Forgot your password?
typodupeerror

Comment: Welcome to Security Chess... (Score 1) 191

by moorley (#47992553) Attached to: Ask Slashdot: How To Keep Students' Passwords Secure?

What assets are you protecting? What is the risk?

1 ) If the account is compromised can you get access to it again via alternate means?

      Be the parent. Have all of the accounts go to an email box you control, or have all of the accounts go to an email box that you know you can get access to beyond the password. In case of breach make sure you have a path to regain access and control.

2) What are the accounts for? Minimize the risk.
Don't allow the kids accounts to be an attack vector for *YOU*. Consider them like an untrusted source. Don't open unknown attachments. Bad scenario: Opening an attachment entitled "My homework" with an attached malware. Then go check on your bank account... Don't be that guy/gal!

3) What do you want their learning experience or take away to be?
Chances are if they get compromised it won't be a focused attack, it will be someone they know. Decide what you want the worst case scenario to be and minimize the risk... Whether that is removing photo's or setting up rules on do's and don'ts. Don't post your journal on a school resource. Childhood is the chance to ramp up to adulthood.

Comment: Kudo's to you! (Score 1) 465

by moorley (#45555739) Attached to: Ask Slashdot: Why Are Tech Job Requirements So Specific?

But for the most folks there is a disconnect between HR/Management folks who are hiring and the IT personnel they are looking to hire.

You are handling it in a fashion most don't. You acknowledge that you don't understand the specifics and are looking to evaluate them (if I understand what you are saying) based on their competence and confidence in fulfilling the task you need.

In the other ads you are seeing they have already consulted with "an expert" of whatever value, perhaps an existing employee, and given a list of requirements with perhaps many acronyms. Sometimes it's so egregious that they have mentioned a product with an acronym they have developed internally, so no one would have experience, or asked for more years of experience than the actual software product or system has existed. But the disconnect between the knowledgeable and the one's hiring allows for this interesting dance.

Most of the professionals I know in the IT field tend to focus on soft skills. If you know 60-70% of what is needed and have a proven track record of getting the job done you are more valuable than someone who sought out certs and qualifications with no real experience in the needed cross discipline thinking or in getting things done, whatever it takes. It's tough to evaluate the core strengths that allows a person to learn whatever is needed in a timely manner and complete the engineering or administrative task. It can be easy to get stuck or side tracked, but the one who can find a way through is the one you want.

Good luck in finding the one you are after!!!

Comment: Uhh... Why the rush? (Score 1) 227

by moorley (#44383971) Attached to: Ask Slashdot: Asynchronous RAID-1 Free Software Backup For Laptops?

I usually hate making posts where I am questioning the questioner, rather than providing an answer but with 1 TB of information you should put on the patience cap. It will take as long as it takes.

To break down what you are wanting:
I want a backup based on a journal file system sorta of thing that works incrementally slowing down every disk operation by a few milliseconds so I can shave 15 minutes off of a backup procedure, but I still have to send the same data. I don't think that would be very wise. The best existing method is to use mirror a volume but you're still experiencing the same "15 minutes" of delay.

The best thing you can have is a "fire and forget" procedure where you can walk away and let it run.

locate (based on updatedb) does not capture/sort on file modification dates so you are going to be left with a recursive file system search no matter what.

You could use find to generate a list of files that have been modified since a certain date and then feed that to tar. That way you can pre-generate an incremental backup in a file that you can copy over. Then let whatever backup solution you like make a full backup from time to time. You can setup a script that would run a few times in your work day to generate the file so at least every 24 hours there is a tar file you can copy over when you get a chance.

Good luck!

Unix

+ - AskSlashdot - Looking for community projects to update my tech skills

Submitted by
moorley
moorley writes "I am a Linux/UNIX administrator and occasional engineer with over 15 years of experience. During the economic downturn (cough.. recession.. cough) I made it through with call center work (ack!) and eventually a contract helping with audit and migration of large IT systems but not direct Linux/UNIX work. I am looking to get back into a more technical UNIX job but I am finding my skill set is no longer complete enough to land the job even though my experience routinely gets me to the interview phase. Some of the missing components has been SAN and Virtual Server experience. I am confident I can handle the job but without clear experience I can't quite make the case or value proposition to get hired. What I am wondering is where can I focus my time for a community or volunteer project to setup SAN/Virtual server systems for community use.

I tried it a few years ago but got stuck. One idea was to help used book stores catalog their inventory but used book store owners were either anti-technology or I couldn't make the case to inventory their selection.

