Court: Employees have a right to privacy, even on their employer-provided BlackBerry/laptop

Didn’t seem this coming, but it appears to be an entirely sensible decision. Personal use of workplace-provided devices is bound to creep in, and privacy laws should take that into consideration.

The Globe And Mail – Computer ruling seen as landmark workplace decision

In what is being called a landmark decision, a Ontario court this week ruled that employees have a right to privacy for material contained on a work computer.

The judgment from the Ontario Court of Appeal … agreed with a trial judge that by giving tech devices to employees, along with permission to take them home on evenings and vacations, the employer gave “explicit permission to use the laptops for personal use.”

The ruling has significant implications for workers who use electronic devices including cell phones for personal purposes – “which is pretty well everyone” – as well as employers who might like to keep tabs on employee use of tech devices, said Frank Addario, of Sack, Goldblatt, Mitchell LLP, who argued the appeal for defendant Richard Cole.

“A big issue here is the tradeoff that employers expect employees to make,” Mr. Addario said. “If they want their employees to be available 24/7 and are giving them BlackBerrys and PCs to contact them outside of business hours, it is inevitable that people are going to use those devices on their personal time as well as business time. That’s an inevitable consequence of asking people to be on call beyond eight hours a day,” he said.

“That means artifacts of personal, private life are going to get left on the electronic devices, regardless of who paid for them,” Mr. Addario said. And the court is saying that employers are going to have to respect that these are the employee’s private property, he said.

“I would call the court of appeal finding a seismic shift in the way privacy rights are dealt with in the workplace,” said Daniel Lublin, a lawyer with Whitten & Lublin LLP in Toronto.

“Until now most people generally assumed there was no reasonable expectation of privacy in work computers, and that would extend to work e-mail and Internet use,” he noted. “The court has now resoundingly said that there is a reasonable expectation of privacy in work technology that leaves the office.”

Fix: My DD-WRT router drops all connections when it renews a DHCP lease

I’m one of a surprisingly large amount of people that have loaded third-party firmware onto their wireless network router at home. One long standing flaw of the DD-WRT flavour of firmware has been a pair of issues that lead to a momentary loss of connectivity when one’s DHCP server provided IP lease requires renewal.

There are three causes of this issue, and most people will need to address both to solve their connectivity problems:

  1. A popular and recommended version of the DD-WRT firmware – v24-sp2 (10/10/09) micro – build 13064, to be specific – has a flaw in it that leads to a dump of the UPnP mapping list when a DHCP lease renewal ACK is received.
  2. The SPI Firewall, if enabled, blocks DHCP renewal responses by default.
  3. If the DMZ is enabled, DHCP renewals are mistakenly sent there instead of to the router.

Let’s address these issues in order. First up: The firmware.

While the official DD-WRT website lists the 2009-10-10 firmware as its recommendation for my Linksys WRT54G v5 router, the forum dedicated to Linksys (Broadcom) routers surprisingly lists this as a build to explicitly avoid. Their alternative solution: Build 14929. (Make sure to take a quick glance at the upgrade procedure before attempting the update.)

Once you’ve logged back into the interface of your freshly flashed router (you should now be running v24-sp2 (08/12/10) micro – build 14929), we can tackle the issue number two. To allow the DHCP renewal messages to be received by your router, you have one of two options: You can disable the SPI Firewall feature completely (Security > Firewall > SPI Firewall), or you can add a rule to specifically allow those messages. Do this by navigating within your router’s interface to Administration > Commands, and entering the following into the Commands fields:

iptables -I INPUT -p udp --sport 67 --dport 68 -j ACCEPT

Press the Save Firewall button to save the rule to be executed whenever the router is restarted.

Finally, you’ll need to disable the DMZ option in DD-WRT by going to NAT / QoS > Demilitarized Zone (DMZ) > Use DMZ and setting it to Disable.

For me, the combination of these three items led to my first uneventful DHCP lease renewal in months. Some of the members of the DD-WRT forums have reported that the second issue was only solved by completely disabling their SPI firewall, so give that a try if the preferred option of adding a rule doesn’t work out.

References:

The 7 greatest stories in the history of Esquire Magazine

I’m not sure how I ended up on the page, but I just spent the last ten minutes reading Esquire’s self-selected greatest story ever, the 1966 piece Frank Sinatra Has a Cold by Gay Talese. Esquire has another six greats available via this page, where you have to click through the slideshow to get the links to each article.

