>at Boeing on airliner design. The guiding principle is "what happens when X fails"...Airliners are safe not because critical parts cannot fail, but because there is a backup plan for every critical part.

And yet creating a culture that is vigilant and consistently applies due diligence is hard. To that point: Boeing identified the 737-Max MCAS as 'hazardous' in their analysis. Putting aside that 'catastrophic' was the more appropriate rating, they still did not appropriately design their system when that system failed. (By their own processes, 'hazardous' meant it should not be designed with single-point hardware failures)* That implies it is as much a human/cultural issue as a technical one.

* before any claims that the system was designed just fine because the pilots could have avoided the issue with the appropriate actions, those are administrative hazard mitigations which are generally considered less desirable than hardware fixes, especially when engineering mitigations are already installed but not used. Removing the hazard >> engineering controls >> administrative controls >> PPE. To the GPP point, hindsight is easy, managing risk, people, and processes is hard.

The backup for MCAS was simple:

1. restore normal trim using the thumb switches (which override MCAS inputs)

2. turn the trim system off.

The proof of that is that's what the crew did in the first MCAS incident, and they landed safely.

Check the previous note I left above with the * on why that is considered a poor mitigation.

Administrative procedures are bad mitigations in general but especially bad when a) it’s a safety critical issue and b) the hardware for an engineering mitigation is already installed. That’s like saying death could have been avoided if people would have just packed parachutes (PPE). Maybe true, but bad hazard mitigation.

I do understand your point, and the MCAS system needed improvement.

But still, dealing with runaway stabilizer trim is a basic thing every pilot needs to know. 1 crew did it, and proceeded normally and safely. Two other crews did not follow emergency procedures, and paid the ultimate price. After the first crash, Boeing sent around an Emergency Airworthiness Directive reiterating the procedure. The Egypt Air crew did not follow the procedure.

The reason the stab trim cutoff switch is prominent on the center console is because it is a very important switch.

I've also talked to 737 pilots and another who emailed me about it and confirmed that they considered those crashes as pilot error.

Nevertheless, I agree that the MCAS system was deficient.

The main reason I don’t consider it pilot error is because the pilots did not get training on the system. So the proper mitigation required quick understanding of a system they did not know about, which is incredibly difficult with an intermittent failure like MCAS. If it was identified too late, the force required for trim was too great to be applied manually. Expecting that knowledge and timing to be in place is why it’s not a reliable mitigation when there is no training.

There are lots of proximate causes, but the lack of training to avoid a new airframe certification is a huge one.

Doesn’t this completely depend on the sensor failure mode? Eg if a voltage sensor internally shorts to ground, the failure will read 0V, not NaN. Or are you using “failed sensor” to only mean “not reporting” here?

I think your initialization is smart in many use cases, but the sensor application probably isn’t one of them except for that single failure mode. It can still lead to masked failures and false assumptions (“the sensor is getting a value so it must be working”). That’s the same issue as what you’re supposedly fixing by that design choice. It still requires engineering knowledge to assess correctly.

Yes, I assume the sensor is designed to detect its own failures. If a sensor is capable of emitting floating point values, surely its software can emit a NaN.

The point of a NaN value is it does not require sophisticated engineering knowledge to realize that a NaN output is not what you're expecting.

>I assume the sensor is designed to detect its own failures.

Bold assumption. I would be willing to bet this is more the exception than the rule on most sensors/systems.

>The point of a NaN value is it does not require sophisticated engineering knowledge to realize that a NaN output is not what you're expecting.

What I was pointing out is this only captures a relatively narrow set of failure modes and may lead to bad assumptions due to automation bias. E.g., "I only need to think about failures if the sensor gives an NaN because it's based on the assumption that a failure produces an NaN" whereas having an actual principled knowledge of operation can catch the other errors.

Falling prices is not always indicative of a well-functioning competitive market.

Rockefeller was known to deliberately lose money to undercut his competitors and put them out of business. With enough scale, a near-monopoly can provide irrational predatory pricing long enough make competitors insolvent. In between, it looks like the near monopoly is losing market share while prices drop.

Without taking the larger context, it's easy to misconstrue the long-term anti-competitive systemic effects.

Rockefeller did not get rich by losing money.

Nor did Rockefeller eliminate his competitors. He never got more than a 90% market share. SO was not tried for being a monopoly, it was tried for trying to create one.

SO's market share sank during the trial, as Rockefeller's competitors learned how to compete with him.

See "Titan" by Chernow.

> With enough scale, a near-monopoly can provide irrational predatory pricing long enough make competitors insolvent.