I played with the idea of using Raspberry PI's (low cost) coupled with a Linux game server to provide something to the community but the low cost embedded computers don't seem to have enough sheer horsepower (or GPU power) to handle any of the open source games that would be compelling.

Any gaps or places tech is under utilized that could use a boost? I am confident I can weave in SAN and Virtual Servers if I can find a need or niche to focus on. Thanks in advance. (BTW, Snarky comments are expected and will be appreciated. ;-)"

Comment: Balancing Revenue with Success (Score 1) 687

by moorley (#43234187) Attached to: Ask Slashdot: What Is a Reasonable Way To Deter Piracy?

This depends on what view you want to take. If you want to view piracy is wrong and immoral then you do whatever you feel best.

If instead you want to view this as a transaction in which you have made something for which you are looking to get compensation to provide more benefit.

I state this to focus on the goal. You have made a product which you are charging a modest fee for ($5-$10). You want to maximize the amount of folks who use the tool and will pay you that compensation. So focus on the following:

Positive means more than negative. (We grouse at taxes but fail to realize the benefits and large penalties without the system it supports. Communicate your benefts)

Folks will pay what they can pay. Preventing piracy is an all or nothing proposition, it's a deterence. Through negative consequences you are seeking to provide incentives to pay for your product. Put yourself in your custom shoes, would you (the customer) really want to reward a bad actor (you the business) by giving them money if they make it more difficult to get what they have paid for?

My recommendations based on the above is a tiered payment structure.
Tier 1 - Basic tool, cheap.
Tier 2 - Additional features (avoid crippleware or nag ware just have a low cost and premium version). Focus on money vs. time as they will in making the choice.
Tier 3 - Support Manuals and forum access
Tier 4 - Premium cost for premium value.

A tiered support structure (without DRM, just more benefit for more money) will allow you to maximize your profit by providing incentives for folks to pay the most they can. Folks with more money than time will seek the higher tiers as long as you construct it effectively. Bundling multiple tools is a good way to add value for higher buy-in as well.

This is how grocery stores and boutiques do it. Focus on the value you are providing at the appropriate monetary level they are willing to pay.

TLDR; No DRM. Tiered pricing to take effect of what folks can pay based on their own time vs. money assessments. DRM is a stick. Look for a carrot.

Comment: Re:“Wasp” by Eric Frank Russell (Score 1) 1244

by moorley (#39271209) Attached to: Ask Slashdot: Good, Forgotten Fantasy & Science Fiction Novels?

Three to Conquer is awesome too!

Alan Dean Foster's novelization of Design for Great Day (based on a short story by EFR) is what got me hooked. I spent most of the 90's collecting Eric Frank Russel novels. Hard to find them anywhere but online now a days...

I've loved every story of his I got my hands on.

Comment: Shrinking market (Score 3, Insightful) 908

The problem is greater than they imagine and you will start to see it every where.

Just google the word plutonomy for the big picture.

The dilemma has always been to provide a customer with a product for a price that works for all. The problem is the price no longer works for the producer so they want to jack it. The blow-back is that customers, who do not think themselves thieves, but savvy consumers are being told they are no longer viable and not wanted.

As the majority of Americans continue to make less while a small part of them continue to make more you will see more and more "big companies" have this same fight. They don't see that the problem isn't that fact that as time goes on only fewer folks will have the ability to afford their goods, they will instead see that they need to lash out against the "unworthy" customers who just don't want to shell out the cash they know in their hearts their product is worth.

One should remember that Price is one of the 4 P's of marketing. We tend to think that it means that charging 5 to 10 times the true value of Chanel No. 5 is all that it is about but it also works on the lower spectrum. If your target market is spending 0.025% of their monthly income to purchase your product you need to remember that has to scale. I don't buy my DVDs at best buy. I buy them low cost from the WalMart bin or secondhand in pawn shops. It's not that I don't want to buy DVDs but that source meets my budget.

By continuing to start a war of words and technologies against folks who perceive they are your customer to you are basically telling me I am not your customer. I am not worthy of your product. Fair enough. If they keep this up their customers will find new products to fill that same niche in their income bracket, as they should.

  I don't dream of Lamborghini's or Chanel No. 5. My heart no longer goes pitter pat to see the latest Spielberg flick on the big screen at today's movie prices. Although game design studio's may think their products are gold, and they may very well be, they will find by shrinking their own market, rather than finding ways to price appropriately that they also will have no market.

Looks like they want to get to their destination fast rather than slow. Screw 'em. I like board and card games better. If I need story I will pick a good pick up a god book or short story they may or may not have paid the rights to themselves (actually I will lend it from the library cuzz I can't afford to buy it.)

