Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:sad (Score 1) 327

Yes, but those other crappy jobs don't typically involve gambling a billion dollars (usually of someone else's money, who will then be owed a favor upon your success) to get the job. They also tend not to involve decisions where the options are "a thousand soldiers die" and "a hundred civilians die".

Anyone who WANTS to gamble a billion dollars to make those kinds of decisions is highly suspect at best.

Comment Re:sad (Score 2) 327

I know we have really thoughtful and intelligent people in this country, but for whatever reason, they don't seem to be able (or want) to compete with the horribly inept batch of clowns that we inevitably get.

What smart person wants to be blamed for every bad decision that other people make, every bad outcome no matter how much planning went into something, arguing with the "Pepsi" people who just don't want to agree with something from "Team Coke", owe this one a favor for lending support of a bill of theirs that inevitably means putting your name on something you don't actually support, make decisions that will affect thousands of lives in ways that couldn't possibly be foreseen (in some cases literally condemning some to die), and spend a billion dollars to do it?

Being the president is a crappy job, and every smart person realizes that.

Comment Re:Governments: Make LibreOffice the standard! (Score 2, Interesting) 147

I'd love to see this happen. Really, I would. However, let's take a walk down Pragmatism Road for a moment...

Government decides, "screw MS Office 2016, LibreOffice from here on out." They begin the rollout. And the user training. They train all the users who have /just/ gotten used to the Ribbon that "lol jk no more ribbon". This is the high point of the transition.

LibreOffice has no meaningful replacement for Outlook. Thunderbird doesn't do ActiveSync natively, and it's missing a number of advanced features. To hand-wave this into the "done" pile, we'll just assume that they get a sweet deal on a volume license for eM Client, somehow managing to convert all of the Offline Archived PST files into a useful format along the way, assuming no Outlook Add-Ins are in play (not the least of which are the virus scanning modules), and assuming that they'll hand-wave away the simplicity of "start outlook -> click 'next' twice -> click 'finish'" setup that Outlook provides and eM doesn't, in the case of internal Exchange.

Now, we need to deal with the SharePoint integration. The government uses SharePoint. A lot. The implementations span the gamut from "by some miracle, working as intended" to "being the running gag of the office for being mostly-broken, all of the time". Office integrates well with SharePoint, LibreOffice does not. In theory, they could just download-edit-upload, but now we lose any ability to do multi-user mode editing of files. And thus, they move all of their SharePoint installations to Alfresco, migrating all of the existing data, SQL data from SQL Server to MariaDB, and somehow, making all of THAT work, hoping that none of the other internal systems that rely on SharePoint information to function will notice the difference...

Now, let's head back to the desktop. Excel add-ins and macros don't work. Report generation software gets messy, documents that reference other documents give questionable numbers because LO can read some sheets but not others, with no add-ins to verify that the numbers match what they should. Access databases don't open, and yes, there are plenty. Powerpoint slides lose most of their transitions and WordArt (hey, silver lining to everything...), and you'll be hard pressed to find me a single secretary that can make a flyer in Scribus that was otherwise capable of making something remotely useful in Publisher.

Move to LibreOffice? I'd love it. It makes a lot of sense for a lot of reasons. In practice, and given the amount of inertia which it will be fighting, I see the transitional process being so incredibly painful and problematic that, the following year, Microsoft will start getting blank checks from Uncle Sam.

Comment Re:Minority report. (Score 4, Interesting) 244

Interestingly, the TV series more directly addresses this idea than the movie. In the movie, the Precogs saw visions of the future, and the police acted upon those specific visions.

In the TV series, which takes place ten years after the Precrime division was disbanded, the politician presently running for office is lobbying to implement a system similar to the one described in the summary - using data mining and analysis to predict crime using raw data. The difference between then and now, however, is the amount of data being pervasively collected.

Comment It's complicated (Score 1) 165

There are a number of recurring themes I see here, and I see examples that muddy the waters further.

