Forgot your password?

Comment: No. (Score 1) 136

by drolli (#46787971) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate

If i find a bug which is critical to my employer while being plaid by my employer, the first and only thing which is do is assess the impact to my emplyer, and identify the most important measures for the employers business.

IMHO they acted correctly: protect your own systems, and then the systems with the biggest impact.

Comment: Project management (Score 2) 145

by drolli (#46786355) Attached to: Oracle Deflects Blame For Troubled Oregon Health Care Site

I am working as a consultant.

My good advice to every customer is: dont buy consultant work as time and material. Buying as time and material puts the wrong incentives to everybody:

-Your own people will feel that they still can just use them as normal workers and keep all decisions (and thus responsibility) to themself

-The consultants dont care, since just doing what your own people tell them without thinking is what gets their monthly timesheets signed. If something goes wrong they can even sell more hours, not less

-The consulting company does not care (and rigthly so since that was not what you asked for) and will send you inexperiences junior consultants wherever possible.

-Coding quality has to be reviewd by your own people (or just accepted as it is)

-Your own people are usually vastly inferior at project management in comparison to the average senior consultant - in a non T&M contract the usual situation is that you get the things done in time or you will loose money.

Comment: Chernobyl was not a meltdown (Score 1) 195

by drolli (#46785975) Attached to: MIT Designs Tsunami Proof Floating Nuclear Reactor

Chernobyl would not have been prevented by putting the reactor in water. It was the only accident which had a "nuclear power excursion" as the reason. TMI and Fukushima were a failure of the classical cooling.

In Chernobyl the operators ignored the normal precautions. They operated the fuel in a state where xenon (see http://hyperphysics.phy-astr.g...) was present. Due to this the system was far away from the assumed stable oprtion point assumed in the controls.

The power which you would have needed to dissipate at the event to cool the reactor would have been ong the order of 200GW. Normal heat transfer coefficients are on the order of 10s of KW/m^2/K if i assume that you allow 200K difference on the surface, you end up at an active cooling surface of 100000m^2, which just is not there, not even if you drop the reactor into water.

Comment: Controlling? (Score 1) 686

by drolli (#46741761) Attached to: The GNOME Foundation Is Running Out of Money

Lat me get this right (from their wiki page):

GNOME, as the lead organization, has been responsible for managing the finances for the entire effort. However, as the program grew, the processes did not keep up. The changes were not tracked effectively from the point when other organizations joined the OPW. This impacted not only our ability to manage the OPW administration, but also to keep up with the core financial tasks of the Foundation -- tasks which already needed the full attention of the Foundation's employees and the board.

So other organizations accepted liabilities which were automatically transferred to GNOME Foundation? or they plainly lost track? Or they did not caclulate before what limit for accepting students there is?


Did they - by spending money on a side track -fuck up an organization which should - given the situation about people not bein happy with they main project - focus on stakeholder management? I mean it's not like that job is not important for the FOSS community. And wo me it seems that the exeution of the job leaves some things to be desired.

Comment: national security (Score 1) 134

by drolli (#46740405) Attached to: Obama Says He May Or May Not Let the NSA Exploit the Next Heartbleed

The national security interest would be to patch the hole, not to leave it open. This hole was to easy to exploit, and supposedly enabled identity theft on a massive scale, even to vastly infereior intelligence services.

The comparison with the centrifuges in Iran is misleading. for that combination of attacks it is very hard even to find suitable experts to generate the code.

Comment: So what we need are safer cars (Score 1) 184

by drolli (#46739003) Attached to: The Case For a Safer Smartphone

I dont use my mobile while driving. But i know enough idiots do.

So lets build a safer car. The technology is there. The typical accidents which happen due to reduced attention (like changing lanes unintentionally, not reacting to bearking light of the car in front or a pedestrian entering the road) can be addressed well by existing off-the-shelf technology. Right now these things (radar, automatic breaking) are sold in premium cars. The reason for this is not because these are so expensive to built, but because its is the best strategy for carmakers to first milk the high-end segment (with nearly arbitrary earnings/revenue) and then turn to the rest of the market.

However, if you make things mandatory for all new cars, then the price for the new car goes up by a few hundred bucks, but the insurance will go down.

As and extreme measure the car could reduce the maximum speed automaticlly once it detects that the driver is using a mobile phone or, in general, not looking at the road. Tracking eye movements is well proven technology.

Comment: Utterly idiotic. (Score 1) 292

by drolli (#46722797) Attached to: Nat Geo Writer: Science Is Running Out of "Great" Things To Discover

Science runs out of things to discover all the time. The last big point when everybody thought that now "everything is understood" was in the middle of the 19th century. Mathematics was developed enough to descibe that classical non-relativistic point-mechanics world well enough. Everything seemed fine.

Then came relativity and quantum mechanics, and in the wave understanding all these phenomena there was an time when the theories could be used verified (with the "low hanging fruit" first). Fact is, building technology from a theory is the last step in using the theory. This step happens now for QM with the coherent of single quantum controls. Only when you have such technology, you can actually test the limits. I should remind here that, at the time of implementation the Michelson-Morely experiment was absolutely state of the art, using all understanding in the design and the newest technology.

Now we are at a similar point. We need extremly complicate technology (Quantum Computer, Gravitational wave detectors) to bring the experiments to the limits. Absolutely nobody nowadays can tell if QC will work (i am a former QC researcher). If the interpolation between the "macroscopic/collective" Quantumphenomena and the few quantum entangled systems indeed will exist is something which we expect, but it is an *unproven Hypothesis*, a test of a theory in limit which was never tested before.

Maybe everything works out according to theory, but possibly not. The same is true for Gravitation.

Comment: Re:How conveeeenient! (Score 1) 152

by drolli (#46719845) Attached to: Google Chrome Flaw Sets Your PC's Mic Live

it makes it even believable that the NSA "accidentally" records all infromation which it "accidentally" acquired. You know, in times when even google "accidentally" turns on the microphone and a security library has "accidentally" simple checks deactivated, you know they just "accicentally" forgot the "SELECT" statement.

Comment: Shadowrun retruns (Score 1) 181

by drolli (#46711679) Attached to: Do Free-To-Play Games Get a Fair Shake?

Bought the app, happy I did not kickstart it. Good idea, accptably written story, but incredible hardware requirements (and even then its slow), and the gameplay just sucks. Unfinished, badly managed product at any rate.

We all might despise the idea and enthousiats, but all software developers here know: "Real artists ship" (attributed to Steve Jobs). Getting something out of the door which is usable and focuses on the core idea, but maybe limited, is crucial for all shareware and free to play developers, so yep, the quality requirements may be different. If a free to play game is too late to catch a certain wave of game mechanics, or so the gameplay bad that nobody want to continue playing it may be worse than having 10years old graphics.

Comment: I never got that anyway (Score 1) 40

IMHO There are three ways in which social media can help you in your job:

1) finding a job/boosting your career by contacts: unrelated to job performance.

2) Finding a solution to an already known problem (e.g. stackexchange) and retruning the favour there *iff you really have to say something* (otherwise it will annoy others and damage your reputation). Use it wisely to learn (and dont copy&paste too much).

3) Reflecting on your own mindset by (semi)-anonymously posting on the internet, and listening to the thoughts of others, without the pressure to loose your face if you are not right, or asking questions which you would not ask in public.

But having 1million friends and likes of facebook is not getting your problem solved unless your are an SEO sheep.

Thus spake the master programmer: "When a program is being tested, it is too late to make design changes." -- Geoffrey James, "The Tao of Programming"