Thursday, October 31, 2013
Pulling the Rug Out From Under Patent Trolling
Patent trolling is a phenomena caused by the current state of patent law. Most engineers and entrepreneurs believe that it drains money from them, and is a blight on the industry. Many proposals for patent reform aim to reduce the duration of copyrights and patents. I think that the real problem is economic. The current state of affairs allows patent trolls to spend very little money to sue and expect a relatively large amount of money in return. Major patent and copyright reform is not necessary to solve this. Laws should be written to make patent trolling (when the plaintiff is clearly in the wrong) extremely expensive for the plaintiff and worthwhile for the defendant. Ideally, when I am sued by a patent troll, I should be happy and consider it a financial windfall.
Monday, October 21, 2013
Basic Computer Security, aka "How To Fly A Computer"
This is adapted from a post I originally made on a Facebook group after two members started posting spam from their accounts.
Computer Security For Normal People:
1) Pick passwords with both letters and numbers. This is an easy way to protect yourself from bots that use simple automated attacks to guess your password. The first documented computer cracking case in 1986 involved a cracker who wrote a program that guessed passwords from a dictionary.
2) Make sure your email account's password is different. If someone can guess your password on your twitter account, he might try the same password on your bank account. Make sure your email password is different than every other password. It's not necessary to have a different password for every single website you use, but you should have more than one to protect yourself. For example, I have a "dumb" password for services that I don't plan on using more than once, a "secure" password for services where I care about privacy and people doing things with my name, and a "banking" password for services where getting the account cracked would be real-life inconvenient and require me to file paperwork.
3) Keep your computer's software up-to-date. If you're running Windows, then use Windows Update. Make sure you install all updates that are marked important, then change your Windows Update settings so that your computer automatically downloads your updates for you. If you're running a Mac, you should be fine unless you have trouble with #5.
Also make sure your web browser is always up-to-date. If you're using IE6 you're doing it wrong. Older versions of Flash and Java have security holes, make sure they are up-to-date too.
4) Use antivirus software. Microsoft distributes an excellent lightweight antivirus called Microsoft Security Essentials. http://windows.microsoft.com/en-us/windows/security-essentials-download Schedule your computer to scan itself monthly.
It's probably not the best idea to run two antiviruses on your computer. Use whatever one you have available. If your computer came with a trial version, it should be okay as long as the trial keeps its virus definitions up-to-date.
5) Don't run it if you don't know what it is. If your computer tells you it wants to run software and you don't know what it is, click No, click the X on the window, or press Escape. Do not download and run software from sources you do not trust or do not recognize.
If in doubt, Google things and do some research. Be wary of fake reviews, scammers are known to pay people to write tons of positive reviews to inflate their review scores and search rankings. Look closely at the URLs of download links (right-click and copy the link into a new browser tab if you're not sure), it's common for scammers to register temporary short-URL sites on co.uk and similar sites. Only the last two parts of a domain count, "download.microsoft.com.totallynotascam.co.uk" is a bogus site.
6) Check your plugins. One of the most common types of malware is web browser "toolbar" plugins. Check what plugins and extensions are installed on your web browser, and research any you don't recognize.
Facebook and Twitter now allow external apps which can get access to all of your personal information, and also can expose information about your friends. For Facebook, click Settings (the Gear icon in the upper-left)>Account Settings, then click the Apps tab on the left. For Twitter, click the Settings Icon (the gear)>Settings, then click the Apps tab on the left. If you see an app you don't recognize or don't use, it's probably best to remove it.
Computer Security For Normal People:
1) Pick passwords with both letters and numbers. This is an easy way to protect yourself from bots that use simple automated attacks to guess your password. The first documented computer cracking case in 1986 involved a cracker who wrote a program that guessed passwords from a dictionary.
2) Make sure your email account's password is different. If someone can guess your password on your twitter account, he might try the same password on your bank account. Make sure your email password is different than every other password. It's not necessary to have a different password for every single website you use, but you should have more than one to protect yourself. For example, I have a "dumb" password for services that I don't plan on using more than once, a "secure" password for services where I care about privacy and people doing things with my name, and a "banking" password for services where getting the account cracked would be real-life inconvenient and require me to file paperwork.
3) Keep your computer's software up-to-date. If you're running Windows, then use Windows Update. Make sure you install all updates that are marked important, then change your Windows Update settings so that your computer automatically downloads your updates for you. If you're running a Mac, you should be fine unless you have trouble with #5.
