Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: the joys of other people's closets. (Score 5, Insightful) 106

by oneiros27 (#49436231) Attached to: Bell Labs Fighting To Get More Bandwidth Out of Copper

Back in the 1990s, I was working in Kentucky for an ISP and doing assorted contracting work.

I had a case that was rather similar what you're describing, only ours wasn't run that way because of incompetence -- we were connecting up all of the offices of the Department of Public Advocacy, and for one location the state had decided that rather than get a new line to the DPA offices, as they were in the back of a shopping mall that already had some government offices in it, we'd get fibre pulled between the two offices. Mind you, this was frame relay and fractional T1 days, before DSL, so a new drop was pretty expensive. (I want to say it was around $500/month for just the line charges for a T1, not including the port charges to the ISP tht you were connecting through).

So, when we went there for the install, someone had already pulled the fibre -- I went on the 3 hr drive down there, got soeone to escort me to where I needed to go, and plugged in all of our gear, then went and set things up on the DPA side.

All was fine for a year or so, then we got a call that things were down -- we tried everything that we could over the phone with non-IT folks (it's an office of lawyers), so I was sent on the 6hr round-trip with spare fibre patch cables and such.

A quick check in at the DPA offices showed nothing wrong over there, so I went over the other end of the bulding. I don't remember what the name of the department was, but it was a sort of family services type thing (where people got food stamps, stuff like that). I went up the counter and told the person behind the plexiglass that I was with DPA, and we had equipment in their wiring closet that I needed to get access to.

To which she replied, 'DPA is around the corner'. And I said no, I work for the DPA, and I need to get into your wiring closet. And she kept repeating that DPA was around the corner. I asked for her to get someone else. And I waited 10 minutes or so for someone else to come out front. Once she showed up, I spent a few more minutes with the 'DPA is around the corner' response until I *finally* got through to her and convinced her to let me into their closet. (mind you, this would likely have been considered 'social engineering' if I did it today, as I showed them no ID, being that I had none that said I did work for the DPA).

When I finally got to the closet, I saw that our box had no lights on it ... I traced the power cord down to a power strip that someone had removed all other things from, and taped over those outlets and written 'BAD' across it ... yet left our fiber tranciever plugged into it. I think I was in the room for all of 5 minutes -- it took me *way* more time trying to talk them into letting me in the room than to actually diagnose the problems *including* the time spent in the other offices.

So ~6.5 hrs to fix a problem, because the other office didn't care at all about our gear in their closet, as it would've taken them less than a minute to have moved everthing that was plugged into the known-bad power strip.

So I'd have to say -- no way in hell should you run cable to a private office. If nothing else, that office might close or move, and who knows what might be in there next (or if the new tenents want to remodel it).

Comment: This is new? (Score 1) 121

Admittedly, it wasn't specifically a CompSci class, but when I took our engineering school's 'Intro to Programming' course, we were paired up for the assignments. The only rule was that I wasn't allowed to pair up with Sebastian, as we were the two who had significant programming experience before we got to college.

When I took Numerical Methods my sophomore year, we were paired up in class, but that was partially because the computer lab we worked from didn't have enough computers for all of us. When it came time for the final, they had to book a second lab so that we'd all have computers to compile on. (which meant those of us in the room w/ newer machines had an advantage over the other room, as our code would compile in 1/2 the time)

But let's face it -- group projects are pretty typical in college. And pairing up for labs is normal too ... we don't accuse chemists of getting 1/2 an education if they didn't do every last titration themselves, or a geography major of getting 1/4 an education if they have 3 people in their study group.

The goal is get the people to learn the materials -- if done right, the two people learn from each other. Yes, it can be a drag if you get an idiot for a partner ... but unlike in high school, the people who know their stuff are in demand for their skills, not looked down on for being a nerd/geek/whatever other disparaging term.

If you have two people making forward progress then it's better than one person struggling along and getting nowhere. Maybe I'm being a bit socialist in my views, but there are sometimes when we need to step away from the 'everyone for themselves' typical American attitude and look at the nordic standards for schooling. You don't want your school to get a reputation for being the one that produced someone who screws up in some major way. My undergrad is in civil engineering -- and if I find out I'm in a building that one of my classmates worked on, I'm going to leave ... immediately.

Comment: Reminds me of the spy satellite restrictions (Score 2) 114

by oneiros27 (#49398149) Attached to: DHS Wants Access To License-plate Tracking System, Again

As the government isn't allowed to spy on citizens without a warrent, under normal circumstances, the satellites aren't supposed to take images when over the U.S.

So the government instead buys images from commercial vendors ... the same folks who provide images to Google and Bing for their mapping projects. (which admittedly, might not be as high of resolution).

I'm thinking that there needs to be a line drawn, otherwise all you end up doing is having a way to make an end-run around the legal verdict -- "we'll just spin off a company that does what we're not allowed to do, and buy the results from them".

