Hi. My team is responsible for the checkout process at a large company. I won't give exact numbers, but more than $100m goes through our teams two pages.
>by the time I'm entering my credit card details, I'm already "converted".
Our numbers say otherwise. Optimization of our checkout page is a huge deal any change, even text, comes under scrutiny, and for good (i.e. measurable) reason.
Would I put this demo on our page? If the bugs and confusion can be fixed, I might try it for a very small test group and see what happens. Not sure the confusion can be fixed though.
Yes, we should have black and white laws, and unit tests for them. So someone could write a unit test for "Will this allow the NSA to create a secret court that is outside the rule of law?" or "Does accessing a university computer that has an open access policy allow for a sentence of 130 years?"
Depends how you define "simpler." There would be a LOT of incredibly specific definitions, since there would be no room for interpretation by a judge.
Consider a law that says "you can't drive a vehicle without a license." Is a bicycle a vehicle? What if it has a motor and weighs a lot? A velomobile? What about a hovercar?
There might be 2,000 laws referencing "vehicle [definition #4,849, version 5]".
(Actually, I guess a sensible definition might be based on momentum: we'll call a tricycle a vehicle if you manage to get it going fast enough; the point is that you can hurt someone with it.)
.. it depends. What if the point in the given situation is to avoid traffic congestion? You normally don't want (a small) buggy drive down a high speed highway. In that case it the point would be: "should match the traffic flow requirements".
So, I agree with your argument. It's all very situation dependent. For some reason I find it oddly comforting that human society and life in general can't be crammed into a small set of fixed rules. That would be kind of boring I think.
There's a sub-area of AI, since about the 1970s, that does try to do that, but it's very much at the research level. Modeling even simple "common sense" things is notoriously hard for computers (commonsense reasoning seems to require a large amount of implicit background information), so it's not clear that easy to unit-test coincides well with a human notion of simplicity and predictability.
That's one reason that, in addition to being an interesting challenge domain for AI researchers, it's interesting to logicians, who aim to come up with logics and decision procedures that can capture what a decision procedure in law looks like (classical first-order logic and theorem-proving don't seem to model it well). The main short-term application is to reasoning-support systems that can suggest potentially winning arguments, point out obvious holes in draft arguments you were going to make, etc., sort of the legal analogue of medical diagnostic systems.
> Yes, we should have black and white laws, and unit tests for them.
First problem: I don't think that can be done. I'd be a lot more convinced to consider arguments like this accompanied by completed samples in some real area of human endeavor of the "black and white laws" with accompanying "unit tests" (and, anyway, wouldn't we want automated user acceptance tests, not unit tests.)
Thinking about it, it probably can be done.. just not in a free society (which I think is all about doing what you want as long as you don't hurt others in the process). You probably can create black and white laws in a despotic rule. "The Ruler has all right, you have none. He decides." There, drafted an entire legislature with very black and white rules..
Then who decides if you have broken the law? Obviously cops have no right either. Only the ruler can decides? So ruler spent every seconds telling people whether they can talk/walk/eat?
The problem with this is, human beings don't blindly interpret and process laws as code. Human beings can honestly differ in their interpretation of a law, and the accepted interpretation can change over time.
Some one, or some body, would have to decide what the 'proper' interpretation of these laws would be, and craft the 'unit tests' such that they correspond to the status quo. Then that someone or some body would have to ensure that anyone who disagrees with that interpretation gets put down. What you're describing seems like a particularly technocratic form of fascism to me.
Not really, as part of making the law - congress needs to go through all possible interpretations and rule out the ones not in the spirit of the law one by one. Then the law is defined by its tests.
Is it okay to collect all XYZ data?
Is it okay to collect anonymous XYZ data?
Is it okay to collect XYZ data and hold it for X days?
Is it okay to store and index but not search a collection of XYZ data?
The law would end up saying something like -
The NSA is permitted to store and index anonymous data for a period of 10 days. Attempts to make anonymous data personal are forbidden. Data may only be accessed with a court issued warrant subject to the following conditions:...
