First, the defence doesn't necessarily have to evaluate all 170,000 lines. They just need to find one buggy line which could potentially overturn the result.
Second, even if it did take a full 8 years, is that a good reason to deny the defendant due process?
My prediction: this firm will probably try to get removed from the case, rather than open source their shitty code.
Source: I've worked on MATLAB codebases for various genomics research projects in the past.
It’s such a high-level language it’s hard to imagine what the hell they’re doing with all that code. It’s probably mostly useless cruft from GUIDE.
PHB: Hey, how many lines of code do we have?
CodeMonkey: You want a high estimate or a low estimate?
CodeMonkey: Well, including unit tests, comments, whitespace, build scripts, integration test harness... 170k
At least I hope they have enough testing code to be signficant...
If you want a terrible gui-based gui creation interface: labview awaits.
Also just because eval can be compiled doesn't mean it should. It will forever be a security risk and I will not write code that uses it in good conscious. Fortunately, Mathworks has provided good alternatives. My personal favorite has been variable field names. It really opens up a lot of elegant coding.
That isn't necessarily their choice. The prosecutors will make the decision about whether to withdraw the DNA evidence. They probably won't, given that they would need to give the defendant a new trial, which could lead to an accused murderer getting off. A bad look for any prosecutor.
More to the point, if the firm withdraws from any case where their credibility is questioned, what does that say to law enforcement agencies who are thinking about using their software?
Never met a lawyer before huh?
Jokes aside, prosecutors pushing through cases they know to be unsound isn't exactly uncommon. Many prosecutors are more concerned with their conviction rates than they are in justice, because that's what they are measured and rewarded by.
If a case seems unclear, and you could spend years working on a conviction that will ultimately fall through, that hurts your ability to do justice for more readily winnable cases. You have to spend the time building a case, do all the paperwork, go to trial, etc. That's opportunity cost. So spending that on a case you have 10% chance of winning just isn't a good use of time. Add that to the fact that conviction rate is a metric used to quantify skill, you're rewarded for serving justice successfully. And that then dictates how much money you can get which can help fund enforcing justice.
I believe you're looking at the moral right/wrong, and I don't believe that is the same right/wrong being discussed in terms of how lawyers often choose cases. At the end of the day, lawyers need work and they get that mostly through word of mouth and reputation. You don't really get either of those when you lose cases.
The right thing for them is to put as many criminals behind bars. They review cases and pick ones they can win. They will attack and find unrelated weak points in your character to win. They believe they are doing the right thing and will use whatever they can legally against you. You being innocent and going to court is means someone made a mistake. To confess to a mistake loses you credibility, to confess to an ongoing process mistake could open up other cases where dangerous people could be set free.
Is that your version of the right thing?
Most people want to do the right thing wherein right thing is almost entirely defined by norms and customs of their environment. If the norms and expectations are high ethical and correct standards people will follow them to the degree they are able.
To what degree are such standards broken or defective in America though?
Lest we forget the head lawyer of Texas a state home to aprox 27 million people or around 8% of the nation is a man whose own prosecution has for years only been stymied by the difficulty of prosecuting the man at the head of the states justice department. Either 8 or 9 (I've lost track) directly beneath him have resigned and accused him of corruption.
This isn't even an isolated instance corruption is found in fact all over the united states.
Even when in theory we would like to do the right thing we have a hard time establishing what standards are even real. Look at the fact. For proof of that look no further than the science of hair analysis which the FBI spent decades using to convict the accused before we realized that they were incapable of differentiating dog hair from human hair.
Think of entire people going in to work producing work product about imaginary science they were pretending to do competently and sending people to death row in part because of their fake work product.
The justice system in America is a bad joke that is primarily differentiated from say Cuba in that bribes are paid to your lawyer instead of directly to government officials.
It is just that some think the right thing for themself is to maximize their career progress.
And I would not know in general about state prosecutors, but what I know anecdotally second hand, does not sound good.
Presuming rational actors in this case is missing the general problem with the system: people very easily convince themselves they know the truth despite how the validity of the evidence changes. Whatever it said initially, that must be right - it's misinformation 101. Once a belief is established it is much harder to change.
You would prefer that they not be elected? That they would be appointed by some politician, with the public having no recourse?
The fact is that the public like prosecutors who convict people. That's deeply unfair. But it's also deeply democratic.
I very much agree with you: a government has a monopoly on violence and ultimately we all end up trusting it. Too many checks and balances lead to gridlock. Too few lead to oppression. Much of it ends up being decided on inertia. We do it both ways in different jurisdictions, with successes and failures in both.
