> it's not enough to just look within the 'hire' cohort.
Enough for what? Why not? They specifically have a "score", not just a hire / no hire decision. Sure it would be better, but you don't make any convincing argument why their analysis is not valuable.
> designed to be a Classifier, typically tuned with an emphasis on having a low false positive rate.
classifier of what? Why is classifier capitalized? I don't think so.
Let me throw out some made up numbers as an example.
Company X hires 100 people out of 500 applicants.
If only 30% of them perform well, you might argue the interview process is rubbish.
However, if you can test and show that of the "un-hired" 400 only 5% would perform well, then clearly the interview process is better than picking at random.
This is why just looking at hired performance is not indicative of whether the process works - because the task was not just to predict good performers but to predict a better rate of good performers than a random sample of applicants.
How do you check that? I've found reporting on race in tech to just be absolutely horrible with numbers. Whole stories where the only number is "Google repots X percent of Y race." It tells me absolutely nothing without comparing that to demographics of where google has offices, and what the demographics of cs students are, among other things, and I've never seen that info.
The article addresses that directly. The author talks about Google more or less abandoning its Atlanta office, where a diverse workforce is easier to get than elsewhere.
"Our results showed that although casual
contributors are rather common (48.98% of the whole population
of contributors in the projects analyzed), they are responsible for
only 1.73% of the total number of commits."
It's worth noting that the 1.73%, are also the overlooked or edge case issues that directly effected that developers use case.
It might be a low percentage, but maybe it's the areas where portability and conformance with other libraries are important. The stuff that a core maintainer is less interested in identifying and fixing, because they are already using the library for their particular use case.
48% being the population of contributors actually seems like a fairly low number, given that your average project probably has 1, maybe 2 maintainers. If you had even 3 casual contributors to a 1-man operation, that would be 75%.
I didn't say they were clueless. I said their pr is clueless. Some pr person said "there is no risk" relating to it security of a large organization. That is obviously false, and clueless.
Were never at risk as a result of this pentest. Obviously, there is still a risk of data loss... but that risk is present among nearly every company on Earth.
We would know more, but we wouldn't necessarily have an answer.
Reading the source code we cannot be sure that some vulnerable software was not updated quickly enough on some production system of theirs, or say anything about DNS poising etc.
What does forgetting mean here? Is it like forgettable? Google failed me.
This refers to the grandparent comment's quotation of Mike Godwin from his essay kindly submitted here to open the thread, which in full context was, "The internet has been shaping an increasingly international culture and collective memory — with the Holocaust, just as with other countless human atrocities, we have a moral obligation to 'never forget'. My view, which I've held for many decades now, is that glib and frivolous invocations of Hitler, or Nazis, or the Holocaust, are a kind of forgetting."
I read this as Mike Godwin saying that the crimes against humanity that were perpetrated by the Nazis must never be forgotten, so that we guard against the same crimes happening again. But if we just mention Nazis every time we disagree with someone on the Internet, without thinking deeply about whether or not what we are disagreeing with really has anything to do with what the Nazis actually did, then we are nonetheless forgetting the crimes perpetrated by the Nazis. Does that sound like a fair reading of the essay to you?
The way I would sum up Godwin's argument here is that it may be that some current events resemble events of the Nazi era in important ways. As we discuss policy issues online, we have to take care to check our facts and the logic of our own arguments, and if we think something going on today is like the activities of the Nazi Party, then first of all we should review the history and make sure we are correct in our thinking on that point.
By the way, I actually did learn a LOT about the Nazi Party from a thoughtful comment here on Hacker News back in about August 2014, when a reader here mentioned the book series about the Third Reich by British historian Richard Evans, which is well worth a read.
I really liked Mr Godwin’s likening of the use of glib and frivolous invocations as a kind of forgetting. Specifically with regards to Hitler, I’ve always found those youtube videos where someone has taken footage of Hitler, or a movie depicting him, and added their own, supposedly humorous subtitles, a bit distressing.
I understand that humour is subjective, and can also be used as a way to cope with or process serious events, but doing so is a difficult needle to thread. Perhaps the difference is if you are using humour as a vehicle instead of the end goal.
Few months ago got an LG G4: the "unlocked international" version had a locked bootloader so you couldn't change the software, but the europe and t-mobile versions didn't. So, sometimes it can be the reverse.
