Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Yay for the march of technology... (Score 2) 316 316

For those of us who went through our teenage years before the internet, the records were mostly out of reach - parents pulling out embarrassing baby/child photos to show a girlfriend/boyfriend, childhood friends with unfortunately good memories recounting stories about embarrassing behaviour, tattoos that we regretted but could generally cover up, and for the more adventurous of us the juvenile criminal records that resulted from pranks or misbehaviour are the kinds of things we deal with.
The current generation are going through all of that while also having an almost uncontrollable urge to post every iota of their lives online. Somebody with the ability to step back and think "will I regret this tomorrow/next week/next year/at a job interview" would probably not do a lot of the things that end up being posted, but today's teenagers are no better at consequence analysis than we were when we were that age. The difference is that today the records are more permanent and more visible.

Personally, I do not believe that people should be able to airbrush their past to this degree, even though as adults we all do it up to a point - after all, rewriting a resumé so it is still basically true but puts you in a better light is a common tactic before applying for jobs, and keeping some of your more embarrassing secrets is natural - we all want people to see the good parts, and we want to hide the bad parts. That will be harder for teenagers in the digital world. But rather than allowing children to erase the past and thus escape the consequences of their actions, I would prefer to educate them about those consequences and how long they can go on for. It means they have to grow up a bit more quickly in some ways, but better that than to teach them that you can do bad or embarrassing shit and then rewrite history after the fact.

Comment 1950's code (but also a pencil, paper and wheels) (Score 1) 617 617

Some code written in RPG on an AS/400 that was hosting a MAAPICS environment. Some of the code updates were dated to the early 1960's, and there were indications that some of the original code dated back to the 1950's.
But yes, technically the oldest technology I have used is either a pencil and paper or the wheels on an old cart - those specific instances of the wheels were not that old, but as instances of the "wheel" object within the OO design schema, the wheel object itself is pretty old.

Comment BOFH says "none" (Score 1) 267 267

My perspective is from working as a contractor to banks and other companies in the banking sector in the UK and Europe, and occasionally to companies working in Defence contracting, where there is no issue with foreign nationals providing such services. The ultimate goal is, where possible, to prevent data breaches. However, when budgets are limited and business requirements mandate access to external services, IT security becomes about (0.9) Establishing ownership of the IT security policy and firewall management; (1) making it as hard as possible for the breach to occur; (2) minimizing the data that can be lost during a breach; (3) establishing clear auditing procedures to help recognize and quantify the nature of the breach and the data exposed; and (4) establish reporting and information sharing policies to advise internal and external stake-holders of the breach.
There should probably be a (1.1) in there as well, which is to identify the most likely sources of a breach and manage the risks in each case, although as an IT security issue the biggest single source of hacks, electronic break-ins, lost data, and any kind of shenanigans that lead to your company's data being splurged all over the internet, is the stupid fuck-wit sitting at the desk (you and I included, but especially the users outside the IT department). Everyone from the company chairman down to the lowest employee is a softer target than the firewall itself.

If there is a breach (and chances are that there will be one if there has not been one already, so the statement should probably be "if/when you DISCOVER the breach"), the IT team are the ones who will get it in the neck for allowing the breach, even if users are given the ability to control their own firewall settings.
If users need access to a website or service that is not currently allowed, they should submit a business case/request to their line manager who then approves it. IT then co-approve and make the relevant changes (and if IT say "no", they need to have a damn good reason). There is a paper trail, and all open ports and firewall rules are there because of business decisions. IT will still get it in the neck, but there will be an audit trail.

Allowing users to open their own ports (whether it is temporary or permanent is totally irrelevant) means that those clients cannot be trusted by the server farms/network resources on the network, so they should be moved into a DMZ with a firewall between them and the rest of the network.