> Is it okay to collect anonymous XYZ data?
Anonymity is not binary.
- What lower level of anonymity is acceptable? Is 1 in 30 acceptable?
- What about edge cases where it becomes much lower? Say only one person in a small county has an account to a web service because it is largely targeted at people elsewhere?
- What about academic improvements that keep decreasing anonymity by improving understanding of collected data? What time limit would NSA get to update its systems in case of such improvements? What happens if the speed of academic improvements is larger than the speed of updates in NSA systems? Is the system scrapped right away?
I agree that formal definitions seem lucrative. But these aren't simplified mathematical static models that we are talking about.
Right, those are exactly the questions that need to be asked, discussed before implementation, and then included in the law if it passes.
What meta-data is truly anonymous and what is not? Is the agency permitted to built a tool to de-anonymize data based on academic research, or is the data in some ways protected against these tools?
They may get to the end of this process and in this instance find that such a government tool, even based on anonymous data is uncontainable, and should not be implemented. If you just grant blanket power and rely upon a courts interpretation of your two paragraph scribble to straighten things out, the intent of the law can be completely lost.
Yes. This is my point. =) Only by actually working out all these details can we have just laws, and IMHO, we would discover that most of our laws are not just.
We want law that prevents criminals from breaking into banks and stealing your cash, but what we got was a law able to be used to persecute young people to the point of suicide for accessing an "open" system belonging to an educational establishment.
The laws we have now cannot do what they claim to do without being impossibly broad or impossible to implement. As was was discussed elsewhere today, the joke of a "Do what I mean" button, is that nobody, in fact, knows what they mean, and this goes exponentially so for a congress of 500 or so people.
But the most 'just' laws aren't always the ones least open to interpretation. Also, let's not conflate Aaron Swartz's suicide into an example of the law working as designed and intended, rather than being the result of heavy-handed interpretation intersecting with his own fragile state.
The way I look at it, making laws more and more complex and attempting to codify every possible instance is a bit like adding massive bloat to a software project for the sake of maximum backwards compatibility. Just as more lines of code introduce more bugs and increase the possible attack surface of an application, so more complex laws introduce more opportunities to manipulate and undermine those laws through legalistic means (while giving the people who have to interpret those laws on their face little leeway for context-specific interpretation.)
In Florida, to use an obvious example, the law as intended makes it legal in a certain context to kill an unarmed teenager without any ramifications, whereas firing a gun into the air can get you 40 years in prison. This is what the people of Florida wanted, and this is what their legislators gave them. America's prisons are stuffed with minor drug offenders for whom the sentencing laws were absolutely unambiguous. How complex is the tax code and how many ways are there to dance around it? Most of those holes are there on purpose.
> Right, those are exactly the questions that need to be asked, discussed before implementation, and then included in the law if it passes.
Legislation is not the only source of law.
That said, more structured analysis is no bad thing. But it's not a panacea either. There's an existing analytical mechanism for legislation: depending on where you are, it's called "Parliament" or "Congress".
To participate, you must first be elected to that body. Or work for someone who does.
IANAL but I don't think it's possible to parse laws with that degree of certainty, or to determine an upper bound for "all possible interpretations," as different people can disagree as to what the "spirit" of a law is, or should be, or could be for the forseeable future.
The US Constitution is pretty straightforward, and people are still waging petty wars over individual words to wrest their idea of "intent" from the Founding Fathers. You're suggesting a formal procedure for legislation which might have some merit, but I don't think it would remove politics or human bias from the process.
What if laws are considered whitelists? If it's a whitelist then if not directly stated it's thrown out. This may slow the legislative process, but that's not necessarily a bad thing, it was actually the founders primary goal.
Agreed that it's not a fully baked idea by any means, humans will always attempt to circumvent any system. With that in mind, you may say that rather than designing a better system, we stick to the safe that was first cracked 200 years ago.
With that in mind, you may say that rather than designing a better system, we stick to the safe that was first cracked 200 years ago.