The prosecutor isn't unilaterally deciding whether the DNA evidence is valid. There will be a public hearing where both the prosecution and defense show evidence about the validity of the DNA evidence, and a court will rule based on that evidence.
- Not revealing all information they are required to.
- Parallel construction (see above)
- Overcharging, with the goal of making the plea more palatable than the cost/risk of defending multiple absurd charges.
- Lying to you while getting to throw you in jail if you lie to them.
As a result, only 5% of federal cases go to trial.
None of behaviors these are rare. If your understanding of the legal system is based on popular culture, as most people’s is, it is basically law enforcement propaganda that has little relationship to reality.
If you read the article and appellate decision which is linked, it says what I just said:
>On Wednesday, the appellate court sided with the defense [PDF] and sent the case back to a lower court directing the judge to compel Cybergenetics to make the TrueAllele code available to the defense team.
Like I’m actually kinda shocked this is the reality. I would have assumed that DNA evidence would have some blessed methodologies and tools/algorithms, with a strict definition of what constitutes a match or partial match specifically so this wouldn’t happen.
In this case we are also dealing with probabilistic genotyping involving DNA Mixtures with DNA from several individual contributors, and most likely degraded DNA. It is the tool the police can use when other more traditional methods is not possible because of the mixture. That should mean the qualitative value of the DNA evidence is lower, requiring even stronger additional evidence from other sources.
What can happen in the U.S.A. is that one lone man says “I saw the defendant do it.”; the defence attorney can point out that the witness was drunk at the time, that he has motive to lie, that he initially reported another story to the police and only later settled on this story, and what ever else to render him completely unreliable.
The jury can nevertheless return a verdict of guilty, and there are no grounds for appeal then, as it is the power of the jury to decide who is “reliable”, and it is not required to explain it's thought process at all.
What a shocking development that such would result into a criminal justice system where a defendant's race and gender plays such a factor.
It takes only one person in the jury to hang the jury. It's not a majority vote it's a unanimous vote.
Methinks the U.S.A.-man often thinks that bench trials in other countries are done by a single juror; they are not and can range from three to twelve in how many professional jurors are required to reach a unanimous conclusion.
But this is not so much about lay fact finding vis-ǎ-vis trained fact-finding, but the rules of evidence.
Scotland also has jury trials, but does not permit that a man be convicted upon the word of a single witness; there must be further independent, corroborating evidence.
There are many other differences with, for instance, the Dutch system that guarantee a fairer trial. One very big one is that in the Netherlands both the defence and prosecution have one groundless appeal; either side if it not agree with the verdict can demand a fresh new trial with different jurors once. — this obviously reduces flukes of justice.
The other is far stronger rules of evidence and more consistent rulings. Juries are very fickle and legal experts rarely know what verdict they will return based on the evidence they saw before them; whereas with trained jurors, their verdict is often similar with the same evidence given to them.
Indeed, one might argue that the practice of plea bargains, which would be considered unconceivably unethical in most jurisdictions, are actually the saving grace, as they permit stability to this otherwise fickle system as the negotiations between both parties are more reproducible given the same evidence, than fickle juries.
Or of course, that the U.S.A. permits conviction based on the sworn testimony of a single eye witness, which is noteably unreliable.
All of these are black boxes that are routinely meant to convict. — it would not surprise me if such software were far more reliable than human eye witness accounts, but if there's one thing I noticed, it's that a man is seldom afraid of bad matters, he is only afraid of bad matters produced by new technology; far worse matters can stay, so long as they be ancient enough.
It's not like you review all scientific evidence and re-do the experiments that lead up to the discovery of <insert some evidence method> in the first place. Validating all that would also take years and much of it can be established as generally accepted by all parties. Similarly, there will be some trust involved with this source code as well. Getting the opportunity to look for bugs is essential in my opinion, but it needn't take multiple years. Focus on the parts you doubt, similar to what you'd do if you were reviewing the scientific method used in analog evidence.
Of course, the two aren't identical. Validating scientific methods and validating a program is different in that the program is proprietary and the science (usually) merely behind a paywall. The latter can then be replicated by others and becomes established. The former will only ever be seen by that company and doesn't become established. So scrutiny is necessary, but after a couple cases that used an identical version, requiring access without articulating particular doubts would unduly delay the case. It doesn't seem unreasonable to start trusting the program after a bunch of defendants had experts look at it and found no way to cast doubt on its result. If you don't think software of 180k lines can be used in court under such circumstances because it would take too long to review, we should throw out pretty much all software anywhere in the judicial system. (That's not what you said, but some of the replies including yours hint at that.)
