Posts by chelonautical

Re: People should stop using calendars...

Only if using 32-bit time fields based on seconds since the epoch. A 64-bit time field would be fine.

I interpreted the statement about UNIX time as meaning the use of an internal date/time representation based on elapsed number of seconds (or smaller units if necessary) since a specific point, which need not be the same representation shown to the user. Regardless of how the timestamp is stored, it's just a matter of how the date/time is rendered when displaying it to the user. Someone with a Japanese locale might see a different date output from someone in the US, for example.

Of course I don't know how Microsoft are handling this internally so perhaps they're using a different approach. Or maybe a few different approaches have sneaked into their codebase over time and now they have to fix a load of different code paths to make them consistently handle the new era. I can only speculate as to why it seems to be tricky.

Re: Awwww...

Thanks for a really nice article. A good mixture of technology, history and some interesting people.

Also I find it fascinating to note how far back in time some of these ideas originate. I'd heard of the ancient Caesar cipher but Baconian ciphers had passed me by. I for one would welcome a few more articles about the history of cryptography (or indeed the history of other technologies for that matter).

> How? They're all a collection of pompous, self-obsessed, talent

> free clowns, with no relevant education or experience

One of the core problems with politics is that democracy and psychology can combine to produce problematic outcomes.

Most people vote for politicians who appear the most confident and certain in their beliefs. In an increasingly complex world, confidence and certainty are reassuring characteristics in leaders. Therefore we end up with politicians who are above all else confident, regardless of their actual ability or knowledge. Most voters probably don't mean to choose a brash ignoramus to represent them (and not every MP is one) it's just frequently a side-effect of how the system works.

But the Dunning-Kruger effect means that many of our leaders are over-confident in their own abilities and understanding. If they aren't aware of a particular threat or problem then they don't see any point in doing anything about it and it wouldn't occur to them to ask anyone else because they are already convinced that they know everything (e.g. see Gove's remarks about experts). In the abstract they know that national security is very important, but most of them don't know how that translates into technical and administrative controls.

There are a few good smart people who manage to get into politics, people who listen to others and seek expert input before forming opinions and policies. They just happen to be the minority exception to the general rule.

For these reasons it's unlikely that lessons will be learned by everyone who need to learn them. However, that doesn't mean we shouldn't try to educate our politicians to do better. Also we need skilled experts to design and implement better systems, in order to be less reliant on the knowledge and whims of the individuals concerned. I'm going to hope for the best, while still dreading the worst (as per usual really).

Re: This is a known problem with a known solution

> If we ever achieve strong AI, that is artificial sapience, it's going

> to be as biased and stupid as we are. But it may be a lot faster

> at being so.

Yes, faster and also much more pervasive. It's likely that some of these systems (e.g. the larger, more famous, systems run by the likes of Facebook and Google) will be regularly consulted by most organisations due to the sheer volume of data they hold about many people. We could end up with a situation where a handful of AIs (or AI-like systems) have huge influence over people's ability to find credit, insurance, employment and more.

Biases, errors and omissions in these systems could have a detrimental effect on most aspects of people's lives and could follow them around inescapably. The combination of automated decision-making and widespread dependency on a limited number of "AI" providers could result in life-long automated and repeated problems.

> If the singularity ever happens, it's not going to end well for humans.

Yes indeed. Also it could go badly for many humans long before then.

Re: Not just computers

>The problem I see with these is not the "AI" or whatever,

>but the massive consolidation in many industries and the

>lack of competition. This may be via corporate consolidation

>or merely that all the corporates are running the same

>software. Either way, that is unhealthy and intervention

>may be required to stir things up and bring back competition.

Good point. Another consolidation concern is consolidation in the data sources that record people's lives. Companies like Google and Facebook hold such vast quantities of data about the general public that their datasets will probably end up being given a very high weighting in any decision-making process. These companies know so much about us, why wouldn't every employer, bank, insurance company or any other business use them to find out much more about our habits and risk profiles? There is a lot of power in a few hands.

