1) a firm legal basis,
(2) mainstream acceptation, and
(3) commercial interest.
As soon as those are in place, political support will follow.
With the widespread adoption of sundry locked-down games consoles (such as playstations), the mainstream acceptance is with us today. Commercial interest is high, mainly from content providers who find it ever so much easier to prevent their content from being copied on locked-down hardware. And so the last obstacle is of a legal nature, which is currently being eroded.
I'm not optimistic on this issue and I foresee that it's only a matter of time before hardware lockdowns appear on PCs.
There may be (massive) resistance from the market, but with the right political connections one might well envision an extremely "patriotic" bill to "Protect America's Cyberspace Sovereignty" (or similar bumf) that mandates the use of Trusted Computing platforms throughout.
This is excellent news as we can now learn about all the ways such an ID system can (and will) malfunction and can (and will be) be abused (from a safe distance). Once again Russia's tradition of scientific curiosity and ruthless large-scale social experimentation will blaze the trail for us!
But seriously, adopting such a scheme nation-wide has numerous scary aspects, starting with privacy and then branching out into security, abuse, impersonation, spoofing, data theft, management, technical implementation, cost, integrity and a host of other things I forgot. Which is why even the EU (otherwise a glutton for punishment where new, centralised, and baroque administrative systems are concerned) hasn't adopted it (yet). It takes courage to actually roll something like this out nation-wide, and to do that without a backup plan (there seems to be none) is something that senior Whitehall functionaries would probably describe as "courageous".
Lets just be glad we get to watch what happens without having to incur the cost. Russia might even make some money by patenting solutions for all the problems they're going to find. It would be no more than fair if they do, for this is valuable (and very expensive) social research they're about to conduct.
Yes, Groklaw ( http://www.groklaw.net/ ) is probably the place where an interested lawyer can (a) probably have the most impact per hour spent, (b) keep control of the amount of time this sideline is going to cost him, and (cb) make himself visible to a network of lawyers who are sympathetic to Open Source and who may want to make his acquaintance.
The first part comprises the results of previous work by mathematicians; the finished product. That's what underpins most of physics and engineering nowadays.
The second part is the "live" Mathematics, i.e. the process of actually doing Mathematics in the sense of figuring something out. That's a slow, arduous, iterative and groping process. Starting with an observation that confuses or amazes us, incrementally and tentatively formulating concepts (definitions, constructs of previously known mathematics), their properties (sometimes axioms but mostly properties of known constructs), drawing inferences from those concepts, seeing if they throw light on the situation, and going back to changing the concepts if they don't).
Where the second part is like mental rock-climbing, the first part is like a list of views that were discovered by rock-climbers but which which can now be reached by cable-car (or bus).
For better or worse, the mental rock-climbing takes more talent and dedication on part of a student than about 75% of them have. And even talented and dedicated students will take thousands of years (about two millennia to be exact) to reinvent Mathematics on their own (so much for "Letting students discover Mathematics on their own").
We therefore tend to teach the finished results because they are (a) enormously valuable insights (b) useful in other subjects, and (c) accessible to someone with a modest amount of perseverance, an adequate memory, and ordinary talent.
The problems really start when people (education boards) fail to distinguish between the two forms of Mathematics and neglect to clearly set out the goals they want education to address. Which then results e.g. in them insisting on letting students memorise the square-root formula for quadratic equations instead of teaching them how to solve a quadratic equation through simple algebraic manipulation (which also gives people a bit of insight in what they're doing) and letting them look up the quadrature formula when they need it.
I recall that a few years ago admiral Poindexter (see e.g. http://www.cato.org/pub_display.php?pub_id=2959) made waves by proposing to "break down the stovepipes" that separate commercial and government databases.
It sure looks as if the admiral succeeded, at least as far as the stovepipes separating State Department and the Pentagon are concerned.
Unless I'm much mistaken. this latest batch of raw data also comes straight off SIPRnet ( http://en.wikipedia.org/wiki/SIPRNet just like the Iraq and Afghanistan data), which offers a convenient one-stop shopping opportunity for all things data that is militarily and diplomatically sensitive, up to and including that classified as " secret".
Of course there is the huge advantage of wide and instantaneous dissemination. On the other hand, perhaps disseminating all this data to about 3 million people throughout the US government has some drawbacks too. You know, just to take a totally off-the-wall scenario, if someone loads a couple of years of text data onto a USB stick or a CD and walks out of the building. I wonder how security analysts evaluated that possibility.
Does anyone know of any other large organizations that use such single-point-of-vulnerability systems for sensitive data?
Of course it's easy to second-guess whoever OK'ed this setup, but perhaps now is the time to reconsider its design (e.g. end-to-end encryption so that operators can't read the traffic so easily, and access logging in the sense that you keep a log of who then decrypts what).
There are a number of posts that address the "how", which basically advise: "look for bug reports, then fix those", which I think is good advice and there is little I have to add to it. Except perhaps this: if you're a graduate student you will probably be able to find ongoing on-campus research projects. Is there any among those which is staffed with people you'd like to work with and from whom you feel you could learn? Have you considered joining one of those projects? Have you considered asking on of the professors for ideas? The advantage is that you will be able to get face-to-face contact, which can speed up learning. The disadvantage is that you're not getting "outside" the university.
I will address question (2): what project to join. Now there is something basic about contributing to a project which I think you ought to think about
How much time you have available, is there anything specific you want to learn about, and what is your level of commitment going to be?
For example, making use of multiple cores of today's chips is a hot topic, one which needs help, and one which you might want to learn about. One caveat though, most basic high-performance mathematical subroutines are in Fortran, not C++, and they don't aim at being examples of "good programming technique", they aim at getting maximum performance by paying attention to things like optimising memory access, keeping hte silicon busy and avoiding stalls (keeping things as much as possible on-chip, within-cache, cache coherency, pipelining, and the like).
You could e.g. propose make existing low-level routines thread-safe, and change existing subroutine libraries so that they will attempt to make maximum use of all available cores when instructed to do so. Doing this for basic maths subroutine libraries is (to me at least) interesting work which is -in principle- well-suited to a Maths graduate (much more so than CS types as they usually won't understand the basic numerical algorithms). Or you could move into harnessing GPUs for specific calculations (CFD calculations come to mind, but there are others to which GPUs are particularly well-suited like linear algebra). Or you could delve into professional-level object-hierarchies (the Qt object hierarchy comes to mind), and learn about how to use those things to package subroutine libraries into applications rather focus on subroutine libraries. However there is a really big snag.