Comment: Link to the official announcement? (Score 5, Interesting) 122

by oneiros27 (#49352835) Attached to: Amazon Announces Unlimited Cloud Storage Plans

Why do people link to blog posts that neglect to link to the original source?

A little digging, and it seems on the surface to have similar restrictions as BackBlaze, as it's only for "for personal, non-commercial purposes".

So I can't store my ~3PB of telescope data on there, or even just the jpeg browse images.

The terms of use mention that you can share files .. but do they charge you for downloads, as with their other cloud service offerings, or is that included in the 'unlimited'?

  (I might be an old fogey, but I remember when you used to link to a blog post to set context *and* link to the original source in the summary, rather than just some shallow 'I've cherry picked the info'. At least Roland and Coondoggie linked back to their original sources, even if Coondoggies were almost exclusively regurgitation of press releases + a links back to Network World))

Comment: Useful in what way? (Score 2) 47

by oneiros27 (#49348091) Attached to: Is the Apple Watch a Useful Medical Device? (Video)

I've seen a few talks from Stephen Friend. I was at the Research Data Alliance meeting, and he gave one of the plenary talks the day after Apple unveiled the device, and announced Research Kit (which he's involved with).

He mentioned that less than 24hrs after its release, they already had more Parkinsons patients signed up than any published study on the disease.

If the watch can get *any* sort of medically useful data, I'm all for it, especially as so many people have been designating that their data can be used by any qualified researcher. (yes, there will still have to be IRBs to approve research at most institutions, and I assume some sort of gatekeepers from Sage Bionetworks to determine who gets access to the data). ... but the fact that we might be able to get medical data at a scale never before seen is huge. And we might get a wider slice of the population, not just college students or from a limited geographic area that might not be applicable to the larger population.

(disclaimer : I did not watch the video. I usually read the articles before commenting (I know, that's against this site's standards) ... if the person has a legitimate argument to make, post it so I can read it)

Comment: who? people who got stung by ExtJS (Score 1) 320

by oneiros27 (#49306447) Attached to: Why I Choose PostgreSQL Over MySQL/MariaDB

When ExtJS changed their license to GPL3, not LGPL, as you would expect for a library.

The owner of Sencha then put out a statement that if you built something that made use of ExtJS, then you had to release your software under GPL3 ... including the server components.

I have no problem with releasing the client side -- that's all javascript that people could view the source and see ... but releasing the server side? That requires security audits and a review by legal ... it's just not going to happen.

Reading the review, the reviewer seemed to have the same take on what GPL meant from the statement :

With MySQL, on the other hand, the client library is GPL, so you must pay a commercial fee to Oracle or supply the source code of your application. (Thatâ(TM)s less of an issue when using MySQL in websites; MariaDB uses the GPL 2 license but also has a less restrictive LGPL license for MySQL Client libraries.)

Now, if the issue is simply the *client* code, then you could get around it by using ODBC, or something like Perl's DBD::mysqlPP, which doesn't use the MySQL client code. Do you have to release the whole application if it's just something that makes use of a mysql database? I don't know, but with all other things being equal, and more and more people coming to this conclusion, I'd rather just stick with something that's LGPL or MIT.

Comment: Re:No excuse? BS. (Score 1) 155

by oneiros27 (#49283805) Attached to: White House Proposal Urges All Federal Websites To Adopt HTTPS

Who's going to pay for the CDN? My data is growing at > 1TB/day, and I have no idea what's going to be of interest on any given day.

And as for CPU cost ... are you going to pay for the sysadmin time to migrate all of our services? Or any of the other solutions that you're proposing?

Our servers have been certified as 'low' risk for years, because we're specifically distributing data with *no* access restrictions. We've had to fight for our 'low' ... and then have to explain to the security auditors every three years that what they're testing for doesn't apply to us.

(we have one of the highest 'incident' rate for our location, because they consider every attempt at a hack to be a 'incident', even though we haven't had any successful hacks in years).

Oh ... and of our staff of 2.5 sysadmins for our department, dealing with security audits and such takes up > 0.5 FTE for about 6-9 months or so when the security plans are updated and the audits are occuring ... so it's not cheap).

No more unfunded mandates ... if this is important enough ... give us the funding and resources to do it. (which likely means hiring another sysadmin, and more hardware)

I'd go back to FTP before I went to HTTPS.

Comment: No excuse? BS. (Score 2) 155

by oneiros27 (#49282307) Attached to: White House Proposal Urges All Federal Websites To Adopt HTTPS

I operate government websites that serve physics data to the public.

HTTPS would require additional CPU for the SSL processing and bandwidth because it would make requests non-cacheable.

Not to mention that it would make the intrusion detection system attached to the router completely useless, so we'd lose a layer of security and it would make it more difficult to detect probing across the network and other 'slow' attacks. It would also prevent us from doing auditing after an exploit is known but before we've been able to get the mod_security rules in place or whatever other mitigation.

