Forgot your password?

Comment: Re:Oh please... (Score 2) 107

by dnavid (#46763819) Attached to: How 'DevOps' Is Killing the Developer

The problem that others are having with DevOps is that they seem to be defining it differently than you are. What you wrote makes sense but the scenarios people are complaining about don't sound at all like your definition.

That's part of the problem, yes. DevOps started off with reasonably laudable goals: to promote a methodology whereby development teams and operational teams were tightly integrated in a way that made operational and deployment issues part of the development process: development would be driven by the need to deploy useful functionality, not just create it. That way, you didn't have a discontinuity where things were programmed, then someone would have to figure out how to actually deliver that bunch of code.

The problem which the author of the article references is that this often gets perverted from the original laudable idea of teams of developers and operations people working together, to requiring every single DevOps person being equally qualified to do everything, and then from there pushed even further to many companies creating DevOps positions where those DevOps people are literally doing everything, and not just knowledgeable at those things.

There is no question that a programmer that understands SQL or database architecture or storage systems or high performance networking or internetworking or virtual hypervisors is a more valuable programmer. They can use that knowledge to guide their development, write better code, and communicate better with the actual DBAs and network engineers and sysops and hypervisor admins. But when management types start to think that the best way to do things is to hire DevOps qualified people to just randomly do everything without any focus or specialization, that's when the myth of DevOps overtakes the reality of DevOps and begins to create real problems.

I don't honestly know to what degree that is pervasive in the industry: I haven't seen too many examples of it myself outside of certain high profile ones (the author mentions Facebook). If it is trending upward, I think its a bad trend. But to the extent that I see companies use DevOps correctly, as the glue-people to interconnect individual development, operational/deployment, and quality assurance teams, I think its a positive. But I agree with the article author that actually *replacing* developers, QA people, and operational people with DevOps people universally would be a Bad Thing. I just don't know if its actually really happening

Comment: Re:A possum playing possum (Score 1) 270

by dnavid (#46751229) Attached to: The New 'One Microsoft' Is Finally Poised For the Future

Then why are they really trying to block other smartphones from being sold? What you mention is only part of the puzzle. They don't want to make phones everyone wants, but they want to be the only ones people can buy at the same time. They're not mutually exclusive things.

Everyone tries to damage their competitors in some way. But I'm not sure why this is something that actually has to be pointed out, repeatedly. To demonstrate wanting to become the only or even the dominant market share smart phone supplier it is mandatory to actually be willing to sell products in that entire space . Coke would probably be more than happy to own the entire soft drink industry and they actually make actual products that address the majority of that space. But until Taco Bell opens a steak house, attempting to convince me Yum foods wants to own the entire food service industry is futile.

If you believe suing a competitor is sufficient to prove a desire to construct a market monopoly, you're entitled to that opinion. Since it isn't, I'm unlikely to find it persuasive.

Comment: Re:A possum playing possum (Score 1) 270

by dnavid (#46731517) Attached to: The New 'One Microsoft' Is Finally Poised For the Future

No matter how powerful Apple becomes, they have not shown an interest in parlaying that power into becoming a market monopolizer.

I think their lawsuits show that this is not the case.

In what way? Does everyone that sues anyone over patent infringement demonstrate a willingness to completely take over the space? Even if Apple won every single lawsuit it filed, it makes phones too expensive for many people to own, and Apple has no intention of making a product to fill that large space. *Someone* would have it, and Apple has proven that even when people think they want it or even that they *must try* to get it, they don't. cf: iPhone 5c. All the stories about how Apple wanted to make a low cost iPhone, and all the stories that said Apple *had to* make a low cost iPhone or its future was in jeopardy, and Apple chose to continue their boutique strategy of making the most expensive "low-end" smartphone in history.

Whatever your feeling about patent lawsuits, they do not come close to demonstrating the thesis that Apple even wants most of the smartphone market, much less is willing to make a phone a large percentage of that market is capable of owning. That's not true for Microsoft, where Microsoft forced almost everyone to buy Windows whether they wanted to or not, by co-opting the major PC manufacturers. I don't think Apple even *wants* OSX running on non-Apple hardware.

