|
|
There are currently some adverts on Trams in Melbourne for some sort of community organisation. They have an amusing picture of an “Amazon” character from an RPG with statistics such as Self Esteem at zero.
They have a web site at www.reachoutcentral.com.au which firstly tries to launch a popup window (did the web designers not notice that almost everyone blocks popups?) then uses a refresh for a redirect (with a message to click on an icon if it doesn’t work) and finally demands that Flash be installed.
So someone who is in need of whatever counselling the Inspire Foundation (the organisation that registered the domain) offers is likely to be told that their computer is not adequate, I’m sure that they’ll appreciate that. As will the visually impaired people who will get even less out of the site.
Is the web site offering a service that might tend to be needed by people who don’t have the latest computer gear and can’t run the latest version of Flash? It’s not only Linux users who are unwilling or unable to use Flash, older Windows installations also apparently have problems.
Are people who can’t afford a broadband net connection likely to need the service in question? Dial-up network access is cheaper (and many people will be hesitant to visit a web site related to personal problems in a public place such as an Internet Cafe).
A common practice in the blog space is to write posts that ask a question in the hope that someone else will answer it via a comment or a post. This is known as a “Lazyweb Post”.
It seems to me that the way of managing such posts could be improved with a little informal cooperation. From now on I plan to tag each Lazyweb post with a Lazyweb Tag, now any reader of my blog can with a single click see all the unanswered lazyweb posts that I have written (I will remove the tag once an adequate answer has been provided or I have discovered and documented the solution myself).
Almost all bloggers want to get more traffic to their blogs, the question is how to get traffic of the nature that you desire. Links from blogs that you like are a preferred source of traffic. If a blogger that you would like to receive a link from has a lazyweb tag or category then it provides a good list of ideas for post topics that will get you the links you desire. Such lists would also be good for determining what information is not generally available and which therefore can be used for the topics of original posts.
Such tags or categories should also be good for getting answers to lazyweb posts. I’ll start doing this and see how well it takes off.
Danny Angus writes about the potential threat posed by small storage devices with large capacity [1]. His post was prompted by a BBC article about Hitachi’s plans for new hard drives [2], they are aiming for 4TB of data on a single drive by 2011 and a 1TB laptop drive. One thing I noticed about the article is that they made the false claim that current drives are limited to 1TB, the storage capacity is determined by the total surface area which is proportional to the square of the radius and the height of the drive (AFAIK there are no practical limits to the number of platters apart from the height of the drive). So if a 5.25 inch hard drive was to be manufactured with today’s technology it should get a capacity equivalent to at least three times the capacity of the larger 3.5 inch drive.
The reason that 5.25 inch drives are not manufactured is that for best performance you want multiple spindles so that multiple operations can be performed concurrently. Using 3.5 inch drives in servers allows the use of more disks for the same amount of space in the rack and the same amount of power. The latest trend is towards 2.5 inch (Small Form Factor AKA SFF) disks for servers to allow more drives for better performance. With 3.5 inch disks a 1U system was limited to 3 disks and a 2U system was often limited to 4 or 5 disks. But with 2.5 inch drives a 2U server can have 10 drives or more. I know of one hardware vendor that plans to entirely cease using 3.5 inch drives and claims that 2.5 inch disks will give better performance, capacity, and power use!
In regard to Danny’s claim (which is entirely correct) about the threat posed by insiders. I don’t believe that a laptop with 1TB of capacity is the threat. In a server room people notice where laptops get connected and there are often strictly enforced policies about connecting machines that don’t belong to the company. I believe that the greatest threat is posed by USB flash devices. For example let’s consider a database with customer name (~20B), birth-date (10B), address (~80B), phone number (~12B), card type (1B), card number (16B), card expiry (5B), and card CVV code (3B). That’s ~155 bytes per record in CSV or TSV format. If you have data for a million customers that’s 155M uncompressed and probably about 50M when compressed with gzip or WinZip (depending on which platform is being ripped). No-one even sells a USB flash device that is smaller than 50M, I recently bought a 2G flash device that was physically very small and cheap (it was in the bargain bin).
