Oct 222016

Of course, to skeptics who lament the absence of privacy practices that put consumers in control of their own information, there is no surprise in the the following: Google Has Quietly Dropped Ban on Personally Identifiable Web Tracking (link to ProPublica). There was just too much money to be made not to join web tracking data with Google user profiles.

User profiles like in Google Apps for Education, for example. This would mean all Maryland students, faculty and staff who use our campus-supplied, Google-implemented mail and services are not only coloring in profiles for Google to use in commercial ventures – Google does that already – but these profiles will be joined with all our web activities (on and off campus.) All as a condition of being affiliated with University of Maryland.

Can you opt out? Maybe, but at some point employees will be opting out of getting official information from their employer and students will be opting out of getting traffic from their instructors. At least this is how it looks from here.

UM leadership puts our personal information into a stream of commerce in order to obtain its technology infrastructure. Once again Wallace Loh writes checks that we must cash.

 Posted by at 4:36 pm on October 22, 2016
Sep 212016

At Quanta today a nice article written for the masses tells about formal methods.

Many of us believe that such methods are what we need in the long run, not just for security but quality in general. We can’t get much solace from a program which defies malicious use if it also fails users with benevolent needs. And it turns out that the issues of security (itself a big definition) go hand-in-hand with the business of getting your functionality right.

Please understand a particular challenge called out in that article. It talks about hardening just some critical points (for security), and the reality is: designing with mixed levels of formalisms is incredibly hard. You would not presume a house is secure for having done a really good job on properties of the deadbolt lock if your door was not correctly fastened to the hinge side; you sort of need to know things about both, not just a lot about one side.

Other analogies apply. If you take a glass of pure spring water and drop in a bit of sewer water, you end up with sewer water; if you take a glass of sewer water and mix in pure spring water, then you still have sewer water. The suggestion is you’re no better off than the poorest piece of your system, and moreover systems are often not built from discrete blocks so much as code blends. Just pouring in some quality ingredients doesn’t make the rest palatable. You usually only know something strong about a program’s value once you see it in context.

Students in our program should reasonably ask what our department offers in the way of formal methods, whether just for security or for quality overall. Today the answer is “not much”, but years ago all students starting in our introductory programming sequence learned our crafts using formal methods (functional notations and some specification frameworks pioneered by a fellow named Harlan Mills.) The canonical ‘old guy’ observation is that we consistently graduated some of the best programmers of the era, which we attribute to the fact that they all learned fine code design in a framework that rewarded structures about which someone could reason. You had to take the time to make it clean and simple so you could meet the spec and move on. The debug-by-friction habits we see students picking up in our Java sequence (and often never shaking) would not get you far. As it turns out, and judging by what we see in learning outcomes assessments, those hack-and-slash techniques aren’t getting students very far today either.

What happened? The long-standing internecine warfare between field committees in our CS department left formal methods a thing of the past; software engineering lost. Today’s leadership has pretty much put a nail in the coffin of the robust software quality perspective which helped put our department on the map. This is true in our curriculum, and to a great extent even in our research, wherein resources and policies support the pet programs of select faculty doing other things.

And what a shame. The linked article makes clear the formal methods of that era grew and are blooming today, in ways we might never have dreamed but had certainly hoped. It is a space in which Maryland might have led. Our courses would certainly not be using tools from a couple decades ago – after all, our insights would improve over time as did everyone else’s – but we’d at least be in the game and talking authoritatively about the big picture of quality. Our campus leaders instead have just what they engineered: a department that, lacking its own vision, whores after dollars in a cybersecurity market built by others instead of setting the industry’s standard for quality (of which security is one piece).

 Posted by at 10:53 am on September 21, 2016
Sep 132016

A few articles on university competitiveness turn up with this morning’s coffee. A fine article from the Foundation for Economic Education (whose links you see sprinkled around our web site here for good reason) addresses what we would call the mission drift on campuses; as stakeholders are freed to define more of their own roles, understandably many define them to be something other than the mission which created a campus in the first place.

An Atlantic article comments on administrative bloat. The author could very well have said “see Maryland.”

So it is also thus not necessarily a coincidence that we place where we do in the latest US News and World Report rankings which just came out. College Park lives among the also-rans (tied for number 60 with with Fordham, Purdue, Syracuse, Connecticut and WPI), and a drop from last year. (Formerly at 19 among public schools, now at 20.) Compare for yourself at USNWR.

 Posted by at 6:52 am on September 13, 2016
Aug 252016

… where your cronies give you a $75,000 bonus without feeling the need to actually explain what it is for. Maybe they felt sorry for him trying to scrape by on just $600,000 a year in salary and the housing, travel and administrative expenses they pick up for him on top of that.

STEM majors paying differential tuition and increasing fees here at College Park might want to look into whether we offer any classes on being a chancellor, so they can learn how to get by like this someday. (Our view: maybe he did something worthy of a bonus, but the fat-cats writing that check should be on the hook to explain to hard-working taxpayers what it is for.)

 Posted by at 8:09 am on August 25, 2016
Aug 252016

Kudos to the University of Chicago for asserting a strong position on intellectually diverse and open speech on its campus, which is to say, they offer no “trigger warnings” or “safe space”. (This is also reported in the student newspaper there.)

College Park manages to avoid unseemly confrontations by only inviting right-thinking (which is to say, left-thinking) visitors who mouth the group-think here in the first place.

 Posted by at 8:02 am on August 25, 2016
Aug 242016

Bloomberg reports on Baltimore Secret Cameras, which constantly record in the city. It’s a good article on how much surveillance really goes on … and in a city that has just been issued a scathing report from the Department of Justice on persistent and long-term civil rights violations in its police department. Yes, it does seem like these things go together, doesn’t it?

 Posted by at 6:31 pm on August 24, 2016
Aug 142016

The Purple Line’s funding issues have recently slowed its early construction efforts, but never fear, its proponents – including, we presume UM President Wallace Loh, who single-handedly overcame local opposition and championed this campus-splitting project’s approval – remain optimistic about its prospects.

Which is more optimism than we can muster for traffic conditions during said implementation based on reading the Washington Post’s article about a similar light rail project in Charlotte. Read for yourself the devastating effect that project has on the region there.

 Posted by at 9:34 pm on August 14, 2016