Forgot your password?
typodupeerror

Comment: Re: Or so they say... (Score 1) 142

by Kr3m3Puff (#47854719) Attached to: Feds Say NSA "Bogeyman" Did Not Find Silk Road's Servers

The examples from the wiki describe situations where the initial source was legal, but protected. E.g., placing a sting in the path of a suspect on the word of a protected informant, then omiting the reason for their 'luck' in finding the suspect. Or e.g., withholding NSA wiretaps from DEA until the citizen or geography of the source is determined to be foreign (unethical, but not illegal).

Yes, but in this case, mass analysis of Tor traffic by the NSA could have thrown up a suggestion to the FBI "if you want to find the real source of the servers, all you need to do is exploit the CAPTCHA servers". The activities of the NSA don't have to be illegal for the FBI to obfuscate how they got to the final result. I doubt the FBI spent load of time just hacking around. The Government started with the problem "how do we reveal the true source of the Tor anonymized traffic" and fitted the solution to identifying it to some fully legal and totally unnefarious. It is in the Government's best interest to make criminals think they are incompetent.

Comment: No practical value... (Score 1) 514

by Kr3m3Puff (#42334883) Attached to: Ask Slashdot: 2nd Spoken/Written Language For Software Developer?

Personally, if you aren't going to work outside the US, there is no practical value for a programmer, because it would greatly narrow down any other market.

Programming is like Air Traffic Control, for good or bad, everything is in English.

I have spent half my career outside the US (albiet mostly in English speaking countries) and from a development perspective, English is not optional. 99% of documentation is in English. Mastering another programming language would be more practical than another written/spoken language if you are only going to live in the US.

All that being said, the only large scale technical documentation I have seen being regularly translated into another language is Japanese. And increasingly Russian developers, amongst themselves, keep it in Russian.

Comment: Re:100 more will die today (Score 1) 1719

by Kr3m3Puff (#42322653) Attached to: Adam Lanza Destroyed His Computer Before Rampage

Crime has been falling steadily as gun sales have increased steadily. So apparently encouraging more gun ownership has a positive impact on crime. Doing nothing seems like a perfectly valid course of action in the face of the steady fall in crime rates.

Well illegal immigrants in the US have been rising steadily as crime has been falling. Maybe we need more illegal immigrants then? Or maybe it was because of Roe v. Wade and abortion is driving down crime rates?

Correlation is not causation.

Comment: Private Members Bills... (Score 3, Informative) 230

by Kr3m3Puff (#39595905) Attached to: UK Bill Again Demands Web Pornography Ban

... especially in the House of Lords mean nothing. They are individual bills introduced by members to usually provoke conversation versus any real intention of becoming law. They get debated and discussed and almost always get struck down. It is a customary process that allows the UK to consider and discuss things that would not be discussed by normal routes. So even mentioning (and mis-characterising it) is just to just sensationalise something that shouldn't be. The fact that the UK Government is actually considering unwarranted surveillance of the Internet in the UK is far more "dangerous" because of the way they are introducing it, via the Queen's Speech, which means it is setting out what the Government supports and actually plans to do over the next 12 months. Usually what is in the Queen's Speech gets banged into Law one way or another.

Comment: Been There, Done That... (Score 2) 229

by Kr3m3Puff (#38423098) Attached to: Ask Slashdot: Transitioning From Developer To Executive?

First off, while I don't know exactly your situation, it does seem that you aren't going to be moving as far away as you might have thought. I have gone from "developer" to "architect" over the first 15 years of my career and now I have moved onto what is clearly senior management, but I am part of a large organisation which means that I still am not that close to the top. I would be considered a CTO of a medium sized company though. I have full P&L responsibility for more than one area and am responsible for about 150 people and about £10 million in budget per annum, 1/2 of that being hardware/software. I have been doing the management role for about 2 years now and I can say, for me, I won't go back.

I think my people, mostly, don't think of me as PHB. That is in part by remembering your roots, but more than not it is building up trust that you are going to lead them the right direction and having proper "adult" conversations about risks and issues. As others have said, micro-management, especially in the West, is horrible. You have to delegate and trust your team, no matter how tough that can be at times. Respecting their professionalism, much as you would have expected in their place, is necessary. Do not shy away from tough conversations though. It is much better to be up front about issues and direct than it is to avoid the subject hoping that it just will take care of itself. I have seen many "good" people turned into "bad" because there was a minor issue that festered until it wasn't recoverable anymore.

