The grading curve at Harvard University

A friend was considering enrolling his high schoolers in a Harvard economics class. It costs a modest $7,000 per student. What does one receive in return? An A or a B, unless one happens to be in the bottom 10th percentile (source):

(The idea of grading on a curve is anathema to flight instructors, incidentally. At least in theory, everyone should be able to achieve proficiency and graduate with a decent grade. If everyone in a class meets the A standard, why can’t everyone in the class receive an A?)

Full post, including comments

Science: requiring SAT scores both decreases and increases diversity at a university

From the haters at Fox News… “Top DEI staff at public universities pocket massive salaries as experts question motives of initiatives”:

A review of salary data shows that the universities of Michigan, Maryland, Virginia and Illinois, plus Virginia Tech, boast some of the highest-paid DEI staffers at public universities, a Fox News review found. These institutions’ top diversity employees earn salaries ranging from $329,000 to $430,000 – vastly eclipsing the average pay for the schools’ full-time tenured professors.

Fox implicitly considers Comparative Victimhood to be simpler than Quantum Electrodynamics and, therefore, it is not reasonable for a diversity bureaucrat to get paid 5X what a young Physics professor earns (see AIP salary calculator).

But what if Fox is wrong(!). From state-sponsored NPR in 2018… “Study: Colleges That Ditch The SAT And ACT Can Enhance Diversity”:

Colleges that have gone “test optional” enroll — and graduate — a higher proportion of low-income and first generation-students, and more students from diverse backgrounds, the researchers found in the study

In short, Science proves that dispensing with the SAT leads to more diversity.

What if we head over to a school where you can’t spit in the hallways without hitting a Scientist? “We are reinstating our SAT/ACT requirement for future admissions cycles in order to help us continue to build a diverse and talented MIT” (2022):

Within our office, we have a dedicated research and analysis team that continuously studies our processes, outcomes, and criteria …. not having SATs/ACT scores to consider tends to raise socioeconomic barriers to demonstrating readiness for our education,⁠ relative to having them, given these other inequalities

There are some helpful hashtags, including #diversity:

When we combine NPR and MIT we find that Science proves that requiring the SAT reduces diversity and also that requiring the SAT increases diversity. It is therefore not unreasonable for someone tasked with applying this Science to earn $430,000 per year at a taxpayer-funded state university.

Full post, including comments

Adult life at MIT

Excerpts from today’s email from MIT Hillel (Jewish organization on campus):

One trend we have seen is students are still craving IRL (in-real-life) interactions and events, even if MIT rules say no food at events, at least for the first two weeks of the semester. As this new term begins, coffee meet-and-greets have involved in-person conversations and to-go gift cards. Students in some of our on-going weekly classes have voted to still meet at lunchtime, despite the fact they won’t be fed or eat together. We are exploring “wellness break rooms” for puppy petting, or even coloring books and doodling, that students can pop into.

Within the same email, but from a student….

… as COVID seized the globe in early 2020, it became increasingly apparent that I would spend (at least) my first semester of college at the same desk I used for my kindergarten English homework.

Let’s hope that the above-mentioned puppies don’t grab and run with the cloth masks that the #FollowersOfScience typically wear! Here’s Mindy the Crippler (September 2020; see What to do when a family member is an anti-masker?) sharing her opinion of the effectiveness of non-N95 masks….


Full post, including comments

Do universities force students to wear masks forever?

Here are some young people at the University of Colorado, January 28, 2022:

It didn’t look as though anyone over the age of 25 was in the room (a good thing, considering that most were wearing the cloth masks that #Science now says are worthless). The university has forced vaccinations and boosters. “Cases” are plummeting in Colorado (NYT). If the mask order can’t be dropped right now, when can it be dropped? What is the university waiting for? If SARS-CoV-2 isn’t going away, does that mean that the (mostly cloth) masks can never go away?

Some of the nearby signs:

A monument to The Boulder Six, who died from car bombs detonated in 1974:

(The father of students in the Boulder public schools related asking his sons why the cafeteria was self-segregated into Hispanic and non-Hispanic sections. The boys replied that the Hispanic students were “always getting into trouble” and that they therefore didn’t want to associate with them.)

Full post, including comments

What is Harvard’s argument for race-based admissions in the #StopAsianHate age?

