hype and a huge amount of fancy jobs at stake who know how to keep themselves employed. Take another example, Cambridge Analytica's "psychographic targeting". There's no solid scientific evidence that it actually works. Yet the media and press, as well as CA themselves have somehow convinced themselves that they're the real world version of James Bond's spectre
I don't have the same experience with Apple. My MacBook had to get replaced multiple times due to a bad graphics card. My subsequent one had to get replaced multiple times because of the butterfly keyboards breaking.
So far so good on the latest one but it's annoying to deal with so many replacements
Right, it's really "generally works, and if it doesn't, and not too much time has elapsed since purchase or it's a widespread issue, you'll get the issue fixed relatively quickly, as many times as needed, until the issue is fixed or they give up and replace the device".
Consider another example. Google suggests an alternate route that will presumably save 15 minutes.
Let's say enough cars take the suggestion to slow down that route by 10 minutes and speed up this one by 10 minutes. Even if you end up saving five minutes relative to the original estimate, you'd have saved ten minutes staying put.
It is a point of contention if Google should optimize for saving time for the individual user, (using data only available to that user), or for that user (but using routing information of other google users), or for all users on average (but potentially to the detriment of some users to give other users a bigger advantage), or for the public on average (ie. routing cars to reduce traffic, but possibly putting google users at a disadvantage compared to non-google users).
Various cities round the world have different optimization goals as they try out different approaches.
I would say obviously the answer is that users paying for premium levels of service should get faster routes, isn't that how this sort of thing is done?
You're describing the generalized second price auction (GSP) which is NOT incentive compatible, which means the optimal strategy isn't to bid truthfully. VCG is.
> A Facebook spokesperson said before May 2016, it offered an option to verify a user's account using their email password and voluntarily upload their contacts at the same time. However, they said, the company changed the feature, and the text informing users that their contacts would be uploaded was deleted — but the underlying functionality was not.
> "Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time. When we looked into the steps people were going through to verify their accounts we found that in some cases people's email contacts were also unintentionally uploaded to Facebook when they created their account"
so Facebook discovered this bug in an audit of its code, fixed it, and planned to notify everyone who was impacted.
Can we please stop calling these privacy violations bugs? It sounds like a benign thing. These are not bugs anymore. It's unauthorized access to records of millions, and Facebook is the one who performed the violation.
I can give a dog walker or cleaning personel the keys to my apartment, still if they steal stuff and I have evidence they will be prosecuted. It's not a bug that they don't have business ethics.
So a hacker took all of Equifax's data including your SSNs, address, names, DOB etc. By your analogy, all of Equifax engineers should be in jail right now!
BTW, just in case you are unaware, Equifax got away with this hack with zero fines in US.
I am making a case for the OP's comment that Facebook may have made a genuine mistake by introducing this bug - like they literally called out in their statement.
A bug is a bug. Whether it allows a hacker to sneak in to steal all your data or whether it allows a company to collect data it wasn't supposed to (as in this case Facebook specifically mentioned that it didn't turn off the feature though it intended to).
> in this case Facebook specifically mentioned that it didn't turn off the feature though it intended to
What you are describing here is in fact a lack of action, or a lack of change policy (to cause such action). That's not a bug. A bug is unintentional behaviour of some code, not some folk who've said they'll do something, but then don't.
And as for whether the original behaviour is/was a bug is also a point of contention too: that's a lot of willfully bad behaviour that's got chained together somehow to do what it did, then reviewed, signed off, and deployed — that's quite some 'accident' — I write code, and to me this whole thing just smells of a cover-up (by FB calling this a 'bug', when it very much looks to be otherwise).
I'm curious, if the message saying that "FB will also import contacts if you proceed" were still visible, would you still consider it "unauthorized access"? Is it really "unauthorized" if users give informed consent?
I doubt it, so it seems that we're just bickering over whether the accidental removal of the message is considered a "bug" or a malicious act by some engineer to trick users into sharing their data because they (and their company) lack business ethics.
Move fast and break things is not what one should do when dealing with personal information of billions of people. People need to be held accountable, Facebook has to be held accountable.
Maybe a complete engineering stop for a few months, and development of new practices and processes.
Similar to what Microsoft did with Bill Gates Trustworthy Computing memo which led to the creation of the Secure Development Lifecycle is something Zuckerberg should order to do.
Yeah, this seems like punishing FB for being too honest. There was no technical reason to disclose the bug.
I mean if they just quietly deleted the data that they didn't mean to collect, it doesn't seem likely that anyone would even notice.
> A Facebook spokesperson said before May 2016, it offered an option to verify a user's account using their email password and voluntarily upload their contacts at the same time. However, they said, the company changed the feature, and the text informing users that their contacts would be uploaded was deleted — but the underlying functionality was not.
I doubt it was an engineer who deliberately removed the text but kept the contact import functionality.
Engineers who make mistakes that harm people are still responsible for the mistakes they made. You cannot just claim "it was a bug" and get off scot free if your code harms someone or otherwise breaks the law. Also there's no need for this sarcastic tone, "have you never..?"
> I doubt it was an engineer who deliberately removed the text but kept the contact import functionality.
Why would you doubt that? I personally think that situation sounds quite likely. But either way we're just speculating.
Also, don't ignore the part of the parent comment that discusses the manager's (and implied other decision markers) that result in the decision being made to make an illegal change to the code.
Engineer, or manager, or QA assistant - someone or some group of people will have made the change. And "oops that was a bug" doesn't count. Corporations and their employees must be held to the same laws and standards to which the rest of us are held. "Ooops I didn't mean to do that" doesn't fly as an excuse to break the law.
Are you sure about that? I live in California, which was previously Mexican territory.
I also have friends from Texas, which was also Mexican territory.
Perhaps your point is that the US became less imperialistic since then, but that's easy to say once it's taken what it wants.
China sees Taiwan as an integral part of the "Greater China", a still unresolved problem from the past century's wars. It sees the South China sea as its own backyard. Can you imagine the US response if China were sailing military vessels provocatively close to the cost of continental US?
I'm not saying either is right. I'm pointing out that the US is not without its hypocrisies either, and that each country has its own flaws.
That was hundreds of years ago when the world was a very different place. In a post WWII, post UN world, the standards for behavior for nation states are very, very different.
The point I'm trying to make is the world has largely moved beyond that, but China still thinks it's ok to steal territory from it's neighbors.
If the situation were reversed and Chinese vessels were patrolling in international waters in the Caribbean to dissuade the US from taking territory from it's neighbors there, I'd be cheering them on.
That's not to say the USA doesn't do their fair share of despicable or hypocritical things, but by and large they have been a much better steward of power than China. I think the world will come to miss those days of American leadership in this century.
"“It has not entered the territorial seas of the U.S. and it is in accordance with international law regarding freedom of navigation,” Capt. James said in a statement released to the Wall Street Journal. He explained that the ship was in Hawaii’s exclusive economic zone (EEZ). The U.S. maintains that freedom of navigation for all international ships extend to countries’ EEZs, and it has long maintained ships inside China’s EEZ."
170 years ago. Hardly relevant now. At the time conquest was considered a legitimate way to acquire territory. That changed with the Kellogg-Briand Pact in 1928 and the UN Charter in 1945.
