Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Who watches this crap? (Score 1) 133 133

Actually, (getoffmylawn) when I started, in school, we had like 1 keypunch and dozens of students. So you'd better have your text in order before you sat down. First job I had a lot of old-timers never typed anything at all. They wrote it out on coding pads, sent it to Data Entry, and they returned a source deck.

There are times when I think one of the biggest mistakes ever made was in giving programmers direct code entry. You can waste so much typing mindlessly when you should be thinking.

But times have moved on, and so now the programmer can not only be the Data Entry person, but also the (laid-off) DBA and the (laid-off) Network Engineer. And by the way, we need that new app out by Thursday. So put a little Extra Effort into it, m'kay?

Talk about distractions.

Comment: Re:Oh boy! (Score 4, Informative) 77 77

Installed Chrome recently because EVERY BLOODY STUPID TAB I open in Firefox stalls the entire browser for eternity. And that includes Slashdot tabs.

I know that a lot of it is because everyone+dog feels obliged to dump 3.5GB of unwanted slop from other sites on my client for every page visited/updated - and that's AFTER the blockers have whittled it down.

But Chrome at least lets me read stuff almost as soon as the page renders.

Comment: Re:Who watches this crap? (Score 4, Insightful) 133 133

It's nonsense. I do my coding in my head. You want to "watch me code", get an EEG or a CT scan.

When I'm sitting at the keyboard, I'm not "coding", I'm typing. If I have coded correctly, then I'm typing fast. If I haven't, I either retire from the keyboard and revise my coding, sit and stare vacantly while I'm revising my coding, or cut-and-paste.

Here's a clue, then. When I look my most "productive", I'm not. When I look the most busy then I'm not doing my most valuable work. In fact, like a lot of people, the really valuable work is done while I'm in the shower or in bed not-sleeping in the wee hours.

And THAT, children, is why I get surly when you come and interrupt me while I'm "just sitting there". Because while it's irritating to be interrupted when I'm trying to get it all typed in, it's enraging to have someone push a cow in front of my train of thought.

Comment: Re:Back Door (Score 1) 56 56

Oh bullshit!. They had the ENTIRE SOUTH AMERICA to trade with!

Which itself has spent much of that interval being about as economically advanced as Cuba itself is.

I still contend that the ultimate destruction of the Castro regime won't occur until Americans are free to come in and corrupt them again.

Comment: Re:Yeah, right. (Score 1) 153 153

And now imagine an agile team of bricklayers "doing" an Empire state, sprint after damned sprint, under time pressure. Led by some MBA suit.

That sure looks like a recipe for success...

I have this image in my head of a skyscraper where every few courses, the bricklaying changes its appearance.

That's what Agile was supposed to promote, wasn't it? Adapting to user feedback as the code is developed?

Comment: Re:Try it for yourself! (Score 2) 815 815

You know, from a British perspective, the US flag is a rebel flag as well. Just sayin.

True. I doubt it flies above any government buildings in the United Kingdom, but I bet you can still buy one at TESCO!

Yep: http://www.tesco.com/direct/us...

And it's probably made in China. Just like the real thing.

Comment: Re:Never ? (Score 1) 152 152

Is it murder to refuse to perform a heart transplant, even if one is available? Probably not.
Is it murder to withhold a supply of insulin from someone who needs it to live? Maybe more so.
Is it murder to voluntarily stop producing new insulin shots while retaining a patent that prevents others from doing it? Complicated.

Of course if robots never advance to the point that you can consider them alive, it's all irrelevant here.

By that time, however, they'll probably seize the factories and start producing Terminators.

Comment: Re:POTS security is broken. (Score 4, Interesting) 193 193

The plain old telephone system evolved in an earlier era, security by obscurity was the norm. There were using simple whistling tones added/removed to regular conversation for data communication between exchanges. All analog. Blind phone phreaks were stealing just long distance minutes from the phone companies. But now the phone companies feel they have no liability to detect spoofed caller id. If some courts hold the phone companies liable for transmitting false phone numbers, using some lawyerly language like "aiding and abetting" "knowingly providing false information" "negligent" etc, then there could be some relief.

Phone companies most definitely know which of their resources are being employed to make calls with. They BILL for those resources and each and every call gets logged. Those logs are also required to be available for (allegedly) authorized law enforcement agencies and they're one reason why the old movie trope of "keep them on the line while we trace this call" is bogus. If the connection was made at all, no matter how briefly, there's a record constructed by automated equipment.

Naturally, if the true origin of the call is coming in from some other source, the phone company can only trust whatever ID came in from that source, but they definitely know where the call itself came from and that means that law enforcement can then track back until such point where they cannot gain any sort of co-operation. Even spoofing via Internet phone can be tracked if you're determined enough.

Comment: Re:asterisk, if you are up for it. (Score 1) 193 193

For a single home line, can't you just use a modem?

Yes you can. I did, in fact. I had the callerID route to a Perl script that screened incoming numbers. Not only did it filter out unauthorized callers, I even had it playing different ringtones.

Comment: Re:FCC (Score 1) 193 193

One of the vilest calls I've ever received is one where a robotic voice says "IRS (sic) has filed a lawsuit against you".

"The" IRS, or as they'd be more likely to identify themselves, the Internal Revenue Service of the United States of America" doesn't call like this. They use the US Postal Service, for one thing. For another, they don't use "English" phrasing constructs, because they're American.

This particular scam is blatantly intended to terrify the recipient into calling back the (Indian) call center who will then supposedly proceed to further the scam. However, if you check with the "who's calling" websites for comments, you may discover that like a lot of such scams, their agents are too incompetent to actually hook anyone not in advanced stages of Alzheimers or under 5 years old.

And speaking of "who's calling", such sites are a ready-made black-hole list for phone numbers someone else already answered so you wouldn't have to.

Comment: Re:The root cause : poor unit testing (Score 4, Insightful) 130 130

This is somewhat deceptive. Sonatype supports Maven component archives.

One of Maven's chief claims to fame is that when you build a project, it doesn't grab "the latest" versions of dependencies, it grabs the selected versions of dependencies. On the grounds that "If it ain't broke, don't fix it".

This ensures a predictable product because everyone who does a build, no matter when, no matter where, will be pulling in the same resources to build with.

The problem arises when one (or more) of those selected component versions turns out to have issues. The build ensures that the product will be consistent, and thus will pass its own tests, but as the old observation goes, testing cannot prove the absence of bugs, only their presence. So if there was a vulnerability, an old project's tests wouldn't see it. And because you're asking for a specific library release version, later fixes don't get automatically included (of course, neither do later breakages, but they ignored that aspect).

In theory, then, this is simple to fix. Just update the project (POM) to pull in newer, better dependencies.

And the NEXT version of Windows will fix all your problems, and I've got a very nice bridge in NYC for sale cheap.

If you're working on a project, you generally have all you can do to keep up with issues in your own code, let alone some supposedly trustworthy third-party libraries. You cannot afford to be constantly updating the dependency versions and even if you could, there's the issue of "dependency Hell", where changing the version of Hibernate can conflict with the version of slf4j which can conflict with junit, which can conflict with... I usually like to budget 2 or 3 DAYS when I'm ready to start upgrading dependencies.

Sonatype doesn't get a pass here, though. If they/Maven supported a mechanism that could flag builds that have known weak dependencies, it would help a lot. Management, of course, would promptly command it to be turned off to ensure "productivity", but at least we'd have some help short of periodically manually auditing every library in a complex project (like that's ever going to happen).

This is clearly another case of too many mad scientists, and not enough hunchbacks.

Working...