"Installs without user consent"
Counterargument: I install a game from Steam. A copy of the required version of MS VC++ Runtime is installed with a /v/qn switch, so I never see any form of "consent", but I've consented to install a game that requires this runtime version in order to function. Malware?

"Sends data to a third party without user consent"
What *exactly* lives in the usage data that Microsoft gets? It's unclear, but I'd like to think that if Microsoft realized that 90% of its users clicked 'start' at least five times a day, the people in the planning meetings for Windows 8 would have had a hell of a lot more leverage. If Microsoft got data that read, "user 1363959 clicked 'start' a total of 418 times in the last 30 days", I'm fine with that. If Microsoft gets data that says "Voyager529 clicked 'start' 418 times, and then typed the following 15 sentences...", I'd be less okay with that. Is the issue here the fact that, even if I look at the data dumps, they're not terribly user readable the ultimate problem? Would something like the Steam Hardware Survey be viable for Microsoft? Is "allow telemetry [accept/decline]" enough either way?

"Is bundled with other software"
Ghostscript is bundled with PDFCreator, and it's wonderful. AVG Secure Search is questionable - it ultimately shows Google search results, along with different sets of ads, but it at least gives a 'safe/unsafe' indicator which is probably a good idea for many people. Many Slashdotters have Chrome installed, is Chrome 'not malware' when installed from Google.com/chrome, but malware when installed with CCleaner? Comodo Dragon has a few extensions bundled in to assist in safe browsing. Malware? The aforementioned VC++ Runtime - malware? Bundling alone is not enough.

Conversely, "not-bundled" isn't a dead giveaway, either. Cyberlink's installers of paid-for software, by default, changes your default autoplay settings and has a super-difficult-to-disable 'feature' of regular pop-up notifications letting you know that you don't have their latest, greatest, kitchen-sink edition...malware?

"Buggy code"
This goes hand-in-glove with the concept of "Microsoft deciding what is and what isn't". The Ask toolbar was flagged as a result of working as intended. Having buggy code is a matter of human error and is (hopefully) intended to be rectified.

Here's how I would judge whether a piece of software is malware or not:

1. Explain what your program is intended to do, and who gets copies of any data the software is privvied to, to a five year old. Are you uneasy with writing that description on the front page of your website?
2. Does the CEO of the company have this software installed on his/her computer? Did he/she do so by hitting 'next' repeatedly?
3. During the installation, were there any questions unrelated to the nature of the installation of the code you wrote? If so, was the nature of its requirements reasonably explained, and was any form of opt-out clearly labeled (i.e. not using quadruple-negatives to confuse users who would otherwise intend to opt-out)?
4. Does your software include an uninstaller that leaves the computer in a state that is indistinguishable from a computer that never had it installed in the first place?

Comment Re:My kingdom for a hacker. (Score 1) 70

Well, for starters, uploading it to their server means if you get new phone you don't lose all your old data.

Available? Fine. Default? Fine. The problem isn't that such a service is available, it's that an artificial limitation has been made that actively prevents the bought-and-paid-for hardware from performing its intended functions independent of that service. There's no technological reason I can't store my Fitbit data on a MicroSD card. There's no technological reason I can't have it save an encrypted blob to Dropbox or e-mail it to myself if I want. Fitbit making it easy and seamless for people who don't care? That makes perfect sense. Fitbit actively preventing any other use case? That's why the OP and myself haven't bought one.

And encrypting it for transmission just makes good sense when you're sending personal data. If they didn't, this story would be about how 'insecure' and 'hackable' fitbit is. Because, you see, with you people, you just can't win.

Congratulations, you're today's first-runner-up for the golden 'duh' award. Yes, encrypt the data...AND GIVE ME THE KEYS. Not that hard. No one is arguing that encryption shouldn't happen, for the very reasons you specify. The problem is a matter of the entity who is able to decrypt the data, and that it's not the end user.

Comment Re:My kingdom for a hacker. (Score 2) 70

I see no reason at all for a fitness tracker to outright require that data be uploaded to someone else's hard drive

Really? Is vendor lock in too obvious for you?