Comment Re:TNSTAAFL (Score 2) 272 272

Not quite - the cost of building out infrastructure is a huge barrier to entry, but it is not insurmountable for an individual, organisation or corporation with deep enough pockets - see Google's Fiber initiative as an example. Other obstacles exist too (lack of expertise, reputation, existing customer base to determine asset value, and so on), but as with the cost of infrastructure these can be overcome with sufficient up-front investment.
The single biggest thing preventing the launch of a new wholesale carrier to challenge the existing regional monopolies is the fact that many urban areas have either legislative or contractual tie-ins that lock them into an exclusive contract with the existing incumbent, which will result in either the new provider being denied access to poles/underground tunnels or being denied the requisite planning permission to build their own, or they will be allowed to build the infrastructure but not connect the last mile to potential consumers.

Comment Get Management to make a decision... (Score 2) 203 203

If the role is really THAT specialized, then presumably they have agreed some kind of agreement where the new hire can call you during their first 6 months(?) of ramp up time, when they have questions (and that should be something they compensate you for in an appropriate and mutually agreed manner). Aside from that, securing the knowledge base is vital, so your manager (and the manager/owner of the system you are supporting, if that is not your manager) need to request/authorize the retention of your email account beyond the 90 day period. Typically that would involve getting IT to transfer ownership of the mailbox over to the manager/owner, and when the new hire starts granting access to them.
As long as they advise you in writing that, as of your last day on the job, you forfeit ownership, control, access and rights to all content of your mailbox and get your signature to agree to that, most HR departments and HR legal specialists will be ok with that afaik.
Once the knowledge base is out of your hands, it ceases to be your problem though, so management need to own the process of securing and preserving the knowledge, something they seem to have done a piss poor job of to date.

Comment Not sure inter-city mass-transit works in the US (Score 1, Informative) 515 515

In Europe and Asia, the average population density in cities is typically much higher than the US, where the cities typically have as large a population, but are more spread out. (Fun fact, the only US city that ranks in the top 50 for population density world-wide is.... Union City, New Jersey!)
As such, in the US, car ownership is almost a necessity unless you live in a city like New York with a large area mass transit system. Living in, for example, London or Tokyo, you have to be either borderline suicidal or a regular commuter to areas outside the city, for car ownership to be viable, given the high cost of ownership and maintenance of a car, parking, fuel, and so on. Or you have to be a creature of habit. Seriously, the idea of driving across London at a slower pace than you could walk the same distance actually appeals to some people!
In that kind of environment, the most economical option is often to take the train to your chosen destination (it is quicker, less stressful, and you can kick back with a beer, and avoid the airport security theater and molestation by a TSA agent *cough*pervert*cough*). If you really need to drive, hiring a car at your destination is again usually cheaper than taking your own vehicle all the way.

Comment Re:overturn murder conviction? (Score 3, Insightful) 141 141

Overturn murder conviction?
Murderers belong to a electric chair. Keeping those morons around is total waste of taxpayers money.
Before you start your hippy bull shit about "what if he is innocent..." find out, how much it cost to keep one of those scumbags in prison for a year.
I bet most of you wish you could spend that much on yourself for the rest of your life :)

Gas/chair/needle all the violent repeat criminals and be done with those morons.

Hmm let's see... assuming the Seattle Times is not just pushing this because they or the report authors are anti-death penalty...
Seeking death penalty adds $1M to prosecution cost, study says

Or according to the Nevada Legislature, "The Legislative Auditor estimated the cost of a murder trial in which the death penalty was sought cost $1.03 to $1.3 million, whereas cases without the death penalty cost $775,000."
(All the study links I can find for that one are either pdf or paywalled)

Kansas: "Defending a death penalty case costs about four times as much as defending a case where the death penalty is not sought, according to a new study by the Kansas Judicial Council. Examining 34 potential death-penalty cases from 2004-2011, the study found that defense costs for death penalty trials averaged $395,762 per case, compared to $98,963 per case when the death penalty was not sought. "

Idaho: "A new, but limited, study of the costs of the death penalty in Idaho found that capital cases are more costly and take much more time to resolve than non-capital cases. One measure of death-penalty costs was reflected in the time spent by attorneys handling appeals. The State Appellate Public Defenders office spent about 44 times more time on a typical death penalty appeal than on a life sentence appeal (almost 8,000 hours per capital defendant compared to about 180 hours per non-death penalty defendant). Capital cases with trials took 20.5 months to reach a conclusion while non-capital cases with trials took 13.5 months."

