Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment Re:.NET 5 is just what we need. (Score 2) 158

I'd be interested in learning more about the compatibility problems you're having with real apps and .net framework versions.

We know that there are ocassionally compat issues because we have large customers we work with to try and mitigate them.

There are already mechanisms built into .net for rebinding apps to use specific framework and assembly versions, e.g. the .exe.config file that you can modify without access to the application's source code.

In general, .NET 2.0 and .NET 4.0 are the two separate runtimes that you would currently need to have installed. .NET 3.5 is the newest iteration of the .net 2.0 runtime, and .NET 4.6.x is the newest iteration of the 4.0 runtime.

If you're trying to install an app and it says "i need .net 4", and you don't have .net 4 yet, I think that's working as intended. If updates to .net are breaking your apps, that's something we'd like to know about and help with.

If you have problems of the latter sort - .net updates are breaking your apps, feel free to contact me at this address and I'll see about putting you in touch with someone who can help.

Comment Re:I think the most ironic part is that... (Score 2) 43

I'm not in any way involved with this specific program, but I do work on VisualStudio.

It's pretty common for all kinds of software projects to take bug reports - even very detailed and thorough ones - from people who ultimately don't end up fixing the bug.

The interesting thing about finding a security bug - especially with the constraints described here - a working exploit and a white paper - it's pretty unambiguous that you've found one. You either have or you haven't.

Now, how to actually fix that bug might be a lot more nuanced.

This statement isn't made to in any way imply that a researcher who could find such a bug _couldn't_ also fix it.

Rather, some bug fixes may be preferable to others, from Microsoft's point of view. And so, my impression is - we're not looking for patches that we'd end up re-writing. We're looking for the really nasty bugs, and then we'll go off and come up with fixes that satisfy the big pile of requirements that we have [for example, performance impact]

A valid observation would be, "if these were really open source projects, anyone in the community would be able to run the same regression and performance tests that Microsoft would run, and thus be able to make perfectly valid fixes themselves"

Well, to a point. Long long ago, I found an IDE driver bug in OpenBSD and submitted a fix for it. The fix was substantially re-written by the maintainer, and, ultimately the whole subsystem was replaced in the next version anyhow.

My fix met the functional requirements, so near as I can tell. But there are things like coding style, or maybe even the personal preferences by the project maintainer(s), that can still impact how a particular patch gets rejected or modified prior to being committed.

Furthermore, I think we would hate for there to be a vuln out there that somebody knows about, but is sitting on until they can come up with a fix that they like.

So, yes, I think we really just want the vulnerability reports, well substantiated and with demonstrated exploits. Finding those things is still very much a niche skill.

Fixing them, once they are understood, and balancing those fixes with the other requirements in the system, is more bread-and-butter Microsoft engineer stuff.

fwiw, I've been at Microsoft 15 years, much of it in VisualStudio. Before that, I worked only with UNIX systems, and I've stayed up to date as a hobby.

The way we are trying to engage with Apple, Linux, and F/OSS in general is completely unlike anything we did up until just the last year or so. People I've worked with for years are suddenly diving headlong into Linux development. Arguments that I tried to make a decade ago are now being made by other people.

It's a really interesting time at the company.

Comment Re:No real place for it (Score 1) 311

I'm always on the hunt for ideal archival formats for digital media.

The ideal archival format has a few properties, ranging from most theoretical to most practical:

- a completely unencumbered specification and a completely unencumbered implementation
- a highly portable, f/oss reference implementation
- excellent quality vs. usability (e.g. lossless quality, but small to store and fast to decode)
- support in popular general purpose computing environments
- supported in popular dedicated hardware devices

FLAC gets the first few of those, but not the last one -- plenty of dedicated hardware audio players don't deal with FLAC.

Because of this, I use MP3 for audio - which theoretically gives up the first few points, but as a practical matter, those points are irrelevant, and MP3 completely dominates the industry on the last few points.

If Vorbis or FLAC or any of the things that get the first few points correct had ubiqoutous device support, I might be willing to re-rip everything into those formats for a great blend of long-term archival and easy-to-consume on any device convenience. But nothing is like that for audio.

Similarly, if I thought there was going to be a fantastic lossless image format that did everything well and was going to be massively supported and was completely unencumbered, i'd want to move everything over to it. I'd want my future digital cameras to start shooting it. I'd want my whole tool stream and whole life to just be about that format.

Comment Re:Undergrad only? (Score 4, Informative) 264

All of the numbers in this article are very believable.

I have a BS degree from the University of Nebraska. And not the prestigious Raikes school, but the normal old pre-Raikes degree program.

After a summer internship, I got an offer from McDonnel Douglas for 48k.

My offer from Microsoft was more like the 60k figure. I took that one, because it didn't involve living in St. Louis.

The year: 2000

So, 60k to start right out of college was a going rate for top-tier companies... fifteen years ago.

Some companies paid much more, and sometimes that was a company decision, and sometimes it was a reality of where the position was located. For instance, before I had even finished my degree, I was recruited for a position with a 99k starting salary. That firm, however, was in NYC. When you adjust for NYC cost of living, it's not such an eye-popping number.