This lesson was learned by me again just the other day. The local coffee roaster that I have loved for years and seen them grow decided that a free cup of coffee could no longer be given if you bought a half pound of whole bean coffee instead of a full pound. The owner actually got the employees together to "discuss this" and then expounded on his personal view that it was too expensive. They never thought to offer a cup of coffee for 50-75 cents with the purchase of the half pound, instead the owner basically made the moral judgement that folks who can only afford half a pound of coffee (6 bucks by the way) are no longer their customer. So I am no longer their customer.

Comment: Insurance and slow adoption. (Score 1) 417

by moorley (#38834113) Attached to: Autonomous Vehicles and the Law

When this will be ready for the everyman will be when the actuarial calculations have been made and the price of insurance is much like what we pay for vehicles. If there is a catastrophic failure the insurance companies will just pass the cost or the lawsuit off to the manufacturer. If a car bursts into flames while idling outside of a coffee shop it's not the owner who takes the hit, it's the insurance company and the manufacturer.

The best way is as it is being used now. As something to lower accidents and insurance costs. We know for the most part a well made autonomous car will be more reliable and safe than a person. It's easy to put in self check software to make sure it is running in the same conditions as the lab. If it engages it will be the safest drive you ever had. The last sign off will be a legal precedent where the owner takes responsibility for its upkeep and the fault if they go outside of manufacturer specifications.

Comment: Are you ready to leave yet? (Score 1) 848

by moorley (#38517074) Attached to: Ask Slashdot: Handing Over Personal Work Without Compensation?

Do you like poker, son?

You are absolutely right and a fool. You should never work on something without compensation but you did. You decided to work on your time, non billable, for a company that has hired you on a hourly wage, or perhaps salary. If it's salary, game over. If it's hourly wage you should have clocked your hours.

The best way to look at this is implicit buy in. Implicitly as their employee they are hiring you to do your job in the best interest of the company. They have not signed a detailed contract with you or had a Request for Policy process on what you may write for them as software.

If you decide to change the game you better be ready to walk away. You might win, but it will come at a high cost because you have them over a barrel.

In the end if you want more for what you foolishly already did on your own time then you need to make a win-win argument with them. You will not win by getting yourself reclassified as a developer. But you can negotiate for a pay rise, a title, or some other perk to complete this project in good faith since you put in the extra time.

In the future, do not exceed your mandate (as you see it) without speaking with your supervisor for extra compensation for you see as extra work or above and beyond. Or just suck it up.

You should already be working out a plan for advancement, more pay, and better benefits, because you can be assured as IT they (management) is constantly working to reduce your pay, not need you, and let you go if at all possible. Learning to speak Hindi or Mandarin will not save you.

Good luck!

Comment: IT Functions not IT Department (Score 3, Informative) 214

by moorley (#38516918) Attached to: Justifications For Creating an IT Department?

After reading some comments I have a few ideas. First you don't want an IT department, as the engineering section you want a sub group that focuses on IT. You are already technology management.

The biggest selling point for an IT group IMHO is technology management. In theory you can run without an IT group and the CEO could take on the CFO tasks but it works better when you have an IT group working on utilizing what you are purchasing in the best possible way much like a CFO handles finances. A group that is focused on planning, supporting and implementing an IT strategy rather than letting everyone spend top dollar on whatever they want. Are you publicly traded? If so to my memory there are requirements for IT by the SEC.

To extend the CEO/CFO analogy no one is allowed to justify their expenditures anyway they like, and no one group or individual should be able to use whatever technology they like at the station's expense. Even if someone buys it on their own dollar if it impacts the running of the station or the day to day they will want support. It's best to manage it.

What a good IT dept/group can give you is:

A) Fall back or options : If a server breaks or a hardware goes down they can have contingencies and replacements waiting to minimize downtime.
B) Planning: They can either reduce cost or make better use of what you are spending rather than having HP or Dell be your defacto IT Support.
C) Data management: Do you have backups? Do you have remote access? Do you allow work from home? Information is the new life blood of the contemporary business. Who is handling this precious resource?
D) Security - The Fear Card - do you really want internal memo's leaked because you never had a supportable security policy and someone to implement it?

If you really want to be a bastard recommend ITIL. That will tie up their resources for years but you'll have an IT group. ITIL is crack cocaine for management types.

You are already handling these functions it's just time to take it on and manage it.

You could always make the case for a promotion and be their interim CIO.

Comment: You don't! But... (Score 1) 659

by moorley (#37663478) Attached to: How Do You Educate a Prodigy?