California: Assessment of Costs by Judge Arthur Alarcon and Prof. Paula Mitchell (2011, updated 2012)
"The authors concluded that the cost of the death penalty in California has totaled over $4 billion since 1978:
$1.94 billion--Pre-Trial and Trial Costs
$925 million--Automatic Appeals and State Habeas Corpus Petitions
$775 million--Federal Habeas Corpus Appeals
$1 billion--Costs of Incarceration
The authors calculated that, if the Governor commuted the sentences of those remaining on death row to life without parole, it would result in an immediate savings of $170 million per year, with a savings of $5 billion over the next 20 years."

Texas: "Each death penalty case in Texas costs taxpayers about $2.3 million. That is about three times the cost of imprisoning someone in a single cell at the highest security level for 40 years. ("Executions Cost Texas Millions," Dallas Morning News, March 8, 1992)." Granted, the Texas study is probably too old for immediate relevance. ...and so on...

Going purely from memory for this next little item, so I cannot provide any citation for it, I seem to recall that the cost of keeping a prisoner on Death Row is about $90,000 to $100,000 higher than keeping a prisoner in the general population.
Sounds to me like the Death Penalty is a ridiculously expensive option, considering that it is primarily there as a deterrent. Given the crime rates in the US, I would have to question whether the deterrent is working. So if it is not working, and it costs a butt-ton of money, why bother with it?

Comment A job where facetime and proximity $$$ (Score 1) 420 420

Having just finished a contract in the investment banking arm of a Swedish bank, I can point to a range of frontline support and development roles which are going to be RELATIVELY outsource-proof. Telephony system support; desktop support; trading platform support; algorithm/decision support system development; basically anything that an investment banking trader is going to need in order to process a deal, although the specifics are going to vary by company.
Those traders are (a) paid a metric crap-ton of money, and (b) stressed by anything and everything from reflections on the screen to their coffee being too hot.
Having to pick up a phone and shout at someone in another country is not going to work - even someone in the SAME BUILDING, but on a different floor does not do it. They want someone in the same room (same room is not a small office, this is typically a trading pit with 250-300 people in it, so pretty big) who they can grab (sometimes literally), point at the problem and yell "fix it", before running off to chug down a couple of valium. If they do not get what they want, they bitch at their managers about how the company is not giving them the tools to do their job (make tons of money for the bank).
The typical overhead for one of those traders by the time their Bloomberg and Reuters real-time data licences plus software licences and broker fees is included, is well over $10,000 per month, and that is without accounting for their salaries, bonuses, IT hardware or software licences that are calculated at a corporate level - operating systems, Office package, databases etc. Overall, the "normal" monthly investment that the bank makes in that trader is over $100,000, so for the business, even when it is run by bean-counters or Harvard MBAs, whatever that person needs to increase their productivity, they get. So if the users say that they NEED an IT guy on the spot who can be at the desk within 20 seconds to look at and start working on the problem, that is what they get. If that IT guy is going to cost $80,000 - $100,000 per year instead of $15,000 per year for some guy called "Dave" with an Indian accent working out of Bangalore, tough shit, $65,000 is pin money.
Remote access from outside the bank is almost always flat out refused for security reasons, so while off-site support can work, third-party support has to be on-site and in person.

The only exception to the "local first" rule that I have seen, is the Bloomberg helpdesk. Those guys work remotely, and can be reached either by telephone (usually a call center somewhere in the same geographical region as the user) or by pressing F1 twice on your keyboard, which brings up a Messenger-style chat window. You type your question and it gets routed to a team that hopefully knows something about the specifics. Almost invariably though, when a trader gets a Bloomberg problem, it is batted off to the in-room IT guy who goes through the problem with the Bloomberg tech while the trader goes to pop another valium and get a massage to de-stress.