The next issue is, what data might be worth stealing that is large enough to not fit on a USB device? I guess that if you want to copy entire network file shares from a corporation then you would need more than the 16G that seems to be the maximum capacity of a USB device at the moment. Another theoretical possibility would be to copy the entire mail spool of a medium to large ISP. For the case of a corporate file server you could probably get the data at reasonable speed, 1TB of data would take 10,000 seconds or 2.8 hours to transfer at gigabit Ethernet speeds (if you max out a GigE link – it could be as much as five times that if the network is congested or if the server is slow). It’s doable, but it would be a rather tense three or more hours waiting by an illegally connected laptop. For the mail server of a large ISP there is often no chance of getting anywhere near line speed, it’s lots of small reads and seek performance is the bottleneck, such servers are usually running close to capacity (and trying to copy data fast would hurt performance and draw unwanted attention).
Another possibility might be to copy the storage of an Intranet search device. If a company has a Google appliance or similar device indexing much of their secret data then copying the indexes would be very useful. It would allow offline searches of the corporate data to prepare a list of files to retrieve later.
It would probably be more useful to get online access to the data from a remote site. I expect that an unethical person could sell remote access to someone who is out of range of extradition. All that would be required would be to intentionally leave a flaw in the security of the system. In most large corporations this could be done in a way that is impossible to prove. For example if management decrees that the Internet servers run some software that is known to be of low quality then a hostile insider could make configuration changes to increase the risk – it would look like an innocent mistake if the problem was ever discovered (the blame would entirely go to the buggy software and the person who recommended it).
A large part of the solution to this problem is to hire good employees. The common checks performed grudgingly by financial companies are grossly inadequate for this. Checking whether a potential employee has a criminal record does not prevent hiring criminals, it merely prevents hiring unsuccessful criminals and people who have not yet been tempted enough! The best way to assess whether HR people are being smart about this is to ask them for an estimate of how many criminals are employed by the company. If you have a company that’s not incredibly small then it’s inevitable that some criminals will be employed. Anyone who thinks that it is possible to avoid hiring criminals simply isn’t thinking about the issues. I may write more about this issue in a future post.
Another significant part of the solution to the problem is to grant minimum privileges to access data. Everyone should only be granted access to data that they need for their work so that the only people who can really compromise the company are senior managers and sys-admins, and for best security different departments or groups should have different sys-admin teams and separate server rooms. Of course this does increase the cost of doing business, and probably most managers would rather have it be cheap than secure.
I just read a nutty post claiming that Neo-Conservatism is good for the environment [1].
The first bogus claim is that Saddam had WMD and war was required because he was a despot. The fact is that the Iraqi government was always repressive, there are many factions in Iraq that don’t like each other and a repressive government is the only way to keep such groups in a united country. The current civil war in Iraq and the effective secession of Kurdistan (which currently seems to be involved in an undeclared border war with Turkey) demonstrates this. Saddam was always a despot, but he did improve the living conditions of most Iraqis – the best way to avoid a revolution is to convince the majority of the population that things will get worse if there is change. I suggest reading the Wikipedia page about Saddam Hussein [2].
The best information on Fourth Generation Warfare (4GW) seems to be on the conservative military analysis site Defense and the National Interest [7]. It covers all the issues related to invading other countries from a conservative point of view. Note that Neo-Conservatives are not Conservatives, the real Conservatives hate the Neo-Cons more than anyone else does.
The amusing statement is made that “apologists claim it was one of the most advanced Arab nations” and then a link is provided to information on Saudi Arabian censorship. It’s worth reading the wikipedia page about the history of Saudi Arabia [3], among other interesting facts “the U.S. Army Corps of Engineers built the country’s television and broadcast facilities and oversaw the development of its defense industry” (does the US army share responsibility for the censorship?). It’s widely regarded that if the US military support was removed then the Saudi government would be overthrown. Referring to Saudi Arabia hardly seems like something you want to do if trying to justify occupying other middle-eastern states.
