technology

Spy on no-good boss and lose your job

From Melissa Meagher’s “State Worker Spies on Boss, Loses His Job“:

For 22 years, [Vernon] Blake was a System Administrator for the Alabama Department of Transportation. It was a job he loved, with the exception of his supervisor. …

The running joke around the office? The boss blew off meetings and projects to play games on his computer. Cartoons secretly circled The Right of Way Bureau, jabbing at George Dobbs’ Solitaire habit. Dobbs is a 24-year veteran with the DOT and rakes in $67,000 a year. …

Without proof, Blake felt his accusations would get him nowhere. That’s when he turned to Win-Spy, a free version of spy ware, to tap his boss’s computer.

“My motive was to document well known behavior that already existed.”

For seven months, at random times of the day, the software captured pictures of Dobbs’ computer screen. …

Here’s what he found. Blake says less than 10% of his boss’s computer time, documented by Win-Spy, was spent working. Twenty-percent was spent checking the stock market. And 70% of what the spy ware recorded was the game of Solitaire. …

But DOT didn’t see it that way. When Blake showed them what he found, he was fired. His supervisor got a letter of reprimand, stating “It was brought to the Department’s attention you spent a significant amount of time playing video games… but your work ethic and production are above reproach.” …

It’s worth noting after Blake lost his job, DOT had all computer games, including Solitaire, removed from its system.

Spy on no-good boss and lose your job Read More »

FBI used OnStar for surveillance

From Charles R. Smith’s “Big Brother on Board: OnStar Bugging Your Car“:

GM cars equipped with OnStar are supposed to be the leading edge of safety and technology. …

However, buried deep inside the OnStar system is a feature few suspected – the ability to eavesdrop on unsuspecting motorists.

The FBI found out about this passive listening feature and promptly served OnStar with a court order forcing the company to give it access. The court order the FBI gave OnStar was not something out of the Patriot Act involving international terrorism or national security but a simple criminal case.

According to court records, OnStar complied with the order but filed a protest lawsuit against the FBI.

Yet the FBI was able to enforce the original legal order and completed its surveillance because OnStar’s lawsuit took nearly two years to pass through the court system.

The 9th Circuit Court of Appeals recently ruled in OnStar’s favor. The ruling was not based on invasion-of-privacy grounds or some other legitimate constitutional basis. The FBI lost because the OnStar passive listening feature disables the emergency signal, the very life-saving call for help that the advertisements tout as the main reason to purchase the system. …

The technical problem of blocking the emergency signal is clearly one that the FBI tech teams can overcome. Thus, under the current ruling, the FBI can resume using OnStar to monitor subject vehicles once it has solved the emergency issue.

FBI used OnStar for surveillance Read More »

It’s alright to fail at a startup when you’re young

From Paul Graham’s “Hiring is Obsolete” (May 2005):

The math is brutal. While perhaps 9 out of 10 startups fail, the one that succeeds will pay the founders more than 10 times what they would have made in an ordinary job. That’s the sense in which startups pay better “on average.”

Remember that. If you start a startup, you’ll probably fail. Most startups fail. It’s the nature of the business. But it’s not necessarily a mistake to try something that has a 90% chance of failing, if you can afford the risk. Failing at 40, when you have a family to support, could be serious. But if you fail at 22, so what? If you try to start a startup right out of college and it tanks, you’ll end up at 23 broke and a lot smarter. Which, if you think about it, is roughly what you hope to get from a graduate program.

It’s alright to fail at a startup when you’re young Read More »

Why big co’s are bad are creating new products

From Paul Graham’s “Hiring is Obsolete” (May 2005):

Buying startups also solves another problem afflicting big companies: they can’t do product development. Big companies are good at extracting the value from existing products, but bad at creating new ones.

Why? It’s worth studying this phenomenon in detail, because this is the raison d’etre of startups.

To start with, most big companies have some kind of turf to protect, and this tends to warp their development decisions. For example, Web-based applications are hot now, but within Microsoft there must be a lot of ambivalence about them, because the very idea of Web-based software threatens the desktop. So any Web-based application that Microsoft ends up with, will probably, like Hotmail, be something developed outside the company.

