Punch cards were still being used as late as 1984...probably not much longer.

I grew up in the era of punch-cards (1970's). My mother was a key-punch operator and was responsible for translating the handwritten code from the programmers as well as customer data into punched card format. It was also how and when I learned to program - I was in 4th grade and had an interest in computers. A programmer (and, department head) took interest in helping me learn. He would spend a little time with me each week to teach me assembly programming on the IBM 360. Then, he would would give me an assignment where I would work on writing a program which he would have punched and run. We used flowcharts...no interpreters or IDEs and I translated into assembly by hand. I had to "run" each program on paper first, following the flowchart, setting and updating variables and writing output. Making mistakes was costly in terms of time. Once he was satisfied, it would be punched and run. Yes, the results came back a day or two later (when, they weren't running other jobs). If there were errors, he would point out the error in the output and send me back to correct the code.

What I took away from this was learning how to determine requirements, design and code. I learned how to think things through before laying down a line of code. I learned how to code correctly and accurately to avoid errors.

1977 - I learned to program on an Altair flipping toggle switches. I was going to build one for myself. Then, the first TRS-80's came out.

1980, while in high school, we had an HP that took both cards and tape. Most kids taking the computer course had to write their programs on cards in BASIC as there was only one terminal. We got TRS-80 and Commodore Pets later that year. The HP was seldom used after they arrived.

1982, I owned my very own IBM PC as was programming in Basic, Assembler, Forth, C and Turbo Pascal. Two 5 1/4 inch floppy drives and 64 MB of RAM with an 8087 math co-processor, an amber monitor and 300 baud modem.

In 1984, at Drexel University, we still used cards on a Prime for coding in Fortran until they were able to get enough terminals - never had to use cards again. Then, the entire freshman class received the first Macs. It changed everything.

Today's generation has the luxury of very fast PCs, lots of memory and storage, modern languages and compilers and interpreters we stone-age caveman developers could only dream of when we started.

I still use my original iPad with 3G and 64 GB. But, it is stuck on iOS 5.1. And, far too many websites cause the browser to crash. Nothing more irritating than being in the middle of reading something online (such as /.), hit a video link or some javaScript heavy site and watching it just crash.

And, far too many times, trying to reopen the page causes the same problem all over again. Looking at the diagnostic logs, it's easy to see the problem is running out of memory (it only had 256M of RAM). Newer devices (iPad and iPhone's) have substantially much more RAM. My iPhone 5 doesn't run into this problem.

App updates are becoming a scarce commodity as well with many updates for iOS 7 being pushed to my iOS 5 device. The developers aren't checking for compatibility and and it kills the older versions.

So, it has been relegated to being an email and book reader and GPS. And, I will use the newer device provided for work for development.

I will splurge for a new, personal, iPad Air (or whatever is out when I buy) at some point...still recovering from tax(ic)shock (I owed this year..big time...thanks to severance pushing me into a new tax bracket I hadn't planned on being in). Yes, I like Apple products. But, I am not one to rush out and buy it simply because it's Apple. I bought mine because there was/is money to be made developing iOS apps. Eventually, I will head back over to Android (I HAD an HTC Incredible with Android 2.3....it sucked!) when the markets supports me being able to make money there also.

No, I am not a big proponent of this action as it "smells" funny. That being said...

Did anybody else notice she held the position from 2009-2011 in a two year appointment? She didn't jump right from the FCC to the CTIA.

She hasn't been working for the FCC as a regulator in three years. My guess is her contract or appointment included a clause restricting her from working for the CTIA or other groups she regulated for at least 1-2 years.

Naturally, the CTIA wants her as they hope she has the connections to make things move more smoothly in their direction. But, has she done anything unethical or otherwise illegal?

First, the primary networks are required, by law, to provide OTA service. They were also required to transmit in digital vs the older, analog signal. Supposedly, the digital signals can transmit further and can support error correction (to eliminate ghost images).

As another poster noted, IF you are in range of to receive the OTA broadcast, the HD picture is of higher quality that what you would get via cable. Why? Cable network providers must compress the signal resulting in signal degradation. OTA can send the full, uncompressed digital signal. One of these days, I will have to see if I can receive the signal where I live...probably not.

The issues, whether it be closed / proprietary or open source is two fold:

1) Competency of the person writing the code or making the design changes.

2) Competency of the person who is reviewing the work to understand potential issues surrounding the design and, as applicable, the implemented code.

A developer SHOULD never be a final reviewer of their own work. They can double check their work, clean it up, verify it meets coding standards.. But, ultimately, it comes down down to the one or more competent reviewers to study the work.

When one writes a paper or a long-winded post and try to review our work immediately after it is written, the brain will, by nature, fill in the gaps. If you have to critically review your own work, walk away for a day or two and then come back and tackle the assignment. You will be amazed at the errors you missed before.