It's this. If, as you write, you're basically just a passing coder with a Maths background who wants spend a few weeks to gain a bit of practice, you probably won't be able or willing to take the time to understand the specifics of the project you will be assisting. Anything that requires a substantial amount of domain knowledge (which could elevate you from "just a drive-by coder" to "a project contributor") is therefore out, barring perhaps mathematical subroutine libraries (you ought to have some fairly decent background knowledge about those from your studies). That puts clear limits on your potential contribution, and is therefore something you should keep in mind because it limits the type of work you should aim for, and with it the project.
This probably means you're limited to lightweight, non-critical work as most project administrators will not want to have any drive-by coders mess with critical functionality. What they will accept from you is the sort of work that's not critical and can be easily maintained by others when you no longer show up.
If on the other hand you were interested in a specific topic (you did mention numerical work, but I mean a specific field of application), you could invest the time to acquire some domain knowledge on of what the library is about then you could aim to make a more substantial contribution. The fact of the matter is that the real "action" tends to be in application-specific projects, not in basic maths subroutine libra
I for one feel we ought to congratulate the People of China on this signal honour.
It is China's first Nobel Prize, awarded no doubt in grateful recognition of China's consistent, lengthy and tireless efforts to promote peace, prosperity, and happiness both abroad and at home.
Perhaps one ought to see this prize in historical perspective. Throughout its lengthy history, the Realm of the Middle has always been known as a beacon of peaceful tranquility and benevolent good will towards its inhabitants and all of its neighbours, as Annam, Kampuchea, Korea, Japan, and Tibet will no doubt gratefully acknowledge.
It can also be seen as a tribute to the spirit of wise benevolence that inspires those members of that munificent collective that currently stands at China's helm.
I have the fullest confidence that can only be the most self-effacing and timid shyness that prompts the modesty we currently see displayed in China's reluctance to share this bounty with its citizens. Barring that the overwhelming interest in this widely cheered development coupled to the millions of adhesions from the grateful populace have temporarily overwhelmed available network capacity.
I absolutely don't mind a search engine giving me an option to interpret my search, but it would be terrible if I can't switch that option off.
How many times do we search for one keyword (or even a string), spelled exactly so? Just like in a library catalogue. The last thing we want is some algorithm applying an undocumented filter to our search results.
It's bad enough that Google insist on fuzzyfying that string (even when you put it between quotes), but when it starts interpreting my search intent based on my demographic profile is when I will stop using it.
and that's that the risk of fraud is born by the customer, not the bank. And activating a card after it's been sent can cost anything from 50 cents to $1.50 Think of that!
And err, no, not every bank does this. HSBC seems to be a bit "special" in this respect.
Some things in life are really when you come to think of them.
Yes, this is definitely the way to go in the absence of being able to get help from any competent faculty member in the general field you are interested in (this doesn't have to be an exact match) where you got your MSc. Is there a specific reason you didn't speak to one of those? Faculty members are supposed to know something about the area they're working in (and they usually do). If nothing else, they will know where to look, how to look, and what to look for. But you can't go wrong doing a literature analysis. You may also ask your librarian for help in this respect, especially bout where to find and how to use citation indexes for journals and individuals. They're not everything, but they're a factor.
Oh, and don't mind all those comments chiding you for not knowing anything about the area you're planning to specialize in. It's not exactly a point in your favor, but I've seen many aspiring Ph.D. students don't know who is who in the research area that's caught their interest, and they usually don't know much about the state of play in that area either (which is what they will find out in the first 6 months of their Ph.D. training). It will definitely add to their workload but that's why doing a Ph.D means specializing in a specific area.
The problem with IT is its binary nature: it either works (as in does what it needs to do) or it doesn't. There is nothing that to squeak, groan, give off heat, smoke or wear out (except perhaps its personnel). That definitely makes maintenance, and especially designs to minimize or avoid maintenance a low-priority item.
We're all familiar with a particular philosophy of IT management: "Just fix it!". We do, after perhaps noting that this may cause difficulties later on. The answer we get depends on the amount of politeness and insistence we exercise in delivering that message. To cut a long story short: if we're very polite we'll get a pat on the head and a managerial comment along the lines of: "We'll deal with it later on then."; if we're neutral we'll get a comment like: "Just do it, Ok?"; if we're less than polite we get fired (probably after we apply the fix).
In the mean time our manager (no slouch himself) has figured out the optimum time he wants to remain in his particular job. That typically means: he want to get out before the effects of decisions *he* made will become apparent. He isn't worried about correcting poor judgments from his predecessors (as long as it can be done without a fuss: those predecessors just might have moved higher up the ladder and might make things difficult for *him*), the only thing he's worried about is his own record. And that will be closed the instant he leaves.
The typical mistake made by IT personnel is to stay too long in the same job. Don't make the mistake of believing this helps your manager. Sure, it's often a god-sent for a manager to have someone who actually knows what's going on. The downside however is that it plays hob with his possibility to request more staff to do the work and a larger budget for expensive boondoggles because there's always Joe Smith who knows the system so well he can fix it. It makes him look good for keeping things under control, but it restricts his scope for self-aggrandizement. It's also de-motivating for IT personnel to have to clean up the mess you were forced to create (under the firm and slightly condescending guidance of a new manager who has deal with the problems his predecessors caused) all the while being prevented from spending 50% more time and effort "doing it right" than "just fixing it". It's also damaging to your career prospects: you're supposed to *know* the systems you built (even if you never were allotted the time to document them, let alone to update that documentation), and because you do (and because those systems are of course critical) there is no incentive for promoting you or allowing you to move on to a different area.
In buoyant economic times the answer is simple: switch employer every 3-5 years or so. You will face new challenges (read clean up the mess left by others and their managers), but at least you're cleaning up a mess you didn't make (you get to see fresh goofiness and you can learn new things from that), and you can't be held responsible for the way it is. Take a queue from your manager and try to stick to about the same time in your job as he did (plus maybe 1-2 years but not so long as to have to fix the next big crash). In the current economic climate that strategy is of course in jeopardy. Nothing for it then: simply install as much Open Source software as will escape the eye of your manager (because it will usually work better, it's often better documented, it offers more scope to fix things, you can take that particular skill with you, and it's usually a lot more fun).
