Forgot your password?
typodupeerror

Comment: Re:whine (Score 4, Insightful) 164

by mlts (#46763661) Attached to: How 'DevOps' Is Killing the Developer

I have seen some companies have their developers given autonomy, with their own DevOps, mainly because it allows for what is needed to get granted. New subnet for lab testing? It is a lot easier to get a DevOp guy to configure the VLAN for it than to submit a ticket to a different organization that isn't connected at all, nor knows what needs done.

Of all the organizations in a company, dev needs the loosest reins (while still keeping separation so that the loosened policies don't allow for a security breach to compromise other departments.) The other department that needs autonomy is QA, because $DEITY knows what needs to be tested against.

So, having an autonomous DevOps means that the dedicated programmers have people that know what they want/need, and have the ability to get that.

In my experience, this does seem to work and work well in SMBs that are not just hiring H-1Bs or offshoring their entire dev department in toto. Larger companies, depending on corporate culture, not so much. Dev and QA should be autonomous. They have to be because that is where things get invented and bugs get squashed.

Comment: Re:Energy Control Systems Online? (Score 2) 76

by mlts (#46761783) Attached to: Lack of US Cybersecurity Across the Electric Grid

I wonder what ever happened to the concept of the data diode. That way, stuff can be monitored... but it would take someone physically there for action [1]. I've done this on a low bandwidth basis by using two machines on physically separate networks, a serial cable that has one line cut (so it could only send signal one direction), syslog on one side, and a redirect from the serial port to a file on the other side.

[1]: Of course, this isn't 100%, someone can pretend to be a manager or upper muckety muck, but it is a step up from a remote attacker just typing in blkdiscard /dev/sda on an embedded machine that got exploited.

Comment: Re:Bicycle! And motorcycle. (Score 1) 162

by mlts (#46748937) Attached to: The Best Parking Apps You've Never Heard Of and Why You Haven't

Similar dilemma. A regular bicycle is unfeasible due to distance. Hopping a bus with a bike is iffish, since there are only two bike spaces in the rack per bus that shows up every hour... and assuming a slot got made free, it would be a battle of speed with others. Which leaves folding bikes and having to lug a Brompton into and out of a building.

Even if you find a space, the parking meters are kiosks on every block, and you -will- get a ticket between the time you walk to the kiosk, get the ticket printed out, and come back to the vehicle to put it on.

So, the easiest thing to do is hail a taxi and go from there.

Comment: Re:It's possible to get a job without a degree... (Score 1) 280

by mlts (#46748857) Attached to: Bachelor's Degree: An Unnecessary Path To a Tech Job

The ironic thing, most of the places were private companies without a government contract. They wanted the security clearance because someone else did the vetting for them.

It isn't how I like to be, but just what narrow piece I saw after graduating college. Without the alphabet soup, you never had a chance of passing the first rounds.

Comment: Re:It's possible to get a job without a degree... (Score 3, Insightful) 280

by mlts (#46747385) Attached to: Bachelor's Degree: An Unnecessary Path To a Tech Job

In my experience, you won't get an HR person's attention unless you have the alphabet soup after your name. A bachelor's gets the resume out of the round file. A MCSE/CCIE/RHCE gets it scheduled. A CISSP or TS-SCI clearance gets it to the tech guys to be interviewed. In fact, when I got out of college, most interviews went like this:

Interviewer: "Do you have a CISSP or TS-SCI? No? Next in line, please."

It really didn't matter about experience... one could be clueless in IT but have a MCSE, and be further along than someone who had many years in the field, but didn't have the cert.

Comment: Re:Probably typical (Score 2) 119

by mlts (#46746725) Attached to: 44% of Twitter Users Have Never Tweeted

You can count me in that category. I signed up way back in 2008 because after getting out of college, prospective employers would demand if I had a FB/MySpace/Twitter account, and if not, the interview was up, as the HR rep felt that it was mandatory for anyone in IT to have social networking accounts to be considered up to date in skills.

So, I created a Twitter account, followed EMC and a few other names, and called it done... it did make the bean counters happy because they thought I was "with it".

Comment: Re:Nuclear? (Score 3, Interesting) 421

by mlts (#46743525) Attached to: UN: Renewables, Nuclear Must Triple To Save Climate

+1.

We have 50-60 years of technology advancements. Look how cars have advanced. Had there not been such a strong oil/coal lobby, there would be advancements that would be impossible in today's political climate:

1: Thermal depolymerization -- turn waste products back into crude ready for use again.

2: Droughts would be mitigated as issue with desalination plants combined with the infrastructure to pump it inland.

3: More technologies would be possible to reclaim used components. Waste can be recycled cleanly.

4: More expensive (expensive as in energy) chemical processes can be used to reclaim toxic sites.

I think future generations will think we are dolts as not to have moved to nuclear sooner, because more energy available per person can mean a lot more advances and a better quality of life.

Comment: Re:Nuclear? (Score 1) 421

by mlts (#46742861) Attached to: UN: Renewables, Nuclear Must Triple To Save Climate

Here is the ironic thing: Both the hippies and the Tea Party people I know are all over solar, wind, and other alternative energy.

I just wonder when the tipping point happens where people and businesses stop wanting to be beholden to Middle Eastern oil and dirty coal, and move onto nuclear [1]. With more energy than what we have now, we can easily use thermal depolymerization to toss waste plastic and usable crude oil.

[1]: Thorium reactors show great promise.

Comment: Re:Even root CA certificates may be at risk. (Score 4, Informative) 151

by mlts (#46741187) Attached to: Private Keys Stolen Within Hours From Heartbleed OpenSSL Site

Depends. A website's SSL key may be slurped up. However, a root CA key should be either kept on an offline machine or kept in a hardware security module where the key won't be divulged, ever... the module will sign a key, and that's it.

I'm sure some places will have their root CA on an externally connected machine, then try to place blame, likely saying how insecure UNIX is (when it isn't any particular flavor of UNIX that is at fault.)

Comment: Re:Eh? (Score 2) 99

Democracy is showing its cracks here in the US. I've wondered about moving to a different system so we don't keep the same people in office for decades:

I'd propose it be done like jury duty: Come every four years, every citizen's name is tossed in a hat, names are drawn, and those people are sworn into office. No, this isn't perfect, and statistically, there is a chance of getting some real crazies... but is that worse than politicians bought and paid for by campaign donations? Statistically, it will give a true cross-section of the population. It will also get rid of gerrymandering and other crap.

This can be combined with a "no confidence" vote mechanism for further checks/balances.

Comment: Re:disclosure (Score 1) 84

by mlts (#46718739) Attached to: Stung By File-Encrypting Malware, Researchers Fight Back

A secure home server only makes sense. If you get a machine with hardware RAID, mirror the OS drive, then use RAID-Z2 [1] or RAID-Z3 for the data. If using Windows, then you get a choice between bit rot resilience with Storage Spaces + ReFS or deduplication with Storage Spaces + NTFS.

[1]: RAID-Z will find bit rot on a zfs scrub, but won't be able to fix it. RAID-Z2, RAID-Z3 and RAID-1... even ditto blocks can both find and fix it.

FORTRAN is for pipe stress freaks and crystallography weenies.

Working...