So no, I don't think Apple lawsuits come anywhere near demonstrating they are willing to take the steps necessary to gain the kind of market control of a platform the way Microsoft once did. It isn't even in the same zip code, much less nearby

Comment: Re:A possum playing possum (Score 1) 270

by dnavid (#46729299) Attached to: The New 'One Microsoft' Is Finally Poised For the Future

This would happen to any group that gains market control. IBM, Microsoft, Apple...

Maybe, but not all companies are actually trying to gain monopolistic control of a major chunk of the computing market like Microsoft has always tried to do and has actually had in the past. Apple, for example, would love to own everything everywhere, but they clearly have not even the desire to do what would be necessary to gain the same control over the PC space as Microsoft once had, and has shown no willingness to compete head-on with Android for the entire smartphone space. Apple wants to make a ton of money being a boutique supplier of consumer computing for the most part. No matter how powerful Apple becomes, they have not shown an interest in parlaying that power into becoming a market monopolizer.

But Microsoft has that desire *and* willingness written in their DNA. And its unclear to me if they have really changed that overall stance, or are just making concessions in the spaces they know they've permanently lost the ability to gain that market control and are trying to refocus on regaining it elsewhere, such as in Azure and their other cloud endeavors where its still up for grabs. The article says Microsoft recognizes that consumers "hate ecosystems" yet most of their efforts have been to try to replicate the ecosystems that Apple and Google/Android have created. Their unified kernel work has only re-solidified their long-time "Windows everywhere" strategy which hurt them over the last fifteen years.

Microsoft's history compels people to be skeptical of any public appearance of compromise or capitulation to outside forces. Apple has no glory-days of market dominance to reminisce about and strive to recapture. Few people left alive can remember when that was true for IBM. But for Microsoft that happened during the watch of its current chief technology advisor and continued under its previous chairman. The bad old days of Microsoft were almost literally yesterday. Microsoft is going to have to do a lot more for a lot longer before it convinces even its moderate skeptics its a changed company.

Quite recently a Microsoft engineer did an interview where he stated that the reason why Windows 8 took the Win7 start bar and other conventions away was NOT because the Win8 interface was objectively better - which was Microsoft's previous story - but because they wanted to compel its customers to learn to use it to break the cycle of dependence people had for Win7, and the intention was ALWAYS to add those features back. It says more about Microsoft that they believed anyone would believe that, than it says about what Microsoft's actual internal strategy was.

The day Microsoft says, about any significant decision they've made, that they made a choice that was best for their strategic vision and that decision was wrong because it turned out to be not in the best interests of their customers and they are reversing it in the interests of their customers, then I might start to soften up on Microsoft. Other companies have done that: Intel eventually admitted they were wrong to downplay the Pentium round off bug and offered customers a no-questions asked return option. Tim Cook actually suggested to Apple customers in his formal apology for the poor performance of Maps that they could use competitors in place of Maps until Maps' issues were addressed, which for Apple is the equivalent of falling on your sword onto another sword. Microsoft never really apologizes for anything: not even when Vista being a disaster was a foregone conclusion did they ever admit they did anything wrong. The closest to that we ever got was after Balmer retired, when he admitted that Vista was one of his biggest mistakes, and even then he seemed more regretful about the Microsoft resources developing Vista tied up than the impact on customers. They still won't admit removing the Win7 interface was a mistake, even though it was obviously a huge mistake.

Comment: Re:not developed by a responsible team? (Score 1) 300

by dnavid (#46719029) Attached to: Theo De Raadt's Small Rant On OpenSSL

This bug would have been utterly trivial to detect when introduced had the OpenSSL developers bothered testing with a normal malloc (not even a security

This is simply not true, stop spinning it.

Even if OpenSSL is using system's malloc, with all its mitigation features, the bug still works. The attacker just has to be more careful, lest he should read freed() and unmapped memory, and so cause a crash and (supposedly) leave some kind of meaningful trail.

The bug would have been easily detected had proper testing been done with the LIFO allocator turned off, because in the absence of OpenSSL's own allocator a normal malloc would have been releasing and reusing memory rather than preserving their data in a stack structure, almost guaranteeing that OpenSSL connections would be at least occasionally crashing out. That would have alerted the developers to the fact that sometimes a freed block pointer is reused after freeing, which would have compelled them to fix that error. You can reuse that freed pointer in OpenSSLs allocator because even when "freed" that memory is not available to be reused by anything else, so its data contents continue to be preserved.

