OT: Proposed Open Source SEC Transparency regs
Steve Ackman
regulatory language, note there's not a single mention
of "Windows" in the whole 667 pages. ;-)
http://www.sec.gov/rules/proposed/2010/33-9117.pdf
We also are proposing to require that, with some exceptions, prospectuses
for public offerings of asset-backed securities and ongoing Exchange Act
reports contain specified asset-level information about each of the assets
in the pool. The asset-level information would be provided according to
proposed standards and in a tagged data format using eXtensible Markup
Language (XML). In addition, we are proposing to require, along with the
prospectus filing, the filing of a computer program of the contractual
cash flow provisions expressed as downloadable source code in Python, a
commonly used open source interpretive programming language.
Ignoramus9512
any kind of files for the public, that would only be usable on one
proprietary operating system.
i
F. George McDuffee
<st...@SNIP-THIS.twoloonscoffee.com> wrote:
<snip>
>He
>declined to say why he wanted a Windows requirement in
>the regulatory language or any kind of limiting
>specification other than "open."
<snip>
Main reason is that almost all [governmental] lap tops already
have Windows installed, and while most other O/S such as
Ubuntu/Linux, should work equally well, the typical computer user
is not familiar with them. The main idea is box stock-off the
shelf hard/software, i.e. cheap, widely available, with minimal
training required. There appears to be two levels of custom
programming required: (1) A simple EDR data dump and file
creation so the data can be uploaded for compilation and later
analysis, and (2) A more complex program to decode the EDR data
dump into plain English/standard units for human
understanding/analysis.
Unka George (George McDuffee)
..............................
The past is a foreign country;
they do things differently there.
L. P. Hartley (1895-1972), British author.
The Go-Between, Prologue (1953).
F. George McDuffee
<ignora...@NOSPAM.9512.invalid> wrote:
>I think that it is kind of shocking that the government would release
>any kind of files for the public, that would only be usable on one
>proprietary operating system.
>
>i
=========
Actually both XML and python are cross platform languages.
http://www.go4expert.com/forums/showthread.php?t=410
http://www.python.org/download/
F. George McDuffee
<st...@SNIP-THIS.twoloonscoffee.com> wrote:
> Google is being extremely stupid at the moment, so I
>can't find said letter to Congress, but I don't recall
>it had to do with EDR, but rather with the program that
>controls the car?
>
>
> Anyway, the reason for the OP in this thread was that
>this is the first time I've ever heard of what
>essentially amounts to a contract written in (an
>open source) computer language. It's one of those
>things that kind of boggles my mind at how obvious it
>should have been.
========
I think this is it, and indeed it referenced the vehicle control
and engine management control program(s) as well as the EDR
information.
The objective/rationale is to monitor OEM changes and/or updates
in the vehicle control and engine management programs. When
changes are detected, there should be some kind of written
rationale/engineering change order/justification.
With physical items, changes such as increased size/thickness of
brackets, addition of anti-drainback valves to oil filters,
replacement of grade 2 fasteners with grade 8, etc. are easy to
monitor but impossible to detect when the change occurs in a PROM
resident computer control program.
FWIW -- I did not get even a "bug letter" response from any of my
Congressional representatives.
Unka' George
On Mon, 22 Mar 2010 19:48:54 -0600, Joe Pfeiffer
<pfei...@cs.nmsu.edu> wrote:
<snip>
>> But the competition between manufacturers is going to keep it as trade
>> secrets.
>
>And yet, when it comes down to it, the electronics and the code are the
>*only* parts in the car that we can't take apart and look at.
<snip>
There appears to be no reason [other than inertia] that NHTSA or
another agency cannot require a source code listing for computer
control programs for all vehicles sold in the United States as a
condition of approval for import.
This should be augmented by a copy of the "official" machine code
so that the prom contents can be periodically checked against the
submitted code to detect any field fixes, etc. Additionally, the
EDR [event data recorder] contents and format should be
standardized and the codes to download provided to agency
accident investigators and law enforcement.
In order to prevent proprietary communications protocols and
connections, the ability to download using a standard USP
connection/cable and laptop should be required.
I sent a letter to my Congressmen on this topic on 04 March. A
copy is attached. Feel free to use all, some or none of it, if
you wish to write Congress.
FYI
To locate your representative and to use their web mail click on
http://www.house.gov/
To locate your senators and to use their web mail click on
http://senate.gov/
To send an email [2.5k characters including spaces max] to the
President click on
http://www.whitehouse.gov/contact/
Be sure to bookmark your representative's, senators' and WH
web-mail sites to allow easy nagging in the future.
---- start email to congress
SUNLIGHT IS THE BEST DISINFECTANT.
Justice [SCOTUS] Louis D. Brandeis
(November 13, 1856 - October 5, 1941)
It is clear that Toyota continues to stonewall about providing
any meaningful information about the unintended acceleration and
other problems such as non-functioning brakes.
http://www.msnbc.msn.com/id/35713831/ns/business-autos/
While Congress must go through the motions of politely requesting
Toyota for access to the EDR [Event Data Recorder] information,
it is imperative that the resources of the Federal government be
used to recover not only the existing accident information, but
also the actual total automotive control codes. I suggest that
the NSA has a large amount of experience in such recoveries, and
that the several domestic aerospace companies, which pioneered
"fly by wire," as well as the FAA, have the expertise to both
"reverse engineer" the Toyota automotive computer control code
and run simulations to determine if unintended control sequences
or paths exist, for example "wide open throttle" acceleration
combined with brake inactivation as part of the anti-skid control
loop.
