Forgot your password?
typodupeerror

Comment: Critical vulnerabilities under active exploitation (Score 5, Informative) 73

by mattiaza (#43882909) Attached to: Questioning Google's Disclosure Timeline Motivations
Google recommends 7 days for "critical vulnerabilities under active exploitation", and 60 days for vulnerabilities that are assumed to not yet be known to attackers.

Frankly, even 7 days is too long for active attacks. Publishing the vulnerability lets users to use a workaround or shut down the service or app entirely until a fix is released.

Comment: Re:If you use post/use code snippets from GitHub.. (Score 3, Insightful) 64

by mattiaza (#42620103) Attached to: GitHub Registers Its 3 Millionth User
This is in no way unique to GitHub. Anything you find and see on the web (code, pictures, videos, poems) is subject to copyright. If the author has not explicitly set a license, you can't use it.

And I don't think GitHub should include any default licensing terms in its terms and conditions. Demanding a license for the users' content is what got people upset about Twitter and Instagram - and no company would publish code on GitHub if they are not in control of the licenses. What GitHub could do is offer a selection box with popular licenses (including "all copyright is mine!") when creating a repository just to remind people.

Comment: Re:To better serve you... (Score 5, Interesting) 141

by mattiaza (#42215237) Attached to: Google Axes Free Google Apps For Businesses
I don't think it's a blatant lie. I think it's more to do with expectation management. Many people still expect customer support for free services, and get upset if their calls or emails are ignored - which is much more expensive than running the web service itself. There was a Slashdot discussion about a similar problem at an Open Source company last month: http://ask.slashdot.org/story/12/11/26/2345214/ask-slashdot-troubling-trend-for-open-source-company No matter how many disclaimers you put on your website or how many times you repeat the "support costs extra", many free users are still upset at you, and will complain about it on the internet.

Comment: Re:Toughen Up (Score 1) 217

by mattiaza (#40347975) Attached to: Why VCs Really Reject Startups
Not at all. A polite lie always helps the person telling the lie.

Telling the cold hard truth may sometimes help the receiver, if it is actually truth and not just opinion. But far more often, it will just piss the other person off, and ruin the potential for later relationships between them, even if it is truth. Telling a polite lie:
  • Keeps the investor from wasting time in arguments or fights, if the founder gets emotional and really wants to tell his comebacks.
  • Keeps the investor from bad PR, if the founder decides to publish the "hard truth".
  • If the investor turns out to be mistaken, keeps the options open to invest later because "now you have enough traction".
  • If the investor turns out to be mistaken, keeps them from having really bad PR of telling the next Brin, Page or Zukerberg that they aren't fit to be a CEO in their early days.

It is absolutely rational to tell polite lies. If people want to hear the truth, they should first somehow show that they are the rare 10% who can take it as constructive advice, not get upset and angry like most people.

Comment: This experiment is pointless (Score 5, Insightful) 183

by mattiaza (#40026807) Attached to: GMU Prof Teaches How To Falsify Wikipedia — and Get Caught

I have to agree with Jimmy Wales on this - this is experiment is just as "insightful" as demonstrating to people that you can get away with vandalism.

Yes, it's not that difficult to troll Wikipedia. Just as it's not that difficult to scam old people, dump your trash in the forest, or scratch cars in a parking lot. You would most likely get away with it, but it does not mean that there is a huge security risk in parking lots that the world needs to be made aware of.

Society is based on the fact that most of the time, most people are not assholes, and therefore we don't need a policeman following everyone at all times. People don't troll or vandalise because they see it as the wrong thing to do - and the small risk of getting caught, and humiliated or punished is sufficient to discourage the less ethical ones.

Comment: Re:False positives and false negatives ... (Score 1) 94

by mattiaza (#40026473) Attached to: FDA Panel Backs First Rapid, Take Home HIV Test

A 7% error rate is, for all intents and purposes, worse than no test at all. At least with no test, people aren't going to falsely believe that they're not infected. They can take precautions.

You make a huge, and in my opinion wrong assumption that most people believe "I could potentially be infected" or take precautions if they have not taken a test.

People are terrified of the thought that they may be infected, and for many the bliss of ignorance is more comfortable than testing. Many people think that there is no way they could be exposed, because it's something that only homosexuals and drug addicts get, and sleeping around with "nice random people from parties" is just fine. Some are even assholes who think that testing is a bad thing, because they suspect having something, but can always claim ignorance to new partners if they haven't been tested. Some are major assholes who will outright lie about this.

Perhaps these opinions are not universal, but they are the majority what I've heard expressed in college environments. A quick home test, even with a 7% error rate is much better than nothing: for people who might not take the effort of going to a clinic otherwise, and as given as a request to new partners.

Comment: Re:paranoid nanny state (Score 5, Interesting) 395

by mattiaza (#39843113) Attached to: Surface-To-Air Missiles At London Olympics
Sure, the speed of the missile itself is not a problem. But getting this "go code" in time seems impossible.

The Olympic Village is in the middle of London, lined by civilian airports.
* London City airport with 200 flights per day is just 5km away (that's just 20 seconds at full speed, or 60 seconds at landing speed!)
* Heathrow airport with 1300 flights per day is just 30km away.
* Gatwick and Stansted airports are both 40km away, 1100 flights per day between them.
All the flights from these may overfly London, and Heathrow planes are often in holding patterns over Central London.

It's basically impossible to define a "air defence area" in London. And if a passenger plane accidentally strays into it, a pilot says "sorry, my mistake" on radio, what politician is still going to give the "go code" to shoot it down in 20 seconds?

Comment: Re:Get ready for....nothing! (Score 5, Insightful) 395

by mattiaza (#39343617) Attached to: Cheap Solar Panels Made With An Ion Cannon
We are very close to the fundamental efficiency limit of *power per square meter*. Which is a valid, but secondary concern. If solar cells are cheap enough, there is plenty of space for them in deserts, suburban roofs, and perhaps even parking lots! A manhattan skyscraper won't be able to power itself, but a 30km*30km plot of land in Nevada receives enough sunlight over 24 hours to power the entire U.S. with electricity. The important metrics for any energy source are: * cost per watt over the entire lifetime of the system * pollution caused and non-renewable materials used per watt over the entire lifetime of the system. This research improves the cost per watt metric. As soon as it is better than coal, we will see huge solar cell power stations.

Federal grants are offered for... research into the recreation potential of interplanetary space travel for the culturally disadvantaged.

Working...