FOSS is not any more safer than proprietary code if nobody who understands has the capability to understand the code and issues actually looks at it critically. A few years ago, the OpenSSL team achieved FIPS 140-2 compliance which was a major undertaking and achievement. I haven't yet checked, but did the version affected by Heartbleed pass FIPS 140-2 certification as a cryptographic token? Or, did they never resubmit the code for recertification? I would suspect it was never resubmitted as the cost for certification is too high. Had it been done, this MIGHT have been exposed long before now.

What WAS done correct was the rapid response once the problem was identified. This is something that corporations may drag their heels on as there a legal and financial repercussions when a vulnerability is found - even worse with an live exploit in the wild. They have to perform a risk analysis (on all levels) and determine if a fix is to happen at all. At the same time, corporations that rely on any system without a service level agreement that covers such issues take a major risk. This is where reliance on FOSS can bite you and why many corporations still maintain critical systems on proprietary operating systems and commercial software.

Earlier this morning, I read on another post that someone was saying how Heartbleed compromised many bank's systems. This was contrary to what was posted on sites such as CNET that provided a list of providers and websites that claim they were not vulnerable. It sounded incredulous. Frankly, still does.

I can see financial institutions using an open solution for their public facing websites. But, how many actually "run" an operating system that is based on Open Source for their financial transactions? Exactly. Most, I suspect, are likely running another fully patched, proprietary OS and few, if any, would be permitted to run on public or open software. Still, those customer facing systems could be compromised and there might be a way to capture a customer's banking credentials.

The good news is, if your bank is FDIC insured, your money is safe - up to the limit of the Insurance ($250K???) Still, it's a major inconvenience. And, while there is genuine concern here, there is too much FUD being spread.

What is really needed right now is a secure, public, searchable list of sites that are vulnerable, not vulnerable and unknown. And, institutions what have your contact information or sensitive information (ie. credit card info) should be contacting all customers to inform them if their data or accounts might have been compromised, what actions are being taken, and what actions the customer must take (such as when it's safe to actually change one's password, force a password reset, go to 2 factor authentication, etc).

Lastly, I can understand why a mobile device might not check a certificate revocation list. But, there is no excuse for a desktop server to not check the SSL cert's validity. And, if the user still wants to go to the site, the warning should remain on the screen a highly visible form (like putting a BIG red border about the frame with text reading (THIS SITE MAY HAVE BEEN COMPROMISED) .

And, the drone's payload of missiles.

Now, I must re-engage my cloaking device and hope the missiles can't follow the heat signature from my chimney.

Sadly, your comment falls on deaf ears even if you are right (which, you made some very valid points).

You have found your post modded down to 0 so it won't be heard because it doesn't agree with the collectively hive thinking. I will, likely, be modded down to troll for agreeing with you.

Welcome to the new /.

Then, let them. They passed the laws that allowed this to begin in the first place, right? It snowdened...err...snowballed from there.

Yes, the President can stop it with a stroke of a pen. Similarly, the next one can undo it with it a stroke of the pen also.

And, everybody will get up in arms about his not having done it sooner when it had CONGRESSIONAL approval. Right now, following the disclosures, allowing the agencies to find new collection techniques (not, necessarily against domestic targets) is essential. For him to stop it, could spell a national security disaster. Who really wants that on their hands?

Best solution is to tell Congress to get off their high-horses (ALL members), and write a law outlawing the activity. Get the Senate to agree and pass it accordingly. Note all those who object, what their objection is and who they are. Changing something of this magnitude requires bi-partisan support. Once they have bipartisan consensus, , send it to the White House for signature. If the President refuses to sign the bill into law, that will truly say something.

Just my take.

With symmetric encryption, when you encrypt with the same encryption key, you WILL get the same output that can be decrypted using the same key.

With password based encryption, you start with a passphrase and a salt, The passphrase and salt are combined and then run through a secure hash an agreed number of times. The resulting hash is the encryption key that is used with the cipher to perform the actual encryption. The salt and iteration count are why you can reuse the same passphrase.

In this context, if you alter the salt or number of iterations, you will get a different encryption key for the same passphrase and the resulting cipher text will be different. Of course, you should never encrypt using a straight block cipher but rather should use something like cipher block chaining (CBC) which uses the results of the previous encryption to seed the encryption of the next block to encrypt. This action helps to make cryptanalysis harder on the resulting encrypted code.

In simpler terms:
CipherText = Encrypt(passphrase, salt, interations, ciphermode, Plaintext).
PlainText = Decrypt(passphrase, salt, interations, ciphermode, CipherText)

This is nothing new - I have written about it my responses for years. I worked for a company that developed a system that was being considered by Homeland Security when I left in 2009.

In the early 2ks, there were a multitude of records management systems in use by public safety. Our system was designed for small and medium size departments- large cities were not our forte.

