Today my dating reviews website was subject to a “SQL injection” attack. The attack updated several of my tables, adding some JavaScript that I think was supposed to transfer information from site visitors to the hackers. Probably, the hackers think they were somehow going to profit from doing this.
This demonstrates two points I’ve made before. The first point is one about value transference vs. value creation. The SQL hackers are engaged in a negative-sum value transference activity. Instead of making money by creating value, they prefer to make money by transferring value from other people to themselves, but in the process of doing this they destroy a lot more value than they transferred. Who knows how many thousands of websites were hit by this SQL-injection bot and how much damage it caused?
There are many other people who prefer to make money by transferring value rather than creating it. Free markets don’t necessarily lead to value creation. Free markets only lead to value creation if the government closes value transference activities so that the only ways left to make money require value creation. This is why we need laws to make hacking, theft, and other activities illegal.
The second point relates to my essay on why computer programming sucks. You may be wondering how, Half Sigma, with an IQ high enough to qualify for the Triple Nine Society, could be so stupid as to leave his website open to SQL injection attacks. Well you see, this relates to the extremely complicated technologies that people have to learn in-depth in order to be good programmers. I programmed eDateReview when I was just learning about website programming. Programming techniques that wouldn’t have been that problematical in a client/server programming expose a website to these type of SQL injection attacks. (Specifically, I naively assumed that any input not typed by the user in a box somewhere didn’t have to be validated. On the internet, you need to make sure that everything you expect to be a number is really a number before you send them to the database.)
As I said in my original article on this topic, computer programming sucks because of the temporary nature of the knowledge capital acquired. A person with years of experience at one type of programming is an inexperienced newbie when trying to his hand at a different type of programming. A 25-year-old kid with three years of web programming experience is a better web programmer than a 40-year-old with 18 years of experience at client/server programming. Thus, when technologies change, the older programmers get left behind.
You know, you could just admit you got pwned instead of having to build a theory around it.
Posted by: SFG | August 27, 2008 at 10:14 PM
HS has a good point that computer programming as a career sucks in general. However,
1. the assumption that you need to learn the latest stuff isn't quite accurate. There are some things that change very slow, such as algorithms, and designing methodologies. At Google, this is how we interview people (plus "culture compatibility") So, all that language knowledge isn't going to help you too much in the interviews. Software engineers are expected to learn it on the job. I'd say that the algorithms one needs change slower as a field than management paradigms.
2. the jobs that HS is talking about, ie, coding websites, are the jobs that many people can do, therefore they are the ones who get outsourced to China. If you want to be a software engineer, knowing lots of languages isn't going to help you much.
3. one can start a start-up in the field. it's much harder in other fields where the barriers of entry are high.
4. one has a feeling of accomplishment. it goes with all the jobs that create value.
... and many others. As HS mentioned the drawbacks are huge: weak social status, relatively low pay and not very appealing to women.
Posted by: ckdh | August 27, 2008 at 10:21 PM
"You may be wondering how, Half Sigma, with an IQ high enough to qualify for the Triple Nine Society, could be so stupid as to leave his website open to SQL injection attacks."
If you have an IQ of 149 didn't you break 170 on the LSAT which would easily been high enough to get into one of the T14's?
Posted by: mnjohn | August 27, 2008 at 10:34 PM
easily have been, sorry its late
Posted by: mnjohn | August 27, 2008 at 10:35 PM
Half Sigma's worst defects are probably his arrogance and his envy.
Posted by: Gannon | August 27, 2008 at 10:55 PM
"If you have an IQ of 149 didn't you break 170 on the LSAT which would easily been high enough to get into one of the T14's?"
That's exactly what I thought. Also, wouldn't he have been smart enough to deduce that a law degree from ASU would have yielded little as far as earning potential goes?
I think HS is exaggerating his IQ score.
Posted by: Christopher Tracy | August 27, 2008 at 10:58 PM
I'm not doubting his intellect. The only standardized test score I have is a 32 on the ACT college entrance exam and that was only taken once without any studying. An IQ of 149 is like 1 out of a 1000 and very rare. Like you said anybody who scores that high would easily walk his way into Harvard Law and most likely be smart enough to understand the importance of credentials in America. This is especially true if he went to the University of Pennsylvania as an undergrad.
Posted by: mnjohn | August 27, 2008 at 11:11 PM
"you could just admit you got pwned"
I don't see what's so funny about people going around vandalizing other people's databases. It's like throwing rocks threw peoples windows just for the heck of it, except a computer program can vandalize databases all over the world by spidering the web, causing who knows how much damages.
You may say that I left the car doors open, that does not make it OK for people to steal stuff from the car.
Posted by: Half Sigma | August 27, 2008 at 11:37 PM
"You may be wondering how, Half Sigma, with an IQ high enough to qualify for the Triple Nine Society, could be so stupid as to leave his website open to SQL injection attacks."
It's because smart people do dumb things. Smart doesn't mean perfect. Smart is also relative (100 < 150 < William Sidis).
Posted by: Triple Nine Member | August 27, 2008 at 11:48 PM
I think the IQ think was humor, and I got a snort out of it.
HS.com used to have quite a bit of droll humor a year ago. Recently its been more no frills.
Is that what tax law does to someone?
