Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment It's not just healthcare, either (Score 1) 122

You make a good point, but it applies beyond healthcare too.

May I introduce you to the auto industry? They'd like to sell you a new car that is always on-line, accepts OTA updates, and runs the safety-critical vehicle control systems on the same bus as the infotainment controls. What could possibly go wrong? (It's ironic that among the reports of hacks and abuses over recent months, there was also a report suggesting that many customers didn't use or actively didn't want a lot of these new electronic gadgets in their vehicles anyway. The only developments that almost everyone seemed to support were the directly safety-related driver aids.)

Then we have the financial and insurance industries, whose only requirement for any software they make sometimes seems to be "minimise fraud". Obviously that's an important commercial requirement, but meanwhile, they still can't reliably do basic things like sending money from person A to person B, providing secure and usable on-line banking facilities, providing working IT for their in-branch staff, or sometimes even keeping accurate records of who is authorised to access an account or facility.

Comment Re:Aaaand *NOTHING* happens to them... (Score 4, Insightful) 122

We could call the licensed programmers "Software Engineers", and have it actually be true.

The trouble is, it wouldn't be, because we're probably still several decades away from the kind of maturity and evidence base we'd need in the industry to actually do software development as a true engineering discipline. It's a laudable goal, but we don't know how to do it yet.

Comment But who will watch the watchers^Wregulators? (Score 1) 122

The good thing is that licensed professionals have to adhere to professional standards or become liable.

The problem is who sets those standards.

No-one knows how to write perfect software, because there is no such thing. Even with technically perfect implementation, there are always questions of requirements and design where at some point the specification of what you need isn't in a neat, unambiguous, technical form.

Very few people in the world know how to write highly robust and secure software, and the cost of doing so is often high. A few more people are exploring various potentially better ways of doing things, which might improve the situation in the long term, but for now there isn't a large and reliable body of evidence to support most of these ideas. Crucially, in many cases today, even skilled and diligent professionals who will all do good work may genuinely disagree about which tools and techniques they prefer to use and why.

Regulation and licensing would most likely be based on "best practices" determined by some central organisation, but there is a tiny pool of candidates who are even remotely qualified to make such judgements and a tiny body of evidence to support it. Realistically, that means the people settings the standards probably won't be the real experts, such as they are. No, the regulators will more likely be people like those consultants who sell a different trendy methodology every few years, and the idea of giving those vacuous salespeople a louder voice than already have and actual legal powers over how other professionals develop software is more terrifying than any bug.

Comment Re:In other words. (Score 3, Insightful) 271

The law should NEVER, EVER, EVER, provide protection over any data available behind public sector activity.

The public sector frequently claims the release of information will be burdensome; however, the public sector actors are not always forced, by statute (as they are in Minnesota) to ensure records should be held in a way which the sector cannot claim burden in failure to comply.

This needs to change.

Comment And yet, even at 24, it's not the year of Linux (Score 0, Flamebait) 152

I've been using Linux, in varying capacities in both my personal and work life, since that fateful day in fall of 1996 when I popped a Slackware CD into my Dell Latitude P-133 laptop. Yet, I still don't love it as much as I should.

Why? Because, as I found out this week when I installed Ubuntu 14.04 LTS on a VM to power a SAS installation at work, it still sucks in so many ways. Is it better than it was 19 years ago? Not really. I still had to think; still had to work to get the damn thing to run; and grub still gave me a rash and a shit to get up and running.

Yeah, the Debian install I originally made back in November of 2002 is still running, after many a dist-upgrade, and it's going strong; however, I still have my love/hate w/Linux after nearly 20 years living with it daily.

I've always been excited for the next big thing. The next moment when it would be that system I could easily use on my desktop or laptop and interoperate w/the rest of the world; yet, here I am, typing this on a machine, provided to me by my company, I never thought I'd use (a MBPr), ever.

Yeah, Linux runs the Internet and many of our phones, yet, I still hate it as much as I did when I was 17 years old, for many of the same reasons.

I'll be happily waiting for another 24 while it continues to grow and do its thing but, unlike the visions many of us saw for Linux back in the day, it has not shaped up like we thought it would. Successful? ABSOLUTELY. But as successful and brilliant as it should be 24 years later, ABSOLUTELY NOT.

Comment Re:A significant difference between HW and SW sale (Score 1) 318

I'm certainly not arguing that MS are perfect when it comes to support. After all, we're having a discussion about how badly MS may be treating their customers with Windows 10.

However, generally until the run up to Windows 10 my experience has been that they're a lot better than the likes of Apple and Google at supporting their products for extended periods. Not only do they publish much longer support periods for security fixes, in the past they've also reportedly to gone to extraordinary lengths to maintain backward compatibility in new Windows releases, so fewer customers would lose functionality following an upgrade.

The really impressive thing is that they did this even though the problem often wasn't really Microsoft's fault at all and was instead due to other software developers relying on undocumented behaviour and unpublished APIs where they shouldn't have been. I'm not sure we can expect that level of customer support from them any more, sadly.

Comment Re:A significant difference between HW and SW sale (Score 1) 318

Given that just about every PC, monitor, storage device, networking device, and other major peripheral around me as I type this has a formal warranty that indicates the minimum support period and the OS I'm running (Win7) has a published lifecycle that tells me exactly how long as a minimum I can expect security patches for, yes, I could. Short of the relevant businesses literally going under, in which case obviously no guarantee is worth much, I can count on support for these systems for several more years.

