Forgot your password?
typodupeerror

Comment: Re:Agreed (Score 1) 236

by elnyka (#32188722) Attached to: US Needs Secure Coding Office

6 figures.... No. If you look at the GS Scale, GS12-13 do get that high but that is nowhere near mid career level.

By mid-career level, salaries tend to be in the very high 80's, low 90's. The % of difference (and the tax ranges) make a 8-10K difference to a 6-figure salary to be not that strong (compared to $70K vs $80K).

Also, by mid-career, when working intelligently, we are talking perhaps 7-8 years of *relevant* experience (or 5-6 with a good MS degree). By 10+ years, one should have enough experience to work at a senior level (be it in the government, defense or public sectors.)

10 years at work get by really fast.

Comment: Re:Agreed (Score 1) 236

by elnyka (#32188686) Attached to: US Needs Secure Coding Office

> I've seen a lot of FBI/NSA/CIA job postings for computer scientists that advertise 6-figure salaries.

A good computer scientist is not necessarily a good programmer, let alone a good software engineer.

But most of the time, bad software developers (let alone bad programmers) were never good, or even decent computer scientists to begin with. It takes a unique mindset and analytical skills (and/or abundant exposure to programming-related technologies such as in a *good* MIS program) for someone to be a good programmer and software developer without being a computer scientist.

And for the type of jobs for which the article concerns itself, we are usually talking computer science related work (or at least heavily influenced by computer science topics.)

Comment: The gist of the article (Score 1) 236

by elnyka (#32188650) Attached to: US Needs Secure Coding Office

It's clear you've never seen the government at work. There's two issues with the govenrment writing it's own software.

1) Each individual part of the government only needs custom made software once every 5 years or so 2) Every government in the known history of mankind has been utterly incompetent in cross-department communication

Since you can't reasonably expect the government to hire teams of programmers to write software one year and sit on their asses for 4 years while there's on demand and that traditionally trying to centralize the work leads to horror stories, you can see why most governments (even the socialists) have opted for contractors.

The gist of the article is that the government (or defense contractors working on its behalf) should not rely on commercial off-the-shell software. Unless I'm missing something, the article is not about having all software *that matters* developed by developers directly under the government payroll.

Using defense contractors (which are commercial entities) for developing custom software over COTS is pretty much in tandem with the gist of the article.

Comment: No, not agreed. (Score 1) 236

by elnyka (#32188610) Attached to: US Needs Secure Coding Office

There's a third issue: salaries. Programming talent is used to silicon valley pay grades, not military pay grades. How many employees would be willing to leave their current position and take a 50% pay cut to work for the government? Would you be willing to trust the code of someone working for $40K/year?

For starters, there are people in the commercial sector working for that amount, either as contractors who make a meager $60K/year with no benefits (and no O/T) or as employees doing $40-50K/year with some meager benefits (and both working 45-55hr/weeks.) It is not the norm, but it ain't that rare either.

Second, most developers (specially those graduating since the dot-com bubble) remain junior in terms of skills, and yet make salaries that are inflated wrt to their skills... and they expect they deserve it! This is more common that the previous case. Do you trust their code?

Third, consider a job with, say, the NSA. They certainly pay you below the industrial average (say $60-70K/year tops). But 1) they train you, 2) they pay your post-grad education, 3) give you benefits that are phenomenal, and 4) they give you a goal or end product (whether good or bad) that is far more stimulating than doing the same e-commerce shit all the time.

This is the problem with so many software developers nowadays. They equate quality with high salaries despite the fact that software is usually written like shit and those who write it get paid far more than in other engineering disciplines. And to add insult to injury, they equate quality of work with base salaries (without taking into consideration all the other benefits like medical coverage, fat retirement plans, and generous vacations according to seniority.)

Furthermore, how many people working out there in the software industry get paid to go get their masters as it is usually done with public/private defense-related jobs? That's one big fat amount of money being received as a benefit.