Another reason big companies are bad at developing new products is that the kind of people who do that tend not to have much power in big companies (unless they happen to be the CEO). Disruptive technologies are developed by disruptive people. And they either don’t work for the big company, or have been outmaneuvered by yes-men and have comparatively little influence.

Big companies also lose because they usually only build one of each thing. When you only have one Web browser, you can’t do anything really risky with it. If ten different startups design ten different Web browsers and you take the best, you’ll probably get something better.

The more general version of this problem is that there are too many new ideas for companies to explore them all. There might be 500 startups right now who think they’re making something Microsoft might buy. Even Microsoft probably couldn’t manage 500 development projects in-house.

Big companies also don’t pay people the right way. People developing a new product at a big company get paid roughly the same whether it succeeds or fails. People at a startup expect to get rich if the product succeeds, and get nothing if it fails. So naturally the people at the startup work a lot harder.

The mere bigness of big companies is an obstacle. In startups, developers are often forced to talk directly to users, whether they want to or not, because there is no one else to do sales and support. It’s painful doing sales, but you learn much more from trying to sell people something than reading what they said in focus groups.

And then of course, big companies are bad at product development because they’re bad at everything. Everything happens slower in big companies than small ones, and product development is something that has to happen fast, because you have to go through a lot of iterations to get something good.

Why big co’s are bad are creating new products Read More »

It’s hard to judge the young, but the market can

From Paul Graham’s “Hiring is Obsolete” (May 2005):

It’s hard to judge the young because (a) they change rapidly, (b) there is great variation between them, and (c) they’re individually inconsistent. That last one is a big problem. When you’re young, you occasionally say and do stupid things even when you’re smart. So if the algorithm is to filter out people who say stupid things, as many investors and employers unconsciously do, you’re going to get a lot of false positives. …

The market is a lot more discerning than any employer. And it is completely non-discriminatory. On the Internet, nobody knows you’re a dog. And more to the point, nobody knows you’re 22. All users care about is whether your site or software gives them what they want. They don’t care if the person behind it is a high school kid.

It’s hard to judge the young, but the market can Read More »

The real vs. stated purpose of PowerPoint

From Paul Graham’s “Hiring is Obsolete” (May 2005):

For example, the stated purpose of Powerpoint is to present ideas. Its real role is to overcome people’s fear of public speaking. It allows you to give an impressive-looking talk about nothing, and it causes the audience to sit in a dark room looking at slides, instead of a bright one looking at you.

The real vs. stated purpose of PowerPoint Read More »

Why did it take so long for blogging to take off?

From Paul Graham’s “Hiring is Obsolete” (May 2005):

Have you ever noticed that when animals are let out of cages, they don’t always realize at first that the door’s open? Often they have to be poked with a stick to get them out. Something similar happened with blogs. People could have been publishing online in 1995, and yet blogging has only really taken off in the last couple years. In 1995 we thought only professional writers were entitled to publish their ideas, and that anyone else who did was a crank. Now publishing online is becoming so popular that everyone wants to do it, even print journalists. But blogging has not taken off recently because of any technical innovation; it just took eight years for everyone to realize the cage was open.

Why did it take so long for blogging to take off? Read More »

Why is American design so often terrible compared to Japanese design?

From Paul Graham’s “Made in USA” (November 2004):

Americans are good at some things and bad at others. We’re good at making movies and software, and bad at making cars and cities. And I think we may be good at what we’re good at for the same reason we’re bad at what we’re bad at. We’re impatient. In America, if you want to do something, you don’t worry that it might come out badly, or upset delicate social balances, or that people might think you’re getting above yourself. If you want to do something, as Nike says, just do it. …

For centuries the Japanese have made finer things than we have in the West. When you look at swords they made in 1200, you just can’t believe the date on the label is right. Presumably their cars fit together more precisely than ours for the same reason their joinery always has. They’re obsessed with making things well.

