Forgot your password?

Comment: Re:Uh... Yeah? (Score 1) 242

by Ronin Developer (#47359667) Attached to: Court Allowed NSA To Spy On All But 4 Countries

You have much to learn about spying - thousands of lives were lost, on both sides, during the Cold-War. Just because it wasn't an overt military conflict does not mean that it was a peaceful endeavor.

Today, we know that spies from many nations live within our borders. Some are after national secrets, some are after industrial secrets. But, any way you cut it, it goes counter to our National interests even if it's a dirty business.

Comment: Demo Disks (Score 5, Interesting) 378

Years ago, when ATMs were first becoming available, someone I know worked as a security exec for a large bank. Seems back then, each ATM came with a demo disk hat, when inserted into a floppy disk port inside the ATM's housing (but, easily accessed) placed the machine into demo mode and allowed the operator full control of the device. The sales operator could then fully demonstrate ALL the features of the ATM - including the automatic dispensing of cash.

With furled eyebrows, he asked whatever became of all the demo disks after the ATM was installed..nobody knew...just assumed they were thrown out. He asked if they considered this a problem. And, he was told 'No'. At the time, stealing the ATM was all the rage and his concerns were discounted...until one day when money just started disappearing from ATMs. Seems, somebody else found or had one of those disks and realized what they had.

Pretty scary these kids could find a manual online and that the command sequence to place it into admin mode could be done from the user console vs a separate terminal. One has to wonder if they could have dispensed cash like a Pez dispensor like was possible with the old demo disks.

Comment: Uh..Relativity didn't disprove Newtown (Score 1) 120

by Ronin Developer (#47127451) Attached to: Happy 95th Anniversary, Relativity

Newton's Law of Gravity showed that the force of attraction was proportional to the masses of the objects and inversely proportional to the distance squared: Fg=kM1M2/r^2

Einstein demonstrated in his experiment, through gravitational lensing effect, that mass bends space-time and his famous equation showed mass and energy to be equivalent. This effect, not normally observable in our daily lives, shows that Newton's law is still correct. It's at relativistic speeds and at the quantum level that other terms introduced by Einstein's equations become relevant.

Under normal conditions, we can not see the effect that Einstein predicted.

We did similar calculations using Quantum mechanics to derive other classical laws. It was, fascinating, to see how they hold up.

Comment: Contrary to popular belief... (Score 1) 626

by Ronin Developer (#47054275) Attached to: Driverless Cars Could Cripple Law Enforcement Budgets

Well, in PA anyway, very little money goes to the police department with the tickets they issue. Funding for the police comes, primarily, from other sources - ie taxes.

Citations fall into many different categories that range from local ordinance violations to federal statute violations. When a citation is issued, there is the "Fine" and other "charges". The department does not get a whole lot of money from the fine as that money goes into collective pool at various levels of govt. This money is distributed to departments across each state of the union based on need. In other words, it supplements tax level funding of each department.

The charges, however, cover filing fees, ambulance fees, etc. A town can make more money enforcing local ordinances as they can control the fine and charges.

When I worked on a citation processing module in PA, the citations were reported to an organization called AOPC (association of police chiefs). They tracked each citation issued for reporting and accounting purposes. The process is supposed to be bi-directional with the disposition of each citation sent back to the departments records management system. No money changes hands here.

The actual citation and any monies collected locally are sent to the state...well, assuming they are not corrupt...for processing. This is one reason why Podunk little towns have so many ordinances as they can collect more on each citation. They have little control over state and federal citations, however.

I won't dispute that officers may be instructed to be on the lookout for certain types of violations -however, legally, "quotas" are not permitted. They are used to raise awareness - such as getting the message like to slow down, don't pass a school bus with flashing red lights, or to stop for people in crosswalks.

Other states might operate slightly differently in how citations are issued. The fact that the automated vehicles will reduce a small revenue stream may remain. But, I think any opportunity for an officer NOT to approach a car with a potentially dangerous occupant is something most officers would embrace. Their departments will still be funded by need and to combat the types of crimes prevalent in their community from taxes.

Finally, it is usually to your benefit to go to court - most officers would rather write you up on a lesser charge than screw you on insurance points.. They would rather you learn from your mistake (unless you put someone in immediate danger). So, be polite if pulled over and take it to court if you can afford the time. They know going to court is an inconvenience to you. Them? No so much. So, you get the message.

Comment: Why not use a BaaS provider? (Score 1) 281

A lot of details missing on what the end-user environment is.
I am assuming they have internet access? Dial-up or faster?

If so, why not consider building a BaaS (Kinvey, Parse, Azure, Amazon) with a simple webapp served up using WAMP or equivalent? I can't imagine this app will run over the limits of the free account providers such as Kinvey and Parse offer. And, you could probably talk to the provider see if they have discounts or willing to donate services.

Wrap everything up in a nice Windows installer. Keep it simple.