Esquire – Frank Sinatra Has A Cold

Frank Sinatra does things personally. At Christmas time, he will personally pick dozens of presents for his close friends and family, remembering the type of jewelry they like, their favorite colors, the sizes of their shirts and dresses. When a musician friend’s house was destroyed and his wife was killed in a Los Angeles mud slide a little more than a year ago, Sinatra personally came to his aid, finding the musician a new home, paying whatever hospital bills were left unpaid by the insurance, then personally supervising the furnishing of the new home down to the replacing of the silverware, the linen, the purchase of new clothing.

The same Sinatra who did this can, within the same hour, explode in a towering rage of intolerance should a small thing be incorrectly done for him by one of his paisanos. For example, when one of his men brought him a frankfurter with catsup on it, which Sinatra apparently abhors, he angrily threw the bottle at the man, splattering catsup all over him. Most of the men who work around Sinatra are big. But this never seems to intimidate Sinatra nor curb his impetuous behavior with them when he is mad. They will never take a swing back at him. He is Il Padrone.

Influencing value judgments

This is a brilliant bit of sneakiness that I wanted to preserve for use myself someday.

UXmatters – Designing with Behavioral Economics

Particularly in unfamiliar situations, people make value judgments based on the information available, but they do not treat information equally. Dan Ariely provided a great example from The Economist, which offered three types of 1-year subscriptions, as follows:

  • a Web subscription to Economist.com, for $59
  • a print subscription, for $125
  • a print and Web subscription, for $125

Why offer a print subscription on its own at all? People can be very bad at judging the value of things, particularly things they buy infrequently. They rely on contextual information to understand when they are getting a good deal. Ariely conducted an experiment in which he presented these three options to a group of 100 MBAs, and 84% chose the print and Web subscription, with all others choosing the Web‑only option.

He then conducted a second study with a different group of 100 MBAs, presenting only two options:

  • a Web subscription to Economist.com, for $59
  • a print and Web subscription, for $125

Now, only 32% chose the print and Web subscription. With three options available, people anchored on the print subscription, which made the print and Web subscription look much, much better by comparison. They didn’t know whether $59 for a subscription to Economist.com was a good deal, but choosing between just two options was easy!

UX designers frequently hear variations on this: But we have smart users! They may be smart, but the basic wiring of people’s brains is always the same. People make judgments based on the information available to them, and UX designers control the information that a Web form presents.

Is your hacked, XBMC-enabled Apple TV 2G resetting every couple of minutes?

Coming home today to watch some content on Giant Bomb via my hacked Apple TV 2G, I found that the device was resetting itself after running for only a couple of minutes. At /var/log/syslog, I found:

Mar  9 19:16:34 Apple-TV /Applications/AppleTV.app/AppleTV[406]: VERS: comparing OS 4.2.1 with 4.1
Mar  9 19:16:34 Apple-TV /Applications/AppleTV.app/AppleTV[406]: VERS: comparing OS build 8C154 with 8M90z
Mar  9 19:16:34 Apple-TV /Applications/AppleTV.app/AppleTV[406]: T:[0xae15000] SWU: Attempt to back/no-rev from 4.2.1/8C154 to 4.1/8M90z rejected.
Mar  9 19:16:34 Apple-TV /Applications/AppleTV.app/AppleTV[406]: VERS: comparing OS 4.2.1 with 4.2.1
Mar  9 19:16:34 Apple-TV /Applications/AppleTV.app/AppleTV[406]: VERS: comparing OS build 8C154 with 8C154
Mar  9 19:16:34 Apple-TV /Applications/AppleTV.app/AppleTV[406]: VERS: comparing OS 4.2.1 with 4.3
Mar  9 19:16:34 Apple-TV /Applications/AppleTV.app/AppleTV[406]: VERS: comparing OS build 8C154 with 8F191m
Mar  9 19:19:33 Apple-TV ReportCrash[426]: Formulating crash report for process AppleTV[406]

I knew that I had disabled Apple TV updates via a setting in the NitoTV menu, but the check still seemed to be occurring. On the XBMC Forums I found the solution: Checks were being made against the server mesu.apple.com, which NitoTV looped back to 127.0.0.1 by editing /etc/hosts – but that loopback somehow was not in effect. Removing the extra carriage return in /etc/hosts after the entry for menu.apple.com did the trick.

If you’d like to simply download and replace your hosts file, I’ve put mine up for download here – enjoy.