Also make sure your web browser is always up-to-date. If you're using IE6 you're doing it wrong. Older versions of Flash and Java have security holes, make sure they are up-to-date too.
4) Use antivirus software. Microsoft distributes an excellent lightweight antivirus called Microsoft Security Essentials. http://windows.microsoft.com/en-us/windows/security-essentials-download Schedule your computer to scan itself monthly.
It's probably not the best idea to run two antiviruses on your computer. Use whatever one you have available. If your computer came with a trial version, it should be okay as long as the trial keeps its virus definitions up-to-date.
5) Don't run it if you don't know what it is. If your computer tells you it wants to run software and you don't know what it is, click No, click the X on the window, or press Escape. Do not download and run software from sources you do not trust or do not recognize.
If in doubt, Google things and do some research. Be wary of fake reviews, scammers are known to pay people to write tons of positive reviews to inflate their review scores and search rankings. Look closely at the URLs of download links (right-click and copy the link into a new browser tab if you're not sure), it's common for scammers to register temporary short-URL sites on co.uk and similar sites. Only the last two parts of a domain count, "download.microsoft.com.totallynotascam.co.uk" is a bogus site.
6) Check your plugins. One of the most common types of malware is web browser "toolbar" plugins. Check what plugins and extensions are installed on your web browser, and research any you don't recognize.
Facebook and Twitter now allow external apps which can get access to all of your personal information, and also can expose information about your friends. For Facebook, click Settings (the Gear icon in the upper-left)>Account Settings, then click the Apps tab on the left. For Twitter, click the Settings Icon (the gear)>Settings, then click the Apps tab on the left. If you see an app you don't recognize or don't use, it's probably best to remove it.
Thursday, October 17, 2013
Public Security
Imagine a meteorologist calculates that there is a 50% chance of rain this afternoon. It's his job to report the weather. But instead of forecasting possible rain, he tells the local newspaper to write that it will be sunny. In the afternoon it rains, ruining a parade the city had scheduled and severely damaging some parade floats. The parade could have been postponed to tomorrow, but now the city's budget has been wasted. The meteorologist is asked why he was carrying an umbrella, and he reveals that he knew there was a good chance of rain. "But I didn't want to ruin anyone's day," he says. "After all, the weather was very nice in the morning."
This is an analogy for computer security. Many powerful organizations want to silence people who find holes in their systems. For example, Andrew Auernheimer was convicted for publicizing security flaws he found in AT&T's systems. Another example was recorded by Charles Stoll, who mentions password security being undocumented because certain government agencies were slow to adopt stronger passwords. This is an effort to promote "security by obscurity" (which is considered a Bad Idea in the field of computer science). Large organizations that hide flaws are clearly acting in self-interest. Seeking to hide one's shortcomings at the expense of others is reprehensible.
There is another side to this problem. Hackers of any type are not justified when they leak information irresponsibly. (See The Washington Post's 2013 coverage of NSA leaks for a good example of how to leak classified information.) System administrators should respectfully consider any reports of security holes. Users who find flaws in the systems they use should report bugs appropriately. And (this one's for everybody), users should avoid using systems that are insecure and warn their friends.
This is an analogy for computer security. Many powerful organizations want to silence people who find holes in their systems. For example, Andrew Auernheimer was convicted for publicizing security flaws he found in AT&T's systems. Another example was recorded by Charles Stoll, who mentions password security being undocumented because certain government agencies were slow to adopt stronger passwords. This is an effort to promote "security by obscurity" (which is considered a Bad Idea in the field of computer science). Large organizations that hide flaws are clearly acting in self-interest. Seeking to hide one's shortcomings at the expense of others is reprehensible.
There is another side to this problem. Hackers of any type are not justified when they leak information irresponsibly. (See The Washington Post's 2013 coverage of NSA leaks for a good example of how to leak classified information.) System administrators should respectfully consider any reports of security holes. Users who find flaws in the systems they use should report bugs appropriately. And (this one's for everybody), users should avoid using systems that are insecure and warn their friends.