Actually, it is. That's how science works and that's how convictions often get overturned.
> Validating all that would also take years
Are you suggesting that unvalidated data is being used to prosecute crimes?
> and much of it can be established as generally accepted by all parties.
The point here is that it isn't established as generally accepted by all parties.
> Similarly, there will be some trust involved with this source code as well.
"Trust but verify"
> If you don't think software of 180k lines can be used in court under such circumstances because it would take too long to review, we should throw out pretty much all software anywhere in the judicial system.
I firmly believe that if the source code isn't available to review by all parties, including the public, then it shouldn't be used in a criminal court.
Yes. Pseudoscience is the bread and butter of criminal forensics.
There are a few important differences between a generally accepted method, and some Matlab black-box that you feed an input into, and it prints out 'guilty' and 'not guilty'.
1. The former is based on centuries of peer review, where the best ideas eventually get selected for. The latter is an externally un-reviewed application, which encapsulates the best of whatever we could ship by Thursday.
2. You can call an expert witness to the stand, and ask them questions about the state of the art of <some evidence based method>. You can ask them why. You can ask them about how certain one should be about their statements. You can't cross-examine a black box.
The actual solution to your quandary is to require that forensic analysis services must pass an annual, independent, double-blind analysis of the accuracy of their methods, before they are used in a courtroom - and that the results of those audits are made available to the defense.
It's one thing for a man in a lab coat to take the microphone and say that their methods are accurate 'to within one in a million'. It's quite another to see an audit, where 100 samples were sent in for analysis over six weeks, and only 92 of them were analysed correctly.
A jury might still convict on the basis of that 92% accuracy, but only if other meaningful evidence points against the defendant.
Unfortunately, the reality of forensic science in 2021 is that most of it is sloppy bunk, with no assurances of accuracy.
Agreed! But if that's the standard, it still doesn't involve letting the defendant see the source code.
Bad stats, especially around DNA, has convicted many innocent people.
BTW, law and Order did an episode on bad DNA science convicting someone.
Or completely fictitious.
Have you heard the story about the FBI crime lab and the “science” of fiber analysis that they developed, and not only used in federal criminal trials but also provided as a service for state and local agencies for decades?
Or the phantom of Heilbronn, where dozens of crimes were linked to a single woman. Who turned out to be the lab technician that assembled the kits. Doubts started once they discovered the caucasian female DNA in cells of the charred remains of a black male.
I often wonder how prosecuters defend against the use of these cases to create doubt.
the company can always retract their product if they want to keep it a trade secret.
The real solution would obviously that the prosecutors cannot enter into evidence the conclusions of any closed source software.
Of course, this only displaces the issue, what of the black box c.p.u.'s whereupon this software ran?
I also don't think you should code anything mission critical like this in Matlab. It's a decent language for prototyping, not for production.
There should be a public reference implantation of these methods if they are going to be used in court.
There's nothing you just wrote that is any better in any other language, except that Matlab provides a huge suite of state of the art numeric routines that almost no everyday developer could come close to making as solid.
Writing a nicely illustrated manual on brain surgery with nice fonts and proper grammar based on 11th century medicine is of little use for doing actual brain surgery.
Writing clean code based on bad numerics is also of little use for producing good results. Especially if you then have to defend that codebase in court.
Bad developers will make bad decisions in any language. At least using solid numerics underlying the code provides a huge benefit to building the entire codebase instead of on crap numerics. Every nice clean codebase I have been part of has still had crap numerics. Good numerics is nearly completely orthogonal to clean code, and it's a highly technical skill set that almost no developer has even an inkling of how to do well, no matter how pretty their formatting and documentation. I have never in 30+ years of working on highly technical teams worked with someone who really gets the nuances and details of how to do solid numerical code. I routinely get codebases and developers that do the absolute worst things numerically. I have only really good people in conferences on such topics, or online from similar filtering. These people are extremely rare in software development, to the point I don't think I've ever met on on an actual project (and the numerics when needed have always fallen to me, and I've often been selected for technical projects because such people are terribly hard to find when needed).
Sounds really expensive.
Hell, if it seemed outrageous enough I'd probably do it for transportation costs alone.
I'm sure I'm not the only one with this outlook.
"It's just gonna take so long, plus the code is a bit messy. We're gonna be doing all that work just because the rest of someone's life teeters on the results of the inquiry? Maan, that's a bummer."
No, but the person that wants to have it analyzed will have to either spend the time themselves, or pay the expert witness for their time; it could be a costly affair.
