Random Articles – 2
More articles from my backpack.
- We’re about not ever accepting that the way something has been done in the past is necessarily the best way to do it today – Douglas Merrill, Google’s Directory of Internal Technology
- The military’s information infrastructure should be more like Google’s
- We generally don’t talk about our strategy … because it is strategic – Larry Page, Google Co-founder
- The exact number of servers in Google’s arsenal is “irrelevant”. Anyone can buy a lot of servers. It’s not the size of the ship, its the Captain?
- Microsoft uses clusters of inexpensive computers where it makes sensem but also uses high-end multi-processor systems where that provides an advantage.
- Nutch – Run your own mini-google at home
- If employees find systems to be a hassle to work with, they probably won’t use it, regardless of whether it was supposed to be mandatory
- Remote offices suffer disproportionately from minor inconsistencies in technology infrastructure
- Merrill’s Law: There are no technological solutions to social problems
Fishing in the shallows – The Story of the Small Market Developer
- Look for people tht seem to have the capacity to learn the stuff you wish they already knew
- Probe people’s thought processes during interviews
- Try to have design debates with candidates
- An underperformer is almost never as good as having nobody
Economics of Security Patch Management
- Most security incidents are caused by flaws in software
- It is estimated there are 20 flaws per 1000 lines of code wow!
- According to CERT, there were 171 vulnerabilities reported in 1995, and 3784 in 2005
- 95% of security breaches could be prevented by keeping systems up-to-date with appropriate patches
- Several reasons why not to apply patches immediately
- There are just too many vulnerabilities to patch against
- Patches cannot be trusted without testing
- Distribution of patches is not standard
- Every patch needs installation after testing
- Since firms currently bear the cost of patching, and firms cannot keep up with the sheer number of patches by vendors every day, it may help firms if software vendors share this burden
- There is then a very large discussion about the best strategy for patching, and cost sharing, but its way too mathy for me
- Cost sharing can always synchronize patch release and patch update cycles whereas liability can never be used to synchronize them
- Since cost sharing is not a substitute for liability, and liability is not a substitute for cost sharing, using both cost sharing and liability together to achieve coordination does not add value other than causing the vendor to bear more cost.
- Depending on the incentive levels of the system and the vendors, vendors should share either the burden (cost sharing) or the damage (liability), but not both to reach the social optimality with minimum level of additional cost on the vendor side.
- The proper way to look at the productivity of online businesses is as a percentage of normal activity, not possible productivity
- The relationship between Tier 1 car manufacturers and their suppliers relies heavily on the internet
- The further down the supply chain, the less relient they are on the internet.
- Prolonged internet outages for low-volume items would likely result only in customer-service disruptions, as email would be unavailable
- Supply chains have a bit of a buffer due to ‘learned behaviour’. (Example: If a customer has wanted 1000 widgets on Tuesday for the last year, odds are they will continue to want them.) Therefore, first supply chain effects would be to have suppliers calling up in a couple days just to confirm their existing beliefs
- Using the University of Virginia’s Interoperability Input-Output Model:
- A 3-day internet outage would result in no loss to the economy of the American Midwest affecting an electrical component manufacturer
- A 10-day internet outage would result in a loss of $22.6 million for the same scenario
- A 3-day internet outage would result in result in a loss of $2.96 million to the economy of the American Midwest affecting an electrical component manufacturer
- A 10-day internet outage would result in a loss of $65.16 million for the same scenario