Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re: Looking more and more likely all the time... (Score 1) 225 225

I never got why so many people are so sceptical of this one.

I think some of the skepticism is not as to whether this might be an engine that produces some small amount of thrust. I mean, a little skepticism is a healthy response for any new scientific discovery, and it's not inappropriate to ask for proof. Since the thrust we're talking about is so small, the margin of error is large, and proving that it really works takes a bit of doing. I don't assume that it works, but I also don't really disbelieve it if NASA scientists say it does.

However, when this was reported, it was reported in many places as "OMG! NASA has created a warp drive. We can go faster than light now!" I'm skeptical about those claims.

Comment It's a larger problem (Score 3, Insightful) 46 46

I think that this is really part of a larger problem that eventually ties back to identity management and account management. That may sound like a strange thing to leap to, but hear me out.

One of the problems I've noticed for years is that it's not easy to keep track of all my accounts. Every time I sign up for a new account or trial, I have to create a new account, create a username, create a password, associate it with an email account, choose security questions, bla bla bla. Dual-factor authentication is supposed to help with some of the security problems associated with all this nonsense, but it also adds another complication to the whole thing. Once all that's done, I need to keep track of all that information that I used to sign up.

It's not so bad for individual accounts, but after a few decades of trying things out, abandoning accounts, signing up for trials that I end up not using, and all kinds of things, I really don't know what accounts I have available on which services, what the usernames are, or which email address they're associated with. When I answered security questions, I don't necessarily know what I answered with-- it asked for my favorite author, but was that my favorite author from 2 years ago or 10 years ago? Did I tell the truth when I answered it, or did I answer with a sarcastic joke answer? I honestly don't know for some accounts. I don't even know, for example, if I still have a MySpace account from roughly a decade ago, that I created, signed into a couple of times, and forgot about.

You're thinking this is completely off-topic, but here's the thing: as you have an "Internet of things", there's a good chance that each of those items are going to have their own account on their own service. You have some program to control your lights at home? That program will need an account. Someone invents a smart-vacuum, and it's internet connected? That'll have it's own account. These days, companies don't want to collaborate and develop standard APIs, common platforms, open protocols, or whatever else. Every company developing an app or a website wants to do it's own thing it's own way, while locking out the competition from interoperability. So now, every new Internet-connected thing is going to add complexity to your online life.

Asking to provide privacy controls to consumers is putting the cart before the horse. Even if you want to provide those controls, you're going to have different controls in different places in different UIs, all across different services with different accounts. Users won't be able to effectively manage those controls even if you provide them. What needs to happen first is that we need to develop some kind of identity management and SSO that begins to shrink the task of managing these various accounts. Once you have something like that, you could create APIs for managing those accounts, opening and shutting down accounts, viewing which private information is available in each account, and restricting/removing the private information as needed.

Comment Re:I hate it already! (Score 4, Interesting) 118 118

I agree with your criticism about gestures. I had the same general problem with Windows 8 when it first came out: a lot of the features in the metro UI were hidden under some kind of obscured interaction. Hover over this area, and you get one menu. Hover in a different location, and something else happens. Right click when you're in this application, and it pops up with a menu from the bottom. Right click somewhere else, and it does something different. Drag down, swipe left, do a little dance, and some kind of other magic happens. What are all the features? Who knows what you'll find next!

It also reminds me of Apple's reluctance to have two-button mice. A lot of people made fun of it as pure stupidity, or as though it was a technological failure. It was a design choice. Apple designers didn't like context menus, since context menus mean that right-clicking in different places and in different contexts produced different menus, and the user had no real way of knowing what would be in a context menu ahead of time. The only way to learn context menus is to right-click in various places and try to discern what the pattern is, and hope that the developer was consistent. It's rumored that a big part of the reason Apple has stuck with one-button mice is that, if you're not relying on context menus, multiple buttons are largely unnecessary for normal productivity uses, and not having multiple buttons deters developers from putting important functions in context menus.

Comment Re:Perceived incompetence and lack of rationale. (Score 1) 227 227

When you see people around you at work who are incompetent in your field, you assume that people throughout the organization are often incompetent in their field.

I don't think that's a baseless assumption. I've been working in IT for a couple of decades, and I've seen the inner workings of quite a few companies, and let me tell you: For most people in most fields, they're incompetent in their field.

Comment Security is not absolute (Score 1) 227 227

Whenever I talk about security, I find that I often need to point out that security is not an absolute thing. It's not as though things are either secure or insecure. Security is a practice of making access difficult and risky for unauthorized people, in proportion to the importance of what's being protected, while also making access easy and safe for authorized people, in proportion to the importance that they have access. You can "secure" the contents of a computer by shredding the drive, or filling it with concrete and dumping it into the Marianas Trench, but that's not actually good security.

