If anyone suspects something was left in the bathroom it is easy to check.
I just took a dump. If you looked in the toilet, you wouldn't be able to tell. Yet I could hear the "sploosh" as the water surface was broken.
Also, when cleaning toilets, it's remarkable how well you can push water "uphill" with a brush.
Think about where you can stick your arm. Seriously, there's got to be some way to hide something in a toilet. Heck, hide the stuff *inside* your poop.
"We herd u like shit, so we put some shit in your shit so you can hide yo shit in yo shit while u shit shitbricks over your shit." Or some shit like that...
I think Jacob Nielsen is both right, slightly wrong, and not so slightly wrong.
First, the personal anecdote. There's one place and time where I really want to look at my password. That's when I'm installing a new OS.
I'm typically alone in my room when I'm doing that. Or I'm doing it for a friend who trusts me (and I could install a back door if I had one anyways). I use the Dvorak keyboard layout, but my point works equally well just for just about any layout except the US bog standard. The trick is: I'm not used to using the installation software. I don't know whether it has really picked up on my keyboard layout---in debian/ubuntu installers, the password is among the first things I type. I would _really_ like to (at my discretion) have the password displayed.
Next, let's consider what Nielsen is saying.
Providing feedback and visualizing the system's status have always been among the most basic usability principles.
True.
Of course, a truly skilled criminal can simply look at the keyboard and note which keys are being pressed. So, password masking doesn't even protect fully against snoopers.
I tried that against a sales representative today, twice. Didn't work. But I'm not truly skilled. If the password had been on the screen, I'm sure it had been a lot easier.
It's not like masking passwords buys you nothing. It does buy you something. If he has evidence that the value doesn't exceed its cost, I'd like to see it.
But maybe masking rarely buys you anything?
[Usually] It's just you, sitting all alone in your office, suffering reduced usability to protect against a non-issue.
Could be true, but that actually makes unmasking a problem. I'll get to that.
Yes, users are sometimes truly at risk of having bystanders spy on their passwords, such as when they're using an Internet cafe. It's therefore worth offering them a checkbox to have their passwords masked; for high-risk applications, such as bank accounts, you might even check this box by default.
As we all know, the expected utility of any uncertain event is its probability times its utility.
Nielsen does address security compromises with a large (negative) utility, such as bank account passwords. He fails at considering the probability.
Why is that crucial?
The probability of compromise can be largely influenced by use context. That is, am I sitting alone in my cubicle? Am I giving a presentation using a projector? Am I using a public kiosk?
I don't know about you guys, but when I look at any login screen I'm used to using, I type my username and password without asking myself "is my security at risk?". When I'm using a projector, I'm reflecting over the fact that other people can't see my password while I'm typing it.
Said another way: the correct system for logging in changes from
Type username and password
To
Assess the situational risks
Type username and password
I think the second habit is much harder to form, and takes more thought. Most users will fail. He points out that loss of security is a danger with masked passwords. With unmasked passwords, it's a certainty. We need fail-safe, because failures an inevitable. If one of your employees accidentally forgets to check the checkbox at a trade show, your competitor can now log in as that employee and steal your trade secrets.
On the other hand, don't listen to me. Listen to the evidence. Note how I don't have any, and Jacob doesn't have any. I think that's the biggest failure. Sure, well-controlled studies of his hypothesis are hard to do, so other evidence will have to make do.
[browsers] remember what you put in normal text fields.
Well, here's an easy fix: browsers add a checkbox-ish context menu item to password fields saying "don't hide text behind dots". Pages don't have to do anything, and browsers don't need to change caching behavior.
On the other hand, we only post passwords over HTTPS which browsers don't cache anyways. Right, slashdot? Right? Harumph:(
You know, just like infant mortality can be explained* in part by mother's marital status, mother's smoking habits during pregnancy, socio-economic status, and tons of other factors, maybe the observable security levels of any piece of software depends in part on its prevalence and in part on its development process?
(*I don't actually know, I'm just listing some hypothetical factors. Feel free to dig up some stats and do the math. Or even better, do it on security.)
I think the geek would be the first to howl if he could only install the apps approved [by Apple]
I just had a look at a demo iPhone today. One of the top 25 apps in the store shows scantily clad women. The app description says "they're as naked as Apple will let us make them".
Oh, Apple gets to censor my mobile porn. Screw that, then. Hello, Android-running HTC Magic.
How dare microsoft plug security holes themselves.
Well, strictly speaking, the anti-malware vendors still have a market if people run non-MS software, such as firefox, VLC, OpenOffice and others. If MS fixes their own holes, it might shrink the anti-malware market, but isn't that just "the cost of progress", just like cars shrunk the market for horse shoes?
I'm not the one to frivolously defend Microsoft, but here I think there's an argument which at least needs a counter-argument before a suit about anticompetitive behavior can be won.