Not us. When we make something in America, our aim is just to get the job done. Once we reach that point, we take one of two routes. We can stop there, and have something crude but serviceable, like a Vise-grip. Or we can improve it, which usually means encrusting it with gratuitous ornament. When we want to make a car “better,” we stick tail fins on it, or make it longer, or make the windows smaller, depending on the current fashion. …

Letting focus groups design your cars for you only wins in the short term. In the long term, it pays to bet on good design. The focus group may say they want the meretricious feature du jour, but what they want even more is to imitate sophisticated buyers, and they, though a small minority, really do care about good design. Eventually the pimps and drug dealers notice that the doctors and lawyers have switched from Cadillac to Lexus, and do the same.

Why is American design so often terrible compared to Japanese design? Read More »

The politics & basics of Unicode

From Tim Bray’s “On the Goodness of Unicode” (6 April 2003):

Unicode proper is a consortium of technology vendors that, many years ago in a flash of intelligence and public-spiritedness, decided to unify their work with that going on at the ISO. Thus, while there are officially two standards you should care about, Unicode and ISO 10646, through some political/organizational magic they are exactly the same, and if you’re using one you’re also using the other. …

The basics of Unicode are actually pretty simple. It defines a large (and steadily growing) number of characters – just under 100,000 last time I checked. Each character gets a name and a number, for example LATIN CAPITAL LETTER A is 65 and TIBETAN SYLLABLE OM is 3840. Unicode includes a table of useful character properties such as “this is lower case” or “this is a number” or “this is a punctuation mark”.

The politics & basics of Unicode Read More »

Media & culture’s emptiness encourages cynicism

From John Twelve Hawks’s “ How We Live Now” (2005):

Instead of resisting the Vast Machine, many of us have given into cynicism and distraction. Our contemporary culture has become a brilliantly colored surface without a deeper spiritual meaning. We care more about celebrities than our own neighbors. Are Nick and Jessica getting divorced? Is that famous actor secretly gay? Staged media events allow us to think that everything is false. Our sense of powerlessness — the belief that an ordinary person does not matter — has twisted our lips into a sneer.

Media & culture’s emptiness encourages cynicism Read More »

Surveillance cameras that notice aberrations

From John Twelve Hawks’s “ How We Live Now” (2005):

And everywhere we go, there are surveillance cameras – thousands of them – to photograph and record our image. Some of them are “smart” cameras, linked to computer programs that watch our movements in case we act differently from the rest of the crowd: if we walk too slowly, if we linger outside certain buildings, if we stop to laugh or enjoy the view, our body is highlighted by a red line on a video monitor and a security guard has to decide whether he should call the police.

Surveillance cameras that notice aberrations Read More »

Cultural differences between Unix and Windows

From Joel Spolsky’s “Biculturalism” (Joel on Software: 14 December 2003):

What are the cultural differences between Unix and Windows programmers? There are many details and subtleties, but for the most part it comes down to one thing: Unix culture values code which is useful to other programmers, while Windows culture values code which is useful to non-programmers.

This is, of course, a major simplification, but really, that’s the big difference: are we programming for programmers or end users? Everything else is commentary. …

Let’s look at a small example. The Unix programming culture holds in high esteem programs which can be called from the command line, which take arguments that control every aspect of their behavior, and the output of which can be captured as regularly-formatted, machine readable plain text. Such programs are valued because they can easily be incorporated into other programs or larger software systems by programmers. To take one miniscule example, there is a core value in the Unix culture, which Raymond calls “Silence is Golden,” that a program that has done exactly what you told it to do successfully should provide no output whatsoever. It doesn’t matter if you’ve just typed a 300 character command line to create a file system, or built and installed a complicated piece of software, or sent a manned rocket to the moon. If it succeeds, the accepted thing to do is simply output nothing. The user will infer from the next command prompt that everything must be OK.

This is an important value in Unix culture because you’re programming for other programmers. As Raymond puts it, “Programs that babble don’t tend to play well with other programs.” By contrast, in the Windows culture, you’re programming for Aunt Marge, and Aunt Marge might be justified in observing that a program that produces no output because it succeeded cannot be distinguished from a program that produced no output because it failed badly or a program that produced no output because it misinterpreted your request.