Comment: No, it is not too early. (Score 1) 309

When you graduate and apply for your first post college job, they will look at your GPA and school if you don't have any relevant experience listed. I attended a college that had a co-op program. On the job, my employers taught me that college is about learning how to think critically and learn. Yes, they will expect your college program to teach you relevant skills. But, that is not the main objective.

But, an employer is going to be more interested in what you have done during your college career to better prepare yourself. Your interests and work experience will differentiate you from the pack of other recent grads.

Seeking a job as in your field, even if it seems mundane will help you obtain some domain experience. Would I hire you to design my backend systems? No likely. But, show that you are acquiring the skills and have the desire, and you would get a chance on a small project or team.

If you can't find work, freelance. Just make sure your grades don't suffer if you want a CS relevant position when you graduate.If you don't finish, for whatever reason, you will have a backup plan - you will, likely, find yourself lower on the food chain. But, you will be working.

As for PHP and MySQL being obsolete - total BS - do a search on Dice, look at the language rankings, and other tech publications to know the tends. We are a PHP/Drupal shop. And, we have a ton of work with high retention. It's harder to get systems built on it into an enterprise - they want MS or Java skills. But, when providing other services, they are more accepting. I would encourage you to learn other skills, but you have time for that.

Enjoy college and all it can offer. Work /freelance if you can balance it. And, stay current. good luck

Comment: Re:1983 was not the "punched card era" (Score 1) 230

by Ronin Developer (#46881877) Attached to: One-a-Day-Compiles: Good Enough For Government Work In 1983

Punch cards were still being used as late as 1984...probably not much longer.

I grew up in the era of punch-cards (1970's). My mother was a key-punch operator and was responsible for translating the handwritten code from the programmers as well as customer data into punched card format. It was also how and when I learned to program - I was in 4th grade and had an interest in computers. A programmer (and, department head) took interest in helping me learn. He would spend a little time with me each week to teach me assembly programming on the IBM 360. Then, he would would give me an assignment where I would work on writing a program which he would have punched and run. We used interpreters or IDEs and I translated into assembly by hand. I had to "run" each program on paper first, following the flowchart, setting and updating variables and writing output. Making mistakes was costly in terms of time. Once he was satisfied, it would be punched and run. Yes, the results came back a day or two later (when, they weren't running other jobs). If there were errors, he would point out the error in the output and send me back to correct the code.

What I took away from this was learning how to determine requirements, design and code. I learned how to think things through before laying down a line of code. I learned how to code correctly and accurately to avoid errors.

1977 - I learned to program on an Altair flipping toggle switches. I was going to build one for myself. Then, the first TRS-80's came out.

1980, while in high school, we had an HP that took both cards and tape. Most kids taking the computer course had to write their programs on cards in BASIC as there was only one terminal. We got TRS-80 and Commodore Pets later that year. The HP was seldom used after they arrived.

1982, I owned my very own IBM PC as was programming in Basic, Assembler, Forth, C and Turbo Pascal. Two 5 1/4 inch floppy drives and 64 MB of RAM with an 8087 math co-processor, an amber monitor and 300 baud modem.

In 1984, at Drexel University, we still used cards on a Prime for coding in Fortran until they were able to get enough terminals - never had to use cards again. Then, the entire freshman class received the first Macs. It changed everything.

Today's generation has the luxury of very fast PCs, lots of memory and storage, modern languages and compilers and interpreters we stone-age caveman developers could only dream of when we started.

Comment: Re:Well... (Score 1) 386

by Ronin Developer (#46834257) Attached to: iPad Fever Is Officially Cooling

I still use my original iPad with 3G and 64 GB. But, it is stuck on iOS 5.1. And, far too many websites cause the browser to crash. Nothing more irritating than being in the middle of reading something online (such as /.), hit a video link or some javaScript heavy site and watching it just crash.

And, far too many times, trying to reopen the page causes the same problem all over again. Looking at the diagnostic logs, it's easy to see the problem is running out of memory (it only had 256M of RAM). Newer devices (iPad and iPhone's) have substantially much more RAM. My iPhone 5 doesn't run into this problem.

App updates are becoming a scarce commodity as well with many updates for iOS 7 being pushed to my iOS 5 device. The developers aren't checking for compatibility and and it kills the older versions.

So, it has been relegated to being an email and book reader and GPS. And, I will use the newer device provided for work for development.

I will splurge for a new, personal, iPad Air (or whatever is out when I buy) at some point...still recovering from tax(ic)shock (I owed this year..big time...thanks to severance pushing me into a new tax bracket I hadn't planned on being in). Yes, I like Apple products. But, I am not one to rush out and buy it simply because it's Apple. I bought mine because there was/is money to be made developing iOS apps. Eventually, I will head back over to Android (I HAD an HTC Incredible with Android sucked!) when the markets supports me being able to make money there also.

Comment: Conflict of Interest vs Right to Work (Score 1) 170

No, I am not a big proponent of this action as it "smells" funny. That being said...

