Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×

Comment Re:Space Gives Positive Economic Outlook (Score 3, Insightful) 442

The (economic) question is however are those advances better (more progress/$) than direct funding of consumer products? Analysis shows no.

I am aware of such analyses, but do not know if such analysis is the consensus opinion or more a conjecture at this point.

I would still argue that overall the other benefits I listed imply that government funding of such things would be good. If nothing else, business is sometimes very risk averse, and once government research proves something is feasible, then they will jump on it (see the various businesses that have popped out of projects started at FFRDCs, for example). So such funding would then jumpstart consumer products that wouldn't have been tried in the first place by the private sector.

Comment Space Gives Positive Economic Outlook (Score 1) 442

space exploration returns next to nothing, its basic economics

The problem with statements like this is that "basic economics" is not always correct. It is a model, and like all models, it is incredibly helpful at helping us understand things and make predictions, but it doesn't always reflect reality. Most economists didn't predict the debt bubbles and economic issues of the past decade, for example.

In any case, let me illustrate why it's actually a great thing to do space exploration, even when other things need done too (nothing is mutually exclusive):

  • Science/engineering advances from space exploration often find their way into consumer products, allowing new businesses and innovations to develop. Often advancement in science and engineering understanding seems "dumb" until someone realizes a purpose for it (see for example, computers and all of the naysayers on how practical/useful they would be).
  • A strong space exploration program will be enticing for some of the world's top minds, and allow the US to "capture" those minds thru immigration. Those people will go on to develop great scientific advances and some of them start great companies, which will be American companies rather than $country companies.
  • People need to be hired to build and test these space exploration devices (satelites, landers, rockets, etc.), so we'll employ a bunch of people for a while and pay good salaries. That will help bring down our unemployment numbers and bring down family debt. When the program is over, they'll have something cool to put in resumes as they look for other work in the private sector or even start their own businesses. Or possibly we can keep working on awesome future space projects.
  • A space program that makes people excited will encourage more of the young generation to go into the sciences, making sure we stay competitive technologically into the future. We don't want current trends to continue, where there's little excitement in science (== little funding, no big projects, government doesn't support it, etc.) and so many of our bright students go into business instead, worried about their futures if they chose science.
  • Have you ever been to the Smithsonian museums? People from all over the world go there to see the lunar module and space shuttle and other stuff. They see the moon rocks. They buy their kids a t-shirt. "See the talk by the person that went to Mars!" or "See the Mars rock" or "Climb inside the real cockpit of the Mars lander!" would attract many tourists from across the world. And tourists spend money.
  • It's just plain bad-ass. Why does everything we do absolutely need to be profitable? Why is money the only judge of whether something is worthwhile or not? How about we just have pride in ourselves and our culture and do something because its there. At the end of your life, will you be happy that you saved $5 (your share of federal taxes paying for space program is so low that $5 probably isn't that far from the truth in a back of the envelope calculation) or that you got to see a person land on Mars on live TV? I'd rather have an interesting life than a boring one with more money.

There's probably even more arguments than this but here's for starters. We absolutely need to focus on our national infrastructure, our educational system and student debt, and other issues (shameless plug for Bernie Sanders goes here, as he's the only candidate really talking about all of these things), but I don't think any of that work says you can't also spend on science at the same time. In fact, I think it's a necessity.

Comment The Law States That's The Purpose (Score 3, Insightful) 418

Clue #1: a minimum wage job isn't something you should live off of. It is expressly for teenagers and for folks who use it as a stepping stone or fallback until something better comes along.

Who says? This is misinformation/propaganda being spread. If you look at the actual bill that instituted the minimum wage in the US (the Fair Labor Standards Act of 1938), the law literally says the reasoning for setting the minimum wage is "Congress finds that ... labor conditions detrimental to the maintenance of the minimum standing of living necessary for health, efficiency, and general well-being of workers causes ..." and then goes on to list negative effects of not being paid enough to live. So yes, the law quite literally states that the minimum wage is something you're meant to live off of. (Feel free to read the law yourself on the Dept of Labor website.

