The Discovery Channel has posted some teaser videos of Gentoo penguins from a program about to air. I see only 150 or so views so far but that surely will change. The imagery is fantastic:

…portrait of our earth’s polar regions. Frozen Planet premieres on Discovery Channel on Sunday, March 18, at 8PM e/p

They use a simple formula to help humans see the beauty of nature. First they frame a scary predator lurking nearby:

Then they set-up an underdog scene. Go penguin go! Fly away! It’s gaining on you…

I won’t spoil the outcome but suffice it to say that the program talks about swimming and running instead of how fast penguins can fly when they are in the water. They stay in the human/outsider perspective and emphasise mostly what can be seen in the air.

Here’s the clip:

A similar clip from the program tries to frame penguins in terms of fraud. It’s an amusing story but as long as they stay in the outsider mindset it could have been even better if they had made references to the stock market, or at least the real estate crisis.

Sergey Glazunov, a university student in Russia, has been recognised by Google many times with special awards as well as cash for reporting Chrome security bugs since they started their program in January 2010. Here are his awards from just one version changelog last year:

• [$1337] [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
• [$1000] [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
• [$1000] [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
• [$1000] [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
• [$3133.7] [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov.

Including the above list he has earned $3,133.7 (eleet) twice, $2,500 three times, $2,337 three times, $2,000 twice, $1,337 (leet) five times, $1,000 thirty-six times, and $500 once ($67,963.4 total).

He was the first to win the “3133.7” level award. Now he has won the $60,000 purse for finding a full exploit during the Google Pwnium competition.

Economists might be tempted to ponder whether a researcher would keep a higher exploit until offered the higher purse, or whether a higher purse gives incentive to find a higher exploit. $60,000 for one exploit instead of $67,963.4 for fifty-two exploits is a study in incentives but also brings up the cost of handling/defending one flaw versus fifty-two.

Updated March 9 to add: Another young man has proven a full exploit in Chrome. This other person said the bug was easy to find, but unlike Glasunov he found it hard to get the attention of Google. Wired just ran a story that references the point I make above about Glazunov’s experience.

[Glasunov] is one of Google’s most prolific bug finders and earned around $70,000 for previous bugs he’s found under the company’s year-round bug bounty program. As such, he’s very familiar with the Chrome code base.

I saw no reference anywhere to the totals won by Glazunov before I wrote this post. I would have waited if I had known Wired would add it up and run it in a story, instead of spending time compiling the data myself.

More important to this story, however, is a comparison of the researchers. Wired doesn’t do much analysis on their motives. Wired seems to also hint that Pinkie Pie is a relative newcomer compared to Glazunov but I think that’s a mistake. The big difference I see is that Glazunov uses his real name, as a student, and regularly submits his bugs while the other wants to remain anonymous and has asked for a job from Google but otherwise has been reluctant to submit his research for public verification.

The tall teen, who asked to be identified only by his handle “Pinkie Pie” because his employer did not authorize his activity, spent just a week and a half to find the vulnerabilities and craft the exploit, achieving stability only in the last hours of the contest.

[…]

Pinkie Pie, wearing shorts, a t-shirt and glasses, said he’d never submitted a vulnerability report to Google before, but he had sent his resume to the company last year seeking a job. He wrote in his cover note that he could crack Chrome on OSX, but he never got a reply.

Claiming in a cover letter that you can crack Chrome on OSX but that you haven’t submitted them yet for verification is a passive method at best. The hiring department probably gets a lot of letters with unsubstantiated claims so it’s understandable that they waited for more proof instead of jumping on it. However, I also see why Pinkie Pie might have choosen to make a claim instead of proof when applying for the job. Submitting an exploit for a $60,000 purse is an opportunity to win simply upon verification, whereas submitting for a job is a far riskier option that can lead to rejection and far less money, even after verification.

GE has started a marketing campaign in America that is based on power-tools made accessible to the public. Note the quote on safety caught by Mashable Business.

Despite obvious liability issues involved in letting the public operate your power tools, GE global director of communications Linda Boff assures us there’s no need to worry about lost fingers.

“We have a lot of faith in people,” Boff says. “And the tools will be well supervised.”

What would you make in the GE Garage? Tell us in the comments.

What would I make in a garage that has faith-based power tool safety? Can I be Anonymous? Kidding. (I was just having a conversation with Joshua Corman about Anonymous attacks after he called them a “mirror to our neglect”)

Here’s a sobering data point: table saws are involved in 30,000 incidents per year in the US alone. That’s a lot of lost fingers. As a result there are some really smart safety innovations going on (obviously outside of GE’s faith-based Garage) such as SawStop.

That’s the kind of innovation I would like to see come out of a GE project with power-tools. Tools that allow people to be more productive with less risk is what spurs wider and more frequent innovation. Simply providing access to tools is great but the macro view is that risk plays a major factor. GE should know that faith just doesn’t cut it (pun not intended).