Base salaries are just part of the story, and the trustworthiness of software has more to do with processes than with individual salaries.

Comment: Re:easy. (Score 1) 842

by elnyka (#32157142) Attached to: How To Behave At a Software Company?

innate personality traits of good software developers that bosses just want to have around.

Have a positive can-do attitude, especially whenever the boss asks you to work evenings and weekends. What bosses love to have around are smart people who get things done and don't mind working 60 hour weeks standard (up from there whenever anything surprising happens or is badly panned) for a 40-hour salary.

Appropriate side question: What behavior traits would you like your co-workers to exhibit?

A little self-respect, and enough spine to refuse to be exploited into giving up your personal life to further your bosses ends. Every time you work long hours, you create expectations that your co-workers should work long hours too, and they will despise you for it.

The text in bold: That is the worst suggestion you can make. As a salaried employee, you do that only in very critical projects and dead lines. It can never be the norm, nor should one be happy about being expected to do so. For hourly paid contractors, however, that is different.

Under normal (read non ZOMG CLUSTERFRAK EMERGENCEYEYE!!!) circumstances, what is required from salaried employees is the ability to 1) estimate completion dates with a degree of confidence and 2) be able to deliver on those days without going into heroic 60hr work weeks.

Comment: Re:A lot of stupity going on here (Score 1) 363

by elnyka (#32151598) Attached to: A Call For an Open, Distributed Alternative To Facebook

Don't confuse the author of this article with a geek. Geeks don't give a shit about facebook, twitter, or blogging.

There are quite a few geeks, talented geeks (many of them spearheading some of the most important FOSS projects out there) who are active bloggers and twitteres. Several of the people I have on my facebook are hard-core software/electrical engineers. I don't know what your personal anecdotes are like, but those are mine. YMMV.

Comment: Re:A lot of stupity going on here (Score 1) 363

by elnyka (#32151584) Attached to: A Call For an Open, Distributed Alternative To Facebook

And your point being?

That it is still a useful tool to connect with family and friends, which the author of this article refers to in the past tense.

Facebook used to be a benign and somewhat useful tool.

It still is. Just because it no longer provides usefulness to different sectors of the population (of which one contains YOU), that does not indicate it is not useful at all to some other sectors (or to the majority of the population that just wants a de-facto standard of e-networking.)

Now it is mutating into a privacy vampire.

That is in the eye of the beholder wrt what you and I value/give a shit about privacy.

I am a geek, though not a "computer geek". My expertise is bacteria and microorganisms, not IT or computer science. Yet, I have recently wiped a lot of stuff that on longer thinking, I shouldn't have put on Facebook, stuff like certain photos, phone numbers and real world mailing address.

As it should be. Why would you put something like that on a site that is not your own, on infrastructure that is not your own is beyond me. You don't need to be security-savvy to know this. You only need common sense. Having (or not having) common sense is a person's onus, not the onus of an internet portal/networking service for-profit company.

That people fail to understand that (or to grasp the fact that sites like this are business trying to create a niche market based on information and personal networks), that's their (your) fault.

Heck, I now even wiped my birthday from Facebook. I did this after reading about Facebook privacy concerns on Slashdot and everyday news outlets and became concerned myself.

That's sensationalism. I have no problem putting my bod or other information that can be easily gleamed from public records on facebook. It serves several purposes for relatives, friends and past/present co-workers and college-mates with whom I network on facebook. Besides, you have fine-grained control regarding privacy levels on the information you have.

In fact, I will probably cancel my account soon because after 4 years on Facebook, I got little benefit from it that I couldn't get from just emailing someone.

Why probably? Just do so right away. Why wait if it is such a privacy pirate?

Sure it was fun to find your long-lost friend from primary school, but how many of us really follow up?

Projection. Just because you don't follow up, that doesn't mean it holds for a certain % of the population. You can't make conjectures about other people based on what works or does not work for you.