“Supreme Court to hear Harvard admissions challenge” (Harvard Gazette):

“The Supreme Court decision to review the unanimous decisions of the lower federal courts puts at risk 40 years of legal precedent granting colleges and universities the freedom and flexibility to create diverse campus communities. Considering race as one factor among many in admissions decisions produces a more diverse student body which strengthens the learning environment for all,” he said. “The U.S. Solicitor General rightfully recognized that neither the district court’s factual findings, nor the court of appeals’ application of the Supreme Court’s precedents to those findings, warrants further review. Harvard will continue to defend vigorously its admissions practices and to reiterate the unequivocal decisions of those two federal courts: Harvard does not discriminate; our practices are consistent with Supreme Court precedent; there is no persuasive, credible evidence warranting a different outcome. The University remains committed to academic excellence, expanded opportunity, and diverse educational experiences—and to the perennial work of preparing students for fruitful careers and meaningful lives.”

The case was first tried in 2018. Federal District Court Judge Allison D. Burroughs found in favor of Harvard in her October 2019 decision on all counts, ruling that the College didn’t discriminate based on race, engage in racial balancing or the use of quotas, and that it had no suitable race-neutral alternatives that would allow it to achieve its pedagogical and diversity-related goals. Just over a year later, in November 2020, the First Circuit Court of Appeals upheld Burroughs’ decision.

Based on the above, Harvard’s argument seems to be that race-based admissions is a sacred tradition and also that diversity is critical to learning, which explains why people in China, Korea, Japan, and Taiwan are ignorant of everything except how to implement a 3 nanometer process for integrated circuits.

A lot has changed since 2018, however. Stop Asian Hate began in March 2021, months after the appeals court upheld Harvard’s scheme. The term “AAPI,” lumping together half a globe of humanity into a single victimhood category, is more or less new since the 2018 trial as well.

The effect of Harvard’s race-based system is summarized pretty well in this video, from a friend of a friend:

Now that racism against Asians is considered, by all of the best people, to be bad, what is Harvard’s argument for perpetuating its current system of race-based discrimination?


Full post, including comments

Why aren’t emails to an at-work lover copyrighted?

Academia is always great for showing those with inferior credentials (i.e., “inferiors”) how to think and behave appropriately. University of Michigan recently fired its president for having sex with someone else who works at the University of Michigan. The press release:

After an investigation, we learned that Dr. Schlissel, over a period of years, used his University email account to communicate with that subordinate in a manner inconsistent with the dignity and reputation of the University. In the interest of full public disclosure, we have released dozens of Dr. Schlissel’s communications that illustrate this inappropriate conduct …

(He’s actually a real doctor, not merely someone lacking the creativity to quit grad school before getting a Ph.D.: “Mark Schlissel, MD, PhD”)

A 118-page PDF is available as a link. Note that the sex/knish partner is “Individual 1”, implying that this guy had a Cuomo-style stable of females, but no “Individual 2” appears.

Suppose that Mark Schlissel had identified as a member of the 2SLGBTQQIA+ community and used his official email account to make reservations at some of the places featured in “San Francisco tells gay bathhouses, ‘Welcome back!'” (Bay Area Reporter, January 25, 2021, just in time to catch a few more COVID-19 waves!):

The city’s public health department has rescinded the restrictions that have kept such businesses from operating in the city since the mid-1980s. A legacy from the height of the AIDS epidemic, bathhouses in San Francisco until now could not have private rooms with locked doors and were required to monitor the sex of their patrons.

Those regulations, when put into effect, resulted in a de facto ban on gay bathhouses in San Francisco, leaving residents to have to travel to such businesses in Berkeley and in San Jose. Due to the COVID-19 pandemic, the lone gay bathhouse left in the Bay Area is Steamworks in the East Bay and it remains closed because of the health crisis.

While gay sex clubs without private, locked rooms continued to operate in the city, most eventually closed their doors. There is just one in operation today: Eros on upper Market Street in the city’s LGBTQ Castro district.

The venues must provide safe sex materials free of charge, such as lubricants and condoms. Those establishments with locked rooms must have such materials stocked in each room.

And all such businesses need to provide wash-up facilities for their patrons where they have access to hot and cold running water, liquid soap, hand sanitizer and paper towels.