Maybe that's because the only thing typically found on my desk is a computer.
Ah! So you're saying the typical Desktop (on your computer, on your desk) should display a VM with a computer in it, showing a desktop with a computer, to stick with the easy-to-grok desktop metaphor, right?
lacked some of the stuff that seemed to me at the time to be important (type-safe generic programming capability)
Without it, you get all the brevity of manifest static typing, i.e. having to type a lot of type names, with all the run-time guarantees of dynamic typing, since you're putting in casts (adding even more typing) everywhere you take stuff out of collections.
Type inference with optional declarations and class-bounded polymorphism ftw: as little typing as you like, as much explicitness as you like, static guarantees, and you can have a List of Fruit which can contain both Apples and Oranges.
It's a real shame Java still forces everything to be a class, because sometimes it's just the wrong tool.
Of all the great programmers I can think of, I know of only one who would voluntarily program in Java. And of all the great programmers I can think of who don't work for Sun, on Java, I know of zero.
no qualms violating the copyright of Apple, MSFT, members of the RIAA or the MPAA. That is hypocrisy
If their position is "Copyright good", then yes.
If their position is "Open Source good; oppressive big corporations running unchecked bad", then I fail to see the hypocrisy. Could you please explain it to me?
Or are you saying that the people in question violate the copyrights of Apple's and Microsoft's open source code, or that of **AA Creative Commons music and movies?
I think the people you talk about subscribe to the latter view.
The group of individuals at the session included Christine Peterson who suggested open source.
It wasn't Eric Raymond. He was just in favor of that term over all the others that came up. I'm pretty sure I remember himself saying that on catb.org/~esr/<somewhere>, but I can't find that right now.
Why am I not entitled to a small amount of protection in the marketplace, so that I can earn a living from my hard work?
Because the rest of us are worse off if you have it.
I think that's the argument copyright abolitionists should make to have a good case. I want them (us) to have data backing it up. ISTR there being some, but I haven't exactly looked hard.
Is it really a good idea to undermine the ability of digital creators to even earn a living?
Red Hat makes money even though CentOS and Fedora exist, giving away essentially the same software. Red Hat gives away software as a driver for support sales.
I hear musicians make a pittance from RIAA-member (Sony, BMI, Capitol Records, etc.) contracts, and get most of their money touring. Without copyrights, you can still make money touring. Even if other people are allowed to play $BAND's songs, I'd rather go see $BAND than $COPY_OF_BAND. And they can still sell T-shirts and CDs at the tour.
Copyright abolition might not work for books and movies. For particular books (i.e. public school textbooks) it might make sense for the government to fund the writing of text books which are then given away freely to everyone (including schools). Similarly for college text books, maybe; we probably won't be using SICP for introductory programming here at my university, and a lot of courses are based on lecturer's notes.
Also, as everyone else has probably pointed out, you don't get a small protection in the market. You get a lifetime+70 monopoly and pretty excessive control over how your creation can be used. At least in the US, for law-abiding consumers. A lot of people are sick and tired of the excessive control. I love that none of my videos have segments I can't skip, and that I can listen to my legally bought music on my computer without fiddling around with disks. "Even" on Linux (f.u., Apple,...).
[hunting piracy and drugs is] sending the message "we have an overabundance of resources and personnel [...] please reduce our size and power immediately."
I always thought it sent the message "We have the power to control your lives because there's no oversight or accountability, and we want to because we're powertripping pricks, so screw you and give us more power".
Slashdot Mirror
A tip on using space characters on computers: [...] But if you separate terms
A tip on using bracketed elision...
why would someone who engages in this type of behavior not commit the actual crime in the future?
Because it might increase the risk of getting caught?
I got dibs on the traffic cones!
Maybe I'm the one who should echo '0.0.0.0 slashdot.org' >> /etc/hosts :(
If anyone suspects something was left in the bathroom it is easy to check.
I just took a dump. If you looked in the toilet, you wouldn't be able to tell. Yet I could hear the "sploosh" as the water surface was broken.
Also, when cleaning toilets, it's remarkable how well you can push water "uphill" with a brush.
Think about where you can stick your arm. Seriously, there's got to be some way to hide something in a toilet. Heck, hide the stuff *inside* your poop.
"We herd u like shit, so we put some shit in your shit so you can hide yo shit in yo shit while u shit shitbricks over your shit." Or some shit like that...
I think Jacob Nielsen is both right, slightly wrong, and not so slightly wrong.
First, the personal anecdote. There's one place and time where I really want to look at my password. That's when I'm installing a new OS.
I'm typically alone in my room when I'm doing that. Or I'm doing it for a friend who trusts me (and I could install a back door if I had one anyways). I use the Dvorak keyboard layout, but my point works equally well just for just about any layout except the US bog standard. The trick is: I'm not used to using the installation software. I don't know whether it has really picked up on my keyboard layout---in debian/ubuntu installers, the password is among the first things I type. I would _really_ like to (at my discretion) have the password displayed.