There is usually a good reason why we lost touch with someone, the most common is that we just grew up into a different person. Out of my several hundred Facebook "friends", I can count around only 20 that are actually real friends, not just acquaintances or the social equivalent of archaeological fossils.

But that is a given. What is wrong with keeping connections to people that are now acquaintances and not the close friends they were 10-15 years ago? What is the surprise in that, and what is wrong with it? Some people obtain benefit (socially and emotionally) by keeping those connections alive, even if by just checking each other's glimpses of lives via shared family photos. Others do not.

And. Both. Are. Natural.

Coming back to your point that an open version of Facebook, made by selfless enthusiasts won't work, please go to the Diaspora website linked in this thread. A couple of university kids with nothing but big dreams and good intentions had already managed to raise $17000. This proves that there is a need for such service and people are willing to pay good money for it.

Ow wow, it raised $17K. Oh Yipees!

I work in software, I've worked in security, and I've worked in e-commerce, so maybe there is a chance that I'm educated enough in the industry to know about developments like diaspora. I dunno, just a wild guess.

The fact that Diaspora is coming to existence does not mean that it will work WRT to replacing Facebook or that it can provide a "better" alternative (better for what, with respect to what anyways).

There are so man social and psychological variables that /. posters like to conveniently neglect when it comes to social e-networking that it just hurts to even debate them.

Such a project, such a site will work for YOU and for enthusiasts who gather around the ideal of something different from the so-called privacy pirate that is Facebook. It is YOUR rallying point.

The idea that it will replace Facebook or similar for-profit services, for the general/typical internet user, THAT is a fallacy. It is not a conclusion that can be logically drawn from the points mentioned in the paragraph above.

Comment: Re:A lot of stupity going on here (Score 1) 363

by elnyka (#32151464) Attached to: A Call For an Open, Distributed Alternative To Facebook

...the typical consumer of

whatever 'geeks only' technology you're talking about only needs an abstraction layer that makes it simple and some flashy artwork that makes it shiny.

That would be an excellent point except that I'm not referring at all by any stretch of the English language to 'geeks only' technology (referring instead to web-based information and publication in general as I clearly state.)

But the tech needs to exist first, and that tech will certainly be created by a collective of selfless enthusiasts.

You are asserting something as if it were a certainty. And assuming it were to happen, it is non-sequitur to my post.

Comment: Re:Call for an alternative? (Score 1) 363

by elnyka (#32148124) Attached to: A Call For an Open, Distributed Alternative To Facebook
It is easier to write an article (for Wired, that tells you that much) than to actually do it. The whole idea is idiotic anyways (missing the entire point of sites like facebook and people who *want* to use it.) Either he knows that and simply wrote the article to get some traffic, or he really believes it (and thus his intelligence should be called into question.)

Comment: A lot of stupity going on here (Score 3, Insightful) 363

by elnyka (#32148108) Attached to: A Call For an Open, Distributed Alternative To Facebook

Facebook used to be a place to share photos and thoughts with friends and family and maybe play a few stupid games that let you pretend you were a mafia don or a homesteader.

Used to? What, it no longer serves that function?

It became a very useful way to connect with your friends, long-lost friends and family members.

And still is.

And Facebook realized it owned the network.

ZOMG1!!! I think there is a very strong possibility that Facebook *knew* they owned the thing that runs on their f* infrastructure. Maybe that was part of their business model from day one. Crazy I know!!!

Even crazier to think they just realized that fact </facepalm>

Then Facebook decided to turn "your" profile page into your identity online — figuring, rightly, that there’s money and power in being the place where people define themselves.

See above.

Think of being able to buy your own domain name and use simple software such as Posterous to build a profile page in the style of your liking.

Yeah, I can see the typical Facebook user (or the typical consumer of web-based information and publication in general) doing just that. This is what happens when geeks project their own experience and worries onto others, thinking others do as they do, and most importantly, care or worry about the same shit they do. They don't.

