Forgot your password?

Comment: Really? (Score 1) 44

by gstoddart (#47933671) Attached to: Tinba Trojan Targets Major US Banks

the Trojan gets delivered to users via the Rig exploit kit, which uses Flash and Silverlight exploits. The victims get saddled with the malware when they unknowingly visit a website hosting the exploit kit

Say it isn't so! Flash and Silverlight got used as a security hole? Well, I'm truly shoc ... oh, fuck it ... this is exactly why I don't install this shit in my browsers, and why I don't let strange websites run scripts.

Flash has been a gaping security hole about as long as it has existed.

I can only assume Silverlight is little better, but the only browser I have it in is IE on a work machine because we need it to run some in-house software.

But I don't let that browser touch the real internet. Because I don't let IE access the internet unless every other browser has failed.

I'm afraid I no longer have any sympathy when I hear people got hacked via Flash. Because at this point, it's hardly surprising.

Comment: Mechanical stresses ... (Score 4, Informative) 174

by gstoddart (#47929697) Attached to: Wave Power Fails To Live Up To Promise

I seem to recall a news story from a few years ago where they'd tried to put wave power in the Bay of Fundy, where the highest tides in the world are.

OpenHydro -- the Irish company which installed the world's first 1-megawatt tidal turbine in the Bay of Fundy -- and its partner Nova Scotia Power deployed the 10-tonne turbine on the floor of the Minas Passage in November 2009.

Then just 20 days later, all 12 turbine rotor blades were destroyed by tidal flows that were two and a half times stronger than for what the turbine was designed.

Basically, the tides destroyed the machinery in three weeks or so.

So, yes, there's plenty of mechanical energy to harvest. The problem is that it might also be stronger than the stuff you've built.

Comment: Re:One day, someone will explain it to me. (Score 1) 110

by gstoddart (#47929289) Attached to: Logitech Aims To Control the Smart Home

But most of all, if the product and implementation have security flaws that have been exploited, don't buy them.

I rank that statement as about as intelligent as "if the food is contaminated, don't eat it". It's trite, ignores the problem, and acts like somehow consumers would actually know this.

The reality is, by the time it's known to have happened, and they actually tell people about it, it's too damned late.

Given the terrible approach most of these companies have to security, the fact that they hide the fact that they've been exploited, or are otherwise unaware that they've been exploited ... I sure as hell wouldn't trust them to know, or notify us if their security proves to be crap.

I just assume their security is crap from the beginning, because it usually is.

Comment: Re:One day, someone will explain it to me. (Score 1) 110

by gstoddart (#47927933) Attached to: Logitech Aims To Control the Smart Home

I think remote door lock/access control makes sense for some people.

What could possibly go wrong with that?

You really think having an external entity using a (possibly insecure) network connection to unlock your doors isn't something which will be very attractive?

Figure out who has this technology, and then exploit the hell out of it.

I'm imagining someone waiting for you to leave for work, driving up to your house, disabling your alarm, and unlocking your doors. And then tidying up after themselves, reset the alarm and lock the doors.

Sorry, but the track record of people who make devices when it comes to security tells me that I think this is a terrible idea.

But, hey, if you want to hang your home security outside of your firewall ... you should totally do that.

Comment: LOL ... no thanks ... (Score 1) 110

by gstoddart (#47927609) Attached to: Logitech Aims To Control the Smart Home

So, the intent here is that I'm going to install a bunch of devices with dubious security (and which likely provide my information for marketing/analytic purposes), to do tasks I can already do now, and have the whole thing controlled by a single source using protocols which themselves have dubious security, and which have the potential to either damage the stuff in my house or cost me money?

Have I got this right?

Because, really, nothing about this scenario sounds appealing to me. It just seems like technology for the sake of technology.

The privacy and security implications of this "smart" home make me want to grab another layer of tinfoil.

I'm sure there will be nerds salivating over being able to use their smart phone to flush the toilet. But I have no interest whatsoever in this stuff.

Why does the exciting new future always seem like rehashed ideas which nobody really actually has any need of and which are mostly toys for people with too much money?

Comment: Re:Ya, but... (Score 1) 389

by gstoddart (#47925951) Attached to: Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

LOL ... I'm past my coding years by now.

But my counter point would be that many operating systems have been built in C, and people who rely too much on "modern compilers" often don't know what's really happening. I cut my teeth doing OS-level programming in C at the interrupt-handler level. Good times.