Presumably the Board of Regents would have celebrated their president’s decision to live the university’s values. Instead of getting to know 50 new male friends at a bathhouse, however, the implication is that President Schlissel was having sex with 1 female friend from work and that they were organizing the sex around athletic events, Saudi filmmaker Safa Al Ahmad events, and articles from Harvard Business Review about how to breathe (a skill that folks who’ve paid $500,000+ in Ivy League tuition may not have mastered, apparently; one tip for easier breathing… move to Florida and then you don’t have to try to do it through a mask). Rather than enhancing campus Pride, as the bathhouse visits might have, the (cisgender?) heterosexual office romance was “inconsistent with the dignity and reputation of the University.” (But if the Board hadn’t fired Dr. Schlissel and released the emails, thus telling everyone about this exciting situation, how would the reputation of the university been affected?)

This post is not about whether the Board made the right decision, but how it is possible for them to publish 118 pages of the president’s emails from a copyright perspective. The university IT folks had the technical means to dig into the president’s account, of course, but can they publish these documents without permission? I guess they can because they did, but how?

Tougher question: What does Mark Schlissel, MD, PhD do now if he wants to continue working? Emigrate to China or France? No American university can hire him, right?

The Michigan commerce mural above is from the Guardian Building, in Detroit (Returning from EAA AirVenture (‘Oshkosh”), August 2021), and contains some job ideas if Dr. Schlissel wants to stay local.


  • “Why did University of Michigan fire Mark Schlissel? He broke a rule he introduced this summer” (MLive): At the July Board of Regents meeting, he announced an overhaul of sexual misconduct policy changes, particularly the prohibition of relationships between subordinates and supervisors. There would be zero tolerance for someone in a leadership position to “solicit a personal or romantic relationship with someone they have a supervisory authority or career influence over,” he said at the time.
  • The Wikipedia page for this guy mentions that he was criticized for not following the science in maxxing out the university’s level of coronapanic. In other words, a group of elite Americans rejected as unscientific the leadership of an MD, PhD (professor of microbiology and immunology as well as a professor of internal medicine). Paging Dr. Tegnell!
  • Real World Divorce chapter on Michigan (in case the doctor’s wife decides it is time to cash out)
Full post, including comments

Teaching Information Security

This post is to help professors trying to teach information security, a subject typically studied by seniors earning a Bachelor’s in Information Technology. Information Security covers how to protect information from all of the bad things that might happen to it. Example problems include at least the following:

  • loss due to backup failure plus hardware failure, flood, or fire
  • theft by hackers and/or competitors
  • encryption followed by a ransom demand from hackers
  • corruption due to human or software error
  • service becomes unavailable due to hardware or network failures, hackers, etc.

The textbooks on this subject, and most of the materials published on the Web, including from ISO and NIST, are abstract and all about the process rather than the substance. Remember the old saying about ISO 9000 that it would be possible to certify a life preserver made out of lead. You would just need sufficient paperwork. So that you don’t have to pay ISO, see NIST 800-100 to get a flavor. The textbooks might be good resources for those working as Chief Information Security Officers at Fortune 500 companies, but young people just getting their first degree aren’t going to have jobs like that. Our textbook, chosen by a previous professor, was Management of Information Security, 6th edition, by Whitman and Mattord.

In order to make sure that the students developed some real capabilities, I decided to make all the assignments applications of the high-level principles to simple concrete scenarios. They were all open-ended essay assignments, with reviews in class and chances to revise. This part actually didn’t go over that well with students, who are accustomed to multiple-choice quizzes and fill-in-the-blanks questions. I don’t see how IT graduates can be useful to employers without becoming competent writers. If they’re not being trained to be hands-on technicians, e.g., Cisco Certified router admins, then what role can they have in a company other than developing the policies and plans that the technicians will follow?