An unsubstantiated claim is made that under-developed countries produce excess pollution due to inefficient technology. Unlike some people I try to get some facts before posting so I looked up the wikipedia page on CO2 emissions per capita [4]. It seems that the highest ranking first-world country is Luxembourg at #4, the next is the US at #10. The countries on the list that rank higher than the US have a combined population of about 11,000,000 while the US population is 302,000,000 – some quite mental arithmetic suggests that the US produces about 20 times more CO2 than the top 9 countries on the list combined! It doesn’t seem that having the highest technology is helping the US protect the environment, I guess that they just use it to build bigger cars. The next thing I noticed is the countries that are at the bottom of the list – they are the world’s poorest countries. It seems that countries without much money just can’t afford to burn lots of oil, while countries with lots of money can. No real surprises there.
The lowest ranking on the list for a country that is unlikely to be regarded as being in abject poverty is India at position #133. The next lowest is Turkey at position #98 followed by China at #91.
As a final point of reference Switzerland is at position #69 a produces just under 27% the CO2 that the US does (on a per-capita basis). According to the CIA World Fact Book Switzerland has an infant mortality rate of 4.28/1000 and a life expectancy of 80.62 [5], while the US has an infant mortality rate of 6.37/1000 and a life expectancy of 78 [6]. I believe that the infant mortality rate and the life expectancy are the two factors that are most representative of quality of life as they are the easiest factors for measuring the overall health of the population. Being healthy is one of the most important factors in quality of life. It seems to me that by all objective measures the Swiss are doing better than the people of the US, yet they produce less pollution and never invade other countries.
Probably the most ridiculous statement in the post is “see rapidly dwindling resources wasted on jihad and revolution“. A revolution (locals using force to create a new government) takes little resources and most actions that a more simple-minded analysis might call “jihad” takes almost none. Sending an invasion force to the other side of the world and supporting an occupying army for years does however use significant resources, consider that the Hummvee is the least fuel-efficient vehicle on American roads in terms of work done (trucks and buses use more fuel but carry large amounts of cargo or many people), but it’s also the most fuel-efficient vehicle used by the US army in Iraq.
There is the possibility that Jaldhar was attempting satire. If so then I suggest that satire be kept separate from serious web content to avoid confusion about where the satire ends. But if you want some satire about oil then I suggest consulting theonion.com.
Before someone accuses me of being impolite, over a year ago the best estimate for the death toll from the occupation of Iraq was 655,000 [8]. Current extrapolations from the previous medical research suggest that the death toll has now exceeded 1,000,000. Regardless of whether the original post was intended as satire or not, I’m not laughing and I don’t feel the need to be polite to someone who makes excuses for such loss of life.
Finally as a positive suggestion towards the environment (and any other issue that you may want to discuss), I suggest analysing the issues before writing about them and not blindly trusting other people. When you write a post make objective claims with references to back them up. When you read a post consider the points that are made and the references that are cited. Do the references support the claims? Are there other interpretations of the evidence? Are the reference sites reputable?
I am amazed that I had never read the article Caring for Your Introvert [1] before. One of the interesting points concerned acting like an extrovert (I can do it for the duration of a typical job interview). Another was the issue of recovery time after having to deal with people. When living in hotels (which I did for about 18 months straight in 1999 and 2000) I found that some days I would reach my quota for dealing with people before I had dinner, going to bed hungry seemed like a better option than going to a restaurant.
One thing that occurred to me is the lack of apparent introversion among most delegates at computer conferences. It seems that the majority of people who are any good at coding are introverts and you might expect an environment with a majority of introverts to be somewhat quiet. An interview with the author of the article [2] published 3 years later explains this (among other things). Here is a quote:
But once an introvert gets on a subject that they know about or care about or that intrigues them intellectually, the opposite often takes hold. They get passionately engaged and turned on by the conversation. But it’s not socializing that’s going on there. It’s learning or teaching or analyzing, which involves, I’m convinced, a whole different part of the brain from the socializing part.