Subsequent to these numbers from 15 years ago, I have been involved in lots of hiring at Microsoft in the years I've been here.

Starting salaries have adjusted upward significantly since I was hired.

If you can score an engineering position with a top software/services company like Microsoft, you will be paid exceptionally well. For someone fresh out of college, there is just an obscene amount of money on the table.

Different companies target different spots in the industry pay curve. Microsoft by no means targets the top of the salary scale, but neither do we target the bottom. At times, Microsoft has been seen as, to put it mildly, "pretty uncool". At times, there has been lots of startup money and equity available for top quality grads to go after.

In those time periods, Microsoft has to offer more money to continue to attract new talent.

If you want to work at a company where lots of people want to work (e.g. a games company, or SpaceX), those organizations don't have to compete as much with offer packages, since their brands have a high intrinsic draw.

While I don't know what a Netflix offer package is like, Netflix states that their policy is to pay very high wages - the wage they'd be willing to pay to keep someone excellent who wanted to leave.

Finally, it's important to consider the type of organization you're looking at joining. Do they do software/IT, or is that a cost of doing business for them? If a company is in the business of selling shoes, but has an unavoidable need for software engineers, they're going to treat software engineers as a cost of doing business.

If a company is in the business of building software, they're going to think differently about compensation and retention.

Finally, companies that aren't well established players in the software space can have difficulty making big offer packages. At times in my career, I've been frustrated and have looked elsewhere, and the smaller, less profitable companies I've spoken with are offering tens of thousands lower than what I was already making.... making the friction of leaving financially tremendous.

(my personal financial plan is to expect a 50% paycut when something happens to my MSFT employment)

In summary, I have no problem believing the numbers. Top quality CS people at top quality organizations are paid outrageously well.

However, I get that lots of people are expressing disbelief. Let's talk about why that may be. The survey data could be skewed by multiple factors:
- the locale of the person responding
- the self-selection bias of the person responding (e.g. are people happy with their comp more likely to fill out a survey?)
- the kind of organization the survey respondants work for...

If you surveyed internal apps developers at regional insurance offices, in the Midwest, you would get a different picture from a survey of facebook engineers...

Comment Re:They are trying to get off... (Score 1) 104

I cannot deny that much of what you've said about the mob is true. I didn't mean to say that the mob never did anything well, never provided benefits to neighborhoods or people, etc.

Everyone understands that the mob can "Get things done". And, what's ironic is that, IIRC, you and I have very different ideas about government, but we apparently agree that in some situations, the mob is more effective and occasionally preferable to local government.

That said, I think you are papering over the intimidation, violence, and property destruction done by the mob.

(I'm not papering over the intimidation, violence, and property destruction done by governments, fwiw)

Comment Re:They are trying to get off... (Score 4, Insightful) 104

Have you ever lived anywhere where there was a significant mob presence?

I haven't, and for good reason.

Your plan is a really great plan if you assume that the mob has absolutely no penetration whatsoever into the local police department.

I don't know why you'd assume such a stupid thing, though.

So here is how your suggestion really goes.

You walk into the local PD. On your way there, some kid recognized your face. He has instructions that say that if he sees a guy who looks like you walking into the police station, he calls a number and gets a bonus.

When you come home, something is different. Either your family is already dead, or, there's a note that makes it clear that your family is vulnerable and that you've fucked up - but there is still a chance to not get your family killed. Who knows what the knob is set at for the "first contact" - but there's a clear indication that you don't want to continue talking to the police.

Now, if someone inside that building is actually connected - and usually, somebody is - maybe they're the person who interviewed you. Maybe they're the person who looks at the signin/signout sheet at the station. Maybe they are somebody who files paperwork or types things up for other people.

Zillions of little people are needed to make the machine of government operate, and the mob targets precisely those people to be their eyes and ears. It uses combinations of carrots and sticks to keep them cooperating with mob goals, without letting them get too familiar with what those goals are or who is executing them.

Point is, if the mob has any power in your city, that includes eyes and ears within, or effectively within, the police department.

Part of the mob's effectiveness is that it destroys trust in the normal functioning institutinos of society. You never know for sure who is and isn't. It effectively isolate frightened individuals from the facets of society that might help or protect them. It always makes it seem like it's 1 person against the entire mob - it paints that same picture to lots of separate people.

Comment Re:Usually has to be earned (Score 1) 318

I doubt there's a company in the land that would recruit an unknown, straight off the street, give them a salaried post and let them work 100% from home.

This is false. A very good friend of mine works exclusively out of his house as a developer. Many of the developers at his company are work-from home types and have always been work-from home employees.

Additionally, there are software jobs that are true work from home positions and are advertised as such. I've had recruiters start to approach me about such jobs.

Finally, I've had a 15 year career at Microsoft. In the last 6 months, I've been given the flexibility to WFH as much as I like to. I'm currently at home for the summer.

When I asked earlier in my career, the answer was no. I'm slightly more valuable than I was then, but, the nature of my team and my work has changed such that a WFH role is more plausible than it once was.

I know a handful of other Microsoft employees who are full time WFH and who have no Microsoft office anywhere. I still have an office and I use it about 50% during the school year.