Basically, if you are someone who can turn Excel inside out, write high quality C++ code while being constantly interrupted, and solve whatever random crap problems come up while maintaining a calm demeanour and keeping the world's most stressed people from flying into hypertensive shock, then you have a job for life.
A typical day? Printer is out of paper; another printer is jammed, and has a full waste toner bottle; internet connection for user X is down; User Y has just sent a naked picture of client A's wife to client B by mistake; Murex overnight jobs have failed so the D3 trading platform has the wrong start prices and wrong date, so someone needs that escalating to the Murex support team to get it fixed; User Z has just got in and spilled coffee in his Bloomberg keyboard so the biometric login does not work; vendor A upgraded their app without telling anyone last night, so now all the users of that system cannot login; the row of desks 24-48 are completely dead, Christ knows why, although the building maintenance guys were checking the air-con for the computer cabinets last night; oh, and it is 07:45 and the various trading markets will be opening in between 15 and 45 minutes.

90% of the tasks you get in those roles are things that the average Walmart-level technician could handle in their sleep; 0.1% will require 5 years' experience and the ability to code Powershell scripts on the fly or edit and compile Linux modules; most of the rest are probably normal support calls, but with a much shorter reaction time needed. Oh, and every once in a while you get to put a baffled look on your face and ask one of the women working there "Just what were you trying to accomplish, sticking your underwear in there???"

Comment Take your contract to a specialist lawyer (Score 1) 353 353

By "contract", I mean your existing employment contract, and by "specialist", I mean ideally a contract lawyer specializing in labour law.
In every development job I have had, except the last one, the company already had a standard "stuff done on company time and/or using company hardware is owned by the company" clause in the contract, written in such a way that it was enforceable, although depending on your specific local laws, mileage and wording may vary.
Once a good lawyer has seen the contract and told you what, in his/her opinion you are allowed to do, float it by your management. If you can come to an agreement, get them to provide you with a written statement from the corporate lawyers on company letterhead in the form of a contract attachment specifying what the commercial rights to whatever you develop will be. Then get your own lawyer to review that, and everyone signs each page of each copy of the attachment.
In practical terms, you will be lucky if you get anything more than "what you do on your own purchased hardware, in your own time, is yours. Company hardware OR company time, the IP and commercial rights belong to the company.", but whatever you do get, if both sets of lawyers have agreed and signed off on the wording, then you should be safe as long as the rest of your employment contract does not change as well - that is why it needs to be done as a contract attachment, rather than a change to the main body of the contract.

Comment ID theft != victim-less crime, but profitable (Score 2) 190 190

The merchant and the card provider have to pay somebody to do the admin work, insurance companies have actuaries and risk analysis people adjusting premium rates for it, and a lot of people are employed virtually full-time processing the results of ID theft - the last company I worked at (a bank) had a team of 20 people at head office, whose sole role within the organisation was to handle ID theft issues and make sure that the message got out to the right departments and counterparties. They had nothing to do with the cancelling and reissuing of cards and so on - there is a completely separate team for that.
So ID theft is big business, not just for the thieves, but for the people cleaning up after the theft as well.
So the victim gets a few days of inconvenience every time? Ah, big deal...
However, it does depend on what is bought with the stolen CC details. Consider the scenario where that person's credit card details are used to purchase access to a kiddie porn site. Maybe nobody notices the details have been lost, until the police come busting down his door after raiding the ISP for the provider and finding his details. Before it is verified that the card details were stolen, he gets smeared across some tabloid rag as a child molester, and his personal and professional reputation is destroyed. Even once the "oh, oops, the CC details were stolen, looks like he might not be a kiddie rapist after all" message drops, not everyone will hear it, and his life becomes hell.
Or the guy who finds that his CC details were used to buy a kilo of weed. He is not going to be too popular with his manager at work, although the guys in IT support will definitely want to be friends until they realize he didn't actually buy.

Comment Blackphone ftw :P (Score 1) 484 484

I have an iPhone (5c) and a Samsung Galaxy (5s) for private use in different parts of the world, and both are pretty unstable. The phone I have that "just works" is my Blackphone.
The caveat there, though, is that the two private phones have a fair amount of crap installed on them, both by myself and the carrier. The Blackphone has just the basic corporate and productivity tools.YMMV though, as a couple of colleagues with Blackphones have had problems with them.