As a result of this consolidation of personal data into a small number of internet services, any errors or unfavourable entries in the records of Google/Facebook/etc. could easily follow us around. If someone once said something foolish on Facebook or Googled something risky, these things could be added to their digital "permanent record" and result in life-long disadvantage in employment, credit, insurance and many more areas. This is already the case to some extent, as people can be found online but it used to require a degree of manual effort and patience on the part of a human. The next human at a different organisation might not bother or may search less thoroughly, so you have less chance of any past online embarrassment becoming permanently life-ruining.

What's new is that large-scale automated information sharing and deep AI-based analytics of people's life history is becoming possible such that organisations can automatically judge people's entire digital lives and reject them in a matter of milliseconds. As a simple example, imagine going to an online car insurance comparison website and being told "all companies declined to quote for you" without knowing why. It might be because you posted a couple of things about social drinking on Facebook so they have all wrongly concluded you are a drunk and therefore a bad risk. It might be for some other reason entirely. Will it be possible to find out? Will companies admit any responsibility or will they just pass the buck to their third-party "lifestyle analytics" provider in another jurisdiction off-shore? Will there be an ombudsman who will help you find the culprit? Ultimately, who can you sue for the damages caused by incorrect automated decisions?

These issues already occur today on a smaller scale (e.g. several times a call centre operator has told me "the computer says X" without being able to explain why), but on a small scale it's easier to handle or shop around elsewhere. The danger is that unexplained incorrect or biased decisions become automated and repeatable to the extent that you can never escape them in any aspect of your life. If everyone uses the same software and the same data sources that becomes increasingly likely.

In hiring decisions there is often an unconscious bias towards "people like us" ("us" being the managers responsible for choosing a candidate).

In areas already dominated by men that's likely to result in new hires being men, which is the focus of this article regarding certain kinds of IT job. However, where women call the shots, it's similarly possible for them to exhibit a bias in favour of female employees. It's likely that hiring bias perpetuates a lack of diversity in a number of industries.

There is currently a lot of research into this phenomenon in order to understand it better and figure out ways to counteract it. It's fair enough to point out that the bias can cut both ways and, at the same time, it's important to remember that male-dominated jobs tend to be better paid: exclusion of women from male-dominated jobs tends to disadvantage them more than it disadvantages the men excluded from female-dominated jobs. Not saying that hiring bias against men (or indeed anyone) is OK, just that the impact is not necessarily the same.

For some pay statistics, see here:

https://visual.ons.gov.uk/find-out-the-gender-pay-gap-for-your-job/

For example, an average female "IT user support technician" is paid 15.5% less than her male counterparts (women hold 26% of those jobs), whereas a male in a "secretarial & related occupation" is paid 7.5% than his female counterparts (women hold 92% of those jobs). But no prizes for guessing which type of role has higher average hourly pay.

(I apologise, without knowing the specifics of the assistant role mentioned here, I have assumed it to be a secretarial or related role but feel free to check the link for the specific role the Zimbabwean candidate applied for and let us know the comparison)

Different types of discrimination also combine to affect people in multiple minority groups worse (where "minority" can mean "minority within the employee population for that job role"). It sounds like the Zimbabwean candidate in this example most likely lost out due to his nationality and gender. Tackling these issues goes to the heart of some very deep-rooted assumptions and unconscious behaviours.

As a white British man with a degree, I am fortunate to have so many good career choices available to me here in the UK, so I don't find it very concerning that a small number of lower-paid jobs would be willing to overlook me because I am still in a privileged position overall. I'm not trying to brag, just pointing out that I'm somewhat aware of my own privilege and that a similar awareness would benefit some of my colleagues too, especially when considering what we can do to make a positive difference to our job culture.

To be clear, I would like men and women (all humans, really) to have the same opportunities to work in whichever job they prefer and to be paid according to their skills and ability to do the role.

Regarding the specifics of the article, I'd like to help make things better for women in IT and would appreciate some advice on how best to do so from within a technical role that doesn't involve hiring people. I've worked alongside a small number of brilliant women and enjoy working with a variety of people to get different ideas and perspectives. I'm not sure how things are going to improve from where we are now but it's a good debate to have and I enjoyed reading this article.