Tuesday, October 8, 2013
The Living Room PC
http://steamcommunity.com/groups/steamuniverse#announcements/detail/2145128928746175450
The living room PC is going to be the next major consumer electronic device. We already have smartphones and tablets which are extremely popular because of their convenience. There is a great market niche for a PC that is as simple to operate as a DVD player. Consumers will connect their living room PC to their television to watch Netflix, Hulu, Youtube, and other content that is easy to interact with. Video games will also be a driving force, especially with the large library of PC games consumers can play. The console market is a stagnant, closed environment compared to what PCs can do. The only reason the living room PC is not mainstream is the business model; the average manufacturer sees it as a niche market with slim profit margins. But hardware is getting cheaper and will soon hit a critical turning point when it becomes cheap enough. Valve has the same business model as the console manufacturers: they will use this product to sell more video games and profit from promotions with video streaming services. I would bet Apple has plans for this too because they have massive leverage with their iTunes and App library. If consumers are shy about purchasing a somewhat expensive living room PC, manufacturers can compensate by including $50 of credit for whatever distribution service comes bundled.
The living room PC is going to be the next major consumer electronic device. We already have smartphones and tablets which are extremely popular because of their convenience. There is a great market niche for a PC that is as simple to operate as a DVD player. Consumers will connect their living room PC to their television to watch Netflix, Hulu, Youtube, and other content that is easy to interact with. Video games will also be a driving force, especially with the large library of PC games consumers can play. The console market is a stagnant, closed environment compared to what PCs can do. The only reason the living room PC is not mainstream is the business model; the average manufacturer sees it as a niche market with slim profit margins. But hardware is getting cheaper and will soon hit a critical turning point when it becomes cheap enough. Valve has the same business model as the console manufacturers: they will use this product to sell more video games and profit from promotions with video streaming services. I would bet Apple has plans for this too because they have massive leverage with their iTunes and App library. If consumers are shy about purchasing a somewhat expensive living room PC, manufacturers can compensate by including $50 of credit for whatever distribution service comes bundled.
Wednesday, October 2, 2013
The Argument For Working For A Small Company
Last week I talked to several co-workers about their prospects after college. Nearly all of them plan to work for large national-level firms. Shockingly, none of them mentioned any kind of small business or start-up prospects. I worked for both large and small companies in the last seven years and feel that I am able to speak from a position of authority on this. I won't say that graduates shouldn't work for a large company; both large and small companies have their benefits. Small companies have the benefit of close interaction with managers, close interaction with customers, and more freedom to innovate and control products. I think that every college student should have the experience of working for a small company before graduation. Students owe it to themselves to know what they're getting into (or missing out on).
Tuesday, October 1, 2013
Iterative Design
http://www.designer-notes.com/?p=654
I would like to discuss bottom-up design in video game development. It is very common in video game design to start with the end-user experience. "They will do this, and then they will feel this, and then this will happen." This often completely ignores the underlying low-level systems and features that deliver that experience. When a project nears its deadline, many of those features and experiences will be thrown out. This can ruin the gameplay pacing that the game designer wanted at the start of the project. A much more sane approach is to start with mechanics. Programmers can develop small tools, tech demos, or proof-of-concept applications. These small pieces can each be tested on their own to find the few which stand well on their own, or certain combinations which provide an enjoyable experience together. These software facets should be built with no context in mind, because they are ideas that may prove to be worse than the designer originally thought. Even a large software project can progress in this manner with frequent testing and iteration. If many small ideas are presented to a skilled designer, or to the team as a whole, the team can quickly decide which ideas have merit and which are a waste of development time. The result is a higher-quality product which can be coherent despite the piecemeal method used to design it.
I would like to discuss bottom-up design in video game development. It is very common in video game design to start with the end-user experience. "They will do this, and then they will feel this, and then this will happen." This often completely ignores the underlying low-level systems and features that deliver that experience. When a project nears its deadline, many of those features and experiences will be thrown out. This can ruin the gameplay pacing that the game designer wanted at the start of the project. A much more sane approach is to start with mechanics. Programmers can develop small tools, tech demos, or proof-of-concept applications. These small pieces can each be tested on their own to find the few which stand well on their own, or certain combinations which provide an enjoyable experience together. These software facets should be built with no context in mind, because they are ideas that may prove to be worse than the designer originally thought. Even a large software project can progress in this manner with frequent testing and iteration. If many small ideas are presented to a skilled designer, or to the team as a whole, the team can quickly decide which ideas have merit and which are a waste of development time. The result is a higher-quality product which can be coherent despite the piecemeal method used to design it.
Subscribe to:
Posts (Atom)