Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment Re:How Would the Author Know? (Score 1) 255

Is that really what you thought this was about?

There's a big difference from someone being semi-competent or having a "dial-it-in" attitude and someone who's just not up to the rest of the people around him. With the former, team members resent the individual: "Why am I working so hard when you can't be bothered? I just have to pick up the slack" -- and that creates dissension and a management nightmare.

With Elliot (and the many team members I've known like him), it's obvious to everyone that he's doing the best he can; he's just dumb (relative to the others around him). He can be frustrating, but it's not because he has a bad attitude; quite to the contrary. HE WANTS TO HELP. In a healthy team, everybody does his best to find a way for him to do so.

Submission + - A Measure of Your Team's Health: How You Treat Your "Idiot" (intuit.com)

Submitted by Esther Schindler
Esther Schindler writes: Every team has someone who at the bottom of its bell curve: an individual who has a hard time keeping up with other team members. How your team members treat that person is a significant indicator of your organization’s health.

That's especially true for open source projects, where you can't really reject someone's help. All you can do is encourage participation... including by the team "dummy."

Submission + - FCC.gov Won't Let You Submit Comments (fcc.gov)

Submitted by Anonymous Coward
An anonymous reader writes: Are you trying to submit comments regarding the FCC's attempt to undo net neutrality? Good luck.

Presumably due to the massive outcry against their proposal, their website has stopped responding. Either that or my Comcast connection is mysteriously blocking the page...
Security

Heartbleed Bug Exploited Over Extensible Authentication Protocol 44

Posted by samzenpus from the protect-ya-neck dept.
wiredmikey (1824622) writes "While most organizations have patched the Heartbleed bug in their OpenSSL installations, a security expert has uncovered new vectors for exploiting the vulnerability, which can impact enterprise wireless networks, Android devices, and other connected devices. Dubbed 'Cupid,' the new attack method was recently presented by Portuguese security researcher Luis Grangeia, who debunked theories that Heartbleed could only be exploited over TCP connections, and after the TLS handshake. Unlike the initial Heartbleed attack, which took place on TLS connections over TCP, the Cupid attack happens on TLS connections over the Extensible Authentication Protocol (EAP), an authentication framework typically used in wireless networks and peer-to-peer connections.

The researcher has confirmed that default installations of wpa_supplicant, hostapd, and freeradius (RADIUS server implementation) can be exploited on Ubuntu if a vulnerable version of OpenSSL is utilized. Mobile devices running Android 4.1.0 and 4.1.1 also use wpa_supplicant to connect to wireless networks, so they're also affected. Everything that uses OpenSSL for EAP TLS is susceptible to Cupid attacks. While he hasn't been able to confirm it, the expert believes iPhones, iPads, OS X, other RADIUS servers besides freeradius, VoIP phones, printers, and various commercial managed wireless solutions could be affected."

Submission + - Robotic Exoskeletons Could Help Nuclear Plant Workers (itworld.com)

Submitted by itwbennett
itwbennett writes: ActiveLink, which is 80% owned by Panasonic, is building heavy-duty strength-boosting suits that the company says can help workers shoulder the burden of heavy gear and protective clothing and could be useful at nuclear plants. 'Our powered suits could be used to assist and support remote-controlled robots in emergencies,' ActiveLink President Hiromichi Fujimoto said in an interview. 'Workers could wear the suits to carry PackBots to their deployment point and to work in low-radiation areas.'

Submission + - Life Skills: Get someone to help you when they've no reason to

Submitted by Esther Schindler
Esther Schindler writes: Imagine you’re on a deadline that’s important to you. The project might not qualify as “mission critical” to the rest of the organization, but it’s certainly essential for your own team. Now you run into a roadblock: a task wherein you need input from someone from another department, or where you need the other person to actively do something.

The process works fine when your contact in the other department is motivated to help you get the work done. But what happens when he isn’t? This happens entirely too often — particularly for developers and IT folks who need input or sign-off of some kind.

In a perfect world, you already built alliances (if not friendships) with people in other departments, so that your colleagues want to help you. But that isn't always the case. What can you do to get someone to help you with a project task even if it's a distraction from his own work? Here's several pragmatic suggestions, including a few that don't include "promise chocolate."