Half the people whose valuables are in that safe find it perfectly adequate and would insist that any attempt to change the locks is just a blatant attempt to grab their money.
Do those 50% believe the system is working as intended and is not being exploited by special interests? I don't think any republican or democrat agrees with that.
Sure. But special interests are only a problem when they're not dumping money into your district or your next election -- when they are they become a 'vital national interest'.
My point is, both sides have a say. If you get ten mathematicians in a room, they don't have to reach a compromise between ten different self-serving definitions of pi. The law is never going to be like that.
A nice example of the problem with natural language is Treason Act 1351[1] (this is still current law in the UK!), written in Anglo-Norman. This is problematic, as our understanding of the language is incomplete. Notably, in this case, there is no agreed upon meaning of "pvablement" — it means either "provably" or "probably": a rather major difference come a court of law!
But then you either need to get people to talk in Lisp or some other logical language, or you need a way to translate it to English. It's the English translation where ambiguities will arise. You've just moved the problem around,
haha, no. It was meant as a quasi-joke. I'd like to see one though.
Certain laws are very cut-and-dry (speeding for instance) and perhaps laws could be proven on a functional basis.
You could even make it axiomatic from the constitution and declaration of independence.
Of course, you'd need to define the axiomatic meaning of things like 'the right of the people to keep and bear arms shall not be infringed' - which is hard to do even with such simple language.
And then after loading the axioms, you'd spend a lifetime going through errors in the existing laws.
Certain laws are very cut-and-dry (speeding for instance)
Ha! No.
* do you want to give an exemption for speeding for, say, ambulances? So how do you define "ambulance"? Do you have to be registered to drive an ambulance? What defines the "duty of an ambulance" (or are they allowed to speed no matter what). What about a van carrying an organ to be donated?
* What if I have my sick child in the car and I'm rushing them to the hospital because it's faster than waiting for an ambulance? Is it right that I can be arrested and convicted for that? I think that would be a perversion of the spirit of any just law.
* What if I'm being chased by a maniac relative who wants to kill me? Can I speed then to drive away from them? Do I have to believe my life is in danger? How do you define that?
* Let's pretend I'm driving along and some other vehicle is about to move into my lane and crash into me because they are stupid and don't see me, and let's pretend that if I speed up a little bit (over the speed limit) and am able to get in front of them and avoid an accident. Should I be convictable for speeding even though I sped to prevent an accident?
Sure, these are all edge cases and there are loads of cases where it is clear cut, but you have to write a law that can handle the edge cases. Without accepting the vagueness of human life, you'll wind up with an unfair conviction that is horrible.
Or, alternatively, you can write the law simply and let people decide for themselves if it's worth breaking.
So, no exemptions for anyone, but then part of the cost of running an ambulance service is paying speeding fines regularly. Given the cost of ambulance services without that, the additional expense is lost in the noise, making it obviously a good choice to speed when useful (for ambulances).
Trying to figure out after the fact whether someone had a good reason to break the law (and therefore shouldn't be penalized) is one of the things that complicates legal systems enormously. Instead, we should write the law clearly and specify the penalties for breaking it directly, and let those who have the best information about the situation, the potential lawbreaker(s), choose whether it is worth breaking the law in a given instance.
The whole point of the proposed system is to capture all the downside of a given action in a single penalty. Therefore, escalations based on repeated actions wouldn't make any sense.
Some countries do a "penalty points" system where you get (say) 2 points if you're speeding, and if you get (say) 12 points, you're off the road for (say) 2 years. Your proposal of "let people break the law" means that you'd run out of ambulance drivers.
You then have the problem of whether someone can be fired as an ambulance driver if they don't speed. Many countries employment law says that you can't fire someone if they refuse to break the law for the job. So what happens there?
Yes, if we changed the laws, laws would be different.
I'm not suggesting that laws should be passed that work this way within a framework that assumes they don't. The solution to a mountain of bad code is not to add another layer that tries to make huge changes; it's to rearchitect. I also understand that this isn't going to happen in a large existing system like the US; I think it's a better way, but there's no easy, incremental path from here to there.