This idea of "teenagers can do it" is only a ploy to make people complacent with low wages. Remember a teenager at 17/18 can easily be out living on their own and not have the support of family (for many reasons: family doesn't have ability to help, family has cancer and teenager needs to support them, family is crazy/insane/drug addicts, family is dead, etc.), and so even teenagers should make enough money to support themselves.

Clue #2: these jobs usually require little-to-no skill, and consequently do not bear the value of $15/hr at current inflation/valuation.

When the minimum wage was instituted in 1938, the many US jobs were in agriculture or simple manufacturing. I don't consider those jobs to be "high skill", but that doesn't mean they're not super important (without food, we die -- about as important as you can get! and manufacturing gave us the modern world, despite many of those jobs being just to screw the same bolt on over and over). So for one thing, skill does not equate with importance, and I think important jobs especially should be well paid.

Furthermore, have you seen secretary and human resources job these days? Also requires pretty low skill (mostly just typing and sending emails and filling out forms -- anyone who can read and write can do it, really), but look at how much these people make (in my area, you can get jobs in HR making upwards of $50k with only minimal experience, much above minimum wage). If we were going by your metric, these paper-pusher jobs should be making low pay and important jobs like farmers and restaurants that provide me food should be making more.

All of this is an aside from the real goal of minimum wage, which is that if you do ANY type of work for anyone, you're important to someone and should be able to support yourself doing that work. If you're not needed, why did the company hire you? I'm tired of this idea that companies are entitled to cheap labor; if your company requires effectively slave labor to exist, then how about we state the truth that your company is failing, not doing well, and maybe should go bankrupt due to mismanagement rather than keeping it chugging on the backs of the poor?

Clue #3: when you price human labor too high, automation becomes more attractive. There are already machines that can effectively replace fast-food cashiers, and are cheaper to operate and maintain than $15/hr people. There are also machines coming online that can operate the back-end of a fast food joint as well, which will also just come under the wire as being cheaper (but would come out ahead by being reliable, on-time, etc.)

That is going to happen no matter what because of corporate greed to always maximize profit. Even if we paid people $1/hr, at some point people would need to eat and sleep while a machine could work all night long straight, cranking out more widgets. We can't compete with technology.

What we instead need to do is have real discussion on what the future economy looks like when jobs are phased out by robots. Probably future jobs would be more creative engineering or artistic jobs that robots can't do and it will work itself out and the economy will keep moving on, but we will have a transition period before we get there and it will be different than what we have now. In this transition, we need to do the humane thing and help people transition. That means making sure people's needs are met as they go back to get training for jobs, whether they be more academic (engineering/science) or more trade level (arts and crafts, music, cooking, stuff that makes people happy and can make money). It's not anyone's fault that robots were invented and are taking over, so why do we hold it against them that they should have someone thru clairvoyance known of the impending robot takeover and planned accordingly?

Clue #4: sucks to say it, but no one owes you a living -anything, let alone a "living wage" (whatever that means). Safety nets and charity are for those unable to help themselves, and obviously for those among us in temporary desperate situations, but that's it. Meanwhile, if you are able-bodied and not mentally defective, then it is up to you to better yourself by any legal means possible.

This makes the incorrect assumption that people have control over job availability. I know plenty of people with experience in fields that are drying up (drafting is a good example) -- used to make good money and be steady pay, now with automation, there's few jobs to go around. What is someone with 20 years supposed to do? That field has no jobs left; I know a guy that is looking. He also can't get into a new field because they pigeonhole him: "Why are you applying for this? Your experience is in a different field". He's quite able-bodied and intelligent person but its not working out. He's taking evening classes to go more into computer work, but that doesn't happen overnight. What do you propose he do in the meantime?