Submission + - Business bartering survival guide: Lessons from real life (itworld.com)

Submitted by Esther Schindler
Esther Schindler writes: Trading your expertise for the skills of someone else is a great idea for cash-strapped businesses — which includes lots of techies, such as web developers and computer consultants. But bartering can go sour – and herein, Esther Schindler shares bartering tips she wishes she hadn’t learned the hard way.

For example:

The casual handshake nature of most barters opens up the chance of every project-gone-bad story occurring in your business, such as finger-pointing about product specs, timetables, etc. As with any contract, if you can point to the agreement (which can be as simple as "here's an email message to record what we agreed upon today; let me know if you see anything untoward"), both sides know what's expected.

Because... what if you're unhappy with the service? In a barter, what if you already consummated your part of the process (you did the tax return) but the other party was substandard (you hated the photographer's images). If you were paying cash, you'd withhold payment or otherwise ask for the other party to fix the problem. With a barter... it's sticky. It shouldn't be, but it is. Particularly when the nature of the delivery is "...when the customer is happy." (Imagine the storyline that begins, "Dammit those photos were just what he asked for!")

Oh, and plenty more.

Submission + - Record Number of Women in Software Development

Submitted by Esther Schindler
Esther Schindler writes: The number of females in software development has increased by 87% since first being measured in 2001, according to Evans Data’s recently released Developer Marketing 2014 survey. In 2014, 19.3% of software developers are women, or approximately three and a half million female software developers worldwide. While today’s number is strong compared to 2001, it is even stronger compared to the years of 2003 to 2009 when the percent of female developers dipped into the single digit range. The survey of over 450 software developers, which is now in its fifteenth year, also shows that today’s female software developers tend to be younger than their male counterparts with just over 40% being under the age of thirty.

As one of those women-in-tech, I gotta say, Huzzah!

Submission + - Tech giants uniting to fund open-source projects

Submitted by Esther Schindler
Esther Schindler writes: The OpenSSL Heartbleed security hole, arguably open-source's biggest security breach ever, made many major technology companies realize just how much they all depend on open source and that such vital projects as OpenSSL need adequate funding. Thus, writes Steven Vaughan-Nichols, the Linux Foundation brought together (take a deep breath, it's a long list) Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, RackSpace, and VMware to form a new project to fund and support critical elements of the global technology: The Core Infrastructure Initiative.

OpenSSL will be the first project under consideration. In 2013, OpenSSL, which was at the heart of Web security for millions of companies and organizations, got by on a mere $9,000. In past years, OpenSSL has received an average of $2,000 per year in donations.

The CCI funding will pay key developers to devote their efforts to OpenSSL. It will also provide other resources to assist the project in improving its security, enabling outside reviews, and improving responsiveness to patch requests.

Think it'll address some of the issues?

Submission + - Which Buffy the Vampire Slayer Characters are on Your Team?

Submitted by Esther Schindler
Esther Schindler writes: Are you a Buffy, or more of a Xander? Rikki Endsley looks at seven Buffy the Vampire Slayer characters commonly seen on teams and the unique contributions each brings to projects. For instance:

Angel, the handsome and powerful vampire, is the team member who is either a huge asset or a giant liability, depending on his unpredictable mood. The “rock star” team member tends to get a lot of attention and often appears to be a team leader, but in reality he isn’t as productive, reliable, or valuable as his teammates.

Submission + - Evaluating When to Kill a Project: What Criteria Do You Use?

Submitted by Esther Schindler
Esther Schindler writes: It happens to all of us. Sometimes, the right way to fix a project is to cancel it. Making the decision to do so, though, has to be more than a gut response. Whatever the reason – at some point, you have to decide whether to keep plugging along, or to pull the plug.

It's easy to come up with a blasé statement like “I evaluate whether my original project statement will ever be achievable. If I determine that the project cannot meet my goals and objectives, we stop it.” But that assumes you know how to make that determination. Here's some advice on how to calibrate the issues to consider in the “Go/No-Go” decision process, whether the project is something of your own devising (anything from a personal coding project to a novel), or a corporate death march.