Which describes a lot of the activity at conferences. It’s standard practice for people to walk up and join a conversation that covers an area of technology that interests them and then just walk away when the topic changes.
I wonder if any of the social networking and dating sites have a section for Myers-Briggs [3] test results.
Via Tim Connors blog [4].
I have previously written about some of my efforts to counter sploggers [1].
Since then I have had a particularly brazen splogger copy one of my posts entirely and claim to have written it. The only reason I noticed the copyright violation (my blog license is on my About Page [2]) was because the post in question linked to other posts of mine and I saw the links. I was offended by the flagrant violation of all aspects of copyright law (breaking the license and infringing my moral rights by not attributing me as the author) and by the fact that the splog in question was hosted by Dreamhost (who have offended me by refusing a DMCA take-down request). So I decided that merely issuing a DMCA take-down was not enough. I went through the splog and identified content copied from several major journals (including by a journalist I regard as a friend) as well as by one multi-national corporation – and I notified all the relevant people.
The splog in question deleted all it’s old content the next day, and immediately started copying new articles from other blogs. I have informed the people who appear to be copyright holders for some of the new articles…
I recommend that other people who deal with sploggers also go to the extra effort of notifying other victims. It’s usually quite easy to do you just select a random bit of text from the copied article and paste it into your favourite search engine – usually you get only a single result. Some of the splog posts are edited in small ways so the first search may fail – if so then you merely need to search for a second piece of text. If you only request that your own illegally copied material be taken down then the splogger still has a good business model. They can keep copying content in violation of the license, occasionally take a post down when they get caught, and both the splogger and the ISP continue to make money. If you notify other victims (many of which won’t have the skills to find the content themselves or the background knowledge sufficient to recognise the benefits in having it removed unless you explain it to them) then the splogger loses a lot of content at one go and the ISP will have a more difficult time claiming to be innocent of the process.
Also when you notify multi-national corporations you can expect that they have some decent lawyers and a budget assigned to such work. While I would be extremely unlikely to sue an ISP that repeatedly hosts unauthorised copies of my copyright materiel the same can’t be said for a corporation.
For more information on splogging see the Wikipedia entry [3].
Today was the final day of the AUUG 2007 conference [1].
Yesterday I gave a talk about SE Linux for about an hour (not sure exactly as I forgot to make an MP3). AUUG is well known for having conferences with very technical delegates and I wasn’t expecting an easy audience. At the start of my talk I asked for a show of hands as to who has used SE Linux before, about 1/3 of the delegates raised their hand. Someone requested that I poll the audience as to who had used SE Linux involuntarily, it wasn’t what I had planned to ask but it’s best to get these things out in the open so I asked the question. More people raised their hand as being unwilling users of SE Linux than those who had firstly admitted to using it!
A theme of the AUUG conference was quality, and I had planned to cover some of the ways that SE Linux improves the quality of code by making certain classes of bugs show up (EG file handle leaks) and by allowing the developers and sys-admins to know exactly what programs are doing. But I ended up explaining why you want to use SE Linux, the concepts of policy analysis tools (as compared to the absence of such tools for Unix permissions), the benefits of MAC and why SE Linux is worth using.
I believe that the talk did some good and conversations with delegates afterwards revealed that some of them had done some positive things with SE Linux.
Today I wore a T-shirt advertising the root password for my new SE Linux Play Machine [2] which will be online shortly (hopefully tomorrow) which got some interest (AFAIK I’m the first person to wear a root password on a T-shirt). When I have my play machine online I plan to wear the shirt whenever I visit an electronics store or any other location where geeks are likely to congregate. ;)
After the conference finished about 1/3 of the delegates went to Ginza Teppanyaki [3] for dinner. Some of the guys wanted to photograph me wearing my shirt.
Finally, the conference went pretty well, the delegates and speakers all seemed to enjoy themselves and learn some useful things. Congratulations to the AUUG conference organisers!
I was recently browsing an electronics store and noticed some laptops designed for children advertised at $50AU. These machines were vastly different from what most of us think of when the term laptop is used, they had tiny screens, flimsy keyboards, no IO devices, and a small set of proprietary programs. It was more of a toy that pretends to be a laptop than a real laptop (although I’m sure that it had more compute power than a desktop machine from 1998).
