Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: From the draft... (Score 2, Interesting) 171

by johnnys (#49079529) Attached to: HTTP/2 Finalized

"HTTP/2... also introduces unsolicited push of representations from servers to clients."

Seriously? Do we need yet ANOTHER way for a server to push unwanted code and malware onto our client systems? This is the greatest gift we could POSSIBLY give to the cybercriminals who want to break into our systems.

How about we think of security somewhere in this process, instead of pretending it's someone elses's problem?

Comment: This is actually GREAT news! (Score 1, Interesting) 415

by johnnys (#48558417) Attached to: Microsoft's New Windows Monetization Methods Could Mean 'Subscriptions'

Finally some Clue (TM) out of the Redmond mothership!

In a subscription model, M$ does NOT have to tempt the users with "new features" to get you to buy their software, so there's no impetus to "change everything for the sake of change" and the abominations that are Me, Vista, "ribbons" and 8 should not happen anymore.

The initial cost of Windows drops to zero: Why would the mothership bother charging for it up front? The first hit is always free!

Since M$ is getting paid for every Windows system running, they can actually FIX the security problems in Windows instead of insisting that we all have to upgrade so they can make money. They will be able AND motivated to keep supporting older versions for much longer. Less retraining and hassle for the end users, and more stable and reliable systems for users and businesses to depend on.

Businesses have been doing it this way for years now, and they like it.

Comment: Here's the problem. (Score 5, Insightful) 205

by johnnys (#47318755) Attached to: The Security Industry Is Failing Miserably At Fixing Underlying Dangers

The "Security Industry" makes money for the shareholders selling "stuff". Any time they see a problem, they will treat it as an opportunity to sell more stuff, since that is how they make money. If the problem is because the customer has already bought too much stuff, they will still try to sell the customer more stuff since THAT IS WHAT THEY DO.

So if you want to be secure, what do you do? We all know: You get rid of crappy software, simplify your systems, remove unnecessary cruft and hire developers, network systems people and architects who can build you what you need securely. You do NOT hire the cheapest meat puppets who can find the company website and spell "javascript" and you don't outsource your security to the lowest bidder.

This requires real effort on the part of the company paying for all this: They need to recognize that the "Security Industry" and their shiny, happy sales droids are just parasites ripping off the public with the "latest and greatest security stuff that will really protect you this time I promise not like all the other times, I really really mean it THIS time!".

They really need to understand that the RIGHT way to GET Security is to design it in, have the right people building and managing it and proper oversight over all of it. To do that you have to treat it as a profession and a core part of what the company does, not as a "service" or "product" that can be "bought in" or "outsourced" to a low bidder.

Security needs to be treated as a profession in any company with a significant cyber presence, just like the accounting them, the legal team and the core business functions. Pretending it's "just something that we can buy from a vendor" is short sighted and ignorant.

Comment: Re:Dead on arrival (Score 1) 345

by johnnys (#47279113) Attached to: Harley-Davidson Unveils Their First Electric Motorcycle

Wrong! Wrong! Wrong!

90% of motorcyclists are perfectly reasonable people who ride motorcycles with the original quiet mufflers, or a reasonable muffler that is not a lot louder. The 10% of cretins who ride with earsplitting open pipes are the MINORITY. Don't think that because they make 90% of the noise that we're ALL like that.

I've ridden 40,000 miles on motorcycles in Canada and the USA and I always had a reasonably quiet muffler. So please don't keep spreading the lie that "90%" of us are lowlifes: There's probably a MUCH higher percentage of politicians and bankers who deserve culling than motorcycle riders!

Comment: Only ONE day??? (Score 1) 230

by johnnys (#46880759) Attached to: One-a-Day-Compiles: Good Enough For Government Work In 1983

You got your compiles back the NEXT day? Bloody luxury!!

At my high school, we had to write our own programs, punch them ourselves and submit. We then had to wait 2 days to see if they compiled!

You young whippersnappers with your fancy "gcc" have it so much better! And get off my lawn!!!

Comment: Follow your passion and keep your options open. (Score 1) 133

by johnnys (#46559075) Attached to: Ask Slashdot: Moving From Tech Support To Development?

If you find "problem solving" to be your passion then follow it, but try to make sure you don't follow something that will limit you later on: If you think Java is interesting then go ahead and learn it BUT make sure you learn the general skills in programming over the particular skills. Learn how to program then learn the language. That way if opportunities around Java go away, then you are set for what's next.

You may find that "problem solving" leads to programming now, but as you grow and develop new skills and interests it may lead to something else, then something else after that. If you can keep your passion then you will be motivated to keep going and learning new things.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (7) Well, it's an excellent idea, but it would make the compilers too hard to write.