Speaking with a former President: it all depends on what the meaning of "is" is.
If you take the question as: "Is posting snarky content on Facebook about evading drugs testing sufficient grounds to disqualify you from your job, and hence set you up for justifiable dismissal?", the answer is obviously: "No.".
If you take the question as: "Is posting snarky content on Facebook about evading drugs testing on part of an emergency dispatcher sufficient ground to disqualify said dispatcher from her job", the answer would shift to: "Probably not".
However, if you were to take the question as: "Suppose you are a manager in charge of emergency services. Suppose you catch one of your employees, in a fairly critical position too, writing snarky stuff on Facebook about evading drugs testing. Is that a risk to you? Would it make YOU look bad if she did anything wrong in her job (however unrelated to actual substance abuse)?", then the answer is a definite: "Yes". For that reason said manager will face the choice of (a) actually looking into the matter, forming a personal judgement, and exposing himself and his career tot potential damage just to be fair to an employee or (b) simply firing her and getting a replacement. Which option do you think would make more sense from a CYA perspective and would also make said manager look good, competent, ruthless, and dedicated?
There are no bonus points for coming up with answer (b). So that particular dispatcher is hereby dispatched. Such is the power of new electronic media, classical all-American CYA considerations, and age-old guilt-by-association thinking.
As far as I can see from the opening post, the question whether these people were programmers or not doesn't come into it at all.
If we are to believe the indictment quoted in the opening post, those people were guilty of the following:
BLMIS's
As part of a
concerted effort overseen by MADOFF and his employee, FRANK
DIPASCALI, JR., to deceive both the SEC and the European
accounting firm, O'HARA and PEREZ developed and maintained
computer programs that generated numerous false and fraudulent
records.
O'HARA and PEREZ are alleged to have known that the
special programs they developed contained fraudulent information
and that they were used in connection with the SEC and European
accounting firm reviews.
Unless people want to argue that they were somehow entitled to do this simply because they were salaried employees who would have been fired if they hadn't done as they were told, they deliberately helped commit fraud and hide the traces.
As far as I understand, the law simply asks if you (or any ordinary person in your place) could reasonably have known that you were helping with fraud. If you were, you're guilty. Whether you're on the janitorial staff or a director. That doesn't strike me as particularly unreasonable. Creating fraudulent trade records for an audit isn't something you can do without knowing.
Of course we all know that they were probably enticed or pressured into cooperating. And yes, it's very probable that they would have been fired (without a reference) had they refused to assist in covering up this fraud. And they might have been blackmailed (or even threatened with violence) if they had so much as hinted at disclosure. But even then they could have gone to the police to report the whole thing; if necessary anonymously. However they didn't, and since they actively helped commit fraud they are culpable no matter their position in the firm.
I believe the underlying article by Michael Kassner is spot on.
What computer enthousiasts like to call "an end-user being lazy, stupid, and ignorant" is simply an end-user refusing to sink a lot of time into non-revenue activity that isn't even guaranteed to protect them. There really is no call to regard users as stupid because they're not interested in knowing a lot about their computer and only want to use it as a tool to do their (office) work and to surf or to connect to social networks.
For example the note that strong passwords don't help if someone is able to install a trojan (let alone a keylogger) on your machine (or network) is spot on. In order to rationally evaluate the benefit of having strong passwords a user would need to know the probabilities of his account or machine being attacked, and conditional on that, of the strength and sophistication of his attacker. Conditional on the sophistication of the attacker you get a different set of probabilities of a his password being brute-forced or dictionary-guessed, or his machine being hijacked through vulnerabilities(whether zero-day, or simply unpatched).
In addition the recommendations for password length, composition, non-dictionary and non-sharing are one thing. However, together with this the recommendations to change it often, not to write it down, and not to re-use it across sites is very burdensome to users. And frankly unrealistic. Such rules are percieved more as a cheap cop-out on part of IT experts than helpful advice.
Being interested in, knowledgeable of, and spending time understanding and monitoring the workings of, your computer is a discretionary choice, not a compulsory one. Which is why e.g. Microsoft Windows still holds such overwhelming market share: they address the need for a computer in the role of a simple utility.
That piece about certificate errors and how to spot fake URLs is also spot on.
I'm afraid that the article hits the nail on the head: only computer enthousiasts, computer burglars, and IT professionals can rationally be expected to expend that much time and effort on being knowledgeable about and avoiding security pitfalls. Ordinary users really do make a rational decision in rejecting elaborate security measures, and asking for a simple and easy-to-follow set of rules in order to stay safe.
Unfortunately computer burglars adapt too. So any set of fixed rules will be met by an attack that's optimized to defeat it. Adherence to security rules may make life much harder for an attacker, and may even thwart 99% of all existing "dumbo attacks". However it takes only 1 attacker with a higher level of sophistication (or simply a bought zero-day exploit) to target you or your machine and you've lost anyway. In this light it's pretty reasonable to take a critical view of security advice and to reject it if it becomes too much of a hassle.
Something like that may be difficult to swallow for the average Slashhdot reader though.
Slashdot Mirror
I think it's solely a political question, as in: are pupils to be *available* for telephone messages while in class or at school?
I think there is a good reason to say that they aren't. Certainly not while in class, and for that reason jamming cellphones in classrooms strikes me as totally reasonable. Whether cellphones should be jammed in the hallways or on the grounds is another matter though.
* Those that hold personal data must receive explicit consent to divulge that data to third parties.
* There are specific restrictions ''during the collection, processing, use, transfer and maintenance of personal information.''
* Personal data cannot be exported unless specifically allowed by law or government authorities.
* A company must get written consent by letter, fax, or email for the collection of data.
* People can opt out at a later time and withdraw their consent.
* There are significant restrictions on disclosing personal data to third parties.
* When a person has given consent for the transfer of data, or it`s necessary by contract, a company can only send the data to an organization that provides the say level of security as the Indian regulations.
* People have the right to review their data and to correct it.