However, my overall view from fairly recent factory resets on both private phones is that my Blackphone in its current state is still a bit more stable than either the iPhone or Galaxy in anything other than default factory config.

Comment Re:Cancer vs common cold (Score 1) 52 52

Big Pharma actually has a very good reason to sell you a cure for cancer (as opposed to a chronic disease treatment): namely, that once cured, you go on living as a once again healthy human being. So you can once again be fully functional, earn money, and hopefully grow a lot older than you would have with chronic cancer.

Once cured of your cancer though, you are no longer a revenue stream for the company. Unless you count the potential for revenue from other illnesses you might contract, but for the typical bean counter a potential revenue stream like that, which would probably be shared with other Big Pharma companies, so do little or nothing for "this" company's bottom line.
As for the whole bean counter argument, that is exactly who runs pretty much all of the Big Pharma companies - accountants and MBAs whose only concern is how to maximize profits. Admittedly I have no citation for that, other than a trawl through the Bloomberg and Reuters data on Pharmaceutical companies to see who are on the Boards of Directors and what their qualifications are. But a brief review of the Boards for Johnson & Johnson, Pfizer, Roche, GlaxoSmithkline, Novartis, Sanofi, AstraZeneca, Abbot, Merck, and Beyer, all show basically the same make-up - lots of "business" people, and a vanishingly small technical/medical representation.

Comment 1 man's terrorist is another man's freedom fighter (Score 1) 230 230

I am fairly sure that the UK (and US, for that matter) government do not consider most of the non-IS rebels in Syria to be terrorists but as Freedom Fighters, although Bashar al-Assad (Syrian President) definitely does label them as terrorists.

As this is basically a different point of view, it is totally assinine of Mark Rowley and shows a complete lack of awareness about what technology is capable of.
Granted, Youtube, Twitter, et. al., can block or delete content and accounts that display objectionable material, but the major problems there are who decides what content is objectionable (these companies do not want to get into the censorship game - unless it is profitable, which it would not be), and the sheer volume of content being produced makes active management impossible.

The irony for me is that the US government (via DARPA) developed technology such as TOR, to help activists and freedom fighters stay anonymous on the internet, and now the people in power are surprised that such tools are not only used by people who believe in the same underying values.

Similarly, Facebook, Twitter and Youtube are great for building communities around lolcat pictures, but how dare anyone who does not share my philosophy and world view use these tools!?!?

Comment Round 1 to the consumer, in Germany... (Score 1) 286 286

This is a plus for the consumer, definitely.
Personally, I install some kind of ad blocking software on every computer I build for friends and family. This is mainly because, while I might trust a particular web site I most certainly do not extend that trust to whatever 3rd party ad host is used, and there have been enough instances of ad servers hosting malware for me to block the whole lot on principle.
However, the next step from the advertisement-laden internet sites is going to be to refuse access to any browsers running ad blockers, so the ad blockers' most salient feature is going to be their ability to run in a stealth mode that gets around such restrictions.

Comment Re:Cancer vs common cold (Score 0) 52 52

I bet we find a cure for all kinds of cancers before we find a cure for the common cold.

I would be willing to bet that the big pharma companies will never actually produce a cure for cancer. Treatments, for sure, but not a cure.
The reason being economics - let's say that a person with cancer was willing to hand over every last dollar they own for a cancer cure. Big Pharma would make a reasonably large sum of money off that person, but it is a one-off sale. So to get more money, they need to get it from another poor sod with cancer. Now consider that there is not a cure, but a "treatment" for cancer that must be taken every day for the rest of your life. Big Pharma cannot make anywhere near as much per tablet for that, but it is an on-going source of income over the course of 5, 10, 20 years, and will almost certainly result in more money for the company.

Economists state their GNP growth projections to the nearest tenth of a percentage point to prove they have a sense of humor. -- Edgar R. Fiedler