At this point he has no place in a normal classroom... *BUT* there is an example you can eliminate.

When I was in highschool at West Anchorage High School they had an alternative high school called Stellar. They were too small for any sort of afterschool extra like band, choir, theater or sports so many of the students their would participate in West's programs.

Have him participate in a nearby school in the programs he wants but bypass the normal class room curriculum. Kinda like a playdate if you will but it will allow him to interact in a way he enjoys and not have to deal with the rudimentary education part.

One of my best teacher's used the following phrase: "The best thing we can teach you is the ways to navigate and find out how to educate yourself on what interests you."

This kid obviously has it. But he can participate with school kids his age in the other stuff and learn to socialize. Junior High / High School may work the best but I remember having sports, competition and band even at the elementary school level. As an extra bonus or workload if something he wants to do whether it be sports, theater, or band doesn't exist he can work to make it exist by organizing it.

Comment: Latte? Back at ya! Go Greencine! (Score 1) 722

by moorley (#36770018) Attached to: Netflix Deflects Rage Over Price Increase

You know I was debating cancelling Netflix since between Hulu and Boxee I can find most of what I want to watch but as soon as I got the email I cancelled.

After that stupid Latte' comment I'm never signing back up... Use Greencine, same pricing and a better choice of movies if you ask me. I can redbox whatever I want that netflix could provide. Greencine at least has some unique suggestions and offerings...

I think this is the beginning of Netflix's end... I will hack their surplus roku's in the future with a smile...

There was a time I used to have latte's in the morning but that's after two layoffs and being underwater in my mortgage.

Here's to you netflix. Looking forward to looking back on your silly red envelopes with fondness...

Comment: The time has come... (Score 1) 486

by moorley (#33800244) Attached to: Should ISPs Cut Off Bot-infected Users?

Most large companies, I've worked for Intel and HP, will search their network for know "issues". I remember one time the worm was severe enough if you're system wasn't patched they turned off the port and blocked the MAC address until you patched your system. This was after 72 hours of blocking port 80 traffic to slow the thing down.

Combine the above realities with DMCA takedown notices and I think it's time. Most ISPs have a 3 strikes you are out policy for violating DMCA and Copyright. The precedent is already set. There are many ways to detect bots and it's time to have the ISPs turn them down and make folks take appropriate steps to clean up their own systems.

Comment: Use the power of the bell curve... (Score 1) 870

by moorley (#33573258) Attached to: Preventing Networked Gizmo Use During Exams?

I have had many instructors use this technique. They either have open book or 1 sheet of notes you can use. They open the door to "cheating" if you will but then they stack the deck. In cases of Math and Econ professors they have questions that run the gambit. Say 10% easy questions, 60% appropriate questions, 20% questions a really good student *MAY* be able to answer, and 10% uber or almost impossible questions. So what does this do?

Well it presents the student with a dilemma. If they have studied and are confident they will be able to answer the 60% competently and then you curve it. You will find those that needed to cheat got themselves stuck on the "unanswerable" questions because they didn't study the material enough to discern the questions in the time frame you provided. Tuning the time limit can take a few tries but you can figure it out in the first year of a new course, much like you usually have to.

Your safety valve is you are curving the results so it will sort it out for you as well. You can adjust the curve so it doesn't arbitrarily toss folks into the D category. You can also allow for extra credit. Cheaters are lazy and won't use the Extra Credit. If they do they are using the option to learn, which is a self rewarding fix and allows for other paths to learn.

So how does the above speak to cheating gadgetry? It hobbles them. A cheating student will find their "advantage" will fail them. You can randomize the questions for each class so a key won't do any good or they will over perform which is a red flag for a re-test with the 1 or 2 loaner equipment you have on hand rather than for the entire class.

Usually the performance gap between a cheating student and a non cheating student is large enough such tactics as above will psychologically "break them" and cause them to go into a failure situation. I've been there without cheating but when I've been overconfident on "open book" or "1 sheet of notes". Trust me. I am good but I was lucky to squeak out with a C. The lack of studying and preparation effectively limited my ability to score based on the questions. The open book / notes could have been used 2-3 times on a hard questions but without being pretty much ready to take the test I hosed myself. Without a firm understanding of the scope of the class this also made me fail math classes. I hated it at the time but to be honest it was an effective test. Math is understanding not just plugging in variables.

Hope this helps or gives some ideas. Technology is a just a new twist and obfuscation at best.

"When it comes to humility, I'm the greatest." -- Bullwinkle Moose

Working...