I was born in the morning, but not this morning. I'm poignantly aware that this is the reason; the better way to state my intended message was "I see no technologicalreason...". For some applications, there's a valid reason to require internet connectivity (WhatsApp, etc.). Fitbit is neither holding either massive amounts of data, nor doing complex data crunching, nor directly communicating with other users. Thus, from a practical standpoint, the requirement for data uploading is purely artificial, and not a technological requirement.

If they sold you a device where you had all of your own data, and they weren't in the loop (with an EULA which says it's their data) you'd buy it once and they'd have no ability to make money off it and keep you coming back.

Fitbit's subscription is for premium service, but the fitbit account itself is free. "making money off the data" makes sense for their own residual income, but if the data is locally hosted, there's no functional difference between that and a fitbit that's never used.

However, no one seems to be marketing to this particular niche

Because it doesn't make them money.

So all of these fancy internet connected things? They mostly exist to provide your data to corporations, so they can lock you in, monetize and sell your data, and ensure you need to keep going back to them.

Which means people need to realize they don't give a shit about what you want. You're just the meat puppet who buys the device to populate their data.

All this crap which wants to connect to the internet and give you an app? It's about someone making money off your data. Me, I refuse to buy this crap.

And today's golden 'duh' award goes to gstoddart! The post you responded to was explicitly stating that I haven't bought one - for myself or anyone else - for the same reasons.

Comment Re:My kingdom for a hacker. (Score 5, Interesting) 70

Same here! I've wanted a Fitbit-style fitness tracker as well, but one that didn't require an account or cloud synchronization. I see no reason at all for a fitness tracker to outright require that data be uploaded to someone else's hard drive; all of the functions and accounting it performs can be adequately handled on my phone directly. However, no one seems to be marketing to this particular niche. If you find one, or if the Fitbit can be modded to exist in some form of 'local only' mode, I'm definitely in.

Comment Perhaps "right idea, wrong implementation"? (Score 2) 371

Admittedly, I'm neither 1.) a programmer, nor 2.) well-versed in Chinese culture, so those factors may raise issues with my thinking in this regard.

Having said that, I'm wondering if the abstract concept has merit. Programming (and, in my case, IT/Sysadmin work) is generally thankless, generally involves odd hours, and can very easily become a high-stress situation. While hiring beautiful women to galavant around the office seems contrived and a bit degrading, I'd argue that perhaps what could be a positive thing is the concept of "having humans on staff to give the programming folk another human with whom to interact from time to time".
I remember reading around here somewhere that a number of programmers have some inanimate object to which they describe the situation that they're in, and that the process of explaining the problem frequently yields a solution. I've got friends to whom I do my best to explain technical things in less-technical terms, and who have a propensity toward asking for further explanation. I find this helpful, and it's entirely possible that such an environment at work could assist in the same manner. An approachable person could help distill technical things so that a situation could be more quickly and effectively explained to management/marketing. Someone who genuinely feels listened to is more effective as a worker. It is in this capacity that I think having a "Counselor Troi" on staff could be advantageous to both prouctivity and morale.

Hiring hotties to play ping-pong with programmers sounds like an HR nightmare waiting to happen. Even if we put aside the "socially unskilled" stereotype, allowing "person X" to speak in confidence to "paid listener Y" is going to, at some point, yield a situation where a misunderstanding is going to escalate quickly. The general solutions to this would heavily favor one side or the other - "programmer says something wrong, assume it's a misunderstanding" becomes "programmer intentionally says something unacceptable, cries 'misunderstanding' when they get to HR". Alternatively, "Cheerleader hears something she doesn't like, we want her to keep her job, so there's no such thing as a misunderstanding that will be hand-waved away" becomes "programmer says something genuinely intended to be innocent, is misunderstood, ends up getting reprimanded", leaving us with "your call may be recorded for quality purposes", thus making it an environment where everything is being recorded, removing the possibility of truly free expression of thought...And this is why we can't have nice things.