After seeing that I started wondering what we can do to provide cheap serious laptops for children running free software. The One Laptop Per Child (OLPC) [1] program aims at producing laptops for $100US to give to children in developing countries. It’s a great project, the hardware and software are innovative in every way and designed specifically for the needs of children. However they won’t have any serious production capacity for the near future, and even $100US is a little more expensive than desired.
Laptops have significant benefits for teaching children in that they can be used at any time and in any place – including long car journeys (inverters that can be used to power laptops from a car power socket are cheap).
A quick scan of a couple of auction sites suggests that laptops get cheap when they have less than 256M of RAM. A machine with 128M of RAM seems likely to cost just over $200 and a machine with less than 128M is likely to be really cheap if you can find someone selling it.
So I’m wondering, what can you do to set up a machine with 64M of RAM to run an educational environment for a child? KDE and GNOME are moderately user-friendly (nothing like the OLPC system, and even Windows 3.0 was easier in some ways) but too big to run on such a machine (particularly when GIMP is part of a computer education system). This should be a solvable problem, Windows 3.0 ran nicely in 4M of RAM, one of the lighter X window managers ran well in 8M of RAM for me in Linux 0.99 days, and the OS/2 2.0 Workplace Shell (which in many ways beats current KDE and GNOME systems) ran nicely in 12M). I think that a GUI that vaguely resembles Windows 3.0 should run well on a machine with 64M of RAM – is there such a GUI?
I have briefly scanned the Debian-Edu [2] site but the only reference to hardware requirements is for running LTSP.
Pia writes about the difficulty in getting young women and young people in general into the computer industry [1].
While I agree that having more women in the computer industry would be a good thing, I have difficulty believing some of the claims that Pia makes. For example the claim that “[girls] are more career focused earlier in their school life“. I chose my career when I was about 11 years old [2] and several of my friends made similar decisions at similar ages. I would be interested to read anecdotal evidence from women in the computer industry about how old they were when they decided on their career and if their friends did the same, a reference to any research on this topic would also be useful. I tend to believe that boys are more career focussed at all stages of their life but have little evidence to support this idea. One fact that seems obvious is that the idea that “if you don’t succeed in your career then you can always marry someone who does” is almost non-existent among boys. It seems likely that such ideas have a statistically relevant affect on the focus on career of boys vs girls. Also the Australian Bureau of Statistics reports that the MEDIAN income for women is significantly lower than for men [4], I find it difficult to imagine that girls could be more career focussed from a younger age and yet get significantly lower pay (note the fact that it’s median not mean income is very significant as it removes the “glass ceiling” effect).
Phillip Greenspun writes about why there are so few women doing scientific research [6] and makes some good points about why scientific research is generally not well paid and therefore a university student would choose a career in some other area and suggests that it’s a macho thing that guys enter such competitive fields for relatively low wages. Maybe some women correctly assess the costs and benefits of a career in scientific research and then make the mistake of equating Computer Science to other branches of science.
But the median income suggests that although there may be some valid reasons for avoiding science that would only cover a small portion of the problem (the difference in median income can not be explained by misplaced attempts to maximise income).
One problem that is significant is the quality of school education for girls. Not only is there the issue that boys may crowd-out girls for some subjects that are supposedly traditionally for boys (such as all science) but even girls schools aren’t as good as they should be. Some time ago I was talking to a teacher at an all-girls school, the school was moderately expensive and parents were paying the extra money presumably to give their daughters educational opportunities that they might miss in a co-ed school. However the school did not teach hard maths (“Maths B” was the official name at the time) and only taught the easy maths (official name “Maths A” and unofficial name “Vegie Maths“) because they didn’t have many girls demanding it (which is probably difficult to measure if you don’t offer it as a reasonable option) and the girls who wanted to study it could always move to a different school. So the choice facing girls at the exclusive school in question was “skip the subject that is most useful for further studies in most science subjects” or “go to a different school and miss most of your friends“, this sort of decision would surely discourage some potential female computer programemers. Also I think that the difference between boys and girls in regard to studying computer science has a lot to do with the fact that given a choice between missing most of their friends and missing out on something related to computers would be a no-brainer for most boys. Paul Graham’s article about Nerds has some interesting points to make in this regard – maybe the problem is that girls aren’t Nerdish enough [5].