Comment: Re:The Re-Hate Campaign (Score 1, Interesting) 1109

by dnavid (#46700065) Attached to: Mozilla CEO Firestorm Likely Violated California Law

> However, I do not, nor do I think most people, support everyone's *legal* rights.

Are you sure most people support let's polyamoric marriages? I wouldn't be so sure and all these marriages would do is to remove yet another arbitrary constraint, this time not on sex of people involved but on a number.

That's an interesting way to put it. All these marriages would do is form the basis of a slippery slope. Because its not as if they have any overriding beneficial purpose, like, say, allowing couples to get married.

Either way, by harassing people like Eich who always kept a strict separation between private and proffesional life, perpetually offended busybodies legitimize the opposite, like hounding gay rights supporters in backwards places. Long story short, if your stance on how to conduct business between 2 sides of the issue doesn't survive multiplying by -1, it fucking sucks and is hypocritical. Half the progressive state of California VOTED for it, ffs.

And it's not like you will change people's minds when your politically correct zeal pushes them underground. They feel wronged and the persecution only fossilizes their worldview.

There's no hypocrisy here. Eich spent money to support the cause of blocking a group from exercising their civil rights. A different group of people exercised their right to free speech to object to his running a company whose corporate mission statement is at odds with that act. The notion that one of those acts is more fair than the other is what makes you think there's hypocrisy involved. However, both are legitimate advocacy positions to take.

I'm not terribly ashamed to admit I'm not unhappy about who ultimately won and who ultimately lost. As I said, this is not a logical puzzle, these are real people's lives at issue, and I'm not going to hide behind a fabricated sense of fair play. I value expression of ideas. I do not have an obligation to support all actions that are a consequence of belief. If you believe someone is wrong, that's your prerogative. If you act against them in support of that belief, then you force people to take sides. I picked a side.

Comment: Re:The Re-Hate Campaign (Score 0) 1109

by dnavid (#46699065) Attached to: Mozilla CEO Firestorm Likely Violated California Law

How did he attempt to limit the rights of others? Oh, right - by exercising his rights.

That's completely uninteresting semantic bullshit. Was he legally within his rights to donate to that particular cause? Yes. However, I do not, nor do I think most people, support everyone's *legal* rights. There was a time it was legal to own slaves. There are lots of legal rights I don't support. I support people's right to free expression, but just because the legal system defines free expression to include donating money to people who's sole goal is suppressing the civil rights of other people, doesn't mean I support anyone who chooses to exercise their legal rights in that fashion. This is not a Raymond Smullyan puzzle, this is the real world with real problems that have real consequences. Given the pragmatic choice of supporting someone who chooses to exercise a legal option to support activists trying to prevent other people from having the same civil rights as everyone else, or support people who choose to exercise their legal option to protest such an individual, I choose to support those to have no tolerance for intolerance. I don't find that to be a logical contradiction, and I don't particularly care if anyone does.

Comment: Re:Slippery Slope.. or is it? (Score 1) 284

by dnavid (#46605801) Attached to: U.S. Court: Chinese Search Engine's Censorship Is 'Free Speech'

Also, the text of the 1st amendment starts "Congress shall make no law". Nothing in there applies to private entity. The first amendment has *nothing* to do with this case.

Correct. There is no right to free expression guaranteed in the US Constitution, despite the many people who seem to think its penciled in there somewhere. The right explicitly guaranteed in the US Constitution is the right to expression that is free from government interference. The Constitution bars the government from restricting expression unless it has an overriding state interest to do so (i.e. the canonical yelling Fire in a crowded theater). But the Constitution does not allow the government to compel a private person or institution to regulate its speech in general; in fact that is precisely what the First Amendment bars the government from doing. Absent an overriding state interest to do so, the government cannot force Baidu to provide a specific kind of speech, or prevent them from eliminating certain kinds of speech from its output.

Comment: Re: No. (Score 5, Insightful) 246

Any public URL that is unencrypted is not a secret. Snooping on plaintext is not snooping at all. And he had no legal requirement to notify AT&T first. Besides, even if he had, they don't care about security until it goes viral. I notified them of a information leak on their iOS translation app that allowed other apps access to your translations and location data. Not only were they unable to figure out who was responsible for the app, they ultimately told me to call Apple. I tried the support for the app as well as customer service. I email their PR rep too. Zero response.