I built all of the assignments around three concrete scenarios:

  • a hangar leasing operation in which a waiting list is maintained as a spreadsheet and active tenants are recorded in QuickBooks Desktop. All work is done by a single employee on a single desktop PC connected through a network-address translating router to the Internet (“HangarSys”)
  • a 1990s-style web site offering custom-cut khaki pants for sale (mustering all of my imaginative powers, I picked iKhakis, a site that I had actually built much of, back in 1998)
  • a T shirt shop that sells online and in person with all IT outsourced to Shopify and QuickBooks Online (Pop Ts of Delray)
  • a 50-employee law firm (“KWA”) with a classic Microsoft intranet in which almost everything hinges off a single Windows Server machine

Summary of the assignments:

  • apply the NIST standards to develop an Information Security Plan for HangarSys
  • develop an Information Security Plan for iKhakis
  • develop an Information Security Policy for HangarSys
  • develop an Information Security Program for Pop Ts of Delray
  • explain the differences among and between Information Security Plan vs. Program vs. Policy
  • develop a risk management process for HangarSys
  • develop a risk treatment plan (via transference) for HangarSys
  • develop a disaster recovery plan for HangarSys (desktop PC destroyed)
  • risk treatment plan for iKhakis source code only
  • protect investors and founders so the source code is kept secret, but flows to the investors if the founders die or run away
  • plan for hiring a temp to fill in for the HangarSys worker (the worst information security problems these days are related to people)
  • contingency plan for the KWA law firm (earthquake destroys office)
  • report on a network access breach at the KWA law firm (coffee shop customers got the WiFi WPA password)

By the time they’re done, the students will probably hate you, but they’ll have a portfolio of documents demonstrating practical skill in applying abstract principles. They can use these to show to employers. As discussed below, it may be smarter to assign these projects to groups of 2 or 3 students.


  • Microsoft Windows desktop computer (easy to train replacement if Robin quits)
  • Microsoft Excel as waitlist DBMS (only one user updating)
  • Quickbooks Desktop for accounting (bank statement integration)
  • Microsoft Outlook as e-mail system (merge Word doc with Excel list)
  • Second internal hard drive as destination for Windows File History
  • Microsoft OneDrive as off-site backup in cloud (Dropbox or Crashplan would also work)
  • Internet connection through network address-translating (NAT) router

Robin works at the F45 airport, owned by Palm Beach County and part of that organizational structure. There are 300 Tee hangars occupied by tenants who pay rent monthly. There are 175 people on a waiting list. Robin checks to make sure that the tenants have paid up by matching payments to accounts in QuickBooks Desktop (not QuickBooks Online, a different product). She periodically sends out mass emails to either everyone on the waiting list or everyone who is a tenant. When someone vacates a hangar, Robin invites the person at the top of the waiting list to move in.

If students need more detail to complete a plan, they can make it up, e.g., by positing a directory structure for the files in OneDrive or on the hard disk.


iKhakis, a startup within a big company, has the following:

  • Factory in Tennessee that can produce custom-cut khaki pants; Oracle RDBMS-based information system to support manufacturing and shipping
  • Web server to take orders from customers; Oracle RDBMS behind the Web server
  • Desktop access by developers in Massachusetts to Web server
  • Desktop access for operations from acquired startup in Masschusetts to Web server
  • Data warehouse for senior management in San Francisco to see reports on what is selling
  • All of the software for the public ecommerce site is on the Web server and edits go live immediately
  • The Internet Service Provider makes a backup of the SSD every Sunday morning at 3:00 am

Pop Ts of Delray

A pop-up T-shirt shop (“Pop Ts of Delray”) in Delray Beach is selling shirts both in-person (point of sale) and online via a web site. To minimize IT spending, the shop uses Shopify for its online presence, processing online orders, fulfillment of online orders, and also for point-of-sale payment processing.

Pop Ts has six employees:

  • the founder/owner, who works in the store most days and from home sometimes (devices: Windows 11 laptop and iPhone running iOS 15)
  • three retail clerks, who work from iPads in the store, but also bring their own smartphones and use Instagram for personal and promotional purposes
  • a merchandising expert, who works from home from a laptop running MacOS
  • an operations manager, who makes sure that inventory is maintained, bills are paid, etc. Works from home on a Windows 10 desktop connected to QuickBooks Online and Shopify. Also works from a Windows 10 laptop in the store sometimes and checks Shopify from an Android smartphone.

All locations are provisioned with Internet via AT&T fiber, with an AT&T-supplied router/WiFi base station.

KWA Law Firm

The 50-employee law firm of Kirkland, Watkins, and Austin (“KWA”) has an office in San Francisco. Everyone works primarily in person in the office, except when in court, out with a client, home sick, etc.

