Posts by bell

For a given value of effective

All that the suits need is support for the claim that they are "Taking cyber [security] seriously.". The amount spent and the trend in that amount sound very detailed and very objective without having to leave the world of pounds and pence. If they have benchmarked their spending against industry norms they'll get extra points for thoroughness even if the outcome of the benchmarking isn't talked about.

This is part, a depressingly effective part, of managing the only aspect of risk that the stratospherically high-ups care care about - reputational risk.

The question of whether corporate or personal reputation is more seriously considered is left as an exercise for the commentariat.

Not sure I get the cause and effect here

Maybe I'm just very slow on the uptake but I could really use a step-by-step breakdown of how - and under what assumptions - the removal of geoblocking destroys the quality and variety of creative outputs and/or the industries producing them.

Why would being able to delay release in other countries or discriminate between purchasing countries in pricing terms appeal to investors in these projects? Is there some preferential pricing for local buyers required for accessing government funding, ...?

At what scale of required investment does this start to have an effect - Publishing a novel, producing and releasing a single, an album, a TV series, a three part motion picture epic with elves running on falling rocks?

At some point there is more to your contribution than your code

It seems to me that the issue here is not only (or even mainly) about how developers are treated on the kernel developer community. It is about maintainers and reviewers being told how to treat others. Many people find it easy to tolerate watching people yell "You're an arsehole!" at each other. There are fewer, but still a significant number, who can cope with being told "You're an arsehole!" from time to time. It's a lot harder not to take it personally when you're told "Be an arsehole or fuck off!". No matter what we feel about the relationship between our code and our selves, how we interact with other people is very intrinsically us.

The approach which many senior or long serving maintainers have found works for them ranges from abrupt through aggressive to ad hominem. The attitude seems to have gone from "It works for us, it will also work for you." to "If it's not working for you, it's because you aren't sufficiently like us.". So when claims are made (including by commentards above) that the USB 3.0 project wasn't producing as good a result as it could the criticism very quickly falls very personally on the maintainer.

Amusing, but also really frightening

The core message of "Bureaucracy Happy Do Gooders In Footgun Debacle" warms my heart. If only because I would like to believe that no good ever came of bureaucracies.

But...

I see no reason that any other mechanism for limiting demand would have led to less negative consequences. Have I missed something? Or is funding the overgrown gangs of the less governed world through our gadget purchases the best thing we can do for the rest of the people there? At least once this sort of thing has gotten going?

For extra credit: Does the same apply to cocaine manufacture, narcotics distribution in general, vice even more generally?

Other software, other bounds moved?

Very nice idea. Surely it's only part of the story though.

Is there not another set of software ("enterprise" being such a dismal adjective or classification anyway) which increases the practical size or complexity of a network of ad-hoc contracts? Or do all the real, perceived and just fervently hoped for impacts of software make firms more likely to be the optimal structure?

Differences which have been overlooked

Beyond the possible value in a wider or "genuine" audience there are two other important differences between the WikiPublic and a lecturer as audiences for an essay:

- The lecturer has very limited time to devote to each submission. This leads (possibly unfairly) to an assumption about how thorough the review will be.

- WikiFiddlers are permitted to be far harsher critcis than lecturers.

If not Tobin, then what?

If we look past wanting to hurt the bankers - as satisfying as it may be it's not really constructive - there are some other goals which are also worth pursuing.

Even as a raving capitalist I'm not comfortable about the way that the financial economy dwarfs the real economy. The real economy needs the financial economy for for liquidity and risk finance. The extent to which the financial economy has become disconnected from the real is alarming though - particularly when disasters in the financial economy can have a serious impact in the real economy.

Tobin taxes may not end up collecting very much - the Swedish experience demonstrates that they will put a serious crimp on the ballooning of the financial economy though. Instead of slating them outright let's hear some proposals on how to tailor them to bring finance and the real world back into a reasonable relationship.

Playmodropper

In honour of the the nature of the mission which it commemorates and because it has clearly caused the plucky plastic protagonist to forsake his better judgement (it must be mighty cold sitting there).

Sure, it's nice, but ...

Do we really need colour?

Particularly if it comes at the cost (as I assume it must) of increased power consumption even for monochrome operations.

Does it have to be a business

I'm not sure that open source needs to pay shareholder returns. It just needs to pay programmer salaries so that the programmers can buy Jolt and gaming rigs or mortgages and alimony - depending on what point they're at in life.

Kicking off a project of meaningful size is difficult with a purely volunteer team (although it has been done). Besides commercial concerns the initial kick could also be delivered by academia or a very large end user organisation like a national government or a global megacorp. Once the project exists in a useful form the salary for a programmer working on it can come from anyone, anywhere who finds the project useful. Part of the appeal of open source to programmers outside the coutries where most development work is done is that they can participate in a way that is impossible for closed products.

That would be a four way tradeoff

The three way tradeoff that Mr Brunswick mentions is on the mark for new projects. He's missed the extra one relevant to upgrade projects - ease and cost of transition. That's the one which has caused all the headaches (and I must assume many of the design compromises) to date. It's going to complicate any efforts to roll out an improved system too.

The crusader without

Yes, the enemy is mainly within. The causes of those behaviours are badly understood, so the possibility of a campaign to address them is near zero. It is also nigh impossible to police the home environment effectively, even were there to be a morally acceptable way to do so. From a political point scoring point of view none of this matters though.

