Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:Rogue IT happens when company IT fails (Score 1) 2

Not only that, but get rid of all the security theater nonsense, the general paranoia and fear of the unknown, and make the central IT accountable if they are unable to deliver a solution to satisfy a business need within the expected time frame.

Companies that don't hold IT accountable for failing to serve their customers (i.e., the people who get actual work done and make sales for the company) have no right to complain about shadow IT cropping up here and there. If central IT won't do it, and shadow IT isn't allowed, then things simply won't get done. The existing staff will get fired, and their replacements will come in, and after realizing that they need to do something to keep their job, will go shadow IT *anyway* as a means of getting shit done. Then they'll get major kudos and pats on the back from their managers because they were the only people who had enough backbone to actually solve a problem.

If Central IT then wants to step in and say "you can't do that", fuck them. Having an organization within a company whose primary job function is to tell other people what they can't do, without actually enabling them to do anything that will help them accomplish their work, does a lot more harm than good.

And, no, Central IT "program managers", the best solution is *not* to always spend multiple millions of dollars on an all-encompassing software system that implements the entire world, just to enable one teensy tiny little piece of workflow. That's like asking for a driveway and getting the Hoover Dam. That's the other problem with Central IT. They never have any concept of what it means to deliver only what was asked, and no more. They'd rather spend 5 years and millions of dollars to "roll out" a huge, organization-changing system that solves the original problem plus a thousand others, but creates ten thousand more questions and problems in its wake, like: how do you integrate this into other systems the organization is already using? When should you use one system or the other? What about those people in Colorado who aren't connected to our network? Oh, and if you're looking to spend another few million dollars and a couple more years to dig an interstate highway under the city, we'd like you to fix the leaky faucet in the bathroom, thanks.

Comment Great (Score 1, Interesting) 88

Switched from Android to iOS because Google won't fix their Bluetooth stack. I'll have to try my VPN on Friday and see if iOS 9 broke it. If so, I'll have to have two phones just so I can use two of the most important OS features that have been around for years but nobody can seem to get right (all at once, within one device, that is).

Comment Open ecosystem = ya snooze, ya lose (Score 1) 236

Since access to the Internet is more-or-less something which can be done via a wide variety of devices and operating systems and browsers, a significant subset of which are free and open source software and are extremely, explicitly customizable, you *cannot* be the odd man out by being a platform that is deliberately less flexible and less usable than the others.

If you do, the thing that happens is exactly what Apple has seen happen: you end up losing sales (of your OS, hardware, etc.) to competitors whose platform is more open.

On the free Internet, we route around the damage and barely notice that we were stuck at a roadblock in the first place.

I think Apple has wizened up to this fact, which is why they now allow adblockers. The only possible effect this could have is to increase their market share or keep it fixed. It can't hurt them. Apple doesn't make their money on ads.

Hopefully, if an alternative non-free Internet becomes a thing at some point, nobody will adopt it, and it will die. Hopefully, the free Internet will continue to be supported by the big companies that operate the major hubs. As long as we're connected by a system that's open at its core, where the client software is under the user's control for at least *some* clients, we have a way to avoid the insanity of things like ads being forced upon you, and so on.

The clients that choose to deliberately be restrictive will simply not be used as much, even if they have extremely compelling upsides like performance or ease of use. There will always be a real and measurable drain on their market share and profits that comes from the growing percentage of people who want to be in control of their Internet experience. It's this drain at the bottom of the pool that has forced Apple's hand to do something pro-consumer for once.

Comment Re:lack of competition (Score 3, Insightful) 60

Why does it have to be an either-or? There are enough people in this country to pursue every progressive initiative we can imagine, and then some. It's just a matter of getting the right people with the right resources focused on the right tasks. Basically, it's a logistics and optimization problem; we have more than enough capability and more than enough resources to go around. It's mainly political and economic forces that make the system extremely resistant to positive change, no matter how obviously beneficial it might be.

Comment Re:There are more important things... (Score 4, Insightful) 60

OK, but other people are working on those problems. Just because they have 1000 problems doesn't mean that everyone should drop everything and go into an entirely new field they're unfamiliar with to solve the problem that you deem to be the highest priority. This guy and his company have know-how, capital, employees, and hardware all invested in the process of building out Internet infrastructure. To scrap their existing plans and redirect their capital to medicine, plumbing or personal safety, would basically drain their capital, while accomplishing practically nothing.

Feel free to be an angel investor in companies or non-profits that are providing the things you think are high priority to the needy, but don't feel like you can tell other people what they should do with their money.

After all, you can make an argument that the Internet can be very useful for educating people with some of the ideas that might lead them to pursue a more civilized way of life. It also leads to 411 scams, but you have to take the bad with the good.

