Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment Re:What if they are auditing? or other? (Score 1) 70

The CEH is certainly something that looks good on the CV, but I have never met a pen tester or IT Security manager who actually held it in high regard. The OSCP is by all accounts an order of magnitude more difficult, more relevant and more respected. I'm not opposed to multiple choice exams (I have several of the certs mentioned here and am quite proud of it) but for me it just doesn't add up that you can demonstrate a practical skill such as hacking through this form of test.

Comment Re:No legislation vacuum (Score 1) 18

Yes, I largely agree. I wrote the blurb in haste. What I was trying (unsuccessfully) to alude to was the expected change to legislation to ensure business can continue to exchange data.

Essentially all of the big IT providers are American. Processing and the more contemporary "cloud" services that everything seems to have morphed into mean that your customer data does not have widely-accepted protection under the DPD. If a replacement does not step in we may see repatriating of data and a cleanup exercise. It doesn't seem very likely, but neither did this ruling.

Comment Re:Explains why FB is hosted in Ireland... (Score 3, Insightful) 18

I don't think you've been keeping up with the case. There is no new legislation, but a very simple point in contention. Did the Safe Harbour provision, intended to ensure corporations met European levels of data control, cover state intelligence gathering. The ruling is at this point, no. The Irish Data Protection Commissioner had stated in relation to the European Data Protection Directive that they had no power to look at the scope of Safe Harbour and that in of itself Facebook met the requirements of Safe Harbour.

It is not news that the NSA etc. did not see themselves as constrained by Safe Harbour. In light of the ECJ's rulings an investigation into Facebook's protection of European data seems appropriate.

Submission + - Irish Data Protection Commissioner ordered to investigate Facebook data (

bigtomrodney writes: Following last week's ruling by the European Court of Justice ruling on Safe Harbour, the Irish High Court has quashed the former decision of the Data Protection Commissioner not to investigate Facebook. In the current vacuum of legislation and given that this challenge is directly focussed on US intelligence agency's gathering of European citizen's data, this makes for interesting times ahead.

Comment Re:I remember ..... (Score 1) 284

I had 16MB of RAM and it ran like a champ. It was plenty of RAM even for gaming, I used to blitz through X-Wing Vs. TIE Fighter and plenty of other 3D games without breaking a sweat. Hexen II and Duke 3D were regulars on my PC.

Comment Re: Who? (Score 1) 574

If you really think the amount of airplay you get in a bar is equivalent to the critically acclaimed musical legacy of this man then I'm not sure what to make of that.

I'm 35 and Neil Young is one of my favourite musicians. I think he's one of the most accomplished songwriters of the past century. I suggest listening to some of his albums rather than waiting on random airplay of one of his "hits".

Comment Re: Correct (Score 1) 267

That is not how Security should function. It's not a matter of being judge, jury and executioner. Your task is to advise of the risk and propose (and possibly enact) controls to mitigate or avoid that risk.

If your job was to be perfectly secure you'd just unplug the network and lock all the doors with the employees outside. The security function must support business operations.

Comment Re:No. (Score 1) 296

In my experience a broader view pays dividends. That can be achieved through secondment, introduction of new blood or with the best cost/benefit ratio by going through industry certification. Maybe an RHCE for a 25 year Unix sysadmin is questionable, but an Audit certification for your systems auditor will likely provide a view higher-level corporate governance and of course provide the assurance that your C-level suite will require.

Not everyone is working at grunt level for their entire career. Upward mobility typically requires expansion of experience, outlook and qualifications in larger organisations.

Comment Re:rip-off (Score 2) 296

Assurance is very important. This thread unsurprisingly is focussing on programming certifications. However, if you hire someone to maintain a system you are indemnifying yourself against any challenges to your decision where you have sought industry-standard certification.

This not a substitute for judgement and a thorough approach. You filter down to the candidates who are enthusiastic enough about their career to actively partake in continual professional development, make your own decision based on your interview and then as I said are largely indemnified where a decision later comes under scrutiny.

Comment Re:Arrogance about a job you don't understand (Score 4, Insightful) 387

I am the OP and what I said was

They have a limited scope of action and limited deliverables.

Successful or not I was trying to call out the shortcomings of the role rather than the people working in it.

Every day I talk to project managers who probably do an excellent job meeting their deliverables and will be rated very well for doing so. Unfortunately what they do isn't the right thing but what they were asked to do. There's no reward for doing the right thing even if it's value-add. That same point is what I was trying to illustrate with my comment; the output seen here is the perfect manifestation of that kind of attitude.

"All the people are so happy now, their heads are caving in. I'm glad they are a snowman with protective rubber skin" -- They Might Be Giants