Viewing security helps make sense of a number of common security problems, including the problem of people breaking policies. People are much more likely to break security polices when there is not a good balance between blocking unauthorized access and allowing authorized access. The example that always comes to mind is a scenario that I witnessed early in my career:

I worked for a company that was very interested in security, and they had card readers and keypads on various doors throughout the building. At one point, they decided to improve security by regularly changing the codes on the doors. The result is that employees couldn't remember all the codes, so employees started emailing the codes around and putting them on post-it notes, sometimes right next to the door. Of course, this was a huge problem, so the company tried cracking down, which resulted in people regularly getting locked out of their office and other work areas, and people couldn't do their jobs. To get around the problem, people started posting the codes in public areas, emailing the codes around, and sometimes putting a post-it with the code right next to the door. In the end, the most secure solution was to "lessen security" by ending the policy of changing the codes on most of the doors.

Since seeing that whole thing play out, I've seen the same basic concept in various other forms. Companies will "increase security" by making everyone jump through hoops to store files on the file server, and the result is that people store documents on their own laptops instead. Companies will "increase security" by having password policies including regular password rotation, and a bunch of users will rotate through passwords like "P@ssw0rd1", "P@ssw0rd2", and "P@ssw0rd3". The truth is that "security" is a balancing act. If your policies are not balanced and appropriate for the needs of the situation, then people won't follow them. If you really want to ban cell phones, then what you're protecting had better be important enough to search everyone coming in, confiscating any phones that you find, and punishing those who try to circumvent security.

Comment Re:Why 20+ years experience might not matter (Score 1) 213 213

Let's say you claim 20 years of experience as a systems administrator.

What does that mean? Is your experience in Windows, Solaris, HP/UX, Linux, or what? Also, how much of each? Do you know Perl? Oracle? Cisco?

How does an employer know that your experience is with Solaris and not HP/UX?

Ok, so put that in your resume instead of just "20 years of experience as a systems administrator". Put that you have experience with HP/UX and Cisco right in the resume. Problem solved.

Comment Re:Oh look (Score 1) 213 213

Listen, kiddo, Slashdot is a Dice Holdings property and you don't expect it to publish their owners' content?

I think many people hoped that selling the site wouldn't damage the quality of the site. "Expect" is a funny word. I "expect" Slashdot to remain independent and neutral to Dice in the same way that you might tell your children, "I expect you to behave yourself." It's like a weak form of a demand.

However, I completely "expect" that Dice will ruin Slashdot. Here I'm using the word "expect" to indicate what I predict will actually happen.

Comment Re:Hipster "designers" are the reason. (Score 1) 318 318

Um, Windows 8? It's so bad they're giving away Windows 10? Mainstream my arse. People go out of their way to avoid Windows 8.

Right, so "hipster" just means "anything that's bad and that people don't like." I guess Windows ME and Windows Vista were also designed by hipsters. Also... I don't know, Dick Cheney is a hipster because a lot of people don't like him.

It's bizarre how, for some people, everything bad is "hipster" these days. I don't really care that much, but I just think it makes you look like a moron if you don't have enough command of vocabulary to come up with pejorative terms other than "hipster". Maybe I just don't understand the fascination with the idea of hipsters.

Comment Release versions (Score 1) 318 318

Personally, I mostly stick to release versions. I may try a beta on an unimportant computer, just to get a sense of what's coming, but OS betas make more sense if you're a developer trying to make sure your app will work on the new OS. As a user, or even an IT pro, you're mostly wasting your time.

Myself, I'll install the new version of OSX, Windows, and iOS as soon as I can get a gold master. If it's going to cause problems, then I want to experience those problems before my clients experience them. I know enough to manage with a few bugs, or roll back to an earlier release if I need to. For everyone else, I recommend that they wait at least a couple of months to see whether any big problems emerge. In the mean time, I'll recommend installing the update on a computer or two so that they can test that their apps word, and see how they like the new OS. I always recommend holding off, however, for any important machines. At least for a month or two.

Comment Re:Hipster "designers" are the reason. (Score 1, Troll) 318 318

The answer is simple: hipsters don't design car user interfaces, but they do "design" software user interfaces.

You don't know what a hipster is, if you think it's "the people designing my operating system UI." By the time it gets to Microsoft and Apple OS GUIs, it's not "hipster". It's mainstream. Quit trying to attach "hipsters" to everything you don't like. It makes you look like an idiot.

Comment Re:First thing I thought of (Score 1) 446 446

Also, as a bonus, there are probably some Congressmen and other public officials who are dumb enough to sign up for a site like this. Suddenly you have a bunch of influence in the government without needing to go through the normal route of bribing people through "campaign contributions".

We are drowning in information but starved for knowledge. -- John Naisbitt, Megatrends