Comment As if it matters (Score 2, Informative) 263

The elections are rigged, anyway. The preponderance of the masses are too busy, sick, or lazy (or all of the above) to vote, and those who do are told who to vote for by the mass media. Even if an unprecedentedly huge 5% of the population were actually informed on the issues and voted for a candidate who'd actually make things better (or die trying), it wouldn't make enough of a difference in the election to tip the scales.

We don't like to admit it because we think we're "freer" than other countries that run faux democracies like Russia and India, but in reality, we're no freer than they are, and our elections are just as rigged, if not moreso.

Comment Divisive, arbitrary, incomplete, inaccurate. (Score 4, Insightful) 102

Every system of this nature is going to be fundamentally divisive, arbitrary, incomplete, and inaccurate. It's not possible to design a "fine-grained credentialism" system without requiring the full dedication of one person's attention to the activities of another, for every waking hour of the observed person.

Divisive: Where today coworkers have no qualms about sending interesting/educational links to their coworkers, like interesting reads in a technology journal or a tutorial on a new feature of some software (for example), if these things will be counted as "credentials" that improve hireability, job security, and/or compensation, then individuals will be motivated NOT to share anything they learn or read with coworkers, since their coworkers could use this to advance their own credentials, and get a leg up on the person who shared it with them. The people who succeed would thus be recipients of well-intentioned coworkers' educational resources and information, without sharing anything back to their coworkers.

Arbitrary: What counts "for (micro)credit", and what doesn't? Where do you draw the line? If you draw the line at some arbitrary place, there are going to be educational resources that people use, which are extremely relevant to someone's job that actually enhanced their suitability to do their work, but don't count for credit. If you don't draw a line at all, or set the bar so low that just about anything can be accepted, then a lot of people could arguably gain "credit" just by watching CNN and claiming credit for the random sound bytes that sound off information that pertains in some general way to the field the worker is in. Microsoft stock went up? Well, I'll claim a credit for Technology! Because Microsoft is Technology! Oy vey...

Incomplete: There are many experiences that can be very educational for someone, but don't have any authenticity, quantifiability or verifiability to them. For example, if you are on a 3-hour bus ride and strike up a random conversation with a passenger who happens to be in the same field as you, and you learn something entirely new from them that opens your eyes and enables you to do your job better, can you claim credit for that? How would the organization know whether you're lying or not? How many of these little nuggets can you squeeze into their system in a day without being flagged for possible forgery? If there's a limit and you can find it, you better believe the min-maxers will find a way to fill up their daily quota, every day, without fail, on their way up the corporate ladder -- walking on the heads of honest people who probably are more competent than they are.

Inaccurate: This is really the biggest problem with the whole idea of "credentialism" from life experience or gaining "micro-credits" for every little thing you do or learn: you cannot implement a system, short of Orwellian 24/7 total surveillance and constant manual, human monitoring, that *fairly* and *accurately* captures exactly what each person has learned every day, and what kind of merit that learning deserves. Those are actually two separate problems: actually capturing all of the distinct learning events, and coming up with some kind of a system to determine how useful, educational, or meritorious those events were with respect to the individual's suitability to fill a certain role in a job.

If the system is too rigid, you miss out on things like open source projects, reading/responding to mailing lists, the aforementioned "bus conversation", etc. If it's too open, people will gamify their careers through lying or taking the easiest course toward getting an advantage over people who are vying for similar jobs, all so they can make more money.

Now granted, the de facto education system is basically an extreme example of a system like this that is simply too rigid and too coarse-grained to be fair, but making it fine-grained doesn't actually solve any problem: you're just shifting the problems to another set of equally severe problems, without making the hiring and retention process any easier for employers, and without making the job market any fairer for employees.

Right now we have a system where someone who, for example, is 1 credit shy of a Bachelor's degree, who possesses a vast wealth of knowledge and experience all across the computing landscape, would be passed up in the hiring process at most companies, in favor of someone who has a 4.0 GPA and a Master's degree, but whose experience in computing is purely academic. When it comes time to write working code, any bets on who would do the job faster and better?

In the fine-grained credentialism model, you end up with the same problem, where the person whose greater knowledge and experience doesn't meet the system's criteria for what counts as "credit-worthy activity", yet the other person games the system to fluff up their credentials and gets hired. It's not any better at all! The people who game the system will go on gaming it, and the people who learn for learning's own sake, because they actually enjoy learning about and working with the subject matter, often get under-valued because the activities they do and the things they learn don't fit the mold.

Wish I had some bright ideas for how to fix this mess, but I don't. I just know that this particular mess is, at best, equally as flawed as the de facto education system.

Comment Re:The US gov't is fundamentally incompetent (Score 3, Interesting) 58

think Hillary! is on "their team", whatever team that may be.

Their team means someone in Hillary's administration, directly or indirectly, is going to help them advance their career and make more money if they support her.

Good old fashioned graft.

Comment And what about after the security is up to snuff? (Score 1) 58

Who's willing to bet that, *after* the security measures are in place up to Congress's "standards" (they have no clue, they're just going on what other people tell them), Senator Wyden would be completely in-line with the mass surveillance camp?