I'm not saying people should start all new projects in C, but a good solid grounding in C really does give one a good perspective on what's really happening in the innards of your code. It's about as close to "bare metal" programming as you can get without assembly.

I've met a few coders who had only ever worked at very high level stuff, and a lot of what they did more or less relied heavily on libraries they didn't really understand, or have any sense of the performance impacts when used inefficiently.

That being said, hand rolling your own memory management isn't something I really miss.

But every now and then I still like to sing a few bars of:

Pointers to pointers to printf()-like functions;
Unary minus and nested conjunctions;
Integers, booleans, characters, strings;
These are a few of my favourite things.

Because, "Pointers to pointers to printf()-like functions" was a pretty nifty language feature sometimes.

You could do some pretty neat things in C.

Comment: Re:Baaah... (Score 1) 129

by gstoddart (#47925797) Attached to: FBI Completes New Face Recognition System

Except some might argue that using this technology in a public place is a violation of the 4th amendment.

This stuff is getting very creepy, and it's kind of appalling to see that the US is in a hurry to usher in Big Brother.

Papers please, comrade. Actually, we don't need your papers. We know exactly who you are.

How's that "land of the free" thing working out for you?

Comment: Hmmm .... (Score 3, Informative) 100

by gstoddart (#47925699) Attached to: A DC-10 Passenger Plane Is Perfect At Fighting Wildfires

The three-engine DC-10 entered service in 1970 as a passenger jet, and the last airplane working in that capacity, operated by Biman Bangladesh Airlines, made its final flight on February 24.

There's a reason why the DC-10 isn't used anymore.

Explosive Decompression sucks in an airplane:

The DC-10 was designed with cargo doors that opened outward instead of conventional inward-opening "plug-type" doors. Using outward-opening doors allowed the DC-10's cargo area to be completely filled since the door was not occupying usable space. To secure the door against the outward force from the pressurization of the fuselage at high altitudes, outward-opening doors must use heavy locking mechanisms. In the event of a door lock malfunction, there is great potential for explosive decompression.

Now, when you're using it as a water bomber, you're never going to pressurize the cabin, and you've likely made some other major changes.

I'm glad they've managed to take these old DC-10's and make them do something useful .. they're a pretty cool plane and a piece of aviation history, but that unfortunate defect in the cargo doors made them not really safe to fly in.

But it sounds like it's getting a new lease on life. I wonder just how many of them they'll be able to cobble together .. it's not like they make spare parts for them.

Comment: Re:Ya, but... (Score 1) 389

by gstoddart (#47920527) Attached to: Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

You can teach people how to write better code. You can't teach a stubborn old self taught programmer with 40 years experience why it is better to have maintainable code than to save a few CPU cycles if he doesn't want to hear it.

You know, I don't disagree with you.

But, conversely, I've been on the receiving end of a programmer who refused to do any optimization whatsoever because he said it was pointless (as a result his code frequently became a bottleneck because he had no idea of just how much stuff he was calling), and his (to his own mind) lovely and elegant code was actually brittle crap which was anything but maintainable. In fact, it was garbage which painted him into corners more times than I could count.

On several occasions when asked to make a code change, there was a realization that it was impossible without a complete re-write (because the change violated the aesthetics of his assumptions he'd built into it). In other words, his code was shit to begin with, His "theoretical" understanding of writing good code didn't translate into a "practical" ability to write good code.

Sometimes people trip over their own "elegance", and create garbage.

I'm not saying "all young punks are stupid", and I'm not saying "all old timers know everything", because I think categorical statements are usually garbage.

Programmers of all ages think they know everything and have bad attitudes.

On that point, we are completely in agreement.

But, in my personal experience .. sometimes having been there and done that means you have a bigger picture understanding of what you're really doing, and not some theoretical model you don't know how to apply.

Similarly, if you get to the point where nothing new is worth looking at, you have your own baggage and issues which gets in the way of you doing a good job.

In the middle of those two is where you find the good.


New Global Plan Would Crack Down On Corporate Tax Avoidance 311

Posted by Soulskill
from the bring-our-benjamins-home dept. writes: Reuters reports that plans for a major rewriting of international tax rules have been unveiled by the Organisation for Economic Co-operation and Development (OECD) that could eliminate structures that have allowed companies like Google and Amazon to shave billions of dollars off their tax bills. For more than 50 years, the OECD's work on international taxation has been focused on ensuring companies are not taxed twice on the same profits (and thereby hampering trade and limit global growth). But companies have been using such treaties to ensure profits are not taxed anywhere. A Reuters investigation last year found that three quarters of the 50 biggest U.S. technology companies channeled revenues from European sales into low tax jurisdictions like Ireland and Switzerland, rather than reporting them nationally.