Given the article information that 1 (one) laptop computer is
located in the United States with the necessary software to
download and decode/display the EDR data, I suggest the immediate
enactment of legislation mandating that *ALL* EDR information
must be downloadable in common ASCII format and that the software
to do so must be made available to law enforcement, accident
investigators, etc. using standard laptop computers running the
later versions of Windows.
It is further suggested that legislation be enacted requiring all
automotive manufacturers selling vehicles for use on the public
roads to provide the NHTSA with not only their compiled code as
burned into the PROMs, [Programmable Read-Only Memory] but also
the annotated/formatted source code used to generate the compiled
code, copies of the compilers/linkers/loaders used, and to
provide NHTSA with not only all running changes but the reasons
for the changes. This is intended to not only allow NHTSA
tracking of changes in the computer control code, but also the
review of the structure and origin of the source code.
It is a well-known axiom in computer science that poorly
structured and "kludged" spaghetti code is never a good idea, and
is the source of much trouble. Given the amount of time Toyota's
problems with their vehicle control systems have persisted, and
the increasing volume of problems, this has all the
characteristics of a program designed by a senior manager above
reproach, that was not designed correctly in the first place, and
has had patch after patch after patch applied in the always
futile attempt to make a silk purse out of a sow's ear. Another
frequent source of this type of problem is the use of marginally
qualified outside programming contractors, with excellent
connections to the corporate management, possibly by blood or
marriage and/or attempts by management to contain/reduce costs by
having critical programming done in low wage countries.
It will also be necessary for NHTSA to perform periodic field
inspections to verify that computer control program changes have
not occurred. This is trivial with the correct equipment. A
PROM reader is required. The PROMs are removed from the sample
vehicle[s], and the code downloaded using a laptop. It is
trivial to compare the downloaded PROM code with what Toyota
provided NHTSA as the "current" control codes, and will require
only a few minutes per PROM.
In any event the problem is not going away by itself, and will
only get worse as "drive by wire" computer controls become more
common. We no longer allow "secret" ingredients in the food and
medicine sold to the American consumer, so why are "secret"
control codes in the vehicles sold to the American consumer still
allowed?
----- end email to congress
F. George McDuffee
<st...@SNIP-THIS.twoloonscoffee.com> wrote:
<snip>
>> I think this is it, and indeed it referenced the vehicle control
>> and engine management control program(s) as well as the EDR
>> information.
>
> So it did. My faulty memory.
<snip>
========
The NG may find the news item of interest.
http://news.bbc.co.uk/2/low/business/8638829.stm
23:27 GMT, Thursday, 22 April 2010 00:27 UK
Brazil state bans Toyota Corolla
One of Toyota's most popular cars, the Corolla, has been banned
from sale in one of Brazil's biggest states, which says the model
is a safety risk.
The Minas Gerais regional government stopped sales of vehicle,
claiming an acceleration problem was "putting in danger the lives
of occupants".
<snip>
This week Toyota announced it was recalling about 34,000 Lexus GX
460 and Land Cruiser Prado SUVs worldwide.
The company said it would update the vehicles' stability-control
software programme to reduce the risk of them sliding sideways
when turning sharply at high speeds, partly because the fuel tank
and the presence of the driver might make the left side of the
vehicle heavier.
The move comes less than a week after the US consumer magazine,
Consumer Reports, warned that the Lexus GX 460 was prone to
roll-overs, prompting Toyota to recall nearly 10,000 sold in the
US and Canada.
<snip>
Larry Jaques
<gmcd...@mcduffee-associates.us> scrawled the following:
>On Fri, 23 Apr 2010 10:00:07 -0600, Steve Ackman
><st...@SNIP-THIS.twoloonscoffee.com> wrote:
><snip>
>>> I think this is it, and indeed it referenced the vehicle control
>>> and engine management control program(s) as well as the EDR
>>> information.
>><snip>
>>
>> So it did. My faulty memory.
><snip>
>========
>The NG may find the news item of interest.
>
>http://news.bbc.co.uk/2/low/business/8638829.stm
>23:27 GMT, Thursday, 22 April 2010 00:27 UK
>Brazil state bans Toyota Corolla
Quick question. Seeing as about a third of us drive at least one of
the involved Toyotas, does anyone here even know anyone who has had
problems with their throttles? I don't, and nobody I've talked to
does. There have been what, 3,000 of them affected (out of tens of
millions of them sold) over an entire decade?
>The move comes less than a week after the US consumer magazine,
>Consumer Reports, warned that the Lexus GX 460 was prone to
>roll-overs, prompting Toyota to recall nearly 10,000 sold in the
>US and Canada.
Quite like the Ford Explorer rollover fiasco, wot? I guess they have
to look out for the flaky drivers who hit the brakes and swerve when
they have top-heavy loads, huh? I tell ya, I'd feel safer in a GX460
than in a 7xx series BMW. I've seen two of those upside down on the
freeways in LoCal...in dry weather on a slight hill/slight curve which
I've taken at 100mph before in a '68 Ford Country Squire wagon,
one-handed. <g> (seriously, though, I did that but it was in the
opposite direction, same slight curve but slight downhill)
--
...in order that a man may be happy, it is necessary that he should
not only be capable of his work, but a good judge of his work.
-- John Ruskin