In contrast, as I've just highlighted in another comment, if I had bought a MacBook this time last year running OS X 10.9, there would already be at least one major security vulnerability that Apple has declined to patch in its OS. Or just look at the iOS 7 and App Store policies that make iPhones around generation 4-5 or iPads around generation 3 all but useless unless you chose to risk the OS upgrade, even though these devices were state of the art gear around 3 years ago and still run perfectly well in hardware terms today.

Comment Re:A significant difference between HW and SW sale (Score 1) 318

Just to be clear, I'm not talking about hardware issues here. I'm talking about not issuing security patches for serious vulnerabilities in versions of OS X that would have been shipping on brand new devices at little as a year ago.

There's really no excuse for not providing proper security fixes for the original OS supplied with a device for the useful lifetime of the device. Any security patch is by definition fixing a serious defect in the original product and clearly Apple's responsibility. I don't necessarily expect them to provide other updates and general improvements if the user isn't willing to update to the latest version of OS X as a whole, but not providing security fixes without insisting on updating other things the user might not want and didn't expect when they paid their money (and Yosemite was full of those) is a whole different thing.

They sold a broken product, and not a cheap one at that, and they should put that right without forcing other changes in the process. In fact, in my country, general consumer protection laws would probably compel them to if anyone chose to press the issue, or to provide other compensation or ultimately a refund for the defective product if they couldn't repair it properly. Whether the latter would be the better commercial strategy for Apple would presumably depend on how many people disliked the new OS enough to decline the general update and insist on a fix for their original version.

Comment Re:Half the story (Score 3, Insightful) 318

I don't care what they do with home versions, but I take issue with not being able to do this in Pro. An individual cannot buy Enterprise.

I've been wondering about that. If it's still going to be true once they've got their act together, then presumably that also affects most small businesses? That could be a very expensive strategic mistake. The hoi polloi will put up with a lot, and big businesses will do their own thing and probably not update for a long time anyway, but alienating the smaller and more agile businesses that might have updated sooner seems unwise, and alienating the geek community -- who run IT in those businesses and advise their less geeky friends -- seems downright commercially suicidal.

Comment Re:A significant difference between HW and SW sale (Score 1) 318

The flip side of that is that Apple's long-term support can be awful to non-existent.

Don't feel bad if that recommended and conveniently non-reversible update to iOS renders your three-year-old tablet or phone unusable. Here, try an iPad 7, that runs the new version just fine!

Oh, and that similarly ancient business laptop? You would have been secure against the malware you just got hit by if you'd only installed OS X Jungle Gryphon. Well, maybe. Or maybe you wouldn't. You see, we're not going to give you any sort of clear indication of how long we will support our hardware or OS versions for, and certainly not any sort of binding commitment, because that sort of nonsense is for chumps. Besides, even if we did, you'd have no idea which animal versions were included anyway.

Comment Or not (Score 3, Insightful) 318

If you're running automatic updates on 7 or 8 you already have the same "telemetry" components as well.

No, I don't. You see, the great thing about still being on Windows 7 is that I'm not forced to install whatever user-hostile updates Microsoft deems necessary. So I didn't.

By the way, neither did a lot of other people. Many of the professionals I know have been "security updates only" for quite a long time, even on personal use machines rather than work ones. Plenty more joined the fold recently after the Win10 nag message update.

It frustrates me that the casual press keep repeating the dogma that the forced updates in Windows 10 are a good thing because security experts recommend applying all patches immediately or similar, as if Microsoft hasn't been pushing non-security updates for years.

Comment Re:weasel words = gaping hole (Score 2) 318

It's worth pointing out that laws in this sort of area vary widely. I don't know where you're based, but I don't know a lot of lawyers who'd be comfortable defending that position in much of Europe, for example. On the other hand, it wouldn't surprise me at all to find the law allowed that kind of behaviour in the US.

Comment Re:Surge Pricing - Why The Hate? (Score 1) 249

Humans aren't smart enough to do central planning well (even though many try with many things even today), and certainly humans *in government* aren't smart enough to do central planning.

And yet the last time I got the train home and couldn't get a cab immediately outside the station, whatever time it was, was probably in the last millennium. I have never had a problem booking a cab for exactly the time I wanted if I had more than an hour or two of notice, and without that, the worst I've seen in recent years has been a delay of maybe 20-30 minutes instead of the usual 10-15 if I'm not in a central location.

The regulated rates we have here in the UK are nothing like surge pricing. They are fixed typically for years at a time with only a very small number of different rates based on things like working overnight or on public holidays. And yet despite your claims, my experience is that we're doing just fine with them as they are, and your hypothetical failures simply don't happen in practice. Taxi drivers make a reasonable but not excessive rate working typical hours, taxi companies co-ordinate their drivers pretty well and also make enough money doing so to be commercially viable, and taxi passengers have reasonably consistent service and predictable pricing. Taxi drivers already gravitate towards high-demand events when they happen, because they typically have flexible hours and they'll often put in a bit more time if there are effectively guaranteed fares available for a while.

The only way I can see a business like Uber managing to undercut the existing market to an extent that saves passengers a significant amount of money and yet still makes a worthwhile profit for Uber themselves is by cutting corners. For example, they could pass hidden running costs onto their drivers, or they could try to avoid subjecting the passenger-carrying vehicles to the same inspection routine that licensed taxis are required to follow. But obviously there are reasons the existing rules are what they are, and I see no good argument for allowing them to exploit their staff or compromise passenger safety so your ride can be maybe 20% cheaper.

Possessions increase to fill the space available for their storage. -- Ryan