I'm really uncomfortable with that logic. First of all saying that if all it takes is typing in a URL, then of course its public belies a level of ignorance just as high as the government in this case. "Just a URL" in the modern internet could be anything. SQL-injection is programmatic hijacking of a database server, but it often requires "just a URL." Buffer overflow attacks require just a URL, many apache worms required just a URL to propagate because of the way URL content can be processed. Just a URL is like saying all programs are just notepad documents. It cannot be the case that "if I can get there, then I get to take whatever I want" is the rule of the internet. I read in another article the analogy that AT&T basically put the material on a library bookshelf for anyone to read. That's not a good analogy: a better analogy is weev went to a public library, found that someone forgot to lock the door to the reserve stacks, and decided to go there and take a bunch of books home with him just because he could.

That is not the person I want to be the flag-bearer for my sense of fairness.

Second, giving anyone who points out a failing in others a free pass to point it out by any means is also something I'm really uncomfortable with. If its okay when done to big companies like AT&T and Apple, then its just as okay to do to smaller organizations like your neighborhood grocery store, or your house.

Comment: Re:Jenny McCarthy (Score 2) 395

by dnavid (#46529787) Attached to: Survey Finds Nearly 50% In US Believe In Medical Conspiracy Theories

Or cynicism. Just because a lot of crackpots believe something, that is no guarantee that it is not true. There was a conspiracy theory, dismissed by most rational people, that the government was monitoring our email and phone calls. Then it turned out to be true.

Since there's a million conspiracy theories, some will end up being at least partially true by random chance. Even here its hard to give credit to the conspiracy nuts, because very few of them believed the government monitoring was specifically of the character revealed by the Snowden leaks.

I'm pretty sure if you try hard enough, you can find a Nostradamus quatrain that predicts the NSA monitoring. That doesn't add credibility to Nostradamus, it just means when that many monkeys bang on keyboards, eventually some of it will start to rhyme.

No amount of conspiracy nuts believing in something makes it true, and no amount makes it false. If they were always exactly wrong, we could use them as bizarro truth meters. What they are is nuts, and contain as much useful information as atmospheric noise.

Comment: Re:You keep using that word (Score 1) 479

by dnavid (#46449405) Attached to: Author Says It's Time To Stop Glorifying Hackers

> The difference between "idiot" and "at fault" is huge.

It depends on the environment. In some environments, you will be punished for leaving your valuables unsecured. It is considered bad policy to tolerate idiots that invite thieves.

The meat space equivalent of what this idiot journalist does is illegal in some jurisdictions.

But that would make the person who stole the information no less culpable. Criminals are criminals no matter how easy their victims were to exploit.

On the subject of the author having no credibility because of her insecure practices, she certainly has no credibility as a security expert, but the article isn't a security primer. Its an advocacy piece from the perspective of being a victim of a computer crime, which requires no competency in security. I think her points are valid. In spite of a few high-profile prosecutions, the tech community at large tends to over-romanticize criminal activity in certain areas, and I think that encourages others to participate and perform those kinds of activities. I think there's a vicarious thrill we get when computer criminals demonstrate what we tend to believe: that most computer users are idiots, that most IT departments are inept, that security isn't taken seriously enough, that computer skills tend to be underappreciated, and news organizations are completely oblivious.

It gives all hackers and IT professionals in general a bad name, its just that most of us don't care.

Comment: Re:Also time to stop (Score 1) 479

by dnavid (#46449285) Attached to: Author Says It's Time To Stop Glorifying Hackers

glorifying actors, sports figures, politicians, generals, soldiers, writers, artists, architects, Canadians, cooks, race car drivers, the old, children, dogs, accountants, spies, computer programmers, cowboys, drug smugglers, and the disabled.

I don't mind glorifying actors and dogs. The problem isn't glorifying hackers, the problem is giving criminals a pass when they are using hacking techniques. In much the same way we shouldn't give actors and other famous people a pass when they commit crimes, a someone who uses a computer to steal information from other people or cause them harm is a criminal and should be treated as such.

There should be recognition of proportionality. Someone who pokes around on Facebook or Instagram and finds a major security hole, reports it to the companies, and takes no action for personal gain or which harms their uses should be treated far differently from someone who steals user information and blames the target for having insufficient security measures. That's like shooting someone and blaming them for being insufficiently bullet proof.