As far as how you get this arrangement

1) if you're a high value contributor with the right kind of manager on the right kind of team, even in an organization that doesn't really do remote work, you can basically play the card that says, "I am moving. I would like to keep working here, for you, and I understand what that will do to my long term career velocity here, but, whether you keep me or not, I am moving"

Sometimes that works, sometimes it doesn't. If you get a new team or a new manager, you can be let go. "The deal can be altered", so to speak. Of course, the deal can (and is) altered anyway, even for office people. So, it's a matter of priorities and risk tolerance.

2) There are a few organizations that are explicitly pro WFH. If you're prioritizing WFH ahead of other things, look at doing something that isn't your ideal role and not at your ideal salary, but gives you the WFH goodness that you desire. Ideally, you pick an organization that has the sorts of roles (and money) that you'd ideally want, and you grow into that role within that organization.

3) When LinkedIn emails you and says "Bob from Google wants to talk to you", email Bob back and say, "Bob, I would love to chat with you, but I am only considering WFH arrangements. Please let your hiring managers know that there is good, affordable talent available to them, but who are unwilling to relocate."

I do this with every big name brand that contacts me via Linked In. I usually tend to tailor the message to something about how the business in question heavily relies on open source (and I name the pertinent technologies) and how those were developed via distributed engineering mechanisms, proving that such approaches can build world class software.

I hope people like me can create enough data points that eventually more traditional shops hear the "I won't relocate for you" argument often enough that they start entertaining people who demand remote work.

Anyway, my employer gets way more output out of me when I am at home than when I am in the office. I have a nice laptop, and everything is in source control or cloud fileshares, so I can move back and forth between office and home office easily.

My kids understand that when I am working, they don't come into the basement. I go upstairs and take breaks and hangout with my family, or take advantage of the nice weather. If I don't have scheduled meetings, I can shift weekend/evening tasks (like yardwork) to mid afternoon, when the bugs aren't as bad and the sun is shining. Email and code will be there during peak mosquito hours or when the weather is bad.

I live on an isolated 14 acre farm that is about 25 minutes from my employer's office building. Commuting isn't bad at all, but if I don't have to, why bother?

Comment Re:Republicans could... (Score 1) 609

So, my ideological transition went from Reagan Republican to Goldwater libertarian to Rothbardian Anarchist.

Personally, I am socially boring, somewhat socially conservative, and evangelically religious. I don't (politically) care what other people do to themselves; as long as they and their government don't do it to me or my family.

I've really given up on government as an entity that can create moral good in the world; it seems that historical attempts to have government play that role have turned out poorly, both for the people involved and the morality being coerced.

I've tried to explain where my head is at so you can try and tailor the message in a way I might understand.

Can you help me understand what the "war on women" rhetoric is about?

Assume that I'm an intelligent person, with degrees in Math and CS, and extensively educated in history, medicine, politics, and economics.

Yet, despite this, I cannot for the life of me understand how people with different ideas came to those ideas via any plausible mental process. It seems to me that there are fallacies all around - why aren't they seeing them?

I want to assume that they are acting with good intentions, but I am unable to debug or understand them and their decision making process.

So, this is a legitimate request for help, and not a thinly veiled attempt to demean or attack someone.

Will you explain what the "war on women" is in a way that will cause me to want to listen? Explain what things are included in this war, and what things aren't.

I mean, my inclination is to throw a flag on the play before it even begins; a political "war on women" appears to suppose that all women should think and want the same things politically, which is self-evidently insulting to women and denies their essential individuality.

For instance, the only people I know personally who are tireless anti-abortion activists (and I know several) are all women. Are they part of the war on women?

I'll stop, and hope you craft a well-intentioned response.


Comment Re:How the executive wipes away democratic power? (Score 1) 121

The one thing I want to point out is that you should recognize the name "Cass Sunstein"; he's not some random academic, he was part of the Obama administration, and has a bunch of ideas that you will find either kooky or great, depending on how you align politically:

He's also good about co-opting terms he disagrees with as a way to try and attack intellectual opposition. He calls a bunch of things libertarian that are flagrantly NOT libertarian, for instance.

Comment Re:It's not limited to the US (Score 5, Interesting) 220

Someone else covered this but is buried.

Bee colonies do not freeze in the winter. They starve.

We've been keeping bees in North Dakota, which is colder than wherever you are, for 7 years. All 3 of our colonies survived last winter. One is strong enough that we've split it this spring to try and prevent a swarm.

The way that bees operate in winter is amazing. The bees form a sphere, with the queen near its center. They vibrate their wings and bodies to create heat. The bees on the outside of the sphere obviously lose heat the fastest. The bees on the inside stay the warmest. The sphere of vibrating bees constantly turns itself inside out, over and over, so that the cooler outer edge bees return to the warm core and replenish their warmth, while the warm bees from the core circulate out towards the edges after they've recuperated.

This consumes lots of energy (and food).

As the cluster of bees does this, it moves upwards in the hive, consuming stored honey.

When they get to the top of the hive, they stop migrating. If they run out of honey, they die.

We use 2 deep supers and 1 medium honey super to over-winter our bees.

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]