For example, search giant Google takes advantage of tax treaties to channel more than $8 billion in untaxed profits out of Europe and Asia each year and into a subsidiary that is tax resident in Bermuda, which has no income tax. "We are putting an end to double non-taxation," says OECD head of tax Pascal Saint-Amans.For the recommendations to actually become binding, countries will have to encode them in their domestic laws or amend their bilateral tax treaties. Even if they do pass, these changes are likely 5-10 years away from going into effect.
Speaking of international corporate business: U.K. mainframe company Micro Focus announced it will buy Attachmate, which includes Novell and SUSE.

Comment: Re:I like to tell college-bound people... (Score 1) 389

by gstoddart (#47919859) Attached to: Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

...double major in something useful and something useless.

I'm of the opinion that it isn't "something useful and something useless" ... it's more about "something directly practical" coupled with "something interesting and abstract to give you balance and perspective".

Not all things are 100% objective. And, likewise, in some things there's just no room for subjectivity.

Being able to tell the difference is something many people don't learn.

Comment: Re:You guys are always entertaining! (Score 5, Insightful) 389

by gstoddart (#47919723) Attached to: Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

The dogmatism that I have seen and heard on the job and here on Slashdot makes all of you come across as delusional and self aggrandizing.

LOL, you know, I won't dispute the point. Because I agree with it. It's been true for a very long time, and is widespread.

What I suggest is that being an asshole isn't due to a lack of critical thinking skills, it's a personality defect which can subsequently be overcome. ;-)

In some disciplines (*cough* Poli Sci *cough*) where there is no objective right or wrong, the ability to state a case for anything as being equally valid to anything else ... well, some of us don't see that as critical thinking, we see it as rhetoric and sophistry. Because you're not measuring against an objective standard.

The problem comes when you do come from a discipline where things are right or not right, you end up with an overly simplified world view, and nuance becomes something you don't necessarily get.

When there's no room for wishful thinking and sophistry, and you need to use empirical evidence to determine what is happening and what to do about it ... your "feeling" that your "belief" that the router must be sending moon packets is meaningless if you claim it has as much weight as me telling you that the cable is unplugged. Mine is testable and can be acted on, yours is the mistaken belief that if we solve the existential crisis of the router things will sort itself out.

But it becomes a clash of cultures when someone's sensing/feeling/intuition has nothing to do with objective reality, and objective reality is the only thing which matters.

And, likewise, people who only deal in objective reality and can't see past it are largely incapable of doing anything else, unless they've tried really hard to pick up an additional set of skills.

Which means we mostly want to punch people who say the universe could be just a simulation or that a tree doesn't make any noise if anybody is around to hear it, because if it can't be proven true or false, it's probably just a pointless mental exercise. ;-)

Comment: Re:Ya, but... (Score 1) 389

by gstoddart (#47919383) Attached to: Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

Some do, but the stereotype of IT having a myopic view of technology and projects didn't spring from nowhere.

In my experience, that's not a lack of critical thinking skills.

It's a lack of a breadth of education, and a complete lack of maturity and wisdom.

The problem is a lot of people come out of a STEM degree with a minor god complex, and are completely incapable of recognizing when their book learning doesn't match real world experience, and the stuff they're digging in their heels about doesn't work so well in the real world.

Basically they think they know everything.

But ask any senior programmer who has dealt with one straight out of school. Very often the lack of real world experience means they're unwilling/incapable of recognizing that someone knows some things they didn't cover in school, and that their theoretical model falls on its face when confronted with other things.

I once worked with a junior programmer who really didn't know nearly as much as he thought he did. He wrote crap code, and I once had to demonstrate why his version of the code was 100x slower than mine when called a very large amount of times. He quickly got shunted into a corner because he wouldn't listen, and management eventually realized he was useless to us. He had an engineering degree, and he had the right skills ... but he had the entirely wrong attitude. In his mind, nobody could possibly tell him anything ... which made him an asshole, not someone lacking in critical thinking ability.

I'm more of the opinion that STEM candidates should be forced to take a little more arts classes to make them more well rounded and be able to interact with other people.

But, who do you want debugging your production outage? Someone who is well versed in Chaucer, or someone who can apply logic and critical thinking to the problem at hand and has the technical skills to back it up?

Those who can, do; those who can't, simulate.