Next, let's consider what Nielsen is saying.
Providing feedback and visualizing the system's status have always been among the most basic usability principles.
True.
Of course, a truly skilled criminal can simply look at the keyboard and note which keys are being pressed. So, password masking doesn't even protect fully against snoopers.
I tried that against a sales representative today, twice. Didn't work. But I'm not truly skilled. If the password had been on the screen, I'm sure it had been a lot easier.
It's not like masking passwords buys you nothing. It does buy you something. If he has evidence that the value doesn't exceed its cost, I'd like to see it.
But maybe masking rarely buys you anything?
[Usually] It's just you, sitting all alone in your office, suffering reduced usability to protect against a non-issue.
Could be true, but that actually makes unmasking a problem. I'll get to that.
Yes, users are sometimes truly at risk of having bystanders spy on their passwords, such as when they're using an Internet cafe. It's therefore worth offering them a checkbox to have their passwords masked; for high-risk applications, such as bank accounts, you might even check this box by default.
As we all know, the expected utility of any uncertain event is its probability times its utility.
Nielsen does address security compromises with a large (negative) utility, such as bank account passwords. He fails at considering the probability.
Why is that crucial?
The probability of compromise can be largely influenced by use context. That is, am I sitting alone in my cubicle? Am I giving a presentation using a projector? Am I using a public kiosk?
I don't know about you guys, but when I look at any login screen I'm used to using, I type my username and password without asking myself "is my security at risk?". When I'm using a projector, I'm reflecting over the fact that other people can't see my password while I'm typing it.
Said another way: the correct system for logging in changes from
To
I think the second habit is much harder to form, and takes more thought. Most users will fail. He points out that loss of security is a danger with masked passwords. With unmasked passwords, it's a certainty. We need fail-safe, because failures an inevitable. If one of your employees accidentally forgets to check the checkbox at a trade show, your competitor can now log in as that employee and steal your trade secrets.
Dan Ariely gave a great TED talk about how we go with defaults if the options are complicated: http://www.ted.com/talks/lang/eng/dan_ariely_asks_are_we_in_control_of_our_own_decisions.html
We need a fail-safe default.
On the other hand, don't listen to me. Listen to the evidence. Note how I don't have any, and Jacob doesn't have any. I think that's the biggest failure. Sure, well-controlled studies of his hypothesis are hard to do, so other evidence will have to make do.
But he doesn't have any.
[I'm Mark Duval of Belgium, and I'm an idiot.] Now what?
Don't worry. It's done.
[browsers] remember what you put in normal text fields.
Well, here's an easy fix: browsers add a checkbox-ish context menu item to password fields saying "don't hide text behind dots". Pages don't have to do anything, and browsers don't need to change caching behavior.
On the other hand, we only post passwords over HTTPS which browsers don't cache anyways. Right, slashdot? Right? Harumph :(
if $NOT_MS had 90% market share...
Apache! You're wrong
Maybe the solution is a mix of the two?
You know, just like infant mortality can be explained* in part by mother's marital status, mother's smoking habits during pregnancy, socio-economic status, and tons of other factors, maybe the observable security levels of any piece of software depends in part on its prevalence and in part on its development process?
(*I don't actually know, I'm just listing some hypothetical factors. Feel free to dig up some stats and do the math. Or even better, do it on security.)
I think the geek would be the first to howl if he could only install the apps approved [by Apple]
I just had a look at a demo iPhone today. One of the top 25 apps in the store shows scantily clad women. The app description says "they're as naked as Apple will let us make them".
Oh, Apple gets to censor my mobile porn. Screw that, then. Hello, Android-running HTC Magic.
claim anti-trust and attempt to sue.
How dare microsoft plug security holes themselves.
Well, strictly speaking, the anti-malware vendors still have a market if people run non-MS software, such as firefox, VLC, OpenOffice and others. If MS fixes their own holes, it might shrink the anti-malware market, but isn't that just "the cost of progress", just like cars shrunk the market for horse shoes?
I'm not the one to frivolously defend Microsoft, but here I think there's an argument which at least needs a counter-argument before a suit about anticompetitive behavior can be won.
Maybe that's because the only thing typically found on my desk is a computer.
Ah! So you're saying the typical Desktop (on your computer, on your desk) should display a VM with a computer in it, showing a desktop with a computer, to stick with the easy-to-grok desktop metaphor, right?
lacked some of the stuff that seemed to me at the time to be important (type-safe generic programming capability)
Without it, you get all the brevity of manifest static typing, i.e. having to type a lot of type names, with all the run-time guarantees of dynamic typing, since you're putting in casts (adding even more typing) everywhere you take stuff out of collections.