For example, "Are you dependent upon resources that are outside your control? If so, can you get them under control?"

And Hugo-award-winning CJ Cherryh points out, it might be that the inspiration isn't there at the moment, but you can set it aside to consider later. She adds, “Never destroy it – for fear it will achieve holy sanctity of ‘might-have-been’ in your memory. Being able to look at it and say, ‘Nope, there was no hope for this one’ is healthy.”

What criteria would you add?

Submission + - Your 58-Word Cloud Vocabulary Test (continuum.net)

Submitted by Esther Schindler
Esther Schindler writes: You think you know the cloud? Test your knowledge against these technical definitions, in a cloud-geek quiz by Tom Henderson. Close answers count, because this isn't Oxford or Webster’s, just a mixture of marketing-speak and geek speak. You’re on your honor. No peeking, and be nice.

So how many did you get right?

Submission + - The Spam Battle Report 2014

Submitted by Esther Schindler
Esther Schindler writes: Like anything else, spam evolves, as do the means by which it gets delivered to your e-mail inbox and the manner in which sysadmins prevent it from doing so. If your thoughts on spam-fighting are a few years old, it's time for an update.

For instance, starting with the good news: According to Kaspersky, in 2013, the proportion of spam in email flows was 70%, which is 2.5 percentage points lower than in 2012. The bad news is that spam that does get through is far more dangerous. According to John Levine, chairman of the Internet Research Task Force's Anti-Spam Research Group and president of the Coalition Against Unsolicited Commercial E-mail, "The ongoing threat is that spam is now essentially 100% criminal, and it's as likely to try to plant bank-account-stealing malware either directly or via links to compromised websites as to sell you something." As one example:

The content of spam is evolving to become more dangerous in new ways. For instance, Nick Gonzalez, a spokesperson for the security company Barracuda Labs, observes, “One new way we’ve seen are campaigns that use embedded Excel spreadsheets. The spammers break the words into individual cells to bypass the anti-spam tools. When viewed in an email it looks like a typical HTML attachment but it’s much more difficult to analyze."

So, here's the current state of the spammy art, and what you ought to know to fight it effectively.

Submission + - Can anyone design a job application platform that doesn't suck?

Submitted by Esther Schindler
Esther Schindler writes: Why does it take a half hour and triplicate-input-redundancy to apply for a job online? Why can’t these online application platforms just pull in LinkedIn data and be done with it? Isn’t it easier for these job application systems to just read our resumes and cover letters? Lisa Vaas has techie and business answers to these questions, hypotheses, and more.

...But half an hour later, I’m still fiddling with the thing, tweaking and correcting improperly filled-in fields as my life slowly drains away. I’m not even given a chance to see how the ATS translated my resume to populate its fields. Vaya con dios and fare thee well, job application.

Just from a user experience viewpoint, it’s irritating. . . .Why can’t these online application platforms pull in LinkedIn data and be done with it? Is all this really necessary to apply for a job? Or is it a Darwinian endurance test to winnow out the impatient and those lacking the ability to put up with horrific user interfaces?

A few questions come to mind: Why can’t somebody just create an ATS that doesn’t suck? Also, Wouldn’t it be easier for them to just read my cover letter and resume?

Submission + - iRobot ships a meeting robot that will attend meetings for you 1

Submitted by Esther Schindler
Esther Schindler writes: Hate meetings? Now you have an out. Just send the Ava 500 remote presence robot to attend meetings for you. Reports Wayne Rash, the autonomous robot will memorize your office, factory or lab space, avoid running into people and objects, and if HR rules require it, will even avoid running over interns. This robot can pretend to be you, it will bear an image of your face (or other body part) on its Cisco remote presence HD screen, and will even speed with your voice. The iRobot people say it will interact with others just as if it were you. You can make presentations, inspect manufacturing facilities and even discuss your blown bracket in the hallways.

I want one.

Slashdot Top Deals

Somebody ought to cross ball point pens with coat hangers so that the pens will multiply instead of disappear.

Close