As for your hypothetical: In this system, since the vast majority of penalties would be monetary, or have monetary equivalents, and since the entire damage is (supposed to be) captured by the penalty, ambulance companies would come up with their own rules under which they would pay fines on behalf of their drivers, contractually. The market could then correct via abuse of those rules by the driver, or refusal of drivers to work for that ambulance company, depending on which way the rules erred.
No, you'd see more complex laws because law makers would just write around the unit tests rather than address the fundamental issue. Ergo, accessing a university computer would be fine (because that's in the test) but accessing a library computer would not .
TL;DR: 1014 people claimed they were drugged and sexually assaulted. "In 21 cases (2%), a sedative or disinhibiting drug was detected..." So-called "date rape" drugs were a subset of these cases.
I think there needs to be an acknowledgement that the NSA, the FBI, and the government in general are not staffed by angels or robots, but by human beings, and that some of these human beings are criminals. The very fact that Snowden got all that data means that, regardless of whether or not he's a criminal or a whistleblower, the humans in government cannot be trusted with this data. "The FBI" may have a need for this data but the humans in the FBI are too great a risk. I find it absurd that we are even having to have this conversation with an organization that has to deal with operational security.
Few men could be moral when offered the combination of unrestricted power over others, total secrecy, and lack of consequences for actions, that is so often the state of these agencies.
That's why we need their power to be limited and defined, as open as possible, and have legitimate avenues of redress for grievances. They are supposed to be public servants, not rogues.
Side question: has the State now successfully argued that I can secretly record all conversations provided that I do not listen to them until I later get a warrant or court order?
Personally I think the two-party consent laws for recording are a great boon for corruption, and having the ability to record everything just in case I might later need to prove what was said in court would be immensely useful.
FTA: "Take the example of a tester, or a 3rd line support analyst – in the main their ranks are filled with the below-par programmer. They help the process by reduce the programmers’ work load and don’t cost as much to the CFO’s bottom line."
Don't cost as much as what? As much as a smaller team of expert programmers doing it right?
>but the U.S. government stepping in to FORCE employers
Sounds like you're against the US Government.
>Unfortunately, because you are replaceable you don't have pull and SHOULD NOT have pull.
A clever businessman would organize all these replaceable parts into a cohesive whole, and then having cornered the market, set his own price. That's capitalism in action. The very people who decry it are the same ones cornering their own markets. When its telecoms, cable TV, healthcare, widgets, corn, DNA, etc, its ok, but when its "units of labor", oh, well now its anti-capitalist and anti-american.
So I'll go along with your idea that Unions are an illegal monopoly on labor after we've gotten rid of the government-created construct called the corporation.
Seems perfectly accurate to me. You seem to be quibbling over "lifetime" and "power to shape" while at the same time getting bogged down with legal issues. I find this strange since you have a reputation for being good at security, so it seems odd that you are missing what is effectively a social engineering attack on our legal code base. Everything you said makes sense from a legal point of view, and yet, this shit is clearly 100% unconstitutional. How can that happen? Because one pro-police-state judge and his hegemony have everyone buying into the narrative.
"Hello sir, this is the IT dept, can you confirm your password please?" .. "Oh sure, I believe you..."
"Hello senator, this is the FISC, can you keep this secret please because its all legal?" ... "Oh sure, I believe you..."
The icing on the cake is we don't have standing to sue because we can't prove we've been directly affected, but we can't prove it because we can't sue. As soon as a judge held this to be a lawful argument, we got rooted. The People are no longer in control.
Yes, I'm quibbling over "lifetime" when the power he has isn't lifetime, "exclusive" when it's a power delegated to him by the discretion of Congress, and "unaccountable" when his role is as an instrument of Congress. Congress cannot effectively recall Roberts from the Supreme Court, but the same majority of Congress that could pass a national fuel standard law could remove Roberts from the FISC.
"Lifetime" because his position is a lifetime position. Congress may in future change the law, but for now, his role in "shaping" the security state is Lifetime. Right now, this statement is accurate. The fact that you can imagine a possible future where this is no longer correct is irrelevant. Its about as useful as saying that copyright expires.