Similarly, the Unix culture appreciates programs that stay textual. They don’t like GUIs much, except as lipstick painted cleanly on top of textual programs, and they don’t like binary file formats. This is because a textual interface is easier to program against than, say, a GUI interface, which is almost impossible to program against unless some other provisions are made, like a built-in scripting language. Here again, we see that the Unix culture values creating code that is useful to other programmers, something which is rarely a goal in Windows programming.

Which is not to say that all Unix programs are designed solely for programmers. Far from it. But the culture values things that are useful to programmers, and this explains a thing or two about a thing or two. …

The Unix cultural value of visible source code makes it an easier environment to develop for. Any Windows developer will tell you about the time they spent four days tracking down a bug because, say, they thought that the memory size returned by LocalSize would be the same as the memory size they originally requested with LocalAlloc, or some similar bug they could have fixed in ten minutes if they could see the source code of the library. …

When Unix was created and when it formed its cultural values, there were no end users. Computers were expensive, CPU time was expensive, and learning about computers meant learning how to program. It’s no wonder that the culture which emerged valued things which are useful to other programmers. By contrast, Windows was created with one goal only: to sell as many copies as conceivable at a profit. …

For example, Unix has a value of separating policy from mechanism which, historically, came from the designers of X. This directly led to a schism in user interfaces; nobody has ever quite been able to agree on all the details of how the desktop UI should work, and they think this is OK, because their culture values this diversity, but for Aunt Marge it is very much not OK to have to use a different UI to cut and paste in one program than she uses in another.

Cultural differences between Unix and Windows Read More »

My new book – Linux Phrasebook – is out!

I’m really proud to announce that my 3rd book is now out & available for purchase: Linux Phrasebook. My first book – Don’t Click on the Blue E!: Switching to Firefox – was for general readers (really!) who wanted to learn how to move to and use the fantastic Firefox web browser. I included a lot of great information for more technical users as well, but the focus was your average Joe. My second book – Hacking Knoppix – was for the more advanced user who wanted to take advantage of Knoppix, a version of Linux that runs entirely off of a CD. You don’t need to be super-technical to use and enjoy Hacking Knoppix, but the more technical you are, the more you’ll enjoy the book. Linux Phrasebook is all about the Linux command line, and it’s perfect for both Linux newbies and experienced users. In fact, when I was asked to write the book, I responded, “Write it? I can’t wait to buy it!”

The idea behind Linux Phrasebook is to give practical examples of Linux commands and their myriad options, with examples for everything. Too often a Linux user will look up a command in order to discover how it works, and while the command and its many options will be detailed, something vitally important will be left out: examples. That’s where Linux Phrasebook comes in. I cover a huge number of different commands and their options, and for every single one, I give an example of usage and results that makes it clear how to use it.

Here’s the table of contents; in parentheses I’ve included some (just some) of the commands I cover in each chapter:

  1. Things to Know About Your Command Line
  2. The Basics (ls, cd, mkdir, cp, mv, rm)
  3. Learning About Commands (man, info, whereis, apropos)
  4. Building Blocks (;, &&, |, >, >>)
  5. Viewing Files (cat, less, head, tail)
  6. Printing and Managing Print Jobs (lpr, lpq, lprm)
  7. Ownerships and Permissions (chgrp, chown, chmod)
  8. Archiving and Compression (zip, gzip, bzip2, tar)
  9. Finding Stuff: Easy (grep, locate)
  10. The find command (find)
  11. Your Shell (history, alias, set)
  12. Monitoring System Resources (ps, lsof, free, df, du)
  13. Installing software (rpm, dkpg, apt-get, yum)
  14. Connectivity (ping, traceroute, route, ifconfig, iwconfig)
  15. Working on the Network (ssh, sftp, scp, rsync, wget)
  16. Windows Networking (nmblookup, smbclient, smbmount)

I’m really proud of the whole book, but the chapter on the super-powerful and useful find command is a standout, along with the material on ssh and its descendants sftp and scp. But really, the whole book is great, and I will definitely be keeping a copy on my desk as a reference. If you want to know more about the Linux command line and how to use it, then I know you’ll enjoy and learn from Linux Phrasebook.