Re: Bah!

If that fails, there's also the classic follow-up question:

"Why anything?"

"Because everything."

That might work in a pinch.

Re: Amazing :)

I certainly hope so... I miss Lester Haines. :(

On the bright side, I notice a few other El Reg hacks seem to like Playmobil so I'm feeling hopeful that more Playmoverse antics will be forthcoming.

Re: you've forgotten about something

Yes, Server Name Indication is visible on the wire in plaintext as part of the initial TLS Client Hello. I've seen it myself in Wireshark traces of HTTPS connections. Use of SNI is common nowadays since many web servers host multiple sites and need that information to present the correct server certificate.

Don't forget that the domain name of a web site could potentially reveal a great deal of personal information about the person accessing it, even if the individual pages and requests are hidden. Visiting a website for a divorce lawyer likely indicates a relationship in trouble, visiting certain adult sites may reveal sexual orientation or fetishes, visiting a payday loan company could reveal financial troubles etc etc. For this reason we should still be concerned about government plans to keep lists of visited domains. Also, whilst "use HTTPS" is good advice as far as it goes, there's a danger that the manta becomes a substitute for deeper understanding of the risks involved.

Having said that, thanks for doing an article about internet security in simple language. I've been looking for something I can show friends and family about the topic in words they can grasp. I'm not ready to show it to them in its current form: many commenters have pointed out various flaws in the text as written. With a bit of redrafting, it could become a really nice starter article for those who want to improve their awareness.

Re: Dear Matias,

The definition of intuitive might vary from one person to the next.

Not everyone considers touch interfaces to be intuitive: touch interfaces often require the user to memorise arbitrary and unnatural gestures to accomplish basic tasks. For example, one big argument in favour of a mouse interface is that it enables "discoverability": users can see all the main objects on the screen and can even see pop-up context help as they roll the mouse pointer over each object, so it becomes possible to explore the interface and discover new features. Discoverability favours recognition over recall: human memory is much better at the former than the latter... it's much easier to recognise an icon or a named menu option previously seen than to drag it from the depths of the brain. Also, the longer a familiar interface remains the same, the more entrenched the mental schema for replaying known actions becomes. A new interface that is "almost-but-not-quite-the-same-as-before" can be very disorientating (e.g. "Where's the start button?" etc.). Knowing a bit about how the human brain works can help to design better user interfaces for the majority of users.

Of course technology moves on... it's not convenient to carry a mouse around with our phones and also people will prefer cleaner less cluttered interfaces on devices with smaller screens. Some of the specific challenges we face will vary as the display and input technologies evolve, but designers must not forget that there's a human using the device and the fundamental human "hardware" has not changed. In my degree many years ago, we learned about researchers like George Miller and Ben Shneiderman: they taught us a great deal about human memory and cognition which can be used to inform interface design. Psychologists could definitely teach us a few things about how to design systems for regular people and for my money Shneiderman's 8 golden rules are just as valid today. So I agree with the point that engineers are not always the best people to design a UI, as we often lack these insights.

Having said all of that, I'm a bit suspicious of the current fad around interface design. I believe good design is important and it's great to see it becoming more of a discipline. At the same time, I've seen some very fiddly and unnatural professionally-designed interfaces which are difficult to use and violate many of the good human-based design principles I learned back in the day. And sadly a few people who call themselves designers are too arrogant to listen to criticism from actual humans (constructive or otherwise).

Innovation is great, but everyone involved in designing systems should remember the humans who have to use the end product and listen to their feedback. If the majority of users hate something about a UI even after having lots of time to adjust then their rejection of that feature should be heeded. That doesn't mean never changing the UI, but it does mean careful thought and research before doing so.

Re: The last one?

Like many other people here, I have very much enjoyed Tim's columns. I won't pretend to have understood every last word and I haven't always agreed with what I did understand, but then that's part of the fun of a vigorous and intelligent debate. Overall, I've found the series to be both educational and challenging, so I just wanted to say thanks and that I'll miss these articles in future.