Thus, I stand by my logic - there is merit in the abstract concept, and although I don't know if "programmer cheerleaders" is the correct implementation, I do think that "treating programmers like people, rather than caffeine-to-code conversion organisms" is something positive for the industry.

Comment Re:Sounds like what we need (Score 1) 48

is a firewall for the firewall.

I just don't understand how people who design commodity networking gear can be so bad at network security.

Another response to your inquiry handles the cynical/pragmatic answer, but there's another half to it: Unfortunately, 'commodity networking gear' has to work for the same type of people who install 'flashlight' apps on their phones that require access to contacts and GPS. If you and I had our druthers, SOHO routers would ship with DD-WRT or PFSense out of the box...but unfortunately, these boxes get sold at Wal-Mart...to the kinds of people who buy routers at Wal-Mart.

I am by no means a network expert, but it seems as though some of these things are just common sense....

Pull 100 people off the sidewalk and ask them if any of these sentences mean anything to them. Odds are good that an unfortunate Saturday afternoon involving whiskey and a circular saw would leave you with enough fingers to count the number of people who could provide an explanation to these concepts. Thus the "common" in "common sense" doesn't really seem to apply.

- Don't have ports open to the Internet ("stealth" or otherwise) by default

Okay. And precisely how do you expect Skype to work? FaceTime? Windows Update? POP/IMAP e-mail? watch all that traffic shuffle over 80 and 443, thus making 'ports' useless...or the applications, in the short term. Saying 'screw FaceTime' is a guaranteed way to ensure that people blame the router, and replace it with something basically mirroring what the router does now.

- Don't use unencrypted protocols... period

That's beyond the scope of responsibilities for a router. With respect to the greater internet, kindly inform me why Windows/Android/iOS Updates need to be encrypted...or Netflix streams (DRM notwithstanding)...or a dozen other kinds of data that are high volume and don't have security requirements...there's no need to waste CPU cycles on them.

- Don't enable wireless by default

A wireless router that ships with wireless disabled...you must be delusional. Remember, there are a whole lot of laptops being sold now that don't have wired capabilities...and cell phones and tablets don't have them at all. People buy routers explicitly for this purpose, and disabling it by default is a guaranteed way to ensure that people return them saying "it doesn't work", the high rate of returns making the entire retail chain roll their eyes, the brand getting a bad reputation, and being suicide for the product. No. Netgear has this right - ship it with a unique WPA2 password, by default, written on the bottom of the router. That is how the wireless problem is, for all practical purposes, solved.

Seems like just doing those things our routers would be a lot safer than they are now.

Yes. Now put one of your routers in the hands of the general public, and see exactly how far 'security' gets them - Their iPads don't connect, Skype doesn't work on their desktop, and certificate authorities get to determine who lives and who dies on the internet.

For places where your line of reasoning is practical, there is SonicWALL, Cisco, Smoothwall, and Barracuda. For home users, there's Asus and Netgear.

Comment Re:Not unlimited, 7 GB (Score 4, Informative) 346

This is not about people innocently using a lot of data on an unlimited plan. This is a plan that offers unlimited phone data (and, so far, they really do mean unlimited) and 7 GB of high-speed tethered data. (After that, it's automatically throttled.) People in question are very aware of that 7 GB cap because they are installing special apps to circumvent its enforcement. The apps make tethered data look like phone data. That's not innocent and not OK.

Like most things in life, the situation is just a little more complicated than that. Personally, I know about the 7GB cap, and I've never hit it - I use tethering basically the way T-Mobile intended - a provisional internet connection when in a place where I need internet access on my laptop, because my phone doesn't cut it.

One thing worth noting about the difference between 'how laptops use internet' and 'how phones use internet' is that computers will open up TCP connections like they're going out of style, whereas mobile devices are generally optimized to avoid that. The switching gear on the carrier side assumes the latter, not the former. It may not necessarily tax spectrum, but it will tax the networking gear, especially if you're torrenting. "But they should have better infrastructure!" In a perfect world, sure. In the world we presently live in, I do think it's unreasonable to expect them to invest millions of dollars in their infrastructure to address a use case that 1.) affects a very small minority of their users, and 2.) involves violations of their ToS.