But I think it's warranted. An independent software review, and a double blind assertion with the exact version of the software used in the conviction to test the accuracy and reliability of the application.
The government should send a half a dozen to DefCon/CCC and let attendees loose trying to fool them.
And the prosecution using the company claiming to have "totally reliable DNA evidence" should be totally on the hook for those costs (plus damages) when that analysis or expert witnesses show up "reasonable doubt" flaws in the software or the processes in which that software is used, including then risking retrials or mistrials of all other cases in which it was used.
If the prosecutors want to play high stakes games with defendants lives and liberty using "evidence" from proprietary software or devices, they need to be held to the consequences of losing their stakes.
[Edit: I wonder what the legal system would think of a CyberGenetics competitor funding the expert witness analysis of their software on behalf of the defence???]
In the very next paragraph they say:
> The company offered the defense access under tightly controlled conditions outlined in a non-disclosure agreement, which included accepting a $1m liability fine in the event code details leaked. But the defense team objected to the conditions, which they argued would hinder their evaluation and would deter any expert witness from participating.
So it's a concern about IP protection for them.
I notice that they didn't say "here's the results of our last independency audit and verification of correctness", which I think would be a fantastic counter-argument... if they had one.
For that kind of product, source code is not actually that valuable in itself; it's the standards compliance, reliability and trustworthiness. Most charitable explanation is that the vendor is clueless about what their value really is, least charitable is that they know exactly how fucked up their code is.
If its a multi million dollar affair like they claim its virtually impossible that every defendant will be able to fund such an affair.
In fact in the case that a disastrous flaw is found it may be advantageous to simply drop the case and hope that past and future defendants wont be able to each afford to press the point.
So, yeah - this number is bunk.
(As always, XKCD beat me to this gag: https://xkcd.com/2347/ )
When writing Python (I don't have stats about reading), a 1.0 version of a small project took me 1.5 hours and consisted of 183 lines of code, so 2.2 lines per minute. That's much faster than this, but 183 lines is also a ton less complex than understanding the entirety of 180k lines and properly assessing whether it does exactly and only what it's supposed to.
10 lines per hour is probably taken as a lower bound to prove a point, especially because they argue about checking the whole thing (large parts can probably be skipped), but as a standalone statistic I would say it's probably within an order of magnitude from the true value. And for software time estimates that would be an amazing feat :p
Mathworks has broken some legacy support in the past, but they have slowed down on that practice. They used to threaten that dll loading would go away “in a future version of MATLAB” but have since backpedaled on that. My biggest issue is writing code that leverages cool new features (especially timetables) but some people I work with never update their IDE.
I've run into 300-line programs that have taken me a month to figure out because the math was hard and I've run into 100,000 line programs that have taken me a few hours to tear apart.
Six to nine months seems like enough to do a very good code review with some testing. There's a good chance that 75% of that Matlab code doesn't execute for his test.
I don't want prosecutors sleeping on the job, bringing in fraudsters laymen and psychics to accuse people, etc.
The prosecutor should use a company that can present independent proof that their system actually works.
You need to establish reasonable timelines for this or any guilty person will claim any technology used will take 100 years to verify.
There is no reason you can’t analyze a DNA analysis codebase in 6 months. Unless you also need to verify the science.
The claim about the amount of time was not made by the defendant, it was from the company that produced the code.
We should either pay for multiple people to work on it so we can have the answer in less than 8 years or we shouldn't use it at all.
>their own validation
That is not how things are proven.
“You don’t need to know how we came to this scientific conclusion.” An appeal to authority doesn’t fly in science and it certainly doesn’t in law.
AFAIR, the breathalyser was incorrectly averaging the readings, giving disproportional weight to the first reading.
I don't know if it was enough to rule in their favour, but I'm sure it called the data into question
Edit: Looks like it was a Draeger breathalyser https://www.schneier.com/blog/archives/2009/05/software_prob...
As far as I know it is fairly easy to take a generic dna sequencer meant for healtcare diagnostics, and repurpose it for STR analysis. The only major difference between the healthcare versions and the forensic versions is the software i/o.
I don't see those particular issues make it biased, just inaccurate - it could go either way.
Complex tools are the product of many thousands of individual decisions taken by humans, humans aware of who's the paying client.
This could just as easily be selection bias: the errors in favour of the customer are less likely to get reported by customers.
What is this based on?