We need more than just a simple safety net, but a system that makes sure you have the chance to get ahead (good wages help you pay for things like school for example), and when things like the economy shift, is there to help you transition to new work.

Comment Re: CVSSv2 (Score 1) 30

From what I have seen, Mitre and NIST often show inaccurate CVSS scores on the CVE pages.

Have to stop you there, sorry for perhaps being a bit pedantic, but the NIST score is more or less the "official" score of a vulnerability, given how closely they work with organizations like MITRE. The CVSS scoring rules have some nuance to them, and in some scenarios the official rules on scoring a vector is not what you'd expect. NIST tries to follow the official scoring rules as strictly as possible. You may not agree with the rules (and many people don't, I'm not trying to knock you), but technically their scores are the most accurate.

CVSS recently released v3.0 scoring in order to try to address some criticisms in scoring. It did this by upgrading its base vector to be a bit more easily comprehensible by adding obvious metrics like "user interaction required", which was previously embedded in "access complexity" in v2. I think in general I like the concepts and it makes it easier for the most part, but time will tell if the general public agrees. The sticking point I think is the idea of scope, which is not a bad idea in general, but the definition seems a little fuzzy to me. We may have only shifted where the nuance is, and so disagreement in scoring may continue into the future.

In order for the metric to be truly useful, every organization has to localize measurement to their environment and each vendor needs to measure impact against their use or non-use of the underlying code. At the end of the day, it's all about risk measurement, but with those steps you end up with a reasonably accurate assessment.

Exactly. CVSS allows for this by use of temporal and environmental scores, but unfortunately, most organizations don't use them. This means most people run around talking about the base score without a clear sense of how it applies to them. I've seen vulnerabilities with a base score of let's say 7.0 or so being knocked down to 1.5, after you factor in its temporal factors (such as a patch being available) and environmental factors (such as not very widely deployed). I wish more people would talk about the environmental factors. CERT is one of the few places that lists temporal and environmental metrics, though their database is not comprehensive.

CVSSv3.0 is weakest in the fact that they essentially threw out the environmental metrics; yeah, its technically there, but its shadow of its former self -- it doesn't include important metrics like population anymore. I hope they will put that back in for CVSSv3.1, and encourage more widespread adoption.

There is nothing wrong with the current system that wider spread adoption and education cannot fix. Part of the problem is the media hype surrounding the bugs. If every little issue wouldn't get a cute name -- Shellshock, Logjam, POODLE -- the reactions might be a little less kneejerk.

I agree, but education can sometimes take a while and be harder than you think. There's momentum -- and money -- behind the current system. You get everyone wound up, and then offer to sell a widget that "protects against it". There's a lot of snake oil for sale in the industry right now, and so far, companies and governments are eating up. It will continue as long as money is being made. The bigger question is, how do you make it more profitable to tell the truth about threats?

Organizations like CERT tend to straight talk it and provide honest feedback with their temporal and environmental scores, but they're not picked up in the media as much as these security start-ups that are out to cause a ruckuss and make money. The start-ups seem to me to be more marketing companies than security companies these days; they tend to overinflate the CVSS base score and talk it up by reaching out to media directly, when in reality, the base score itself may not be that high, nevermind that temporal and environmental factors might lower it more. Fear makes money right now.

Comment Re:If only there was a rating system for this... (Score 1) 30

Temporal and environmental factors and only be assessed by people in the know. Windows shops obviously don't care about Linux vulnerabilities and vice versa.The base ratings are strictly focused on the vulnerability. Other factors you need to determine yourself... And there's already a system for that.

Yeah that's kind of the problem, most companies don't use temporal or especially environmental factors. If you base everything on the base score only, you're not getting a really accurate feeling for the severity of the vulnerability.

The other problem is that CVEs tend to be treated in the researcher community as gold. You list CVEs on your resume, for example. CVEs are not meant to indicate severe vulnerabilities, or even all types of vulnerabilities -- many things that are important don't get CVEs, while many lame vulnerabilities do have a CVE. These systems need rethinking in general.