Reading the proposed new rules I totally fail to spot anything unreasonable. On the contrary, any bona-fide company that uses fair and transparent privacy rules will be in compliance without altering a thing about their operational procedures.
So tell me, precisely what part of those proposed rules sounds as if it would hamper a bona-fide company from carrying out its bona-fide processing of personal data they obtained with consent?
If you're unsure about what that is, read here: http://en.wikipedia.org/wiki/Reserves-to-production_ratio
For statistics on the RtP rates see slide nr. 6 of this presentation by BP: http://www.bp.com/liveassets/bp_internet/globalbp/globalbp_uk_english/reports_and_publications/statistical_energy_review_2008/STAGING/local_assets/2010_downloads/statistical_review_of_world_energy_full_report_slidepack_2010.ppt
You will note that the RtP rate remained approximately constant over the past 14-15 years. Now if you look at the price of oil (page 12 of the presentation), you'll notice a fairly steep price increase, except for the jolt caused by the 2008 banking crisis. This means that oil, whilst still *available* is getting more difficult (and hence expensive) to produce. If you factor in that the rate of consumption is growing and the rate of discovery of new sources is not, you'll see the problem.
Now, panicking (preceded of followed by running out) is not recommended, but neither is cultivating an "Oh but there's still oil aplenty" attitude.
Current trends of production and consumption all but guarantee continued high (and perhaps even higher) prices.
Now how can I state that in a way that is close to your heart? Ah yes. Let's put it this way: expect gasoline prices and your energy bills based on burning oil or gas to continue to rise in the next 20 years as they did in the past 10 years.
That means that alternative (especially renewable) energy sources definitely merit our attention, despite the increase in proven reserves.
Now how to I phrase that in a way which is close to your heart? Yes. Consider the funding. Why aren't there any private investors lining up to finance this scheme, eh? He pitched this idea at a petroleum conference, so plenty of parties with deep pockets. None stepped up so far.
So, the good (former) senator tacitly implied *public* funding for his scheme that private investors won't touch. What part of that do you like, as a tax payer?. I personally consider this an attempt to further a hobbyist agenda to revive moon travel, at the public expense, after it was canned. So count me out. There are better ways to spend public money (the best being not to spend it at all).
Secondly: why would we *need* such a boondoggle? We haven't even *got* nuclear fusion operational, despite about half a century of work. Interestingly, the first step in his grand plan is to build a $5 billion demonstration fusion reactor. Nice going! Amidst huge on-going research programmes and demonstration reactors being built (see e.g. http://en.wikipedia.org/wiki/ITER for magnetic confinement and http://en.wikipedia.org/wiki/Inertial_confinement_fusion#Inertial_confinement_fusion_as_an_energy_source for inertial confinement) our dear former senator proposes we go it alone and simply build a demo. How cute!
Personally I'm optimistic about nuclear fusion, but it's not going to help us meet our energy needs in the near or medium future. If we're getting away from fossil fuels, then how about first exhausting nuclear fission (yes, despite the Fukushima disaster) geothermal (think the magma reservoir under Yellowstone park; see http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/ ), and "alternative" energy sources like wind, tidal, and solar?
And lets not forget about energy efficiency, shall we? Energy you don't waste is energy you don't have to generate in the first place. Even now US energy efficiency in all walks of life is about one half to one third of what;s usual in e.g. Western Europe (which has a comparable standard of living). Think home insulation and building for energy efficiency. The usual homes and offices are basically sheds with an airco and a heater installed. Easy, simple, and very wasteful.
Design them with a view to energy efficiency and you can make do with about 20% of the energy consumption of "dumb" buildings. Think efficient cars (this is already happening, albeit not through any foresight: the high price of gasoline is making fuel-efficient cars attractive). All of that is something we can do right now, it's proven technology, and it's cost-effective (at current oil prices).
In third place, just suppose we had nuclear fusion. Why-ever would we *need* Lunar hydrogen? The oceans are chock-full of hydrogen, and a lot of that is deuterium, which ''burns" just fine in nuclear fusion (see http://en.wikipedia.org/wiki/Nuclear_fusion ). So why go all the way to the moon to get Helium-3 eh? Just to rekindle some moon-projects? Not with my money!
And don't forget the issue of ownership rights to the moon. If the US were to take its traditional point of view (being: "finders keepers", or "you get what you can grab"), it will now face *serious* competition from e.g. China. And what about the other BRIC (Brasil, Russia, India) countries? They're going to agree with the US and China ripping up the moon and unilaterally laying claim to all its minerals, are they?
So ... perhaps it's time to re-discover how much we favour the "co
You see, education of all sorts is about two things: training the the big natural neural network (NNN) that most of us carry with us on our shoulders, and verifying that people's NNN is up to a certain quality standard.
The programming is done to make sure that people's NNN's are capable of providing the right answer in real-life situations, while the verifying part is there to allow people to show to prospective employers that their NNN is of a certain grade, *before* they are let loose in a place where they can do harm, say, a hospital, an aircraft, a law office, a laboratory, or even an office.
With me so far? Ok, then for the last step. It's neigh impossible to measure the performance of someone's NNN in an exam if they can use their laptops or graphical calculators as crib-sheets or to get enough hints about the solution that they can guess the answer instead of deriving it, or looking it up on the Internet, asking someone else, or even paying someone to provide the answer.
It is for that very reason that we have e.g. closed-book exams, and exams that people are debarred from taking home.
In the same vein as the question about "Why are we teaching a generation of students to use crippled technology?" we might ask: why are we debarring a generation of students from using their friends and relatives to pass their exams and from buying their thesis on the Internet? And that question has the same answer.
Producers of music simply want to charge as much as they can get away with. Consumers of music of course want everything for free. In particular the concepts of "fairness" or "reasonableness" have no practical meaning with respect to the desires of the parties.
What we see here is how this particular representative of music producers has discovered a (yet untapped) potential source of revenues. So they make demands (based on their interpretation of the rules under which both they and their consumers operate: laws) and forward proposals.
If no-one complains, then their proposals were apparently fair, reasonable, and justified and will be accepted by default. If people do complain, it depends on the strength and the support of the protest. If protests are isolated and feeble, they can be ignored. If they are widespread and intense, producers may decide to ask for less, drop the demand altogether. If protests are widespread but seem to be manageable, the issue may head for arbitration (e.g. a court of law) and then it may be enforced despite protests.
