Forgot your password?

Comment: Re:What about a re-implementation... (Score 1) 249

by gweihir (#46765515) Attached to: OpenBSD Team Cleaning Up OpenSSL

That idea does not work: In practice most programmers always create the most complex code they can. Hence code comprehension complexity is solely dependent on programmer skill. The other thing why this idea is flawed is that a good coder encapsulates complexity so that you do not have to "track more objects" in some languages.

Comment: On the other hand, most devs do not get ops (Score 3, Interesting) 156

by gweihir (#46763555) Attached to: How 'DevOps' Is Killing the Developer

A problem I have run consistently around is that developers rarely understand system administration, and operations in general. It makes their software suck a lot more. This is even more true with the Java-crowd, many of which cannot even use a commandline. The more this gets fragmented, the more people get specialized, the more problems arise in architecture, design and implementation, up to and including software that cannot even be deployed because of misconceptions on the developer's side.


Comment: The whole approach is wrong (Score 4, Insightful) 161

by gweihir (#46760183) Attached to: The Security of Popular Programming Languages

The security level of a piece of code with good security is 95% coder competence and 5% language, i.e. language is irrelevant. One thing though is that language can add to the security problems if it has insecure tun-rime implementation errors.

One reason most security-critical software is written in C is that there, the coder gets full control. A good coder with skills in secure coding will do fine with C. A coder that does not understand software security will to badly in any language, but in C he/she might not even produce anything that works, which will be an advantage. Also in C, it will be far more obvious if somebody is clueless, which makes review easier.

But "language is important for code security" is even more wrong than "language is important for code reliability". Language is important for code performance though, but only in the sense that it can kill it. Good language choice can also make a good coder more productive (a bad coder has negative productivity, so it hardly matters...). This nonsense about the language being capable of fixing problems with the people using is comes from "management" types that are unable to handle people that are individuals. These utterly incompetent "managers" can be found in many large companies and they believe that in IT, individuals do not matter. Typically these "managers" are not engineers and have no clue what a good engineer can do but a bad one cannot. They also believe that engineering productivity can be measured in hours spent or that all coders are equal and just implement specifications, so outsourcing is a good idea.


Bachelor's Degree: An Unnecessary Path To a Tech Job 280

Posted by samzenpus
from the just-a-piece-of-paper dept.
dcblogs (1096431) writes "A study of New York City's tech workforce found that 44% of jobs in the city's 'tech ecosystem,' or 128,000 jobs, 'are accessible' to people without a Bachelor's degree. This eco-system includes both tech specific jobs and those jobs supported by tech. For instance, a technology specific job that doesn't require a Bachelor's degree might be a computer user support specialist, earning $28.80 an hour, according to this study. Tech industry jobs that do not require a four-year degree and may only need on-the-job training include customer services representatives, at $18.50 an hour, telecom line installer, $37.60 an hour, and sales representatives, $33.60 an hour. The study did not look at 'who is actually sitting in those jobs and whether people are under-employed,' said Kate Wittels, a director at HR&A Advisors, a real-estate and economic-development consulting firm, and report author.. Many people in the 'accessible' non-degree jobs may indeed have degrees. For instance. About 75% of the 25 employees who work at New York Computer Help in Manhattan have a Bachelor's degree. Of those with Bachelor's degrees, about half have IT-related degrees."

Comment: Re:gnome 3 sucks on many levels! (Score 1) 665

by gweihir (#46742113) Attached to: The GNOME Foundation Is Running Out of Money

I hope there will be a backlash and some Linux distros will remember that reliability was one of the Linux promises. Currently it does not look good, with Gentoo the only somewhat major distro that has not decided to join the clusterfuck. (Slackware is another.) On the other hand, current Debian stable does not have it either, and that will be around for a few years, so if people wise up to how stupid and non-UNIX systemd is soon enough, they _could_ go back. I may also be dreaming here, but my impression is that the negative voices with regard to systemd are increasing. Basically everybody with a clue that takes one look at this monster immediately does not like it.

Comment: Re:There are people that tust SSL-certificates??? (Score 3, Insightful) 151

by gweihir (#46741941) Attached to: Private Keys Stolen Within Hours From Heartbleed OpenSSL Site

I am not sure it is a bigger issue, since many of these sites will not be publicly reachable. But it definitely is an issue foe example for large corporations that use SSL in their Intranet with self-signed certificates. They now have to wonder whether some of their staff has attacked their servers this way.

The "cutting edge" is getting rather dull. -- Andy Purshottam