Comment Re:Probably GPL, but depends on Apple (Score 1) 171

It's because BSD/MIT pretty much are cool with anything as long as you attribute the code to the original author. That is the main requirement of distribution. So proprietary is ok as long as somewhere deep in the credits they add the name of the original author.

GPL meanwhile requires not just attribution, but the availability of the full source code. So you can't be a proprietary trade secret with GPL code, so any proprietary software using GPL is in violation of the license and therefore copyright law. It's illegal.

Submission + - Qt 5.5 released->

mx+b writes: The latest version of Qt, the cross platform GUI toolkit and development platform, is out for all major platforms. Highlights include better 3D, multimedia, and web support, as well as better support for the latest OS X and Windows releases (including Windows 10) and more Linux distributions.
Link to Original Source

Comment Probably GPL, but depends on Apple (Score 4, Informative) 171

You beat me to it :-)

To the original poster:

The GPL is "viral" in that if you use even a smattering of GPLed code, you are required to release ALL of your code as GPL as well.

It concerns me that you state you use example Apple code. What license is it? ("has its own terms" is completely unhelpful).

In general, you're restricted to using a license that is the most restrictive. The liberal licenses like BSD and MIT can morph into anything pretty much. GPL is one of the most restrictive on redistribution (RMS would say it preserves user freedoms by restricting developer distribution, and I would tend to agree with it; just throwing that in there because I don't mean restrictive in a negative sense here, only that it was designed to prevent people from running off with the code without contributing back to the community, so you can't just re-release GPLed code under MIT like you suggested). Apple's license may be open source or not; furthermore, there are known open source licenses that are NOT compatible with the GPL, so its entirely possible that the Apple code may not be distributed together with the GPL code. For reference, see

It's possible your pro-bono advice is correct and this doesn't matter too much if you release it publicly and open source (it seems unlikely open source projects would sue other open source projects), but in case you ever plan on making money on this project (and even if you don't), to avoid any possible legal trouble you should choose the most restrictive license compatible with all licenses at play. Likely this means the GPL, but the wildcard is Apple. If you post the terms to it, we could probably help sort it out (with the usual IANAL caveat). Otherwise, you may need to rethink which libraries are included with your code and possibly even roll your own depending how niche it is.

Comment Qt for Android (Score 4, Interesting) 173

Where do I get started building Android apps in C++? Inquiring minds suddenly want to know.

The latest versions of Qt5 support building Qt/C++ apps for Android and iOS. I've never tried it for more than running a few examples, but it seems pretty nice and easy, and I've really enjoyed Qt development for years now.

Comment It's the economy, stupid (Score 1, Informative) 830

Really, with all the important issues that should occupy a president's attention, if this is even on your radar, you're not qualified for the job.

Converting to metric is not just a fun science nerd issue no one cares about.

Really it's an economic issue, and I'm surprised it hasn't been made more of a big deal. When we follow international standards, we can better share ideas and better trade goods. If the US used metric, we'd be in a much better position to sell our goods worldwide, as we wouldn't need to re-tool or re-calculate all the time.

Great example: our US engineers are mostly trained in the English system. My wife used to work in an industry that is now heavily developing and building things overseas. The American engineers had to build everything to metric standards, since they were building in India and what not, and really had trouble with it, as they weren't properly trained to do metric calculations and the equipment they wanted to buy from American companies didn't always come in a metric size. Instead, the engineers would have to half-ass some crazy scheme (like buying parts and then cutting them -- makes sense until you realize you'd have to pay field guys to do this 10,000 times) to get it to work. The quality suffers, and since there's all these problems, I get the sense that many international companies would rather just hire Germans or whatever to do it.