The reason this doesn't work is if X has 10 times the market share of Y, if X wants to lose money to hurt Y, X loses 10 times the money that Y loses. I.e. the larger the market share of X is, the proportionately more money is lost trying to undercut Y.

Chernow is more of a laity source than an academic one. Fun to read, but it’s not a strong source. He tends to over emphasize the efficiency side and neglect the logistical barriers to entry and many would consider Chernows thesis incomplete.

If your claim is that someone needs to have 100% market to be anti-competitive, we’re talking past each other. I know HN can have relatively high levels of binary thinking, but the real world is more complicated and nuanced.

X doesn’t have to perpetually lose money, just long enough to put Y out of business. Modern definitions of predatory pricing did not exist at the time, but that is essentially what Standard Oil was found guilty of in their day. They can also lose market share as new markets emerge but that doesn’t undermine the monopoly argument. If I have a utility in TX and another utility opens in CA, my regulated monopoly is still intact.

SO had a significantly lower cost structure, it didn't need to lose money.

The nuance is throughout the SO anti-trust trial, SO was losing market share.

SO's main method of growing was to buy out competitors, and made them rich with SO stock.

The court case found SO used local aggressive price cutting until competitors were driven out. That’s why they were broken up. I don’t think there is court evidence whether they lost money (although there’s speculation) in those cases because that standard wasn’t established until later antitrust cases. But once competitors were gone SO raised prices. SO still meet the threshold for monopolistic operation.

Yes, SO had a lower cost structure in many cases. But efficiency is not the determining factor for antitrust behavior. That’s the chink in Chernows perspective: he focuses almost solely of efficiency argument and ignores the larger context.

And not to be snarky, but that’s the same pattern you take whether you defend Rockefeller, Musk, or any other business magnate. There’s a narrative you identify with and you’ll stick to it almost to the point of circular reasoning.

I think you are in agreement. The poster you replied to seem to insinuate that immediate revenue (in the Americas/space) isn't the best indicator of latter successful pioneering markets.

What happens when the only way to reduce spending is to reduce your assets? Seems like circular logic at that point. I suppose the market isn’t expected to be rational all the time, but eventually it is.

I believe the idea is to support the “real” economy vs a “paper” economy. The “real” economy manufactures stuff in meat space instead of making value through abstractions like financial derivatives. The real economies are tied to a stronger middle class and national security. That’s the thesis as I understand it.

A service-based economy is also a "real" economy and not a "paper" economy

The fundamental problem is the asymmetry of value creation. Software is perhaps the pinnacle of this, and why tech companies are so unfathomably wealthy.

A team of 10 SWEs can create a product worth $1B with the cost of 10 laptops. You get ten people worth $100M each.

To create $1B in value with any kind of manufacturing business, is going to take hundreds of people utilizing millions in various costs. You end up with something like 10,000 people worth $100k each once you wind your way through all those supply lines.

You said it better. I think the idea is that certain "paper" economies are disproportionately valued in the economy when the dollar is strong. A strong dollar leads to offshoring manufacturing, which leads to an over weighted "paper" economy, which leads to an eroding middle class.

I agree, depending on what services you’re speaking of. Although I don’t know that it meets the explicit aims of the heritage foundation (which was the OPs question).

What makes you think these are mostly students? I may have missed that in the methodology

In addition to being a reviewer, they also submitted their own research to this journal. So it leads to the question: if they were willing to cheat on the side of review with less incentive, why wouldn’t they cheat on the side that provides more incentives?

(Meaning, your career doesn’t get boosted much for reviewing papers, but much more so for publishing papers)

>If you can get high quality medical advice for effectively nothing

This is an area where a confident, but wrong information is extremely costly. It’s like saying an LLM can give you high quality directions on how to tap into a high voltage transformer. Sure, but when it’s wrong, it’s very very wrong with disastrous consequences. That’s why professions like doctors and Engineers are more regulated than others.

It is definitely too early to expect AI medical advice to be usable (except in very limited instances) but the question is how long and how far will that change? After all, human doctors don’t do so well with new or under documented or rare conditions (consider the history of alpha-gal allergy or lyme disease sufferers even now).

I think the issue is that someone working in public office had influence to affect that probability, and their relatives stood to gain from it.

I don’t know enough about the ethics laws to know if it was strictly illegal, but it does create a smell.

Suppose a county engineer has influence on whether oil drilling will be allowed (they don’t make policy but consult those who do), and prior to approval their relatives buy up a lot of land in the area. That engineer may not have been the deciding factor, but it seems like it runs afoul of ethics laws/standards.