If such a proposal ever takes place, all it would do is facilitate the creation of new "facebooks" that will wither and die over time. Eventually people will conglomerate to specific venues with functionality and ethos that appeal to them, run not by a collective of selfless enthusiast but by people who put the time and money to make it happen (and that won't happen just out of charity.)

Talking about missing the entire point of human communication.

Comment: stupidity and dishonesty trumps knowledge (Score 1) 92

by elnyka (#32080198) Attached to: Mariposa Botmasters Sought Real Jobs After Arrest

What about Kevin Mitnick? He is making a living by switching his hat from black to white, and no one had a problem with that. It would seem that Panda might do better having a few people who know how to make malware so successfully. The question, of course, is "can you trust them?" and only they can answer that.

What did you expect the guys to do for jobs, flip burgers? Become stock brokers? Of course they would pursue careers in security. It seems they must know a fair amount about it to get away with so much, for so long. They certainly know more than someone coming straight from a CS degree.

Fuck that. I wouldn't hire these people even if they paid me. Knowledge is not equal to intelligence, common sense, and above all, ethics that you can bet your reputation and business on as this following quote from TFA reveals:

Corrons said he met with with Netkairo again at Panda’s offices, but said he repeated his previous statement that the company could not hire someone who had been accused of running a botnet.

“So he says to me, ‘But we still haven’t been charged,’ Corrons recalled. “I told him, ‘It doesn’t matterjust the fact that you are involved is a problem when it comes to working for any serious security company.’ And what he then came out with says a lot about him. He said, “Yeah, but nobody else knows that.”

When it became clear that Panda wasn’t interested in hiring him, Netkairo changed his tune, Corrons said, claiming he had found vulnerabilities in the company’s cloud anti-virus software and hinting that he planned to publish the information.

Desperately stupid geek playing racketeering because he can't find a decent job, even if it is for flipping burguers? Nerd-meet-Tony-Soprano? Only a moron would hire that type of person knowing a priori the type of person he is.

Comment: Re:Some Differences in These Cases (Score 1) 121

by elnyka (#32074574) Attached to: Rich Pretexter, Poor Pretexter

...Kernell did the public a service in helping to expose a corrupt politician.

We don't write law to serve the public.. In fact, some are written to protect the corrupt politician.. seeing as that we let corrupt politicians write the law

http://en.wikipedia.org/wiki/Buchanan_v._Warley Yeah, neither laws nor the judicial legislative systems ever work for the people, ever. Tool.

Comment: Re:Some Differences in These Cases (Score 1) 121

by elnyka (#32074548) Attached to: Rich Pretexter, Poor Pretexter

Ok, but in the Palin case, the former governor was using this email address to skirt public disclosure requirements. Palin is trying to play the victim here. She is the worst type of politician, and if our system was fair (which is impossible due to people like Palin), then she would be prosecuted as well.

As far as I'm concerned, Kernell did the public a service in helping to expose a corrupt politician.

What exactly did he exposed?

Comment: 4 years of CS 4 years of grunt monkey code work. (Score 3, Interesting) 225

by elnyka (#32038486) Attached to: Students Flock To GMU For a Degree In Video Game Design

I wish I could have just gotten 4 years of that newbie experience under my belt instead of spending it on a degree who's only real worth today is to get you that newbie job to begin with.

Sorry to hear that, but we get what we put in. The only way to get some expertise under the belt before graduation is by doing internships if possible, or work in computer labs as a second option. And by working in computer labs I don't mean showing students how to eject the CD drive but doing actual administration and setup (and luckily sysadmin programming/scripting.) The other option is to get an AA/AS degree, then get a job (even if only a data entry/report generating one) while doing the remaining junior and senior year at a 4-year college. With that path, it is almost certain to accumulate 1-2 years of programming experience...

... but most importantly, it allows to create professional networks.