Did anybody else notice she held the position from 2009-2011 in a two year appointment? She didn't jump right from the FCC to the CTIA.

She hasn't been working for the FCC as a regulator in three years. My guess is her contract or appointment included a clause restricting her from working for the CTIA or other groups she regulated for at least 1-2 years.

Naturally, the CTIA wants her as they hope she has the connections to make things move more smoothly in their direction. But, has she done anything unethical or otherwise illegal?

Comment: Re:Real problem was law letting the networks charg (Score 4, Informative) 342

by Ronin Developer (#46825775) Attached to: Aereo To SCOTUS: Shut Us Down and You Shut Down Cloud Storage

First, the primary networks are required, by law, to provide OTA service. They were also required to transmit in digital vs the older, analog signal. Supposedly, the digital signals can transmit further and can support error correction (to eliminate ghost images).

As another poster noted, IF you are in range of to receive the OTA broadcast, the HD picture is of higher quality that what you would get via cable. Why? Cable network providers must compress the signal resulting in signal degradation. OTA can send the full, uncompressed digital signal. One of these days, I will have to see if I can receive the signal where I live...probably not.

Comment: Competency and Mind Clouding (Score 1) 582

by Ronin Developer (#46767729) Attached to: How Does Heartbleed Alter the 'Open Source Is Safer' Discussion?

The issues, whether it be closed / proprietary or open source is two fold:

1) Competency of the person writing the code or making the design changes.

2) Competency of the person who is reviewing the work to understand potential issues surrounding the design and, as applicable, the implemented code.

A developer SHOULD never be a final reviewer of their own work. They can double check their work, clean it up, verify it meets coding standards.. But, ultimately, it comes down down to the one or more competent reviewers to study the work.

When one writes a paper or a long-winded post and try to review our work immediately after it is written, the brain will, by nature, fill in the gaps. If you have to critically review your own work, walk away for a day or two and then come back and tackle the assignment. You will be amazed at the errors you missed before.

FOSS is not any more safer than proprietary code if nobody who understands has the capability to understand the code and issues actually looks at it critically. A few years ago, the OpenSSL team achieved FIPS 140-2 compliance which was a major undertaking and achievement. I haven't yet checked, but did the version affected by Heartbleed pass FIPS 140-2 certification as a cryptographic token? Or, did they never resubmit the code for recertification? I would suspect it was never resubmitted as the cost for certification is too high. Had it been done, this MIGHT have been exposed long before now.

What WAS done correct was the rapid response once the problem was identified. This is something that corporations may drag their heels on as there a legal and financial repercussions when a vulnerability is found - even worse with an live exploit in the wild. They have to perform a risk analysis (on all levels) and determine if a fix is to happen at all. At the same time, corporations that rely on any system without a service level agreement that covers such issues take a major risk. This is where reliance on FOSS can bite you and why many corporations still maintain critical systems on proprietary operating systems and commercial software.

Comment: Financial Institution Vulnerabilities? (Score 2) 56

Earlier this morning, I read on another post that someone was saying how Heartbleed compromised many bank's systems. This was contrary to what was posted on sites such as CNET that provided a list of providers and websites that claim they were not vulnerable. It sounded incredulous. Frankly, still does.

I can see financial institutions using an open solution for their public facing websites. But, how many actually "run" an operating system that is based on Open Source for their financial transactions? Exactly. Most, I suspect, are likely running another fully patched, proprietary OS and few, if any, would be permitted to run on public or open software. Still, those customer facing systems could be compromised and there might be a way to capture a customer's banking credentials.

The good news is, if your bank is FDIC insured, your money is safe - up to the limit of the Insurance ($250K???) Still, it's a major inconvenience. And, while there is genuine concern here, there is too much FUD being spread.

What is really needed right now is a secure, public, searchable list of sites that are vulnerable, not vulnerable and unknown. And, institutions what have your contact information or sensitive information (ie. credit card info) should be contacting all customers to inform them if their data or accounts might have been compromised, what actions are being taken, and what actions the customer must take (such as when it's safe to actually change one's password, force a password reset, go to 2 factor authentication, etc).

Lastly, I can understand why a mobile device might not check a certificate revocation list. But, there is no excuse for a desktop server to not check the SSL cert's validity. And, if the user still wants to go to the site, the warning should remain on the screen a highly visible form (like putting a BIG red border about the frame with text reading (THIS SITE MAY HAVE BEEN COMPROMISED) .

Comment: Re:Marking Differences that Last (Score 1) 312

by Ronin Developer (#46684307) Attached to: Why No Executive Order To Stop NSA Metadata Collection?

Sadly, your comment falls on deaf ears even if you are right (which, you made some very valid points).

You have found your post modded down to 0 so it won't be heard because it doesn't agree with the collectively hive thinking. I will, likely, be modded down to troll for agreeing with you.

Welcome to the new /.

They are relatively good but absolutely terrible. -- Alan Kay, commenting on Apollos