Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×

Comment Re: When The Lunatics Take Over The Asylum (Score 1) 456

It's unquestionably an asset to programmers.

I want to hire lazy programmers with ADD. They'll be thinking about three things at once (on a *bad* day), and two of them are going to be ways to automate some menial task so they don't have to do it by hand any more. Automation complete, they're on to something else that they actually have to *think* about now that the boring stuff is scripted.

Absolutely the best technical people for the job. It does take some skill to manage them though....

Looking in from the outside, it's not always easy to tell the difference between someone who's showing no substantive results for a month because they're playing solitaire all day long versus someone who's showing no results because they're solving some meta-problem which will unravel the entire task they were assigned in five minutes. The difference is at the end of the month, the Mr. Klondike really has nothing to show for it while the lazy-ADD person just kicks off their script & finishes the task assigned. Then there's the darker side of people who spend all their time (badly) solving the meta-problems and never actually accomplishing anything that needs doing. It's a fine line...

A good manager learns to nurture the meta to a point, but herd them towards actually solving the problem if things go too far afield. The Gant chart obsessed pointy haired boss will ruin these people more often than not and either send them packing elsewhere or just grind the innovation out of them. Either way, opportunity lost.

Comment Re:What does Science have to say about this? (Score 1) 587

But the South Africa test and this experiment are both strongly influenced by what the subjects thought

ding, ding, ding!!!!!

Congratulations! You've just stated exactly what the study proves and also confirmed why people who claim EMI-related illness are self-deluded crazies!

The proof of this test is specifically that people's belief that they are being bombarded by radio which they believe makes them sick is what makes people sick. The presence or absence of the radio signal had no bearing on how they felt. Only their belief that the radio was there affected them. The study proves that EMI-related illness is psychosomatic, not actually caused by the radio waves as claimed.

In other words, these people are a case for the P-sychiatrist. Turning the radio off won't make them feel better. (But ironically, convincingly lying to them that you *have* turned it off, *would* make them feel better).

Comment Re: Idiocy. (Score 1) 394

I understood just fine that you were taking a class. That didn't change my answer. If you brought your own hardware in and plugged it into my network, I would have fired you as a customer and tried to have your cert credit revoked if it was even slightly tech or security related.

I also would have ensured that my snapshotted machines were kept up to date and would have accommodated your software needs assuming sufficient licenses were available. I probably also would have had NAC running on any customer accessible ports to make sure your hardware couldn't have been connected.

You ran into some lazy admins, but you also violated any reasonable company policy in connecting unapproved hardware in a way that might have run afoul of CFAA.

Two wrongs don't make a right. The ends don't justify the means when NetSec is involved.

Comment Re: Idiocy. (Score 1) 394

In the vast majority of cases, the problems caused by "one of you" having too little access to a machine are significantly less dangerous than having too much access. The case you've described sounds more than a little BOFH-ish. That's unfortunate, but it happens. They still made the correct decision in restricting access to the machines.

If you'd brought your own laptop in and plugged it into my corporate network, you'd have been summarily dismissed same day, no questions asked.

The fact that you were trying to do something you think was okay doesn't change the fact that lots of end users try to do dumb and dangerous things daily. Many of them also see nothing wrong with what they're trying to do. Networks with wide open machines are full of compromised machines.

Not to sugar coat it, but IT knows better than end users when it comes to security and compliance. We get paid to be experts in it. End users get paid to be experts in other things and will (probably) never be equipped to make correct IT security decisions.

You don't have to like the restrictions, but you do have to live with them and comply with our security policy. Your other option is find another job.

Comment Re: Idiocy. (Score 1) 394

In all seriousness, I think the vast majority of those who complain the most bitterly about IT restricting software installs are either looking to goof off (solitaire, sports, streaming, etc.) or demanding useless customizations (screen savers, themes, etc.).

A very small minority may be programmers or other engineers who would legitimately benefit from additional software but work in misguided shops that force restrictions on people who do know how to handle themselves correctly. My heart goes out to people stuck in that situation.