The somewhat-less-malicious interpretation is that the companies have a strong incentive to detect + fix errors that cost them money. Meanwhile, consumers are a) non-centralized, uncoordinated, and often unaware of errors, and b) have no way to fix systemic issues that impact them. And the companies therefore have no /real/ incentive to fix systemic problems. It is literally more profitable to fix the bills of the few people who complain, as they still make money on the remainder who don't notice the errors in the first place.
(on edit; exactly what the other comment one subthread over said. :P )
Take the store pricing example. Suppose the store's pricing & labeling process produce an equal number of bugs at checkout in favor of the store and in opposition to the store.
The store is heavily incentivized to detect the errors that are opposed to them. They are much less likely to detect the errors in their favor. Consider the manager that looks at the cash at the end of the day and notices they are $500 short. They likely dig hard to find the root cause of the issue, detect the pricing disparity and correct it. Now consider the manager that is $500 over at the end of the day. They are much more likely to say: "that's weird", shrug their shoulders and move on.
The same applies to forensic tools. Even if they originally produced bugs in both directions, their own internal QA and the market of police officers are likely to work hard to detect bugs that make them less likely to allow them to make an arrest.
The net result is that the tools end up with a bias in one direction, even if the original developers made an equal number of mistakes in both directions.
There are plenty of lazy managers who would sweep it under the rug once. But if it happens more than once, it can become their job on the line. They start looking for who's counting wrong. And if they can't figure that out, they get really worried.
I have no idea about police officers and prosecutors. But store managers care about accuracy of counts, not just profits.
i.e. The initial error may be randomly distributed. But the follow-up on the error will have a lot of bias.
Also let's remember that a company in UK was selling fake bomb detectors to Israeli and other militaries, and it took them more than 10 years to notice!
There needs to be proper scrutiny into these things, I could start some random 'deep learning to find criminals' company tomorrow, and have less regulation than a car mechanic
Occam's razer points to people just hitting the wrong pedal or people's floor mats getting stuck.
The reason Toyota ate it in the press for this was competitive.
can you explain what you mean? I don't understand this sentence.
The reasons are manifold, including:
- Normalized values need to be averaged differently the absolute values.
- Floating point has limited precision, even just correctly summing/multiplying numbers need special care if you care about correctness. Results can, in the worst case, be of by a massive amount.
Often you don't need to care about it so it's not uncommon for especially junior programmers to be not so aware about it.
I mean in the last 3 years of working as a professional software engineer/developer I didn't need any of this at all, but once I do I know what to look out for.
I know, this is exceedingly cynical.
No, not really.
(The anti-stress effect of covid vaccination seems to be much more immediate than I expected. This is the second time today I find myself saying things highly unusual for people on the Internet in general and my yesterday's self in particular, and the first time was literally a couple of minutes after the procedure.)
Most likely, this grew out of a research prototype that just worked too well to be reimplemented in a proper production environment.
There were 1,000,000 questions I wished had been asked.
The language certainly has some warts, but IMO, the bigger problem is that it's usually learned/used in contexts that focus on code quality: the goal is the resulting number or plot rather than the software that generates them.
Yes, the system is stacked against the poor, but there are people fighting that. If they are fighting and failing then we need to know why.
If they aren’t fighting at all then (in part, but it’s still a significant part I’m afraid) it’s because of attitudes like this.
All of these companies claim that their source code is valuable intellectual property and that disclosing it can hurt their business. Even if this were true, when you're providing something that can be a significant factor in someone being imprisoned or executed, when creating the business you should accept that you're providing a public service that needs to be publicly accountable.
If it's not open source, at the very least there should be a requirement that software code and hardware designs must be provided on-demand to experts in court cases (with a non-disclosure clause to mitigate leaks and corporate espionage etc.).
Software that is critical to our fundamental human rights, and is being used by our government should be open source, or at least audited by a group of people who sign Non-competes/NDA and can't go work for competitors, or with some other mechanism to protect IP that I can't think of.
The county can then verify the software by manually counting a random selection of paper votes to see if they match the software. If they do, then the software is correct, otherwise it is not. You then have a full by-hand recount and tell the vendor to fix their software.
Not because of the possibility of voting machines being hacked, but because it is important for the public to have trust in the system. It is difficult to trust a system you do not understand, and only a very small minority is ever going to be able to audit voting software.
(I'm not American, so this is in no way a comment on your current predicament.)
It has been shown to us time and time again that no actual evidence is required to get people to believe what they want to believe.
And the more technical the evidence (i.e. source code), the less helpful.
It would have changed some peoples minds I don't know if the change would have been a few thousand or 10s of millions. I can't say if it would have a dent in the 1/3 of people or not. I can't predict that. It would have helped me with my own peace of mind. And frank I think it's overall the right thing for us to do.