Some anecdotal stories for shits and giggles... When I was in community college, I did everything I could to get a "computer" job. I was working at Home Depot at the time (selling floor/tile stuff and driving forklifts). I pestered management to gave me a job at the store data center (where they ran these old mini-computers and stuff.) Management tried, but there was never an opening. Later I got a part-time job at the comm.college computer lab, setting up software while tutoring and assisting teaching intro-to-micro courses, Pascal, Assembly, C and DBase. First connection was my Pascal professor with whom I got another part-time job doing Visual Basic programming... now I'm programming while getting paid!!!!

Next connection came from another professor with whom I was taking Delphi and Expert Systems programming. Through his class I get to meet a senior developer at one large insurance firm in my city (one of the largest in the country at the time). When I got my AA, he took me under his wing and got a job developing applications with FoxPro (we were doing the transition from procedural to object-oriented programming back then.) I did that while doing my junior and senior year in CS. On my last year, through another connection, I got a part-time job at the computer science department, doing Unix administration. I left my full-time FoxPro job to concentrate on the last 6 months of my senior year while working on that Unix admin job.

I graduated with my BS degree (and 3 years of programming experience already). Through another connection I made with school and work, I got a research job at a research center (distributed systems, formal methods and security were the focus of research). So as I'm plowing my way through the MS program and doing a lot of really good shit in C and C++, network protocol programming, distributed systems and the like, we started working with Java and CORBA...

and alas, through yet, another connection with the research center, I met a group of developers funding a start-up company that was heavy on Java and CORBA. Off I went to my full-time Java development job. 3 years of programming experience and 2 years of research with immediate industrial application sponsored by people doing that for a living. Just a year and a half after graduating with a BS degree and right in the middle of my masters.

After that job, I've had many others, many of them thank exactly for the type of research I did (performance evaluation of distributed authentication systems to be precise.) From SQL and relational database theory to software engineering to network programing to algorithm/complexity theory, each had helped me in a real way in the real world.

My advice to people studying CS - work on your connections and pursue internships/college lab jobs. Many of my friends from college got really sweet jobs right off the bat because they did internships. We get from college what we put in.

Sure I learned some things doing my CS degree, but most of it could have been learned just as well through on the job experience in less than half the time.

Only if you are that naturally talented. I know I wasn't when I started. I don't even think I am. I simply plow my way. Any schmuck can learn how to put pieces together in a programming language and call it a delivered program just by putting the time with programming books (or cruising the CS curriculum.) It takes serious work and effort (or a rare natural talent) to put all the pieces together to program in a manner and style that doesn't suck, that it's maintainable and that it is efficient. Don't fool yourself into thinking that there is just coding in it. There is a lot more into this job, starting with a throughout understanding of modularity, Bohm/Jacobini's structured program theory and Jackson's Structured Programming, top-down decomposition, bottoms-up synthesis, object-orientation and composition, procedural programming (you can't truly get OO right off the bat without understanding procedural programming.)

I guess mileage might vary from one person to the next, but I cannot think of one single undergrad or grad course that hasn't helped me substantially and practically *in the real world*. Actually, I take that back. The only course I can think of that hasn't had a direct impact was a graduate course in semantics of programming languages. After that, all others, even the theoretical courses have helped me. And it is not as if I do rocket science crap. A substantial amount of my work has been plain ol' enterprisey stuff.

Formal education is not supposed to turn you into a rock start. But it should provide you with the mental tools to start from zero, and help you evolve from code monkey to developer to engineer to architect or team lead. 4 years of code monkey experience is simply 1 year of code monkeyism * 4. It's not 4 years of experience. A formal education helps you, if you put your mind to it, turn each year into a year that you can truly count as cumulative experience.

There are people out there that are awesome at software w/o a formal education. But they are far and few between. Unless your education really sucked, believe me, you are better off starting as a newbie with a degree than doing code monkey crap for 4 years thinking your code is actually good. We got too many of those leaving turds in legacy systems.

A lot of it was completely useless to my chosen career. But hey, that's the way the world works I guess. Shame I didn't know anyone who could score me a job in the field back then.

Mileage might vary from one person to another I guess.

Do not use the blue keys on this terminal.

Working...