Showing posts from January, 2007

Don't rush software security by passing laws

Bruce Schneier writes:If we expect software vendors to reduce features, lengthen development cycles and invest in secure software development processes, it needs to be in their financial best interests to do so. If we expect corporations to spend significant resources on their own network security -- especially the security of their customers -- it also needs to be in their financial best interests.

Liability law is one way to make it in those organisations’ best interests. If end users could sue software manufacturers for product defects, then the cost of those defects to the software manufacturers would rise. Manufacturers would then pay the true economic cost for poor software, and not just a piece of it. So when they balance the cost of making their software secure versus the cost of leaving their software insecure, there would be more costs on the latter side. This would provide an incentive for them to make their software more secure.Bruce - I support your general reasoning, but …

How to fix capitalism, denis's way

I make the following claims: In capitalism, the most reliable way out of the misery of wage labor is to start your own business.In social capitalism, the government pretty much closes off this path by making the life of a small business owner miserable. They impose endless bureaucratic obstacles, and then they proceed to confiscate the income you and your business desperately need to survive.All this damage is rationalized as necessary for the government to promote that cherished "fair distribution of income". In effect, the government destroys economic opportunity, stifles everyone's progress, and then tries to make it look as though it's doing something good for everyone.The way to fix capitalism is not for the government to stumble around trying to ensure a "fair distribution of income". Instead, the solution is to provide a fair distribution of opportunity.A way towards a fair distribution of opportunity would be to remove the insensible burdens placed …

Shoot the homeless!

Ron Garret just posted what he thinks is his rebuke to Henry Hazlitt's Economics in One Lesson. I reproduce here my reply.

The strong words are a rhetorical ploy. I use it because I think that looking at the problem from this harsh point of view puts things into perspective. I wouldn't actually shoot people. I'm too wishy-washy and teary-eyed for that.

Rather, I believe in empathy; but I also believe in its counterpart. It's important to know when a situation calls for empathy and when it calls for no mercy. The unfortunate fact is that many don't. This is a source of suffering.

So here's my response, as addressed to Ron.

Hazlitt is right: "But the solution is never to reduce supplies arbitrarily, to prevent further inventions or discoveries, or to support people for continuing to perform a service that has lost its value."

I'll answer your question: "Really? Why not?"

Because:To reduce supplies arbitrarily is to do damage: it is to throw away…

I want to have one of these!

An electric car with stunning looks that accelerates to 100 kph in 4 seconds and goes 400 km before recharging?

Oh yeah!

Tesla Roadster. I want one.

Check out their site, it's quite impressive.

The Chevrolet Volt Concept doesn't look half bad either. I hope we're going to see it on the road - soon! (Via Ron Garret)

Voting machines containing 'secrets'

Bruce Schneier posts about a Florida judge who so denied the request of a defeated election candidate to inspect the source code of a voting machine's software:"For this Court to grant Plaintiffs' motions would require this Court to find that it is reasonably necessary for the Plaintiffs to have access to the trade secrets of Defendant, Election Systems & Software, Inc., based on nothing more than speculation and conjecture, and would result in destroying or at least gutting the protections afforded those who own the trade secrets."My response:

How many "trade secrets" is it that you can actually have in an election machine? How is that interface any more complicated than displaying a few buttons and recording the results in some format?

It looks to me like the complexity of the software in those machines should equal something that can be done in a few weeks' time by any capable programming student.

There are no trade secrets in there. There can't…

Italy urges global execution ban

Interestingly, I'm not the only person who felt disgust when Saddam Hussein was executed.

I oppose the death penalty, but on the other hand I do believe that, if there is to be justice, and Saddam Hussein needed to be executed, then this courtesy should be extended to George W. Bush, as well.

On the other hand, there is still ample time for that. I hope at some point in the future the U.S. recognizes the international criminal court, and then it would be fitting for George W. Bush to be tried there. Seeing that Europe is somewhat more humane when it comes to punishment, execution is unlikely, but at least he should be put away for life.

Penalizing companies and people for bad behavior

Boris Kolar recently posted this proposal in a comment to my post on bottom trawling.I propose the following solution: give people a real "no" vote. Give them the ability to anonymously "steal" from companies they don't like.I think this idea is worth discussing. Allowing people to penalize companies (AND other people! remember that a corporation has all the rights of a natural person), for what they consider to be their bad deeds, would probably lead to a mixture of (A) better behavior, (B) increased effort on improving the company's public image, and (C) increased effort on silencing critics and hiding truth.

While A (improvement) is certainly desirable, and B (more PR) might be tolerable, the C effect is certainly destructive. Which one of these effects would prevail would have to be observed through an experiment.How about the following rules:
- the total amount of money a person can "steal" from corporations is limited by a fraction of his pers…

George W. Bush - a psychopath

This checklist is amazing. (If at first the checklist fails to load, press F5 or try navigating to it through here.)

It probably very much depends on the assessor, but according to my judgement, George W. Bush displays almost all of the listed psychopathic characteristics. I gave him 38 points out of 40. A score of 25-30 or more supports a diagnosis of psychopathy. Average scores in prisoner population are about 22, and average scores in normal population are about 5.

This might explain why different people see this president so differently. (There is still a substantial proportion of US population that appears to support Bush, for some reason.) I'm thinking the difference might be that some people lack the fundamental capability to 'read' people. According to recent articles in New Scientist, about 2% of the population cannot recognize a face - not even faces of people they've known a lifetime. It stands to reason that a larger percentage of the population would recogni…