>And the more technical the evidence (i.e. source code), the less helpful.
Disinformation is powerful, I'm not suggesting this alone would fix that. I disagree that more technical evidence is harmful. Global warming is benefiting from transparency and evidence. It takes generations to change political will not years. The evidence there has shifted our whole economy, just maybe not fast enough.
There will always, always be deniers. Global warming, flat earth, vaccinations, etc. Evidence _helps_ battle deniers in these areas, but it takes generations for these ideas to become mainstream and the deniers to go from 99% of people to 2% of people.
Also, 2% of people think the earth is flat? Holy crap. https://www.sciencealert.com/one-third-millennials-believe-f...
It's like saying that better proof of evolution would convince some portion of creationists. That's just not how misinformation works.
Misinformation works by targeting vulnerable parties with misinformation that aligns with their existing vulnerabilities and beliefs in order to power relevant action with long stored and fruitful sources of hate, bias, and scorn in a fashion that bypasses the brain and goes right for the gut.
Like 30% in America believe in a young earth that is thousands not billions of years old.
If Bob is a scientist of some sort and presenting interesting scientific work to the community and incidentally advising the government on environmental policy that will harm some business and you want to crush support for this by playing on existing biases with this group you advertise to the young earth crowd about how bob is anti God and see if you can tie bob to as many negative things they already dislike as you can.
You aren't fighting an intellectual battle to set their ideas on bob let alone deeper ideas you are fighting an emotional battle to galvanize existing deeply held beliefs to obtain useful action like calling up and yelling at their congressman or voting.
In that context asking Bob to present a better case is laughable. The relevant parties never engaged their brain in the first place.
And there's an entire body of law based around IP which they can use to protect their business, just like everybody else.
Without, at minimum, an independent review (and preferably open source code) the software and lab processes being used constitute an inscrutable "black box" process within which any judgment can be made, for any conceivable reason, with life-changing effects for the defendant (and for the victims of a crime if, for example, a rapist or murderer is set free by a non-match decision).
One could even say that unreviewable code here falls under the umbrella of "secret evidence", which much of the world already knows can be easily misused and/or misapplied at the whim of the court.
I say “I want to be able to afford appeals court where my rights matter”
Infinite appeals court!
Most people plea out, cant make bail, dont have counsel buddy buddy with the judge enough to get you bail, and lose the ability to keep good counsel for more and more motions and appeals
I want that, there is almost no pride in American rights if you cant afford them. People tie their whole identity to a system they arent even part of
It's kind of a half-baked idea, and I'm sure it's not totally watertight but the existing problems you've mentioned really bother me.
And the system works so that you’re either rich enough to be able to defend yourself and the money spent doesn’t affect you, you’re poor enough that you have nothing to lose, or you’re in the middle, busy trying to get from poor to rich, but you are vulnerable to losing it all because you don’t have enough to protect it, but you have enough that it’s worth for someone else to try and take it.
“One disaster and all that progress is gone.”
More terrifying than the bottom where you got nothing to loose? I doubt it. Otherwise, why be afraid of it?
At the bottom you don't have to pretend that the circumstances will improve, and there is some freedom associated with some approaches to that. Careers don't need to have continuity, I know many people in hospitality and service industry whose vacation policy is saving and quitting one restuarant, travelling, and getting another job at a different restuarant when they get back. Sure other approaches have lots of energy used on finding food and shelter that day, and service and hospitality work is not necessarily at the bottom, my post isn't about those approaches and dilemmas.
People in the distinct category of "professional" careers, not my term, don't feel like they have that freedom to have any timegaps and are resigned to earning small periods of time off, and often times that is true.
Well, sorry, but I would also say, you don't know what you are talking about.
First of all, there is no bottom at the bottom - you can always fall deeper, until there is no more escape than suicide. I know people who did.
What you maybe mean, are people who don't care abobut materialism and live with little to no money by their choice. I lived with those people for quite some time and it was fun.
When you are young and healthy and on your own, you don't really have to worry about a lot of things. I worried about my backpack with my laptop and that was it. I slept in a tent or under the stars or wherever. When the money was gone, there were always places or ways to get food. Work a little, travel a little. Easygoing.
But now I have a family. Now I cannot not have money.
Ever wondered if you could afford to keep a pet from dying due to being able to afford the care?
Ever wondered if losing your home was going to stress your marriage so much that it might splinter?
The only people who think the bottom is less stressful have never been there.