However, "installing special apps to circumvent enforcement" is based on a number of assumptions, that may not be correct. I root my phone - XPrivacy is a must for me, as is 'getting rid of Google and Samsung crap, and CarrierIQ'. Sometimes, I'll install a custom ROM. AOSP-based ROMs can't do Wi-Fi calling because of the kernel; it's a pretty good assumption that carrier-customized kernels are required in order to have the T-Mobile tethering meter running. Even the ones which are based on the carrier kernel tend to have things like CarrierIQ and Knox removed; many have the data cap evasion code built in. Furthermore, T-Mobile's default configuration is not very VPN friendly; one must reconfigure their APNs in order to get many forms of VPN functioning.

The question that concerns me is whether it is "well-above-average data usage while tethering" that will cause the wrath of Legere, or simply "the absence of data cap enforcement software". If it is truly the latter, then that is concerning. T-Mobile has traditionally been the most mod-friendly carrier. If they're going to change that tune, they will likely disincentivize remaining a customer to the XDA community...and if that comes to pass, it will be interesting to see how the numbers land.

Comment I compromise (Score 1) 519

Personally, I don't use ABP/uBlock. I actually make an effort to allow ads through. However, I have rules:

1.) Thou shalt not track me. Ghostery does a sad amount of blocking from its blacklists, and I have the ad-based one disabled...
2.) Thou shalt not obfuscate what I came to see. BehindTheOverlay is invaluable; it allows me to nix whatever overlays happen to be blocking my view of the content.
3.) Thou shalt not autoplay audio. FlashBlock nixes most ads that play sound, unwarranted.

I feel that I have very reasonable expectations from advertisers. They can advertise. They can use images if they want. I don't fault the website owners from having to make a buck, and advertising firms are, in the abstract, a middleman that makes sense. They cross a line, that's when I lose respect.

In the late 1990's, pop-up ads were the intrusive, annoying ads of their day. Pop-up blockers became so widely circulated, that all of the browsers have one built in. Are we here again?

Comment Re:Insurance is but one upended industry (Score 1) 231

Auto manufacturers

Someone still needs to make the autonomous cars. Even if they can't differentiate models based on acceleration and things, creature comforts and cargo space will ensure that tiered models remain.

Auto repair shops

These guys are probably the ones likely to be hurt the most. A handful will survive, since tires, brakes, and oil still need fixing; general wear will always be a thing. However, the numbers will certainly diminish, as accident-based work becomes less common.

Gas stations

...these cars run on wishing dust now? Unless you've got a self-driving Tesla, you'll still need gas.

Auto parts stores

See the section on mechanics above.

Taxis and Limos

You're not serious, are you? Cab companies may no longer pay cab DRIVERS, but they will most certainly still be necessary in areas where, ehm, they're necessary. Limos will likely be less affected than most - they sell a luxury service. One may possibly be able to make the case that limo DRIVERS are in more jeopardy, but I wouldn't be surprised if they survive as an industry as well.

Motor sports

Dear Lord. it's entirely possible to load precise cannons with basketballs that will land perfectly from half court, every time...but that's not why people watch basketball.

Motor vehicle related advertising

You're right - that will become "in-car advertising", but now we're just changing location.

There's probably a dozen more.

And those will be the interesting ones. One of the victims of cell phone ubiquity: alarm clock manufacturers. No one really saw that coming. Here's another: highway maintenance crews - the ones who pick the trash up off the highway. I anticipate less litter if "immediately ridding your hand of a wrapper without also needing to look for a place to put it" becomes commonplace. I wonder about sign manufacturers - who's going to pay for a whizbang storefront sign instead of just paying Aunt Google more to come up in search results, especially when your passengers aren't looking out the window? I'd add in "turn signal subcontractors", but given their use at present, I'd say they'll be just fine =).

Never say you know a man until you have divided an inheritance with him.