Sleep is more important than food

Something that’s stuck in my head for a long time is the statement that very successful people typically sleep an hour less than the rest of us, and use that extra hour to get a jump on the competition. Unfortunately for those of us who’d like to join the club, the amount of sleep we require seems to be hard-wired into our genetics. On top of that, it looks like we’re better off skipping a meal than we are skipping out on sleep.

Harvard Business Review – Sleep is More Important than Food

Say you decide to go on a fast, and so you effectively starve yourself for a week. At the end of seven days, how would you be feeling? You’d probably be hungry, perhaps a little weak, and almost certainly somewhat thinner. But basically you’d be fine.

Now let’s say you deprive yourself of sleep for a week. Not so good. After several days, you’d be almost completely unable to function. That’s why Amnesty International lists sleep deprivation as a form of torture.

Here’s what former Israeli Prime Minister Menachem Begin had to say in his memoir White Nights about the experience of being deprived of sleep in a KGB prison: “In the head of the interrogated prisoner a haze begins to form. His spirit is wearied to death, his legs are unsteady, and he has one sole desire: to sleep … Anyone who has experienced this desire knows that not even hunger and thirst are comparable with it.”

So why is sleep one of the first things we’re willing to sacrifice as the demands in our lives keep rising? We continue to live by a remarkably durable myth: sleeping one hour less will give us one more hour of productivity. In reality, the research suggests that even small amounts of sleep deprivation take a significant toll on our health, our mood, our cognitive capacity and our productivity.

Many of the effects we suffer are invisible. Insufficient sleep, for example, deeply impairs our ability to consolidate and stabilize learning that occurs during the waking day. In other words, it wreaks havoc on our memory.

So how much sleep do you need? When researchers put test subjects in environments without clocks or windows and ask them to sleep any time they feel tired, 95 percent sleep between seven and eight hours out of every 24. Another 2.5 percent sleep more than eight hours. That means just 2.5 percent of us require less than 7 hours of sleep a night to feel fully rested. That’s 1 out of every 40 people.

Great performers are an exception. Typically, they sleep significantly more than the rest of us. In Anders Ericcson’s famous study of violinists, the top performers slept an average of 8 ½ hours out of every 24, including a 20 to 30 minute midafternoon nap some 2 hours a day more than the average American.

How do video games solve the “two people shoot at the same time” dilemma?

I’ve always wondered how multiplayer video games – that is, those involving players distributed across a network – decide upon a winner in this typical situation: Player A and Player B fire one-shot-kills bullets at each other at nearly the same time (Player A’s fires 1/1000th of a second first). Being that each player is on their own machine across a network and that the time on their machines is not necessarily correct (a bit fast or a bit slow), the game server cannot simply trust the received data. How are these life or death decisions made?

I posed the question to Quora and only received unhelpful answers. Elsewhere, however, I was provided two good sources that each answered the question. First, from The Valve Developer Community – Source Multiplayer Networking page:

Multiplayer games based on the Source Engine use a Client-Server networking architecture. Usually a server is a dedicated host that runs the game and is authoritative about world simulation, game rules, and player input processing. A client is a player’s computer connected to a game server. The client and server communicate with each other by sending small data packets at a high frequency (usually 20 to 30 packets per second).

A client receives the current world state from the server and generates video and audio output based on these updates. The client also samples data from input devices (keyboard, mouse, microphone, etc.) and sends these input samples back to the server for further processing. Clients only communicate with the game server and not between each other (like in a peer-to-peer application). In contrast with a single player game, a multiplayer game has to deal with a variety of new problems caused by packet-based communication.

Basic Networking

The server simulates the game in discrete time steps called ticks. By default, the timestep is 15ms, so 66.666… ticks per second are simulated, but mods can specify their own tickrate. During each tick, the server processes incoming user commands, runs a physical simulation step, checks the game rules, and updates all object states. If the game is large or the servers busy dealing with a roblox hack, this may interfere with gameplay.

After simulating a tick, the server decides if any client needs a world update and takes a snapshot of the current world state if necessary. A higher tickrate increases the simulation precision, but also requires more CPU power and available bandwidth on both server and client.