Just giving everyone a substantive right to trial would amount to a revolution.
So similar to how snitches are targeted, if criminals in jail start violently targeting people that didn't go to trial they might be able to tear down the system...maybe?
And to be clear this is a loose idea as I don't really know the system but it seems courts would be so flooded if everyone took this route. Prosecuters would have to stop with these rediculous threats of trial jail time vs plea deal as jails would become too full. And authorities would be forced to stop charging people for smaller crimes as they simply couldn't handle the case load in courts.
Even getting juries might be tough and start the rest of society pushing back if people were regularly being called for jury duty and disrupting their own lives.
...or something else but this would be an interesting 'fight back' by criminals.
There are still some gang-controlled areas, but they are an exception now rather than the rule. The nanny state is firmly in control of most of the prisons.
This is hilarious. As if you need to read every damn line and you can’t skip blank lines? You can skip whole files that aren’t relevant. Weak excuse
It's a pretty interesting case.
At least the core nature of the algorithm should be made public if we're going to use it for public inquisition.
It's very common for software to work correctly a high percentage of the time, but fail on rare input data. If, say, the software works correctly 999,999 times out of a million, you're going to be very unlikely to discover that error by throwing random samples at it, especially if you need a physical process (ie, drawing blood) in order to generate a test case.
On the other hand, once you have a known failing case (as you would if the defendant knows the result must be in error because he didn't commit the crime), it's often fairly straightforward to identify the error by reviewing the source and/or using a debugger to examine the progress of the algorithm.
If there were a way to ensure that the test suite applied to these forensic labs was all-encompassing w.r.t. the genetic variables at play, then maybe. But that sounds impossible. What if there's a coding error that causes the software to operate differently/incorrectly only for people with a certain (rare) genetic abnormality?
For what it's worth, I'm totally unversed in genetics, though I have a great deal of experience writing software tests (and seeing them come up short in adequately modelling real-world data).
I kinda think that should be a violation. But deciding whether a particular piece of code is so bad is so subjective that I'm not sure on how you'd make a legal standard out of it. Maybe start with "the linter found a ratio of warnings to lines > X%" or some such.
Having a legal standard of code coherence/incoherence might help filter pull requests. "This PR cannot be merged to this project because it is configured to reject legally incoherent code."
As code becomes more complex it may become more meaningful to have access to the test suite, and to challenge the evidence if the tests are inadequate to demonstrate the correct code behavior.
We could also use formal verification based on well-established axioms. For example, maybe we could "prove" that the DNA kit reports accurate results as long as the samples it's given are processed correctly.
The way it works is that if there is a sample from a crime scene, they send it to these guys and they analyze it with their software to detect "statistical" DNA from the sample. These samples are the ones that are too crappy to actually make a definitive match -- they are a statistical match. So you say "I think Jim, Bob, and Alice were on scene," and it says "10% likelihood Jim DNA, 5% likelihood Bob DNA, 45% Alice DNA." Do you think it ever says "99% no DNA" in the sample?
It's basically Theranos, except instead of wasting $50 on a shitty blood test you get life in prison.
Ostensibly, it searches the entire DNA database for matches, and only returns a positive result if there's a positive match.
But it's a statistical model, using inputs that are crappy at best (because if it was an actual DNA match, they would send it off to in house forensics who would be able to do PCR...) and which includes inputs from circumstantial evidence as priors. Like we believe Alice was at the scene therefore if you find any statistical likelihood that this is Alice's DNA boost that.
They often run the model multiple times in a row, and use the result that the DA likes the most to enter into evidence. This is because the models return different results each time -- of course they'd say, iTs StAtiStIcaL, so they can do that...
And the source code is completely impenetrable. They argue that it's a "trade secret" that jeopardizes their ability to make future profits, so it cannot be open-sourced. These guys could have a model that just says "what percentage should the thing read, Señor D.A.?" The entire product is a sham. And because it's 170k LOC, no one has the time or the qualifications (Judges/Attorneys reading source code? Yeah right!) to review it, even if it were open source.
Pure quackery, and often times, decades-long sentences or life in prison for the defendant. These companies are pure filth worthy of the lowest revulsion. It's a wonder any convictions happen at all because of this stuff, but jurors have very inaccurate conceptions of forensic science, thanks to shit like CSI, Law and Order, etc. These companies happily play into that image and people really believe this stuff works.
Yes, you could run different models and get different probabilities. For example, the likelihood that the sample is a mixture of the suspect, the victim, and some unknown person vs victim and two unknown people compared to saying the victim isn't in the sample. However, the specification of those models is part of the trial process.