This is an anecdote of one industry, sure, but if our engineers were trained in metric, and our businesses made the jump to make metric products in the first place, we'd probably be a lot more competitive in the world market. We wouldn't need to spend all this extra time and money on customization, we could just do it. I imagine all this effort has long ago exceeded the cost of buying new tools once; we should have just switched then and told businessmen to shut up about costs.

Comment Have You Looked for a Job Recently? (Score 4, Interesting) 413

I find it amazing that not only is cable TV a "right", deserved by all, now broadband is also a "right".

In a way, it is. Your first comment is actually a little more correct than you realized.

I hunted for a job last year for quite some time before I got my new gig. Let me share some thoughts on the current job climate:

  1. (1) Many companies specifically say they do not fool with paper applications anymore, you are directed to submit resumes to their online HR portal.
  2. (1.5) For that matter, I don't see "Help Wanted" signs very much either. Job openings are posted online, so to even see if a job is available, you often have to check online.
  3. (2) An email address is as required as a phone number (perhaps more so?) these days when applying for jobs. Correspondence such as setting up interviews was done almost entirely in email in my experience. They may have called?... or may have thought since I didn't respond to their email, I wasn't available, and moved on to the next candidate.
  4. (3) A LinkedIn or Facebook is used to "verify" you are a real person that doesn't seem too crazy or weird, and that your public profile matches your resume (catching obvious liars). It was heavily insinuated to me that applicants without an online presence were basically treated as homeless drug addicts (i.e., "what are you hiding if you're not online?")

So, to get a job, it's quickly becoming a requirement to have internet access. If we ever expect to help people improve their lives, we have to be willing to give them a leg up to get started. Getting a decent job is a start to better things, so if jobs require internet access, I am all for making it a "right".

Furthermore, I think there is an even greater reason why to do this. While it is possible to call one's congressmen, you'd have to know what to call about. I never receive snail mail copies from my legislators, but I receive email newsletters and follow them on Twitter. Without internet, you would probably have much less of a chance of being informed as well as being able to interact with your representatives. Arguably, since democracy is one of the most important aspects of our society, I would say that allowing access to representatives is a fundamental right, and if those representatives now do a lot of their business and work online, we must require online connections for all.

Comment Not just no ads, but had content (Score 1) 531

I miss being able to do a google search, and the first few hits were generally exactly what I wanted.

Yeah yeah, I know, "use google-fu", but it doesn't really work anymore, not as well as it used to. The marketing droids and advertisers have their whole SEO thing now where they're actively out to cheat google to get you to browse to their crappy blog or whatever instead. Searching for anything technical gives you the first few pages of marketing blogs that copy-paste each other's heavily buzzword-laden summary, squelching the actual reporter or researcher that has real information.

It is obnoxious. I've day dreamed of making a TLD (.awesome or something) that has one specific requirement -- anyone can register a domain as long as you sign an agreement that you will NEVER DISPLAY ADS. Well maybe, a couple other requirements to try to cut down on the copy-paste news cycle. But generally speaking, if you search only .awesome addresses, you know you're getting legit content. That's what I want. That's what I could do in the early days of the internet. The internet has been destroyed by rampant greed and commericalism. I want those early days of hackers (in the sense of open source contributors, not malicious ones), professors and enthusiasts to come back. Do I just not know where to find them online anymore?

Comment In The Limit, It's the Things We Buy (Score 1) 837

Maybe we should just nix the idea that road infrastructure needs to be paid for with gas or vehicle taxes, and start paying for it from the general fund.

I came here to say this.

Pay-per-use means we have to track use, which means extra billing/administrative costs/HR involved, which means less of the money is actually going to what it is supposed to. Unless the tax hike is higher than what it is now. It's so much complication for no reason.