  • Core information systems:
  • shared filing cabinets for physical documents
  • central server running Windows Server 2016 (set up when the firm moved to Windows 10)
  • Windows shared drive (server with mirrored disks in an IT closet) for PDFs and TIFFs (documents from discovery) and Microsoft Office documents (work product)
  • Microsoft Active Directory for single sign-on to all of the Microsoft applications as well as PCLaw and Time Matters
  • Microsoft Exchange Server 2016 on the local server; Microsoft Outlook on the laptops
  • PCLaw 16 and Time Matters 16 on the local server for accounting
  • Microsoft SQL Server 2016 to support PCLaw and Time Matters
  • Central phone number and Cisco 7800-series IP phones on desks (shares network/wiring with the PCs, contrary to Cisco recommendations, due to limited Cat 5 wiring in the building)
  • Every attorney has a Windows 10 laptop computer that plugs into a dock (hard-wired via Cat 5), but can also be used in conference rooms via WiFi
  • Working when away from the office: VPN into the firm’s network (otherwise protected by a firewall)
  • The IT department consists of two employees: IT Manager and IT Helper. The manager selects equipment, sets up and administers systems, hires contractors, and supervises the helper (who can solve individual users’ problems). The manager has already engaged a part-time Cisco-certified network engineer for configuring the routers and firewall as well as dealing with the phone system.

KWA has a Managing Partner, but otherwise a fairly flat management structure. There is an Office Manager who supervises most of the general administrative functions and a Finance Manager who makes sure that accounts receivable and accounts payable are current. The firm relies on PCLaw for billing and accounting and Time Matters for recording attorney hours. These applications rely on the Windows share drive server and can be used only from within the firm’s network. Payroll is handled by ADP and does not rely on any KWA systems.

(Fun to share with students who are dreaming of the California lifestyle, a 2018 response from a young colleague when I asked him where in San Francisco I should stay: “The review location is a cubicle inside of WeWork Civic Center on Mission between 7th and 8th wedged between a homeless encampment and emergency heroin detox center. I would recommend picking a hotel in another part of town. … I’ve actually found taking the train to the Civic Center stop and walking the rest of the way to be the best approach. Specifically walking down 7th street and crossing to the far side of Mission then turning right. Due to the layout and direction of the one way streets and traffic I’ve found cabs/Uber to work fairly poorly and often take longer than BART. I stopped using cars when junkies started trying to open my door at stop lights.”

Just a couple of blocks from my luxury hotel:

and on the same trip, I happened to get a picture of the In-N-Out Burger that was later shut down for refusing to check customers’ vaccine papers:


Checklist for the Students

For each document in your portfolio, use the following checklist

  • filename makes sense, e.g., “20211103-meetfish-source-code-version-control-and-escrow-plan-joe-smith” (YYYYMMDD at the beginning enables the documents to sort chronologically if displayed in a typical file system browser; add your own name (not “joe smith”!) at the end so that if the document ends up in a folder with others’ work it will be clear how to find yours)
  • only one version of each plan at the top level (create a “Drafts” subfolder if desired and put the obsolete versions in there)
  • contains author’s name, email, and phone number
  • contains date created and date of last revision
  • contains the full text of the original assignment either at the beginning or the end (so that your document, if printed, can be read and understood without reference to any other material)
  • does not contain any “plan for making a plan” material (e.g., cut and paste from textbook-type materials designed to cover a broad range of scenarios)
  • does not contain any conditionals (“if the system is using a VPN, then…”) since your assignments always reference a concrete scenario (fill in additional details if designed)
  • is in Microsoft Word format if at all possible (makes it easy for me and others to add comments and Track Changes)

The “plan for making a plan” bullet point is critical. Students struggled with these assignments at first. A standard technique for American college students is to take every 7th paragraph of the textbook chapter and submit that as their essay. If there is a guide to writing a plan, therefore, what is submitted is a condensed guide to writing a plan, not an actual plan. Until this has been pointed out to them at least three times, they don’t realize that they’re submitting the wrong category

Full post, including comments

Politicians raining on my parade as a would-be educator

I have been fighting a losing battle all semester with students who do not see the importance of plural versus possessive, capitalizing proper nouns, distinguishing between “it’s” and “its”, etc. Many won’t take the trouble to click right when Microsoft Word underlines something in red or blue to suggest a correction. I have stressed that in the world of Information Technology details matter and it is important to demonstrate the characteristic of attention to detail and conscientiousness (prized by employers and mostly genetic so it can’t be fixed on a post-hire basis).