Comment Re:Huh. (Score 1) 246

The cellular radio thing is a power struggle between the everyman and the ruling class (corps and big government). Plain and simple. But because it's a very simple software system that has few features exposed to the user (and intentionally so), historically there's been very little room for middle ground when it comes to sharing that power. And since most of their customers/users/subjects/victims are uninformed about technology altogether, the ruling class has been content to allow these baseband processors to continue under complete corporate control.

A more responsible model would not be a "laissez-faire", "you can do absolutely anything and control the frequency and strength of your transmissions via Python" type of deal. That is almost equally bad, because you end up with a tragedy of the commons type situation, exactly as in the unlicensed bands (2.4 and 5 GHz).

What a more responsible model for the baseband would be, however, would at a bare minimum consist of open source, human readable code for the basebands, which is available to anyone who purchases a product with that baseband, for a nominal fee or for free, and licensed with a free/libre license. Then, you would need to have reproducible builds, where you could read out the built binaries from the baseband, and confirm that those exact binaries are the ones you just built from source code, to ensure that the code you're looking at is the code running on the baseband processor.

Then, you'd need some sort of process whereby everyday people, corporate competitors, or anyone at all, could submit their own code for approval by a regulatory agency to run on the baseband processor, again for a nominal, minimal fee that only just represents the level of human effort required to vet the code for any malicious activity that might actively harm the cellular network's reliability or security. If approved, the built binaries would be authorized to run on the baseband processor.

Of course, for a baseband processor to maintain a list of trusted binaries, it would have to connect to a server, get an updated list, and check any flashed object code against that list. This "lower level" executive would be permanently burned into a read-only chip on the BBP die, but its object code would again be readable to users, and its source code would also be available to the public for a nominal fee under a free/libre license.

So, if you wanted to be absolutely sure the government were not spying on you using backdoors in your BBP, you would obtain copies of all the code; build the code using free software tools; verify the built output matches bit for bit the code on the BBP (both in the read-only executive and the read/write firmware); and then -- if you didn't need to change the (benign) built-in code, you could simply continue running it; or if you needed to make (benign) technical enhancements to it, you could make your changes and submit them for approval by the regulatory agency.

Even if manufacturers started shipping free/libre malicious code in the firmware with their devices, it wouldn't be a problem for security-conscious users, because once you get *one single* approved alternative binary through the regulatory process, you'd be squared away.

If they started shipping malicious code in the executive? Well... you just couldn't use a phone containing that baseband, period, end of story. You simply would have to give up using it, just like we do today for all phones. However, with this process being as transparent as I described, there would exist at least a few high-end manufacturers that would have a vested interest in not doing anything malicious, because it would be so obvious that they did once people started inspecting their source code; and you could buy their phones and "free them" even if the firmware had draconian malware in it.

But this process depends on the regulatory agency to not be captive to either the corporate or the citizens' side, because if they are unduly bias to either side, the process doesn't work.

Comment Re:Depends on desired service. (Score 1) 190

Depends on exactly which type of "Wireless" you have. Not all bands are created equal. The lower the frequency, the more likely it is to not be disturbed by rain. I've been in a building that was connected to a larger network via 20 GHz, and 80 GHz frequencies are not unheard of. The 20 GHz network was easily interrupted by heavy rain (though not light rain).

Comment Re:Depends on desired service. (Score 2) 190

A standard pipe for *whom*? The few, the lucky, the elite? People living in small countries with a high standard of living and high median income? Here in the US of A, the vast majority of the population can't get access to a 100 Mbps pipe no matter how badly they wanted it, and they can't even afford to move to a place that would offer it.

You are either among the lucky elite in the US, or you're in one of those countries that's actually forward-looking. In backwards countries like the US, we have to actually consider half-measures like wireless as a replacement for fiber: partly because of the incredible distances that have to be covered -- the U.S. is 29.74 times larger than Norway by area, and has zounds of people living in very sparsely populated areas where it's uneconomical to dig up the ground for miles for 2 people -- and partly because our government is ridiculously anti-consumer and pro-corporation, so ISPs only answer to the almighty dollar and nothing else.

Calling 100 Mbps a "standard pipe" in 2015 is as obtuse and short-sighted as saying that having a top-of-the-line automobile was a standard item that every household owned in 1916.

Comment Re:Depends on desired service. (Score 1) 190

I don't disagree with you. I'm one of those people suffering under Verizon's monopolistic thumb, and my only recourse is to hold on to unlimited LTE for dear life. However, this is the reality of our situation. We are powerless -- completely and utterly powerless -- to effect change in any meaningful way on these issues.

BTW, I was promised by a high-level rep at Verizon that I'd be able to get FiOS in "weeks" in 2007. It's been a few hundred weeks, and I'm still waiting.

You will lose an important tape file.