Comment: Re:Firefox OS Will Become the Mobile OS To Beat (Score 3, Interesting) 205

by dnavid (#46430995) Attached to: Firefox OS Will Become the Mobile OS To Beat

Firefox OS Will Become the Mobile OS To Beat

Flamebait and hopelessly wrong.

I wouldn't go that far. Its entirely possible that Firefox OS could become a major player in the market segment the article indicates. The problem is that saying "...will become the Mobile OS to Beat" implies the major players like Android, iOS, and Windows even want to win that game in the first place. Absolutely there are lots of people who cannot afford the top of the line smartphones out there, and it would be nice if someone serviced their needs, but the problem is time. In time, technology will improve and costs will continue to drop relative to computing power. Its very dangerous to target a market Moore's Law is scheduled to destroy.

For Firefox OS to be the mobile OS "to beat" requires a lot of things to happen that aren't trivial exercises. First, Firefox OS has to become the dominant player in the low end market. Second, it has to achieve a level of brand loyalty comparable to iOS and significantly higher than Android itself (Android users are typically more loyal to their smartphone manufacturer than the operating system itself in my experience). It then has to be able to parlay that brand loyalty into a way to maintain their hold on those users as the smartphone industry advances to the point where the $20 phone of tomorrow is the $600 phone of today. And it must do this in a way that doesn't give the major players an easy way to encompass Firefox's feature set: if FirefoxOS's major innovations are based on open standards and HTML5 applications, anything it can do today Android and iOS could easily do tomorrow if they wanted to.

So much has to go right besides "sell a lot of low end feature phones" that to me it would be like predicting that the company that supplies most of the paper to print air travel tickets in kiosks was a threat to take over the entire travel industry in a decade.

Comment: Re:i interpret it to mean (Score 1) 497

by dnavid (#46430791) Attached to: Can Science Ever Be "Settled?"

all attempts to disprove it have failed and until evidence can be presented to disprove or bring the results into question it is settled

I take the more nuanced stance that a scientific matter is "settled" when all reasonable avenues of refutation have been performed and failed, and when sufficient independent avenues of confirmation have been achieved where "sufficient" is judged relative to the complexity and the range of the scientific theory. in other words, its not enough that it hasn't been disproved, but that sufficient attempts to do so have failed. General Relativity, for example, has obviously never been refuted, but I wouldn't consider it to have been a reasonably settled matter until relatively recently. Fifty or a hundred years ago, the tools and observational power didn't exist to make enough of an attempt to disprove it.

Newtonian gravitation is settled in the sense that in the areas we deem it to make valid predictions all the different ways it can be confirmed have netted confirmation and all reasonable avenues of refutation within its ability to make predictions have failed. Where Newtonian gravity fails are the areas that are described by special and general relativity and those theories place limits upon the range of behavior we accept Newtonian gravity will generate reasonably correct results.

I also make a distinction between scientific statements and scientific theories being settled. Its often the case that there's an intermediate step between "observation" and "theory" when a point of scientific fact cannot be determined by simple observation. For example, whether the universe is expanding is more a statement of reality than a scientific theory. However its not a fact that is directly easy to observe. Often Science has to combine large numbers of observations and analysis to determine whether a statement of fact is true or false. I believe the statement that the universe is expanding is considered settled due to the large number of independent confirming observations and a lack of any other reasonable explanation for those observations. *Why* the universe is expanding and the mechanisms for that expansion is more the realm of scientific theory. Cosmological expansion and inflation are the theories used to explain observed expansion and I think those theories are not completely settled. Its more precise to say they are "settled for now" insofar as if they are false, we currently don't have the tools to refute them.

Comment: Re:Good if they succeed. (Score 1) 132

by dnavid (#46423105) Attached to: Oregon Withholding $25.6M From Oracle Over Health Website Woes

Totally agree, but I should note that it happens the exact same thing in the private sector. Ive seen salesmen threatening customers to with dropping support for, say, the ERP, if they did not push a competitor out in an altogether unrelated section of the business like hardware, OS or even collaboration tools.

Indeed. The problem is the power lies generally with those with the technical expertise, and those people overwhelmingly end up with vendors and not customers. Of course, if they had a sense of professional ethics, that would also act to solve the problem. I'm not hopeful.

IF I HAD A MINE SHAFT, I don't think I would just abandon it. There's got to be a better way. -- Jack Handley, The New Mexican, 1988.