On the very eve of the latest class, a tweet from one of America’s leaders:

Representative Greene did correct part of this a few minutes later with “*You’re for the spellcheck police.” (it isn’t possible to edit tweets once they’ve been sent out to the Interweb) But “RINO’s” remains incorrect if we’re talking about plural individuals.

I can’t tell students that they’ll never get anywhere in life if they won’t adhere to the demands of Standard English if one of our top 535 legislators (out of 200 million potential within the estimated 333 million residents of the U.S.?) got this position without being a slave to grammar and spelling.

(My other big problem is that I can’t tell them they need to accomplish something in order to be valuable since Rivian became the world’s third most valuable vehicle maker without shipping any product.)

Full post, including comments

Thankful for

One weekend per year devoted to being thankful doesn’t seem unduly burdensome. Today I’m expressing thanks for Especially given the recent American tendency to rewrite history in accordance with current #Science/religion/belief/etc., where else would would we be able to find evidence of just how bad things were in the bad old days? (though the evidence might not be complete; see Web publishers can delete stuff from enabled at least the following blog posts here:

Harvard University attracted a bit of attention when it hosted a theatrical performance restricted to audience members of one skin color earlier this fall. Emboldened by the federal judiciary saying it was okay to discriminate against Asians, the school apparently decided that Massachusetts General Law, Section 98 did not apply (“Discrimination in admission to, or treatment in, place of public accommodation… Whoever makes any distinction, discrimination or restriction on account of race, color, religious creed, national origin, sex, gender identity, sexual orientation, which shall not include persons whose sexual orientation involves minor children as the sex object, … in any place of public accommodation, resort or amusement, … shall be punished by a fine of not more than twenty-five hundred dollars or by imprisonment for not more than one year, or both, …”). The web page has been scrubbed from the theater’s web site, but it remains alive on

We have designated this performance to be an exclusive space for Black-identifying audience members. For our non-Black allies, we appreciate your support in making this a completely Black-identifying evening. We invite you to join us at another performance during the run.

Proof of vaccination or negative test results required to attend.

A Facebook friend attended and wrote “I can now tell my grandkids that I tasted segregation first hand, just like my mom and dad.” He attached this picture that includes a sign regarding Harvard’s expressed commitment to “anti-racism” (which includes “we will not tolerate racism”) and a sign saying that prospective audience members with the wrong skin color should go elsewhere.

Note that the above-mentioned web page contains an admission that the theater is on stolen land:

A.R.T. acknowledges that its theaters are situated on the traditional and ancestral homelands of the Massachusett Tribe.

With a $53 billion endowment, Harvard apparently can’t afford to give the land back to the nearest Native Americans and then pay for a ground lease from them. If the rightful owners do show up to reclaim this land and Harvard scrubs its damaging admissions from the live pages, will be the dispossessed owners’ best friend.

Readers: What have you found on that the original authors/publishers probably wish had remained forgotten/hidden?

Full post, including comments

Harvard Art Museums shows us the alternate universe of non-profits

Here’s a request for money from the Harvard Art Museums, recently received in the mail:

They lead with the fact that they were closed for 1.5 years. Surrounded by fully open (“essential” according to the governor) marijuana and liquor stores, adults meeting in restaurant-bars after Tinder matches, etc., the Harvard Art Museums decided that they would all sit at home and they want potential donors to know that. If we assume that the primary mission of an art museum is to have people come in and look at art, the non-profit did nothing to further their primary mission during this 1.5-year period, despite the fact that they were ordered closed by the governor for only about 3 months of the 18-month closure that they proudly highlight.

(Even now, they won’t be executing all that aggressively on their primary mission; visitors have to make online reservations before showing up, a significant discouragement to those strolling around (fully masked, of course!) Harvard Square.)

Readers: Does this seem like a good illustration of the alternate universe inhabited by non-profit organizations? A for-profit enterprise wouldn’t expect to win points with customers by highlighting more than a year of voluntary closure, would it?

Full post, including comments