The final outcome is a price which music producers feel they cannot increase without loosing net revenue (e.g. by losing customers or by spending too much on enforcement). In other words: the market price.
This once again shows the need for vigilant monitoring of one's interests in society.
What you are really asking is an estimate of the net economic value of those immigrants, which is a reasonable question.
I can't do that calculation, for a number of reasons.
(1) I don't have the author's dataset, and even if I had, it wouldn't contain the variables needed to calculate that. In addition, there are some difficulties in calculating the net economic benefits of the people mentioned because some of them founded companies, others merely filled positions within existing enterprises. Whilst in the first case it might be reasonable to attribute the entire value of the company created to the immigrant (as a company founded by someone likely wouldn't have been founded at all if that someone had remained abroad), how would you go about that in the second case? How do you calculate the net economic value of a VP of engineering? It can be done, but I don't know how to do it.
(2) The benefit you're asking for is not the benefit of the entire population, but the benefit of a handful (less than 100) admittedly individuals. We have about 400,000 F1B visa's approved annually. I think that it would be reasonable to weigh the net benefit of those exceptional individuals against the wage-depression and the added effect on the current reluctance of US citizens to study STEM subjects, caused by the other 400,000. It's a little like say, the (illegal) immigrants from Mexico, who are prepared to work under conditions and for wages that US citizens wouldn't accept.
On the one hand they provide a source of dirt-cheap menial labourers that keep farmers in business and businesses competitive. On the other hand they really do substitute for simple jobs that otherwise (a) natives would do (in part), but against much higher wages (if they did them at all), or (b) would have to be automated, or (c) wouldn't be done at all. One of the effects is a dearth of low-skilled jobs at minimum wage level (and below). And that leads to unskilled natives being excluded from the workforce and making an appearance in the jail population.
So where is the net benefit? I don't know.
(3) Even though it might be doable, it would take me too much time to do in my spare time. And if I were to submit a grant proposal for such a study, I would be undercut by a number of economists who probably would know how to do it.
Well, yes and no, but it's about the net effect, not the effect of a hundred cherry-picked cases. Take a look at the post by "iamhassi".
At least some advisors appear specialise in the field of getting selected prospective F1B workers past the legal requirements for entry quite regardless of whether they do or do not supplant natives. In the video referred to the objective isn't to fill the post, the objective is to fill the post with a specific F1B candidate. Clearly some (US !) companies abuse the system simply to get cheaper workers in, and nevermind what that does to the economy or those who were unfairly excluded. If those companies would apply the law *as intended*, the negative effects would be largely offset. Only they don't want to do that, for obvious (cost) reasons.
Now, allowing in 400,000 foreign engineers while at the same time discouraging indiginous students from taking STEM subjects doesn't strike me as the best possible policy in the long run. Or do you think it is?
Yes, you are definitely right about that. The whole process of substituting mediocre and poorly educated US citizens in the workforce with bright a
The cases you list are interesting, but they say very little (almost nothing) about what happens "in general". What you're doing, listing a number of foreign born people who made good in the US, is known as a casuistic approach. E.g. you look at a small number of cherry-picked cases.
Now that's not a bad approach when you want to get a feel for what *can* happen, but the sample you present here is *totally* un-representative for the total population of forein-born engineers. Meaning that it does not allow you to reach any useful conclusions about the population of foreign-born engineers at all.
If you want to draw conclusions about that population, you need to take a representative sample of that population (or even a census) and study that.
Now that's what the author of the original presentation supposedly (I didn't check his sampling method) did. For people who don't have his dataset (i.e. his readers) he summarised his data using a linear regression model, the coefficients of which are on page 73 of his presentation, and which I have copied for you.
The model is like:
Salary = const. + coefficient_age x age + coef_age_x_age x age x age + coef_MS x I_MS + coef_PHD x I_PHD + coef_highCOL x I_highCOL + coef_origF1nonlC x I_origF1nonlC + coef_origF1chn x I_origF1chn + coef_origF1ind x I_origF1ind
If we trust the author to handle the mechanics of datacollection and model estimation correctly, this means that he took a representative dataset of wages and explanatory variables like age, degree obtained, location, indications of foreignership, and indications of coming from China or India, and he has checked that there are no other variables in his dataset that have a significant explanatory value (e.g school where graduated).
The model coefficients he presents are:
factor beta, marg. err.
const. -2640 +/- 18429
age 3369 +/- 865
age x age -33 +/- 10
MS 9948 +/- 2177
PhD 22667 +/- 4509
highCOL 8692 +/- 1917
origF1nonIC 4479 +/- 3847
origF1chn -6190 +/- 5632
origF1ind -978 +/- 5571
non-ICs paid > avg., about 0.5 MS eect Chinese paid
This sums up several aspects of the data as the author notes. In my comments below I have taken the liberty of translating some of the factors (i.e. whether or not you're foreign, Chinese, Indian), into years of career development for easier comparison.
(1) in general, salary level increases with age, but being too old has a negative effect (the term for age squared is negative)
(2) people with PhD's reliably get into jobs where they earn substantially more than those with MS degrees.
(3) in general, foreign-born engineers earn a salary comparable to that of US borns 2 years their junior
(4) but not if you're Chinese, then your salary is likely to lag that of your peers by 3 years.
(5) if you're Indian, your salary lags that of US borns by about 1/2 year
This is how his dataset looks.
In particular, all other things being equal, Chinese and Indians really do work for lower pay than native engineers or other foreigners (e.g. Europeans). No doubt about that. And that holds for the total population he surveyed (which ought to be the total population of foreign-born engineers in CS and EE).
This squarely supports the thesis that US companies are using F1B visa simply as a negotiating tool to lower people's salaries, in view of the fact that engineers salaries have flat-lined over the past 10 or so years (meaning there can't be a serious shortage). Ok?
To be sure, discrimination is the whole point of academia, that is discrimination on basis of academic merit. People who cannot show academic rigour are vigorously discriminated against (e.g. they will not get tenure, they will not get their articles published in the mainstream journals, and they will not get recognition). Only in that way are shoddy work and pseudo-science kept at bay. Most of the time.
