-
An interesting policy tradeoff — I wonder which “major lawsuits” are being dropped to get this to move forward.
-
Responses to security audits range from the funny to the sad.
Grab bag: Hacking copyright
-
Handy checklist to determine whether a work is in the public domain in the US.
-
Nicely executed. Missing only a few details (astronaut dummy with donut) to join the police cruiser atop the Great Dome as one of the great all-time hacks.
Virginia Glee Club history: Harrison Randolph
Exploring some of Google’s new search options a week ago bore surprising fruit, as I discovered enough about the first named conductor of the Virginia Glee Club, Harrison Randolph, to write a Wikipedia article about him. There has long been little publicly available information about Randolph, aside from a mention in Philip Bruce’s 1921 five volume history of the University of Virginia and his presence in the archival 1893 Glee Club photo that also features the author of the “Good Old Song.” The liner notes to the Club’s 1972 recording A Shadow’s on the Sundial place him as the organist at the University Chapel, but otherwise he seemed doomed to fade into obscurity.
However, when I did a news timeline search for “virginia glee club”, I turned up some hits in the 1890s that I hadn’t seen before. In particular, one 1894 report in the Atlanta Constitution gave me quite a bit more information about Randolph and the boys of the Glee Club than I had seen previously. In this case, the description of Randolph as an “instructor of mathematics” made me go back and look deeper into his biography, and I turned up a fuller biography of him in a 1920-era volume that says that he left Virginia in 1895 to go to the University of Arkansas, and then in 1897 to the presidency of the College of Charleston, where he spent nearly the next 50 years.
It appears, despite his accomplishments, that the directorship of the Glee Club was not then without its perils; the Constitution gives a glowing description of his intellect, then drily notes, “To him has been allotted the awful task of directing the Glee Club.” Even allowing for the “amazing,” “awe-inspiring” sense of the word, one still feels the pressure of the world on Randolph’s young shoulders, particularly looking back at his 1893 photograph. Born the same year as the Glee Club itself, he looks at the age of 22 smaller and more exhausted than those around him in the publicity photo. Is it any wonder that only two short years later he fled to the relatively safer world of academia?
For those with patience, I’ve added the text of the original 1894 concert review article; it provides a rare glimpse at the mechanics of how the Glee, Banjo, and Mandolin clubs worked together and gives thumbnail biographies of each member.
SaaS: Socks as a Service
-
OK, this is conceptually brilliant. Black socks in a subscription model (a package of three every three months). They do underwear too. I wouldn’t pay $89 for a year’s subscription though, not when a $20 package from Costco of assorted black socks lasts more than a year.
Grab bag: Be for something, fail fast, look around
-
Why hatred is a bad business driver — if all you know is you’re against Company X, it’s very hard to be for something. Plus, it leads to weaker understanding of what the customers really want.
-
Strong checklist to evaluate products, business models, and startups.
-
I’ll have to download this before we go to the reunion at UVA.
Grab bag: Apple secures, Verizon out of copper
-
Frankly, at this point, any sign that Apple takes security seriously is welcome.
-
I wonder how that works for FiOS customers in those states. I’m guessing “landline” here means traditional copper, though they don’t specify.
Grab bag: Information wants to be in a river
-
Nice. A ton of books from the Cornell Library are now on the Internet Archive.
-
The “river of news” (to cite Dave Winer’s long standing description) is a little too markup heavy to be the Times’s front page–and the picture wall to the right is distracting when you mouse over it. But it’s a big step up from the table-heavy, newspaper manque layout that it’s an alternative to, and it has one big benefit–fresh news is on the top. I’d like to see other news outlets play with this format.
Grab bag: Humility, utopia, and self control
-
There’s nothing more humbling than watching actual end users struggle with your software.
-
Making a stronger connection between Krazy Kat (“There is a heppy land fur, fur, awaaa”) and the history of African American freedom. I had no idea that the Happy Land was real.
-
The connection between self-control and academic performance: “The child who could wait fifteen minutes had an S.A.T. score that was, on average, two hundred and ten points higher than that of the kid who could wait only thirty seconds.”
-
New Salman Rushdie short story.
-
Incidentally, password protected ZIP and RAR archives aren’t secure.
The Forrester application survey: 62% hacked through apps
Last week I indulged in a little live tweeting of a webinar my firm, Veracode, did with Chanxi Wang of Forrester, following up on our recent announcement of an independent survey in which 62% of the respondents reported being breached through at least one application vulnerability in 2008.
I’ve reposted the substance of my tweets below, followed by my $0.02 on the survey:
- (1) #Veracode & Forrester app risk mgmt survey: in 2008 62% of respondents were breached thru app vulns but don’t know their app risk.
- (2) As Kaspersky breach shows, 3rd party code is a big blind spot for most orgs.
- (3) open source, outsourced and off the shelf code used frequently but 59% don’t do anything to secure OSS.
- (4) only 32% require security at all stages of sdlc.
- (5) top training method in 37% of respondents is to learn on the job from experienced devs… who can’t be hired.
- (6) False sense of security pervasive. 94% think they know security of app portfolio but 40% dont know COTS risk
- (7) ease of use plus secure plus time saving is driving factor for third party assessments.
- (8) if you outsource code, consider outsourcing security assessments too.
Bottom line: the survey results suggest that application vulnerabilities lead to real risk for a lot of companies, but most companies don’t have secure practices that cover their development or training adequately, to say nothing of the risk from third party code.
Grab bag: Exploring the mind
-
“Blaming blogs for not being real newspapers is too silly. Newspapers in the main are no longer real newspapers either.”
-
Rands continues to plumb the depths of organizational psychology. Good stuff.
Grab bag: Getting, and not getting, the Web
-
It’s rare that NYT has a public web fail–generally they seem to understand how to work on the web. But nuking old URLs without implementing redirects is the worst kind of fail, because it kills conversation and reputation as well as content. I also wonder how many {{deadlink}}s there are on Wikipedia in references now because of this.
-
I like the “marketing” (editorial) short URLs, but I like the amzn.com/ASIN (Amazon stock ID number) even better. Every product on Amazon has an ASIN, so it’s easy to go directly to the product you want to point to.
Grab bag: Blinking into the light of 2009
-
Yet another reminder: applications are the perimeter.
-
I know what I’m doing tonight…
-
This is the iron trap that newspapers are in, and it reveals that they still don’t understand tech strategy after 20 years of trying to make it in a digital world.
-
Explanation of the process of the stress tests.
You mean you didn’t want it either?
-
Talk about a refreshing statement: “One thing you’ll find less of: celebrity news. Our research told us you didn’t want it, which is a relief since we were doing it only because we thought we had to.”
More intense inner torment, please
-
There’s probably a version of these markings for Mahler’s #2, because many of them look appropriate, e.g. “Langsam – Slowly; Schleppend – Slowly; Dampfer auf – Slowly; Mit Dampfer – Slowly; Allmahlich in das Hauptzeitmass ubergehen – Do not look at the conductor; Im Anfang sehr gemaechlich – In intense inner torment; Alle Betonungen sehr zart – With more intense inner torment; Getheilt (geth.) – Out of tune.”
Grab bag: Charging the pirates edition
-
Might have to check this out. I hate the feeling that I'm killing the planet every time I put a new AA in the Wiimote.
-
Ah-ha-ha-ha-ha-ha. This is the funniest thing I've seen in a good long time.