And the output probabilities (at least when being used to determine guilt) are usually quite high, orders of magnitude higher than 90% or even 99.99%.
My point is that the science behind these calculations is well developed- validation studies get published all the time. Whether or not the specific software has errors (or isn't coded exactly as modeled) is an entirely different matter, but it still isn't all that likely. All of these cases rely on expert witnesses anyway- it's not the prosecutor pressing some buttons and printing a report.
There is far more concerning quackery that gets used in forensics- bite marks, hair matching, etc.
The cases are related to new speeding cameras which work with laser, where the defendants are complaining that these new devices are black boxes, and that they demand access to the raw data which these devices process. The problem is that these devices discard the raw data after having processed it and come to a conclusion that the driver was or was not speeding.
The devices in question are Traffistar S350 from Jenoptik and PoliScan SM1 from Vitronic.
There were discussions about a required software update which retains all this data, but apparently the devices lack the storage capability to do so. The National Metrology Institute of Germany (Physikalisch-Technische Bundesanstalt (PTB)) responded to this, that they would not re-certify these devices with updated software because from their point of view they work "as specified".
In general I've been extremely frustrated how regularly & consistently this entire industry keeps everything secretive & trust-based despite consistent examples of how insufficient trust is for this field & how devastating the results are when that trust is violated.
"TrueAllele uses a hierarchical Bayesian probability model that adds genotype alleles, accounts for artifacts, and determines variance to explain STR data and derive parameter values and their uncertainty. The computer employs Markov chain Monte Carlo (MCMC) statistical sampling to solve the Bayesian equations. The resulting joint posterior probability provides marginal distributions for contributor genotypes, mixture weights, and other explanatory variables."
So it’s definitely riddled with bugs. And I can’t imagine that much matlab code following rigorous software engineering practices.
I don't know how many job postings ask for a software engineer who knows MATLAB, but I can't recall any
I got frustrated because my concerns that my team's development practices were causing issues on a regular basis, were ignored. I was continuously able to predict what issues we would run into, but no-one seemed to care - I even had a manager tell me, that it was good that our software was buggy, since the client would continue paying us to fix it
I've since left the biotech industry. There's a limit to how many times I want to run my head against that particular wall
- "a single 15k line C file that had been worked on for a decade" 
- code review of the model: 
- corresponding HN discussion:  (including sad appeals to authority: you're not an epidemiologist)
- other HN discussion  (including ridiculously blaming programmers for making C++ available to non-programmers)
This is a deep problem. Many scientists don't understand software engineering and more and more need to write bigger and bigger programs. And most of the time they don't open source their code.
Open source science.
In short when someone tells me the stuff is too complicated because too clever and advanced I tend to disbelieve them.
that said I have of course written my too complicated stuff lots of times, but if asked I don't say it was because I'm clever.
names anonymized so as to not accidentally hurt anyone's feelings.
on edit: actually one time the code was clever but not especially difficult, they just used the algorithms line because they didn't want anyone messing with their stuff.
It's a cliche to have a "what idiot wrote this" outburst, then realise it's your own code, because most of us have written our fair share of "clever" code
My boss explicitly stated that he doesn't want to see any "clever" or "smart" code in our product - write code based on simple fundamentals, benchmark before deciding to optimise, and be respectful in your reviews
I like my boss a lot
Communication takes time, coordination takes time, there is an incremental cost to each news person added to a team. From experience, perhaps with 2-3 people who happen to gel well together you may get close to proportional scaling of output, but with 8 it’s really unlikely in the real world.
More importantly, typical reviewer have only small partia area where he has good idea about which commit is bad idea. He however does not understand whole codebase.
Knowing what the whole does and knowing what my module does are two different things.
Looking back at my reply, I think I should have added a bit of background to clarify my comment
My master's degree is in bioinformatics and I worked in the biotech industry until about a year ago. I mainly worked as a consultant for top 20 pharma companies, but also did work on different in-house projects and in academia
From my experience in the industry, I find it very unlikely that the software mentioned in the article is structured in a modular way. I've yet to see good software practices outside one or two academic projects. Most pharma companies still use copying and renaming folders as version control. Naturally I'm sceptical of any code coming from the biotech industry
On top of that, it's written in MATLAB. I have only ever seen this used by statisticians and university researchers, never by software engineers
I'm therefore willing to bet, that when the reviewers open the source code, they'll find unstructured mess of spaghetti code, that has never been refactored, reviewed or tested
So yes - I agree in all your points, but I find it unlikely that they're being applied to this particular project