There was a lot of data and no way to correlate it among departments in the same counties, let alone state or federal levels. The system we devised worked seemlessly with our customer's and it allowed them to decide what information they desired to share. And, more importantly, they could just as easily shutdown that access. We adapted our system to be able to pull dta from other vendor systems. And, it was noticed. Every incident, ticket, arrest was instantly searchable...from a national level in under seven seconds. It didn't use links.

Our system wasn't the first, just one that worked...welll..really well. States were receiving grants from the Feds and a lot was funneled into academic research. GJXDM and subsequent NIEM models were built. The FBI also was looking at a system of their own design.

States such as Ohio, Wisconsin, Florida, PA, NJ and others all had systems...they just werent unified. I would suspect that, if the article is true and NCIS became the keepers, it was for national security reasons.

None of this is new. How many of you knew that most departments couldnt communicate with those in other counties by radio because of lack of standards? Legislation was passed to help them all be able to communicate in the interest of national security. We were in two wars and fighting an unseen one. Yet, a cop who pulled someone over in one county might not know that when the same vehicle was pulled over again...five minutes away.

Our system alerted an officer to one such routine stop. First time, there was no probable cause to search the vehicle. A few minutes later, the vehicle was pulled over again. But, the last stop was in the system and the officer approached the car with caution. Shots were fired as the officer approached and he was hit - but, not before neutralizing the threat. He had a vest and lived.

NCIC would not have had the realtime data. Our system did. I suspect the system in question is also near-realtime.

Is it spying? Perhaps at some level. But, it is a database of public safety info. Yes, your tattoos and tramp stamps are in the system if you were arrested. They help identify gangs or indicate when a rival gang is moving into a new territory, believe it or not.

Is the system here collecting more information about ongoing investigations or public information or information pertinent to law enforcement doing their duty?

And, FYI, a cop doesn't need permission to run your plates - that rule varies state by state. Often, it is a hit against a state run DMV or parking authority that gives the probable cause to run a full check. Do some abuse this power? Maybe. Most cops I knew

No. Refusing to do a task is insubordination and grounds for termination. Under those conditions, you can apply for benefits but may be rejected and the company can fight to keep you from getting benefits. They might lose. But, you still have to live while you appeal. The alternative is to quit. In that case, you get no benefits . Stuck between a rock and a hard place.

Correct. While some may not appreciate this, it's the compilation and interpretation of the links that provides value.

I learned this, first hand, when I had opportunities to read published "classified" documents as part of my military duties. My first thought was, like, "No Shit Shirlock...this is common knowledge." The information sources that were cited in the paper were all public domain or common, open sources, and readily available and even were the subject of discussions I had made with my peers. However, it was the analysis of the information, the common threads, and the meaning the analyst derived from that information that made it a classified document.

The point I took away from this article is not that there is not a shortage of capable works. Instead, it's a shortage of capable workers willing to work at the salaries and rates being offered. The VISA opportunities, as stated in the article, have enabled positions to be filled with qualified individuals at a substantially lower cost. In many cases, the job positions are created with the specific goal of filling with someone offshore. While this works out well for corporations, Sadly, this puts American workers at a serious disadvantage since they still have to live in this environment.

I have no qualms with hiring someone from overseas who has a passion for the work and willing to work for a little less. I do have issues hiring someone just because they can do it cheaper. My experience is the latter costs more in the end while the former can be a great bargain. Nonetheless, I still would prefer to see those jobs go to Americans first, those with passion second, and finally qualified but lower-cost last.

I had mod points but couldn't decide to respond with "Funny" or "Insightful". Seriously. There are elements of both in your statement.

Being an old fart myself, I grew up in the era of C, C++, VB, DELPHI, JAVA, JS. Today, the platform of choice is not the desktop, it's mobile. The SPA style makes it possible to target mobile either as responsive format or as a hybrid using something like PhoneGap/Cordova. Granted, someone still needs to write the frameworks and interpreters to run the SPA so the other tools and skillsets are still a necessity. But, a programmer can make a good living if they know how write a SPA.

As for learning new tricks? I see two approaches: 1) Refactor, redesign and recode an existing program you've written and know well in the past using the new paradigm or 2) Start with something new.

In the early 80's a friend of mine decided to learn to program. He decided to write a game for the Commodore PET (okay, you KNOW I'm old). He started with an idea, asked for assistance when he needed to learn a new construct for the hackers around him. His game was character based (we didn't have the graphics cards at school). The game became immensely popular among students and evening adult students. One morning, he came and the disk he shared (for him, he considered it PD) and was developing on was missing (they only gave us one). Our guess is that someone really liked it. Two years later, a game came out on the early Mac. It had REAL graphics. But, it was HIS game now being sold commercially.

Moral? Just because you don't know something now, you can still make a contribution.

Glad somebody modded it up. That really was funny.