And yes, that's all very "elitist" because Joe Sixpack simply no more capable of judging is someone is or is not academically capable than he is of analysing a mathematical proof, a statistical test, a laboratory result, or judging if a medical diagnosis is right. If Joe Sixpack were so clued-up he'd be hired as a researcher or a professional. Only he isn't, for excellent reasons.
As Creationism lacks all and any academic merit, it is no more than reasonable to be able to refuse people who subscribe to it from joining the Biology faculty.
Despite its name, "Evolution Theory" is not a mere "theory". On the contrary. There is both an enormous existing body of solid and well-documented evidence for Evolution Theory, and it is corroborated on a continuous basis by just about every on-going field research (from bacteria to beetles to birds to elephants and all kind of plant life). This makes it a *well-tested* and *well-verified* theory, which is why it is at the basis of contemporary Biology.
It wouldn't be a problem is a creationist joined a liberal arts faculty, the maths faculty, or the civil engineering department. Those academic fields are sufficiently fare removed from creationism that they will not be impacted.
But for those who would join the Biology faculty the standard is somewhat higher: they must first show that they know in detail that they know what they are talking about (as in passing exams). After that, if they wish to dispute the foundations of the subject area they wish to don a mantle of authority on, they must first *disprove* with specificity what they dispute, in a scientifically acceptable way. For example in the course of their PhD research.
Then and only then can they be admitted (and they usually will be).
All this is needed to ensure that no *religious* arguments creep into the debate, because religion has no overlap with science and should not be confused with it.
Most of the world gets this, only the US (well certain groups within the US) is in the unique position that it starts blurring the line again centuries after the separation between Church and State and the decoupling of Theology from the Sciences during the Renaissance. It is interesting to note that in this the US finds itself in the company of Islamic Extremists, who too wish to assert the authority of their particular interpretation of word of their particular deity as paramount over reason, dispute, or evidence.
I really don't think so. The fact of the matter is that most legislation concerning the balance between commercial rights and individual ones (especially on IP-related issues) that is pioneered in the US is sooner or later adopted by countries in Europe, Japan, Korea, Taiwan, and even China. Especially if it is supported by lobbyists. The delay typically is about 5-10 years in the case of Europe.
A war for which, I'm afraid, there can be only one of two outcomes:
(a) control is wrested from end-users by legal means; the balance between free speech and commercial interests is decided in favour of commercial interests, with all its implications for free speech
(b) control remains with end-users, which implies that free speech trumps commercial interests with the result that manufacturers will find it difficult to continue to use "razorblade" sales models, and content providers cannot enforce copyright protection for their content.
If the thoughts underlying the temporary restraining order become enshrined in Law, then I believe it's highly unlikely that closed systems will actually stop at games consoles. If fear that PCs will be targeted next. After all, we have seen in Palladium (see e.g. http://en.wikipedia.org/wiki/Next-Generation_Secure_Computing_Base ) that it's technically feasible.
Now there are three crucial aspects for this to happen:
(1) a firm legal basis,
(2) mainstream acceptation, and
(3) commercial interest.
As soon as those are in place, political support will follow.
With the widespread adoption of sundry locked-down games consoles (such as playstations), the mainstream acceptance is with us today. Commercial interest is high, mainly from content providers who find it ever so much easier to prevent their content from being copied on locked-down hardware. And so the last obstacle is of a legal nature, which is currently being eroded.
I'm not optimistic on this issue and I foresee that it's only a matter of time before hardware lockdowns appear on PCs.
There may be (massive) resistance from the market, but with the right political connections one might well envision an extremely "patriotic" bill to "Protect America's Cyberspace Sovereignty" (or similar bumf) that mandates the use of Trusted Computing platforms throughout.
But seriously, adopting such a scheme nation-wide has numerous scary aspects, starting with privacy and then branching out into security, abuse, impersonation, spoofing, data theft, management, technical implementation, cost, integrity and a host of other things I forgot. Which is why even the EU (otherwise a glutton for punishment where new, centralised, and baroque administrative systems are concerned) hasn't adopted it (yet). It takes courage to actually roll something like this out nation-wide, and to do that without a backup plan (there seems to be none) is something that senior Whitehall functionaries would probably describe as "courageous".
Lets just be glad we get to watch what happens without having to incur the cost. Russia might even make some money by patenting solutions for all the problems they're going to find. It would be no more than fair if they do, for this is valuable (and very expensive) social research they're about to conduct.
Then there is the Free Software Foundation ( http://en.wikipedia.org/wiki/Free_Software_Foundation ) with whom is associated Eben Moglen ( http://en.wikipedia.org/wiki/Eben_Moglen ). Both could use a hand, and both are rich sources of interesting cases from which your friend could pick one (all in the interest of keeping his commitment manageable) to help with.
The second part is the "live" Mathematics, i.e. the process of actually doing Mathematics in the sense of figuring something out. That's a slow, arduous, iterative and groping process. Starting with an observation that confuses or amazes us, incrementally and tentatively formulating concepts (definitions, constructs of previously known mathematics), their properties (sometimes axioms but mostly properties of known constructs), drawing inferences from those concepts, seeing if they throw light on the situation, and going back to changing the concepts if they don't).
Where the second part is like mental rock-climbing, the first part is like a list of views that were discovered by rock-climbers but which which can now be reached by cable-car (or bus).
For better or worse, the mental rock-climbing takes more talent and dedication on part of a student than about 75% of them have. And even talented and dedicated students will take thousands of years (about two millennia to be exact) to reinvent Mathematics on their own (so much for "Letting students discover Mathematics on their own").
We therefore tend to teach the finished results because they are (a) enormously valuable insights (b) useful in other subjects, and (c) accessible to someone with a modest amount of perseverance, an adequate memory, and ordinary talent.
The problems really start when people (education boards) fail to distinguish between the two forms of Mathematics and neglect to clearly set out the goals they want education to address. Which then results e.g. in them insisting on letting students memorise the square-root formula for quadratic equations instead of teaching them how to solve a quadratic equation through simple algebraic manipulation (which also gives people a bit of insight in what they're doing) and letting them look up the quadrature formula when they need it.
It sure looks as if the admiral succeeded, at least as far as the stovepipes separating State Department and the Pentagon are concerned.