"Exclusive" does not mean "omnipotent". We negotiate "exclusive" agreements all the time. The fact that someone else agreed to give you that exclusivity doesn't make the "exclusive" part go away.
If not "Unaccountable", accountable to whom? Sure, there may be other individuals in the hegemony who can raise a flag, but its not you or I. The NSA can lie to the senate and it takes a brave senator to break ranks but even then all they can say is "I think the NSA lied on one of these points" but can't even say which one. There is real coercion going on here.
It's not a lifetime position. Roberts position on the Supreme Court is a lifetime position. Absent a fundamental change to the US Constitution, Roberts is Chief Justice for life. But his position vis a vis the FISC is no more secure than that of the majority leader of the US Senate.
It's not exclusive. Exclusivity dictates that the power Roberts has is available only to him. But it's not; it's available to Congress as well. Not only that, but Congress' power over the FISC dwarfs that of Roberts. Congress could pass a law requiring FISC judges to decide while swinging upside down from a rope made of cheese curds. All Roberts can do is appoint FISC judges. Congress can un-appoint them.
It's not unaccountable. Unaccountable means that Roberts can exercise his power unchecked by any authority. Roberts power is checked the same way as the Secretary of Labor's power is: Congress can require him to testify before a committee and, if it wishes, strip him of his FISC power.
Congress MUST change how FISC is done, and this article unintentionally lets them off the hook by framing FISC as if it had any of the same authority as an Article III court, where Congress has far less authority.
- Congress may revoke the power over the FISC, so it isn't irrevocable.
But the FISC Chief is a lifetime appointment, by definition, since the Chief Justice is a lifetime appointment. It is exclusive, because he has executive authority, he does not have to take advice from anyone before making a decision. Whether it is unaccountable is a matter for debate since the operation of the court, and its activities are carried out in secret. It is certainly unaccountable in the normal sense of the word.
FISC can not call senators and ask them for anything. NSA has to call FISC and ask them if it is legal, if they confirm, NSA can proceed. FISC has no power over senators - if any senator decides something is wrong with surveillance, he can initiate a bill that says you need more approval than FISC or you can't do certain things at all - FISC only confirms that NSA is acting withing the limits that the senators (and the House of course) set the last time. FISC can not create rules - unlike SC, btw, that to a large measure can interfere with the rules, even though Roberts seem to be rather restrained from doing this in many cases where he had a possibility to do so (see Obamacare decision, for example). FISC can only say if NSA follows the rules - and it is the senator that makes the rules.
"Freer"? The number of citizens in prison has vastly accelerated in the last 20 years [1]. This alone is proof that we are not freer. No need to shoot someone in the head when you can throw them in jail for a joke on facebook [2], and best of all, hand the bill back to taxpayers.
That kid doesn't deserve what happened to him. That being said, what do you think the response should be for publicly threatening to kill school children? Remember, threats of violence have never been protected speech.
Yeah, but thats the weird thing. Sarcasm is obvious, until it isn't. In 2013, is it reasonable to systematically ignore someone who says "i think imma shoot up a kindergarten?" I guess what I'm asking is what's the criteria you and I are using to determine he wasn't serious? I intuitively know he almost certainly wasn't going to act on that statement, but assuming I'm a law enforcement officer, how do I justify ignoring it?
The sarcasm was obvious from the comment alone, the sarcasm was doubly obvious when the statement is taken in the correct context, and the sarcasm is particularly obvious since the kid fucking said he was joking.
Discretion and basic human intelligence is a vital part of the system, and in that case it is not being used.
>by the time I'm entering my credit card details, I'm already "converted".
Our numbers say otherwise. Optimization of our checkout page is a huge deal any change, even text, comes under scrutiny, and for good (i.e. measurable) reason.
Would I put this demo on our page? If the bugs and confusion can be fixed, I might try it for a very small test group and see what happens. Not sure the confusion can be fixed though.