I'd say this: we all go to the supermarket roughly once a week to get groceries, clothing, whatever. Those things generally speaking come in by truck, which is much more damaging to the road than personal vehicles. So, no matter your personal habits, it is a drop in the bucket compared to the cost of your goods coming in. So how about we say: everyone needs to eat, buy new clothing, etc., and we just call it even and hike everyone's income tax by 0.1% or whatever. Everyone uses about the same because everyone needs goods trucked in, young, old, rich, poor. End of story. Earmark that money for transportation, and you're done, the tax is collected quarterly/biweekly automatically with no extra taxation infrastructure.

With an appropriate tax rate, we might even be able to offer free buses and shuttles and light rail for our citizens. It would be good for everyone, especially the poor, whom might pay less money with a 0.1% tax than current bus fare.

Comment Re:Free Tuition is better for citizens and budget (Score 1) 85

The majority of student loans (about 90%) are federal. The Federal government gets interest on those loans, that money goes to Obamacare which is partially how it got passed in the first place.

So why are you against Obamacare funding? Don't you like things like roads and police? You have to pay for services from the government you want.

Loans can't go away now, or be forgiven because that is a major funding point for Obamacare. I guess you didn't get to read the bill even after they passed it.

The bigger question is: why is most of our healthcare funding coming from 20-somethings just trying to earn a college degree and a better life? Why isn't the baby boom contributing more, for example?

Aside from ethical problems, here's another: that amount depends on people going to college. If there's a sudden swing in people not going to college, or at least staying at a local community college and paying cash, that money is now gone. As I said in my earlier post, this money on the backs of the young trying to start a life is just being used to "balance" a budget that was never actually balanced. We never actually asked for sacrifice from the American people as a whole, just saddled the debt on our youth and kicked the can down the road.

We can save money from the federal budget letting everyone go to school for free. Some of those savings can go directly to healthcare funding. There may be a funding gap, but honestly, Obamacare/Affordable Care Act didn't go far enough. The insurance companies are still out of control on prices and coverage. I suspect while we're reforming education we also need to reform healthcare correctly to ensure everyone gets appropriate cheap medical care as well.

We absolutely need funding for essential services and other things required of a modern democracy, such as education and even cheap internet access. What ticks me off about all of these industries (education, healthcare, internet service) is the entitlement these companies have to making money on the backs of poor people via unnecessary tax breaks (such as the breaks for banks for student loans I mentioned earlier). They really believe they're entitled to make maximum money on tax dollars, while providing nothing or very little. It is insane. We need to stop corporate welfare and make our tax dollars actually work for the people. When we do that, we will not only have a balanced budget but also great services.

Comment Free Tuition is better for citizens and budget (Score 1) 85

Because, it is better for society to have an educated populace, and not just have the children of the wealthy be able to afford to have one.

Did you go to public school? Did you enjoy the benefits of living in a mostly lawful society? Do you drive on public roads? Do you use any public infrastructure like water?

It is absolutely better to have an educated informed citizenry, especially in a democracy that requires informed decisions through voting to function properly. I think very few disagree with that.

What I disagree on is the need for loans. Loans are all about making money for the financial industry and even the federal government (used by politicians to "balance the budget" on some of their terrible decisions with war, social security, tax breaks, etc.). We should all agree that education is a fundamental investment in our nation, and pay for it out of taxes. Anyone that wants to go and displays aptitude (perhaps some sort of exam, or maybe let anyone in under probation for a first semester or two, no retaking classes on government dime if you fail -- the exact specifics need to be worked out) should be able to go, FOR FREE, because it is an investment in our nation.

There have been analyses before such as this article (though I have seen others as well). Essentially -- the US Gov already pays over $70 billion in loan guarantees and tax incentives for tuition... when we could cut out the middle man financial market entirely and simply pay the $60 billion in tuition directly. Everyone goes to school free, AND it actually reduces federal spending. Holy crap is that a win-win.

Any politician that proposes any continuation of loans as if it is a good thing is out of touch with reality and possibly trying to support corporate overlords. Let's dump them next major election.

We want to create puppets that pull their own strings. - Ann Marion