Pia also writes about parents and teachers advising children not do study IT because of a perceived lack of jobs. I think that the problem here is not just bad advice, but also a bad tendency to take advice. Someone who wants to study in an established field which changes little over time (law and accounting spring to mind) probably should take careful note of the advice that they are given – things haven’t changed much in the last few decades. But someone who wants to study in a field that changes rapidly and where every year has new and significant developments (of which the best example is the computer industry) should probably be quite skeptical of all advice – most advice about the computer industry concerns how things used to be not how things are. Finally when considering whether to accept advice you should consider who is offering it. For example advice from a hiring manager should be carefully noted (as the manager will tell you precisely what factors influence their own decisions on hiring). Advice from people who are successful in the industry should also be noted. Advice from a school career advisor who gets paid about 1/3 what any 25yo can earn in the computer industry should be entirely ignored. I wonder whether being hesitant to ignore advice is a problem for girls in this regard.
When I was in year 11 I had to take a subject related to career planning. It covered some things that were of minor use (such as writing CVs) and had an assignment of writing a fictional CV for yourself a few years after leaving university. I received bad marks for preparing a CV that involved changing jobs as companies went bankrupt or projects failed due to bad management, I was told that if your employer fails in the market it makes you look bad! However my fictional CV did bear some resemblance to what really happened…
In terms of what industries have jobs available, the best advice I can give students is to actively do some research of their own. It’s not difficult to get the jobs sections of some newspapers and do a quick scan to see how many positions are open in a field, and it’s even easier to do some searches on online jobs sites (which usually tell you how many positions posted in the last X days match your criteria). For example I just visited jobserve.com.au and found 1724 Engineering jobs and 5622 IT jobs advertised. If you compare this to the university intake (I visited the Swinburne university courses list [3] and found 25 IT courses vs 29 Engineering course) it seems that the ratio of Engineering graduates to jobs is not likely to be as good as that for CS graduates. Of course it may be that all the other universities have hardly any Engineering courses and balance the ratio out (but I doubt it). In any case this would be a good way of injecting some facts into a discussion of the relative merits of different career choices and avoiding it being an issue of parents/teachers not liking computers vs children liking them. Determining the relative pay rates of different industries is a lot more difficult (and requires a significant amount of work), some recruiting agencies publish statistics – but those stats only apply to the positions that they fill (which is a sub-set of the actual positions).
Finally as a piece of advice for children, try and find a job that you enjoy. If you earn $30K doing something you enjoy then you’ll probably be happier than if you earn $100K doing something you hate. Also if you enjoy your work then you will probably be able to take the extra steps needed to become successful – often it’s not a choice between having fun or making good money but a choice between fun and good money or the absence of both. If someone tells you to avoid doing what you love and instead do something boring for some unsubstantiated belief that there would be more money in it then be a nerd and tell them that their opinion is not relevant (it does tend to make teachers angry though).
Dreamhost have refused my request (under the DMCA) to be correctly identified as the author of content copied from my blog. I am publishing this so that anyone else who deals with them will know what to expect. Also if someone wishes to sue Dreamhost in regard to content that they host this may help demonstrate a pattern of behaviour.
The situation is quite obviously the result of a broken script used by a splogger that doesn’t correctly match author names with articles. The fact that the official Dreamhost policy is to disregard the requirement that the author(s) of copyright material be correctly identified is reprehensible. It also seems likely to open them to the risk of legal action. If you know how to contact a director of Dreamhost then please give them a link to this post and explain the risks to them.
For anyone who wants the detail the messages are below.
Continue reading Dreamhost and the DMCA
|
|