As far as the Technology, ask a lot of questions. Having a good inbuilt "bullshit" detector is a must for effective Technology management. Don't know every detail, but know when people don't know what they are talking about.

Comment: Open Source and Free Software... (Score 1) 151

by Kr3m3Puff (#37956280) Attached to: Ask Slashdot: When and How To Deal With GPL Violations?

There is a subtle distinction (not so subtle if you ask rms) in that GPL is a free software license. It is persistent and code released under the GPL is specifically designed to keep it free forever. Commercial organisation (which aren't necessarily evil) have to do a lot of work in order to not run afoul. The OP is suggesting in other points in the thread that he suspects Code Sourcery might have accepted code contributions into the optimised code set. You would have to look at what sort of contribution license and under what guise those code contributions where made, not how those code contributions were released.

That is why, for commercial companies, or even other organisations that want to have an open community, in my opinion need to choose a more commercially friendly license, like the BSD modified license. It doesn't force the "morality" of free software on you like the GPL does. It allows commercial entities to incorporate code in derivative products, but encourages them to contribute back to the original project, instead of feeling "infected" with the GPL. In my opinion, the BSD modified is more free than the "freedom" of the GPL.

Comment: Not News, Welcome to the UK 2001 (Score 4, Informative) 301

by Kr3m3Puff (#37366374) Attached to: Global Mall Operator Starts Reading License Plates

Number plate reading cameras in public car parks have been around in the UK for a number of years and the government hands for even longer. Any time spent in London your vehicle will be scanned both publicly and privately. A visit to almost any airport in the UK will result in that and Heathrow Airport has had the "find my car" stuff for quite a while.

If it is a slippery slope, it is one that is already been in the wild for a long long time. Time to go tilt at some other windmills.

Comment: Re:SSA and Web sites don't mix (Score 1) 160

by Kr3m3Puff (#36702828) Attached to: Online Social Security Statement In Limbo

I remember the first one I got of it... It politely informed me that I a) had fully qualified based on all my contributions over the years and b) the year I was set to be eligible to retire, they would run out of money, but Congress was working on a way to address this, so I shouldn't worry.

I don't think they even read their own forms. *sigh*

Comment: Re:What about salting? (Score 1) 615

by Kr3m3Puff (#36347610) Attached to: Cheap GPUs Rendering Strong Passwords Useless

mod parent up... Exactly PBKDF2 combines all the current best practices into something that is difficult for CPU or GPUs to deal with.

An attacker would need access to the hashes, then they would need access to the salt (even if the salt is insecurely stored, it should be kept separate from the hashes, though some idiots do put the salt in the same data store as the hashes) and then they need to determine how many iterations to run (again, usually requires source code level access) and then needs to wait a few decades for most "insecure" passwords and a few centuries for any moderate passwords.

Now in 20 years, that maybe irrelevant, but for now, implementing PBKDF2 would make it very difficult for a long time to come to recover passwords.

Comment: Re:Generic Trademarks (Score 1) 356

by Kr3m3Puff (#35356142) Attached to: If App Store's Trademark Is Generic, So Is Windows'

This reminded me of my good ole days in tech support (actually Apple). A customer called in with a problem and I said "ok, we need to start by closing all your windows" followed with an "OK" and the sound of the phone being set down. As I sat there in silence for a minute or two, he came back and said "OK, I closed them all now". I then said "I did mean all the windows open on your computer" followed with the response of "Ooooooooh, sorry."

True, if someone walked up to me in the street and said "Windows", I wouldn't know if they were talking about a computer or the large glass thing I was standing next to, or my eyes, being the window to my soul and all.

Comment: Re:Nonsensical... (Score 1) 826

by Kr3m3Puff (#35113460) Attached to: Is Setting Up an Offshore IT Help Desk Ethical?

You are the Devil.

Hmmmm... I thought you were going to spout about relativism there for a second, and then you trounce with a statement that seems to be rather pointless.

Contrary to your assertion that we change to the system, very few systems ever changed from those who did not participate in it. Almost all have changed from within. Even the Nazi's weren't defeated by foreign forces, at the end of the day, the system collapsed from the inside. Being outside the system is generally pointless, while you can warm yourself by the fire of your own ethics.

Also, I didn't comment on the "ethics" of his decision. Many people choose not to participate because of their "ethics" but really that is the lazy way out. It is the most effective way to accomplish nothing.

"Pull the trigger and you're garbage." -- Lady Blue

Working...