So yes, there are perfectly valid reasons to *not* be running HTTPs. I know you couched your message with 'virtually', but blindly appying 'best practices' or whatever other recommendations without understanding what the implications will break systems. (and I have to file paperwork every year for every one of my web servers that doesn't comply with the CIS benchmarks)

ps. 'there should be a law for that' is the absolutely worse policy, as most people in legislature aren't tech-savy, and will just screw things up. I was actually against all of the Net Neutrality bills that were proposed because they'd have outlawed agressive spam filtering (blocking 'legal' communications, and the CAN-SPAM act defined that some spam is legal). You need flexibility and speed in dealing with most issues, and laws don't do either well.

Comment: Conflicts w/ his first biography (Score 1) 205

by oneiros27 (#49258367) Attached to: Steve Jobs's Big Miss: TV

At least, I was assume it was in his biography (as I never read it). But when it came out, there were quite a few reports that Jobs said he had figured out TV interfaces:

It's entirely possible that because he didn't like the TVs, he had come up with a better UI ... but we haven't seen a dramatic revision of the Apple TV since he died ... so we might never know what it was that he came up with.

Comment: Not always (Score 1) 247

Shaun of the Dead was in a world where zombies were known, but most people were dismissive of it. Of course, that might've also been one of the tipping points to really get zombies into mainstream culture (2004), as many of the movies tended to be rather gruesome things that only appealed to a limited audience.

I want to say that the (excellent) book Ex-Heroes might've had zombies as a known thing as well. Of course, that one's set in a world that also has super heroes (who are fighting against the zombie outbreak).

I can't remember if World War Z (the book, not the movie) had established that zombies were a cultural thing before the outbreak happened ... I want to say that the disease vector was different than your typical zombie movie, and they had called them Z as zombies were the closest thing that they had to relate it to.

Comment: It could be worse... (Score 5, Interesting) 158

I've actually lost count how many megachurches have been built on farm land in Upper Marlboro, MD. I assume the land must be cheap, as we have The First Baptist Church of Glenarden, which was built just 1.2 miles from Riverdale Baptist Church. And it's not to be confused with the First Baptist Church Upper Marlboro, which is about 8 miles away as the crow flies.

All of these are non-profits, so there will likely never be any more tax revenue from them, and unless they also have a school (which Riverdale does), it sits nearly empty for most of the week.

Comment: PDF encryption (Score 4, Informative) 809

by oneiros27 (#49048665) Attached to: Ask Slashdot: What Portion of Developers Are Bad At What They Do?

I asked another applicant a similar question: "Suppose you wanted to send me a file with very sensitive information, how would you encrypt it in such a way that I would decrypt it?" The person started off by asking me if it was an excel file, a PDF, etc.

You should've answered the person, because then they might've told you that there's an encyption standard for PDF. I use it with my tax-preparer, so that we don't need to deal with other programs that would decrypt the file (and then potentially leave an unencrypted copy lying about).

Excel offers password protection to restrict modifications, it wouldn't surprise me if they offered encryption, too.

So in this case, it might not be that the person sucks at his job ... it might be that you are, because you had a pre-conceived notion of what the answer should be, rather than finding out how that person would handle the problem. It's entirely possible that they could come up with a better solution than yours.

And as for the the question of what proportion are bad ... you have to remember that you're hiring people. The people who really know what they're doing are likely either going to be paid well, or have an established network that they can tap when they need a job. (Rather than answer some random job posting where they don't know if it'll be worse than their past job, and/or have to jump through hoops answering poorly thought up interview questions).

If you mention to your current developers that you're hiring, and they can't manage to find people to refer, that's possibly a sign that none of them would be willing to subject their friends to come work for you. And if that's the case, you might have problems when one of their friends' companies are hiring.

Comment: Homeboys from Outer Space (Score 1) 480

by oneiros27 (#48924013) Attached to: Best 1990s Sci-fi show?

I know that a few people claimed that it was a racist, but if you look at as a sci-fi Black Dynamite (parody of blaxploitation films), it was great.

And besides, all of the cameos that they managed to get ... George Takaaa, James Doohan, Natasha Henstridge, Burt Ward, Gary Coleman, Erik Estrada, etc.

I viewed as being more like the early seasons of Red Dwarf -- a sitcom set in space, rather than being your typical serious sci-fi.

Comment: There are at least 2 types (Score 1) 214

by oneiros27 (#48920079) Attached to: Ask Slashdot: What Makes a Great Software Developer?

You have the 'knows how to work efficiently to get the project done as quickly as possible'.

And then you have the 'knows that they'll have to maintain it, and will work to make sure to minimize shortcuts, or document every od trick they used, so that two years later they'll be able to modify it when some new requirement comes along'.

I actually enjoyed doing the first type of programming. These days I see paralized and might be over-designing things because of times that I've gotten stung by not being type #2. (both my own code and other people's)

Ma Bell is a mean mother!