The only objective any of the intrusive data-centric initiatives currently under way is to avoid the accusation of "someone saw this coming and did nothing". The population in general accepts that you often won't see family abuse, but there is an expectation that the minority which doesn't originate at home can and should be spotted. However ill founded this feeling is, and whatever the other social costs of pandering to it, it would appear to be a political imperative that none can resist.

re: Avoiding political heat

The Internet is not all that different, in terms of the protection we should expect for our privacy. It is very different in terms of what can be accomplished in an automated fashion though.

I have no doubt that the desire for wholesale surveillance and fishing expeditions in the data was always there. The three things that make a government willing to try it now are:

- The cold war is over, so the "we won't win on their terms" objection to mass surveillance has gone

- The goal is very close to technically achievable (assuming shedloads of funding)

- A peculiar belief that it's somehow less intrusive and dehumanising if done by computers in black boxes than by men in black coats.

Not saying I agree with any of the reasoning, but that's what I think it comes down to.

I think the point is being missed here.

Sure. the Catholics coming over all science minded after both these millennia is a bit rich. But the fact that they're dong a more convincing job of it than the better practiced competition is pretty newsworthy.

Schmekurity economics

Security features do not happy end users make - as nicely demonstrated by AC@22:00, and the comments about redhat breaking the feature on purpose. End users are made happy by more features, which require more development effort, which requires lower barriers to entry.

If you're playing market catchup (as Linux is on the desktop) then this may mean loosening things up to make emulations, wrappers and crude ports work. I must presume that the sco binary wrappers that eased Linux server uptake 10 years ago had some similar requirements.

The other area for lowering barriers for entry is making things easier for developers. This was a major part of how Microsoft won PC/Mac round 1 in the 80s. I'd be surprised if this wasn't also part of the RHEL decision. Easier for developers means allowing them to be a bit sloppier, or making them jump through fewer hoops to achieve a goal that would be hugely painful to reach correctly (pulseaudio seems to fit into this bucket).

I think that the Linux kernel team have made some better tradeoffs in this regard than the Windows team, with de Raadt and company just refusing to play. It's a factor in the fight for desktop marketshare, and unfortunately it's not in Linux's favour.

@Reg Sim

I'll second your point on humping the fuel tank/battery being a crap city riding position.

I'm not so sure about the range issues though. Regenerative braking removes a lot of the power consumption issues of stop/start travel, and electric motors don't suffer as bad an efficiency crash as i/c on acceleration.

They can all be right ...

You do need some broad and deep expertise at the top end of any security effort. These roles probably require a more structured organisational approach to security rather than a messy and exploratory technical one. Further down the chain the bar won't be quite as high but the people are still required, implementation is still a highly labour intensive endeavour. The pure compliance jobsworths are doing more harm than good though.

Maybe the attacking side of information warfare does require utilising the skills that have come to the authorities notice through criminal activities. The field is quite immature. Ultimately it's in everyone's interest for the field to mature and get some discipline and structure. Wishing that we had reached this point already doesn't make it so.

They sure can write.

That big excerpt on evil on the Internet is as succinct and comprehensive a criticism of blogWikiRedditTards as I've ever read.

Surely the status of the material is what's at issue?

I may be missing some important issues here, but the answer seems quite obvious to me: If the data is privileged in terms if past cases then it should be returned to the counsel in those cases or destroyed if it's not the only copy. Since drives are cloned for this sort of thing it could probably be done at a physical unit level, very convenient.

This addresses the difference that's glossed over in the judgment. Neither the police nor the courts can decide to destroy the confidentiality of privileged material. The courts should be able to declare who can and cannot claim to be legitimately in possession of such material though.

Postgres

I too am amazed the people continue to torture themselves with MySqueal while ignoring the pachyderm in the Open Source Database room.

As much of a fan as I am of Postgres I do think that a dedicated free text search engine has its place. I recently implemented Sphinx search for a content management project I was working on and found that it provided some query time sorting tweaks that Postgres just didn't quite. If you have someone sane setting the requirements for result ranking you probably wouldn't need the features, but Sphinx was the one thing that beat Postgres's free text performance.

This is in no way a slur on Postgres, which does the job of managing relational databases briliiantly. I'm not even sure that free text search should be regarded as being part of that job.

They've got it back to front

I'm not particularly prone to "dealing with the way things are", but there really is a case for it here. I remember reading an article reporting a similar winge from the Swing team some months ago, and having the same reaction.

People contribute to projects to meets their own needs. From the pimply 45 year old in his mom's basement to Big Blue themselves it's the same story. FLOSS projects can do themselves a big favour by adapting to take what benefits they can from this situation and minimise the damage it can cause.

World domination to the first project to get that right :)

Nice consumer jouranlism, but ...

Yes, Google are not informing their customers. If you believe in the sacred rights of the customer then this is sacrilege.

One of the points made strikes me as a bit odd though - "If you do the same search ten times, you get ten different sets of ads." This is pretty much what I would want as an advertiser. I don't my ad to become part of the furniture and I don't want to never be seen because I rank fourth, no matter what fiddled the rankings.

Great.

It's fantastic to see that there's corporate investment in this sort of basic research. They'll need to put some time into the firmware too though.