Type inference with optional declarations and class-bounded polymorphism ftw: as little typing as you like, as much explicitness as you like, static guarantees, and you can have a List of Fruit which can contain both Apples and Oranges.
It's a real shame Java still forces everything to be a class, because sometimes it's just the wrong tool.
Java is a perfectly acceptable programming language in many circumstances.
Such as when your programmers aren't really great :p
From http://www.paulgraham.com/gh.html
Of all the great programmers I can think of, I know of only one who would voluntarily program in Java. And of all the great programmers I can think of who don't work for Sun, on Java, I know of zero.
no qualms violating the copyright of Apple, MSFT, members of the RIAA or the MPAA. That is hypocrisy
If their position is "Copyright good", then yes.
If their position is "Open Source good; oppressive big corporations running unchecked bad", then I fail to see the hypocrisy. Could you please explain it to me?
Or are you saying that the people in question violate the copyrights of Apple's and Microsoft's open source code, or that of **AA Creative Commons music and movies?
I think the people you talk about subscribe to the latter view.
ScummVM's developers would love to see ScummVM running on the Wii
Well, someone really ought to tell them, then: ScummVM already runs on the wii. As homebrew.
http://www.opensource.org/history
They brainstormed about tactics and a new label. "Open source", contributed by Chris Peterson, was the best thing they came up with.
http://en.wikipedia.org/wiki/Open_source
The group of individuals at the session included Christine Peterson who suggested open source.
It wasn't Eric Raymond. He was just in favor of that term over all the others that came up. I'm pretty sure I remember himself saying that on catb.org/~esr/<somewhere>, but I can't find that right now.
Real geeks submit comments using their own home-grown browsegmentation fault
[bits can't be spun]
Now qbits, on the other hand...
Why am I not entitled to a small amount of protection in the marketplace, so that I can earn a living from my hard work?
Because the rest of us are worse off if you have it.
I think that's the argument copyright abolitionists should make to have a good case. I want them (us) to have data backing it up. ISTR there being some, but I haven't exactly looked hard.
Is it really a good idea to undermine the ability of digital creators to even earn a living?
Red Hat makes money even though CentOS and Fedora exist, giving away essentially the same software. Red Hat gives away software as a driver for support sales.
I hear musicians make a pittance from RIAA-member (Sony, BMI, Capitol Records, etc.) contracts, and get most of their money touring. Without copyrights, you can still make money touring. Even if other people are allowed to play $BAND's songs, I'd rather go see $BAND than $COPY_OF_BAND. And they can still sell T-shirts and CDs at the tour.
Copyright abolition might not work for books and movies. For particular books (i.e. public school textbooks) it might make sense for the government to fund the writing of text books which are then given away freely to everyone (including schools). Similarly for college text books, maybe; we probably won't be using SICP for introductory programming here at my university, and a lot of courses are based on lecturer's notes.
Also, as everyone else has probably pointed out, you don't get a small protection in the market. You get a lifetime+70 monopoly and pretty excessive control over how your creation can be used. At least in the US, for law-abiding consumers. A lot of people are sick and tired of the excessive control. I love that none of my videos have segments I can't skip, and that I can listen to my legally bought music on my computer without fiddling around with disks. "Even" on Linux (f.u., Apple, ...).
[hunting piracy and drugs is] sending the message "we have an overabundance of resources and personnel [...] please reduce our size and power immediately."
I always thought it sent the message "We have the power to control your lives because there's no oversight or accountability, and we want to because we're powertripping pricks, so screw you and give us more power".
Not that I agree with it...
Please, "nerds", make an attempt to understand units.
It's quite easy, just follow this: http://xkcd.com/394/
It's quite clear that an emulator is OK as long as it can only run the app sold with it, and not arbitrary code.
This sounds like the perfect scenario for a practical application of the Underhand C Code Contest ideas :->
The probability of being clean afterward with circumcision is (1-(0.5*p))^n which is approximately equal to (1-p)^n for any n larger than 10 or so.
Gnuplot:
f(n) = (1 - 0.6)**n
g(n) = (1 - 0.3)**n
plot [1:20] f(x), g(x)
f becomes indistinguishably close to zero at n=9, g at n=19 or n=20. I'm not sure about my values of p, though. You can play with gnuplot yourself :)
Without the money going to [John Cage's] estate, he may never write another measured piece of silence again."
Flawless Victory
This is like Iran and North Korea going at it.
Seeing how this is going to be a nuclear war, let's consider the collateral damages to neighboring countries.
When North Korea gets hit, that's going to affect South Korea, which means I might be unable to watch Starcraft on GomTV.
If Iran gets hit, that's going to affect Iraq. Let's see, what do they provide of value... Oil to Bush? Oh, that was way back when? Uhmm....
Yeah, I want my Starcraft. Go NK, Go Kim!