Unless I'm much mistaken. this latest batch of raw data also comes straight off SIPRnet ( http://en.wikipedia.org/wiki/SIPRNet just like the Iraq and Afghanistan data), which offers a convenient one-stop shopping opportunity for all things data that is militarily and diplomatically sensitive, up to and including that classified as " secret".
Of course there is the huge advantage of wide and instantaneous dissemination. On the other hand, perhaps disseminating all this data to about 3 million people throughout the US government has some drawbacks too. You know, just to take a totally off-the-wall scenario, if someone loads a couple of years of text data onto a USB stick or a CD and walks out of the building. I wonder how security analysts evaluated that possibility.
Does anyone know of any other large organizations that use such single-point-of-vulnerability systems for sensitive data?
Of course it's easy to second-guess whoever OK'ed this setup, but perhaps now is the time to reconsider its design (e.g. end-to-end encryption so that operators can't read the traffic so easily, and access logging in the sense that you keep a log of who then decrypts what).
(a) How to start contributing?
(b) What project to contribute to?
There are a number of posts that address the "how", which basically advise: "look for bug reports, then fix those", which I think is good advice and there is little I have to add to it. Except perhaps this: if you're a graduate student you will probably be able to find ongoing on-campus research projects. Is there any among those which is staffed with people you'd like to work with and from whom you feel you could learn? Have you considered joining one of those projects? Have you considered asking on of the professors for ideas? The advantage is that you will be able to get face-to-face contact, which can speed up learning. The disadvantage is that you're not getting "outside" the university.
I will address question (2): what project to join. Now there is something basic about contributing to a project which I think you ought to think about
How much time you have available, is there anything specific you want to learn about, and what is your level of commitment going to be?
For example, making use of multiple cores of today's chips is a hot topic, one which needs help, and one which you might want to learn about. One caveat though, most basic high-performance mathematical subroutines are in Fortran, not C++, and they don't aim at being examples of "good programming technique", they aim at getting maximum performance by paying attention to things like optimising memory access, keeping hte silicon busy and avoiding stalls (keeping things as much as possible on-chip, within-cache, cache coherency, pipelining, and the like).
You could e.g. propose make existing low-level routines thread-safe, and change existing subroutine libraries so that they will attempt to make maximum use of all available cores when instructed to do so. Doing this for basic maths subroutine libraries is (to me at least) interesting work which is -in principle- well-suited to a Maths graduate (much more so than CS types as they usually won't understand the basic numerical algorithms). Or you could move into harnessing GPUs for specific calculations (CFD calculations come to mind, but there are others to which GPUs are particularly well-suited like linear algebra). Or you could delve into professional-level object-hierarchies (the Qt object hierarchy comes to mind), and learn about how to use those things to package subroutine libraries into applications rather focus on subroutine libraries. However there is a really big snag.
It's this. If, as you write, you're basically just a passing coder with a Maths background who wants spend a few weeks to gain a bit of practice, you probably won't be able or willing to take the time to understand the specifics of the project you will be assisting. Anything that requires a substantial amount of domain knowledge (which could elevate you from "just a drive-by coder" to "a project contributor") is therefore out, barring perhaps mathematical subroutine libraries (you ought to have some fairly decent background knowledge about those from your studies). That puts clear limits on your potential contribution, and is therefore something you should keep in mind because it limits the type of work you should aim for, and with it the project.
This probably means you're limited to lightweight, non-critical work as most project administrators will not want to have any drive-by coders mess with critical functionality. What they will accept from you is the sort of work that's not critical and can be easily maintained by others when you no longer show up.
If on the other hand you were interested in a specific topic (you did mention numerical work, but I mean a specific field of application), you could invest the time to acquire some domain knowledge on of what the library is about then you could aim to make a more substantial contribution. The fact of the matter is that the real "action" tends to be in application-specific projects, not in basic maths subroutine libra
It is China's first Nobel Prize, awarded no doubt in grateful recognition of China's consistent, lengthy and tireless efforts to promote peace, prosperity, and happiness both abroad and at home.
Perhaps one ought to see this prize in historical perspective. Throughout its lengthy history, the Realm of the Middle has always been known as a beacon of peaceful tranquility and benevolent good will towards its inhabitants and all of its neighbours, as Annam, Kampuchea, Korea, Japan, and Tibet will no doubt gratefully acknowledge.
It can also be seen as a tribute to the spirit of wise benevolence that inspires those members of that munificent collective that currently stands at China's helm.
I have the fullest confidence that can only be the most self-effacing and timid shyness that prompts the modesty we currently see displayed in China's reluctance to share this bounty with its citizens. Barring that the overwhelming interest in this widely cheered development coupled to the millions of adhesions from the grateful populace have temporarily overwhelmed available network capacity.
Will those enforcement monkeys be wearing badges? Or do they just work for peanuts?
How many times do we search for one keyword (or even a string), spelled exactly so? Just like in a library catalogue. The last thing we want is some algorithm applying an undocumented filter to our search results.
It's bad enough that Google insist on fuzzyfying that string (even when you put it between quotes), but when it starts interpreting my search intent based on my demographic profile is when I will stop using it.
And err, no, not every bank does this. HSBC seems to be a bit "special" in this respect.
Some things in life are really when you come to think of them.
Oh, and don't mind all those comments chiding you for not knowing anything about the area you're planning to specialize in. It's not exactly a point in your favor, but I've seen many aspiring Ph.D. students don't know who is who in the research area that's caught their interest, and they usually don't know much about the state of play in that area either (which is what they will find out in the first 6 months of their Ph.D. training). It will definitely add to their workload but that's why doing a Ph.D means specializing in a specific area.
We're all familiar with a particular philosophy of IT management: "Just fix it!". We do, after perhaps noting that this may cause difficulties later on. The answer we get depends on the amount of politeness and insistence we exercise in delivering that message. To cut a long story short: if we're very polite we'll get a pat on the head and a managerial comment along the lines of: "We'll deal with it later on then."; if we're neutral we'll get a comment like: "Just do it, Ok?"; if we're less than polite we get fired (probably after we apply the fix).