Posted by: Turambar | August 28, 2008 at 01:12 AM
SQL Injection attack? How long have patches been available for this?
Posted by: Wayne | August 28, 2008 at 05:55 AM
It's not a matter of patches, based on his description, but data validation for inputs... That has to be manually coded usually. It also sucks.
I can get into the triple nine as well (~148), but was a bit below 170 on the lsat due to stress, work, money, and a temporarily insane wife. Since I studied what I wanted to rather than what I was supposed to in college, my grades there were also a bit less than stellar -- e.g., As in multi-calc, etc., but F in intro to philosophy... Also was wery absent-minded and depressed...
IMHO, people like the above often give-up/slack-off when they get through the fun bits of a problem and see a long road of drudgery remaining to reach the finish line.
Half-sig and I seem to have a lot in common. We should hang out sometime. ;)
Posted by: I am special | August 28, 2008 at 04:36 PM
Most people with IQ's as high as 149 don't hang out at the blogosphere rather are working at places like silicon valley or top investment banks making shitloads of money. I'm not giving you crap because I know I wouldn't score a 170 on the LSAT, more like a 165, but the whole stress thing isn't really anything but an excuse in the end. I'm sure you did well and are smart just not IQ 150 smart as very very few people are.
Posted by: mnjohn | August 28, 2008 at 05:14 PM
"As I said in my original article on this topic, computer programming sucks because of the temporary nature of the knowledge capital acquired. A person with years of experience at one type of programming is an inexperienced newbie when trying to his hand at a different type of programming. A 25-year-old kid with three years of web programming experience is a better web programmer than a 40-year-old with 18 years of experience at client/server programming. Thus, when technologies change, the older programmers get left behind."
Is there a solution to this problem?
Posted by: tommy | August 28, 2008 at 07:21 PM
Ummm, really doesn't having a high iq only help you with certian things (pattern seeking) not with job choises, or meeting the right people to get your job?
You can be smart and lazy.
Smart and boring.
Smart and crazy.
You still need to be able to look people in the eye and hold your toung in the end witch don't tacke much smarts bio...
Fuck IQ, it's only part of the package...
i knew a boy who would look up things in an encyclopedia for fun and could easily commit them to memory, but he was soooooo jumpy, would constantly accuse me of "not enjoying" hanging out, or patronizing him that, in the end, i really didn't care if he could keep pace with me in conversation/do calander tricks/knew many more facts than any one else i knew because who wants to be around someone who thinks you're patronizing them or is totally meldramatic....
Posted by: | August 28, 2008 at 07:28 PM
I would propose that IQ is a little like height. It helps to be above average and hurts to be below average. If you are a lot above average it can help a lot. But if you are ridiculously tall or smart, it can start to work against you.
In terms of success, anyway.
Posted by: dreamin | August 28, 2008 at 10:01 PM
@mnjohn well, I have had IQ tests over the years by psychiatrists, and came out at about 148. As some others here say, it can be a blessing, a curse, or even irrelevant. For me, it is enabling but also a source of stress and loneliness.
BTW, I am making lots of money, although less than I would on wall street. Those guys are not the very smartest anyway, generally.
Posted by: I am special | August 29, 2008 at 02:36 PM
"Is there a solution to this problem?"
Yeah, get new programmers.
Posted by: HR | August 29, 2008 at 02:49 PM
Halfsigma, it looks like your triple nine society coming out impresses many people (i think your more interesting thant 1 in a thousand people, so folks shouldn't be so impressed by your statement).
I entered myself in ISPE society (which is also a 3 sigma deviation society with a specific test) because of the "content" aspect some 12 years ago. I'm always surprised when people think that most intelligent people should succeed in professional life. If you look at how people interacts in normal social life, it's obvious that brain is hardly an advantage to succeed ... One terrible example is Grady Towers who was a Mega society member (IQ above 176, less thant 1 in a million) and was a park faciity security guard until age 55 when he has been murdered. Googling Grady Towers, you find the name of the (alleged) murderer; then googling murderer's name, his ongoing criminal record.
I think it's very important to allow bright children to socialize with regular people, to observe and become wiser.
Posted by: Bruno from Paris. | August 30, 2008 at 03:58 PM
The other thing is that it's impossible for free-market-capitalist societies even heavily regulated to forbid value transfer. If you take the example of LBO, there is absolutly no value creation (LBO firms always choose mature sector, law risk firm, like electricial furniture, airport caterers etc.). There is absolutly no value but a property transfer : a debt and a credit repayment. All the stuff on value creation in LBO is consultant bullshit. The only thing important is to know if the business is safe BEFORE doing the LBO and paying the management to keep it safe. The loser are the rest of us. There is absolutly no way to impede the LBO logic in a Capitalist society. The only thing you can do it's doing the same when occasion happens : a family friend in France who was a firemen has bought 187 flats in Paris that way (with no risk except a fall in rent prices ...)
Posted by: Bruno from Paris. | August 31, 2008 at 04:22 AM
"If you have an IQ of 149 didn't you break 170 on the LSAT which would easily been high enough to get into one of the T14's?"
It's a myth that good test scores guarantee you admission into elite schools. I got rejected from Harvard, MIT, and Caltech with a 1600 on the SAT.
Posted by: Brandon Berg | August 31, 2008 at 07:19 AM