You can read about and buy the book at Amazon (http://www.amazon.com/gp/product/0672328380/) for $10.19. If you have any questions or comments, don’t hesitate to contact me at scott at granneman dot com.

My new book – Linux Phrasebook – is out! Read More »

Japanese nuclear secrets revealed on P2P network

From Mike’s “That’s Not A New Hit Song You Just Downloaded — It’s Japan’s Nuclear Secrets” (techdirt: 23 June 2005):

While IT managers may not see the importance of security software for themselves, you would think they would be a little more careful with things like interns and contractors. Not so, apparently. Over in Japan, a lot of people are not happy after discovering that a lot of classified technical data on nuclear power plants was leaked onto the internet by a contractor using a computer with a file sharing app that was apparently left open to sharing everything on the machine. First off, what kind of nuclear plant contractor is putting a file sharing app on his work laptop? Also, the article notes that the laptop was infested with viruses, but later seems to blame the file sharing app rather than the viruses — so it’s not entirely clear what the viruses have to do with this story. Update: Another article on this story notes that it was the virus that made the material available via the file sharing app. It also notes that the guy was using his personal computer — and somehow this was allowed. It also details the information leaked, including inspection data, photographs and names of inspectors, as well as where they stayed when they did the inspections. No matter what, you have to wonder why the guy was allowed to use his personal computer or to use any computer for this data that hadn’t been checked first for viruses or other vulnerabilities.

From Mike’s “Security Through Begging” (techdirt: 16 March 2006):

Last summer, the surprising news came out that Japanese nuclear secrets leaked out, after a contractor was allowed to connect his personal virus-infested computer to the network at a nuclear power plant. The contractor had a file sharing app on his laptop as well, and suddenly nuclear secrets were available to plenty of kids just trying to download the latest hit single. It’s only taken about nine months for the government to come up with its suggestion on how to prevent future leaks of this nature: begging all Japanese citizens not to use file sharing systems — so that the next time this happens, there won’t be anyone on the network to download such documents.

Japanese nuclear secrets revealed on P2P network Read More »

5 reasons people exaggerate risks

From Bruce Schneier’s “Movie Plot Threat Contest: Status Report” (Crypto-Gram Newsletter: 15 May 2006):

In my book, Beyond Fear, I discussed five different tendencies people have to exaggerate risks: to believe that something is more risky than it actually is.

1. People exaggerate spectacular but rare risks and downplay common risks.

2. People have trouble estimating risks for anything not exactly like their normal situation.

3. Personified risks are perceived to be greater than anonymous risks.

4. People underestimate risks they willingly take and overestimate risks in situations they can’t control.

5. People overestimate risks that are being talked about and remain an object of public scrutiny.

5 reasons people exaggerate risks Read More »

Why no terrorist attacks since 9/11?

From Bruce Schneier’s “Movie Plot Threat Contest: Status Report” (Crypto-Gram Newsletter: 15 May 2006):

… you have to wonder why there have been no terrorist attacks in the U.S. since 9/11. I don’t believe the “flypaper theory” that the terrorists are all in Iraq instead of in the U.S. And despite all the ineffectual security we’ve put in place since 9/11, I’m sure we have had some successes in intelligence and investigation — and have made it harder for terrorists to operate both in the U.S. and abroad.

But mostly, I think terrorist attacks are much harder than most of us think. It’s harder to find willing recruits than we think. It’s harder to coordinate plans. It’s harder to execute those plans. Terrorism is rare, and for all we’ve heard about 9/11 changing the world, it’s still rare.

Why no terrorist attacks since 9/11? Read More »

Why disclosure laws are good

From Bruce Schneier’s “Identity-Theft Disclosure Laws” (Crypto-Gram Newsletter: 15 May 2006):

Disclosure laws force companies to make these security breaches public. This is a good idea for three reasons. One, it is good security practice to notify potential identity theft victims that their personal information has been lost or stolen. Two, statistics on actual data thefts are valuable for research purposes. And three, the potential cost of the notification and the associated bad publicity naturally leads companies to spend more money on protecting personal information — or to refrain from collecting it in the first place.

Why disclosure laws are good Read More »