In the mean time our manager (no slouch himself) has figured out the optimum time he wants to remain in his particular job. That typically means: he want to get out before the effects of decisions *he* made will become apparent. He isn't worried about correcting poor judgments from his predecessors (as long as it can be done without a fuss: those predecessors just might have moved higher up the ladder and might make things difficult for *him*), the only thing he's worried about is his own record. And that will be closed the instant he leaves.
The typical mistake made by IT personnel is to stay too long in the same job. Don't make the mistake of believing this helps your manager. Sure, it's often a god-sent for a manager to have someone who actually knows what's going on. The downside however is that it plays hob with his possibility to request more staff to do the work and a larger budget for expensive boondoggles because there's always Joe Smith who knows the system so well he can fix it. It makes him look good for keeping things under control, but it restricts his scope for self-aggrandizement. It's also de-motivating for IT personnel to have to clean up the mess you were forced to create (under the firm and slightly condescending guidance of a new manager who has deal with the problems his predecessors caused) all the while being prevented from spending 50% more time and effort "doing it right" than "just fixing it". It's also damaging to your career prospects: you're supposed to *know* the systems you built (even if you never were allotted the time to document them, let alone to update that documentation), and because you do (and because those systems are of course critical) there is no incentive for promoting you or allowing you to move on to a different area.
In buoyant economic times the answer is simple: switch employer every 3-5 years or so. You will face new challenges (read clean up the mess left by others and their managers), but at least you're cleaning up a mess you didn't make (you get to see fresh goofiness and you can learn new things from that), and you can't be held responsible for the way it is. Take a queue from your manager and try to stick to about the same time in your job as he did (plus maybe 1-2 years but not so long as to have to fix the next big crash). In the current economic climate that strategy is of course in jeopardy. Nothing for it then: simply install as much Open Source software as will escape the eye of your manager (because it will usually work better, it's often better documented, it offers more scope to fix things, you can take that particular skill with you, and it's usually a lot more fun).
If you take the question as: "Is posting snarky content on Facebook about evading drugs testing sufficient grounds to disqualify you from your job, and hence set you up for justifiable dismissal?", the answer is obviously: "No.".
If you take the question as: "Is posting snarky content on Facebook about evading drugs testing on part of an emergency dispatcher sufficient ground to disqualify said dispatcher from her job", the answer would shift to: "Probably not".
However, if you were to take the question as: "Suppose you are a manager in charge of emergency services. Suppose you catch one of your employees, in a fairly critical position too, writing snarky stuff on Facebook about evading drugs testing. Is that a risk to you? Would it make YOU look bad if she did anything wrong in her job (however unrelated to actual substance abuse)?", then the answer is a definite: "Yes". For that reason said manager will face the choice of (a) actually looking into the matter, forming a personal judgement, and exposing himself and his career tot potential damage just to be fair to an employee or (b) simply firing her and getting a replacement. Which option do you think would make more sense from a CYA perspective and would also make said manager look good, competent, ruthless, and dedicated?
There are no bonus points for coming up with answer (b). So that particular dispatcher is hereby dispatched. Such is the power of new electronic media, classical all-American CYA considerations, and age-old guilt-by-association thinking.
If we are to believe the indictment quoted in the opening post, those people were guilty of the following:
Unless people want to argue that they were somehow entitled to do this simply because they were salaried employees who would have been fired if they hadn't done as they were told, they deliberately helped commit fraud and hide the traces.
As far as I understand, the law simply asks if you (or any ordinary person in your place) could reasonably have known that you were helping with fraud. If you were, you're guilty. Whether you're on the janitorial staff or a director. That doesn't strike me as particularly unreasonable. Creating fraudulent trade records for an audit isn't something you can do without knowing.
Of course we all know that they were probably enticed or pressured into cooperating. And yes, it's very probable that they would have been fired (without a reference) had they refused to assist in covering up this fraud. And they might have been blackmailed (or even threatened with violence) if they had so much as hinted at disclosure. But even then they could have gone to the police to report the whole thing; if necessary anonymously. However they didn't, and since they actively helped commit fraud they are culpable no matter their position in the firm.
What computer enthousiasts like to call "an end-user being lazy, stupid, and ignorant" is simply an end-user refusing to sink a lot of time into non-revenue activity that isn't even guaranteed to protect them. There really is no call to regard users as stupid because they're not interested in knowing a lot about their computer and only want to use it as a tool to do their (office) work and to surf or to connect to social networks.
For example the note that strong passwords don't help if someone is able to install a trojan (let alone a keylogger) on your machine (or network) is spot on. In order to rationally evaluate the benefit of having strong passwords a user would need to know the probabilities of his account or machine being attacked, and conditional on that, of the strength and sophistication of his attacker. Conditional on the sophistication of the attacker you get a different set of probabilities of a his password being brute-forced or dictionary-guessed, or his machine being hijacked through vulnerabilities(whether zero-day, or simply unpatched).
In addition the recommendations for password length, composition, non-dictionary and non-sharing are one thing. However, together with this the recommendations to change it often, not to write it down, and not to re-use it across sites is very burdensome to users. And frankly unrealistic. Such rules are percieved more as a cheap cop-out on part of IT experts than helpful advice.
Being interested in, knowledgeable of, and spending time understanding and monitoring the workings of, your computer is a discretionary choice, not a compulsory one. Which is why e.g. Microsoft Windows still holds such overwhelming market share: they address the need for a computer in the role of a simple utility.
That piece about certificate errors and how to spot fake URLs is also spot on.
I'm afraid that the article hits the nail on the head: only computer enthousiasts, computer burglars, and IT professionals can rationally be expected to expend that much time and effort on being knowledgeable about and avoiding security pitfalls. Ordinary users really do make a rational decision in rejecting elaborate security measures, and asking for a simple and easy-to-follow set of rules in order to stay safe.
Unfortunately computer burglars adapt too. So any set of fixed rules will be met by an attack that's optimized to defeat it. Adherence to security rules may make life much harder for an attacker, and may even thwart 99% of all existing "dumbo attacks". However it takes only 1 attacker with a higher level of sophistication (or simply a bought zero-day exploit) to target you or your machine and you've lost anyway. In this light it's pretty reasonable to take a critical view of security advice and to reject it if it becomes too much of a hassle.
Something like that may be difficult to swallow for the average Slashhdot reader though.