Lag Compensation

Let’s say a player shoots at a target at client time 10.5. The firing information is packed into a user command and sent to the server. While the packet is on its way through the network, the server continues to simulate the world, and the target might have moved to a different position. The user command arrives at server time 10.6 and the server wouldn’t detect the hit, even though the player has aimed exactly at the target. This error is corrected by the server-side lag compensation)

The lag compensation system keeps a history of all recent player positions for one second. If a user command is executed, the server estimates at what time the command was created as follows:

Command Execution Time = Current Server Time – Packet Round-Trip-Time – Client View Interpolation

Then the server moves all other players – only players – back to where they were at the command execution time. The user command is executed and the hit is detected correctly. After the user command has been processed, the players revert to their original positions.

Client and server hitboxes don’t exactly match because of small precision errors in time measurement. Even a small difference of a few milliseconds can cause an error of several inches for fast-moving objects. Multiplayer hit detection is not pixel perfect and has known precision limitations based on the tickrate and the speed of moving objects. Increasing the tickrate does improve the precision of hit detection, but also requires more CPU, memory, and bandwidth capacity for server and clients.

The question arises, why is hit detection so complicated on the server? Doing the back tracking of player positions and dealing with precision errors while hit detection could be done client-side way easier and with pixel precision. The client would just tell the server with a “hit” message what player has been hit and where.

We can’t allow that simply because a game server can’t trust the clients on such important decisions. Even if the client is “clean” and protected by Valve Anti-Cheat, the packets could be still modified on a 3rd machine while routed to the game server. These “cheat proxies” could inject “hit” messages into the network packet without being detected by VAC (a “man-in-the-middle” attack).

Another great article on the subject is Gamasutra – 1500 Archers on a 28.8: Network Programming in Age of Empires and Beyond, which talks about the same subject from the perspective of a RTS game and in the age of dial up.

Building strength, power, muscle mass, and muscular endurance

Men’s Journal – Everything You Know About Fitness is a Lie

It all starts with understanding the four basic muscular aptitudes: strength, power, muscle mass, and muscular endurance.

Strength means how much you can lift once, and it’s the backbone of every sport on Earth, from the crouch-holding power of a skier to the one-finger pull-up of a climber.

Power is a more slippery term that means “speed strength,” or how much you can lift very, very quickly, and it gives you the explosive paddling speed to catch a big wave or the pedaling burst to fire your mountain bike up a grade.

Muscle mass can be a liability in sports like climbing, where it’s all about strength-to-weight ratio, but mass helps enormously with games like rugby and football, and it can support strength and power — not to mention make you look better in a T-shirt.

Muscular endurance means how many times you can lift a given weight in a row without stopping, and it’s the essence of running, swimming, and even a kayaker’s long-haul paddling.

Read More

Performance reviews that work

Samuel A. Culbert, a professor in the Anderson School of Management at the University of California has this advice about the use of performance evaluations in the workplace:

The New York Times – Why Your Boss Is Wrong About You

Performance reviews are held up as objective assessments by the boss, with the assumption that the boss has all the answers.

Now, maybe your boss is all-knowing. But I’ve never seen one that was. In a self-interested world, where imperfect people are judging other imperfect people, anybody reviewing somebody else’s performance — whether as an actor, a writer, a spouse, a friend or a worker — is subjective. It’s why when employees switch bosses, more often than not their evaluation changes as well.

Under such a system, in which one’s livelihood can be destroyed by a self-serving boss trying to meet a budget or please the higher-ups, what employee would ever speak his mind? What employee would ever say that the boss is wrong, and offer an idea on how something might get done better?

Only an employee looking for trouble.

Is there a way out? I believe there is, and it works for both government and business. It’s something I call the performance preview. Instead of top-down reviews, both boss and subordinate are held responsible for setting goals and achieving results. No longer will only the subordinate be held accountable for the often arbitrary metrics that the boss creates. Instead, bosses are taught how to truly manage, and learn that it’s in their interest to listen to their subordinates to get the results the taxpayer is counting on.

Instead of the bosses merely handing out A’s and C’s, they work to make sure everyone can earn an A. And the word goes out: “No more after-the-fact disappointments. Tell me your problems as they happen; we’re in it together and it’s my job to ensure results.”

Performance reviews aren’t the only ways to measure effectiveness, to be sure. Workers whose output is tangible and measurable — how much garbage is picked up, how many streets are cleared of snow — are increasingly evaluated according to numerical goals. I’d argue these measurements are similarly flawed. Workers are almost always better at coming up with metrics that lead to systemwide gains than bosses alone are. The key to systemwide success (as opposed to individual success) is still employees working together under the leadership of good managers.

Rings don’t come much cooler than this one

Keep watching until the second half of the video – it’ll make you do a double-take.