But yes, the vast majority of denied exceptions for additional software are denied for good reason.

Comment Re: Idiocy. (Score 2) 394

I work for a large-ish Somebody asks for a piece of software and makes a reasonable case as to why they need it to do work (or at least how it would help them work more effectively), and they get the exception. That's assuming the software isn't malware, privacy violating, pirated, etc. Default policy with exceptions granted on a per-case basis works just fine.

That's not to say there aren't complaints. No, your fish screensaver (that chews CPU all day long and may or may not actually be mining Bitcoin) isn't something you need to do work nor that will help you work more effectively. That's denied. "101 Favorite Solitaire?" Nope. Sorry...

Be a reasonable human being to your sysadmins, make a legitimate request with a clear justification, and everything works out fine. Throw a tantrum and complain about how it's broken and you can't do anything, and your call will be answered in the order it was *DIAL TONE*.

Comment Re: Idiocy. (Score 4, Informative) 394

Have you ever in your life met an actual end user? What you're asking for is beyond the vast majority of end users. Further, most of them if told explicitly, "You will be responsible for bad things that happen on your computer as a result of your actions," will balk and refuse to accept that claiming that's IT's job (which is true: It is.)

They want all the power and none of the responsibility. Indeed, the user is the problem, but the user is not capable of understanding the problem they cause. It's far more complex than any of them have any interest in learning. They rely on IT to manage systems and keep them running. The way that IT does that is by configuring a platform that meets their needs and locking it down so they can't screw it up.

Comment Re:It's arms race (Score 4, Informative) 519

Current blockers are only partially domain based, though that's the larger part. AdBlock & friends can also block based on HTML DOM ID's, classes, paths, etc.

Even if the ads are served by proxy through the origin site's domain, they're going to be in a defined place in the layout. AdBlock can block things like:

I haven't found an ad yet that isn't susceptible to being blocked via DOM attributes.

Next step would probably be to dynamically perturb the classes & ID's returned in the page, but then the blockers parse the returned HTML, deobfuscating it in such a way as to give you consistent tokenized identifiers which are then blocked.

Arms race yes, but already predictable domains aren't a requirement for effective blocking.

Comment Re:Was not Oracle code in the first place (Score 1) 229

Your first two assertions are contradictory. If the product is highly bugged, they are not doing quite well internally.

If their customers were complaining to them that their Highly Paid Consultants did all this reverse engineering and didn't find any bugs, fine. Then Oracle is doing well. If people who have no source code access are finding 10% of their vulnerabilities? That's not quite well. As someone who occasionally skims through the patch release notes, that's 10% of a not terribly small number...

And what are you smoking about Flash? Adobe/Macromedia != Oracle. Oracle database does contain Oracle (formerly Sun) Java, but most of the errata they mention in the release notes tends to be not related to the Java parts.

Comment Re:Piss off (Score 5, Interesting) 229

This policy is long-standing. Probably over 10 years ago at this point we found and fixed a connection leak in Oracle's own JDBC driver by decompiling, fixing, and recompiling the affected class. To say they were displeased would be polite.

It was a production-down issue, we fixed it after their support flailed on it for several days, and they still had the nerve to send us a nastygram for it.

Comment Re:No compelling evidence? (Score 1) 663

I'm in your boat (second time keto, not quite so rosy), but I have absolutely no illusions that I'm more frequently over-eating carbs this time around. I was a machine the first time and lost 180 pounds in about two years of extremely faithful adherence to the diet. Then I got into the "well, I'm way better than I used to be, and life's too short, and I'll just enjoy this little.... *OMNOMNOMNOMONOMONONOM*" kind of mentality... It's not that it's harder the second time. It's that I'm not doing it as well as I did the first time.

It's absolutely expected that you could eat more calories the first time. You were heavier, you burned more calories carrying yourself around. The degree of calorie restriction necessary to maintain a rate of weight loss increases as body weight decreases.

"But this one goes to eleven." -- Nigel Tufnel