Forgot your password?
typodupeerror

Comment: Re:Why do these people always have something to hi (Score 1) 233

Not so. For example here is the privacy statement from a well-known university:

Privacy of Information
Information stored on a computer system or sent electronically over a network is the property of the individual who created it. Examination, collection, or dissemination of that information without authorization from the owner is a violation of the ownerâ(TM)s rights to control his or her own property. Systems administrators, however, may gain access to usersâ(TM) data or programs when it is necessary to maintain or prevent damage to systems or to ensure compliance with other University rules.

Comment: Re:All publicly funded research needs public relea (Score 0) 233

OK with which part? Trying to repress work of scientists for political ends or trying to preserve their work for future study?

One is the despicable work of slimeballs trying to supress scientific inquiry or just simply punish people who have ideas they don't like, and the other is the work of archivists and libraries.

Clearly we have the former going right now. Fortunately the courts came to the right conclusion.

Comment: Core assumptions are wrong (Score 1) 220

by gurps_npc (#46788653) Attached to: Bug Bounties Don't Help If Bugs Never Run Out
First, he assumed that given x effort, you could find bu #1. That is a reasonable expectation, given the state of programming today. Bugs, while not infinite, are in fact so numerous so that the amount of time it takes to find them all exceeds the project life of software.

Then he assumed that given y effort you could then find bug #2. Again a reasonable assumption.

Third assumption, that x=y. This is FALSE. For that assumption to be true, then bugs are being found randomly, not by effort. The truth is x is ALWAYS less than y, because it takes skill and effort to find them.

Each successive bug is more and more difficult to find. However, it is an exponential chart. This means when just starting out, it APPEARS that x=y, but the further you go along, then Y starts being significantly greater than x.

This is a common problem, faced by mothers cleaning their house and by cops facing criminals. By the time they clean up one mess, a new one has popped up. But that does not mean you stop cleaning. Your efforts do mean something. The idea is to always be one step AHEAD of the mess, not behind it. That way you always end up with an acceptably dirty situation, rather than a virus infected/crime ridden area.

Bug

Bug Bounties Don't Help If Bugs Never Run Out 220

Posted by Soulskill
from the trying-to-bail-the-ocean dept.
Bennett Haselton writes: "I was an early advocate of companies offering cash prizes to researchers who found security holes in their products, so that the vulnerabilities can be fixed before the bad guys exploited them. I still believe that prize programs can make a product safer under certain conditions. But I had naively overlooked that under an alternate set of assumptions, you might find that not only do cash prizes not make the product any safer, but that nothing makes the product any safer — you might as well not bother fixing certain security holes at all, whether they were found through a prize program or not." Read on for the rest of Bennett's thoughts.

Comment: Re:I wonder how much damage... (Score 1) 273

by JWSmythe (#46784403) Attached to: Apache OpenOffice Reaches 100 Million Downloads. Now What?

I've gone through this at a few places now. Besides resistance from the users ("we only know how to use Outlook!"), is migrating from Outlook to another solution ranges somewhere between unlikely to impossible. For someone like me, I only have 3 or 4 appointments scheduled, and the other few hundred are meetings I was invited to. :)

You can have the best plan, with the best business reasons, but when a senior executive tells the CEO that he can't switch, you'll frequently find that it will veto the migration.

Here's a real-world example. I was Director of IT for the company. The CEO told me specifically to get rid of Exchange, because the upgrade costs were too high. We were literally a couple weeks from switching. The Director of Sales went to the CEO and demanded that we keep Exchange, or he would walk.

Funny thing about the sales department. He didn't manage to sell anything, and he couldn't retain the customers. The accounting staff ended up doing all the customer retention. That guy cost us more money than he made. IT, on the other hand, brought costs down, and improved the customer experience.

The only thing that sales brought to us were headaches, and very pretty forward looking reports, that pretty much consisted of a graph showing our sales history, and a line going up at a 45 degree angle showing our future revenue. Every few months, he had to update the graph, so it showed our revenue losses, and had a new starting point for his upward line. I don't think he had a grasp of the concept of forecasting.

Comment: Re:A few observations and suggestions (Score 3, Informative) 273

by JWSmythe (#46779575) Attached to: Apache OpenOffice Reaches 100 Million Downloads. Now What?

Microsoft is probably counting every OEM that ships with the trial version of Office, and all the bundled licenses, even if they aren't used.

Most companies buy too many licenses, so they can be sure they have enough. So if we buy 50, and use 30, but only 10 use it on any sort of regular basis, MS will still count it as 50.

Comment: Re:I wonder how much damage... (Score 4, Interesting) 273

by JWSmythe (#46779547) Attached to: Apache OpenOffice Reaches 100 Million Downloads. Now What?

For most users that I've known who were willing to try OpenOffice, Calc worked fine for them.

The problem is Outlook and Exchange. The users see the mail client, calendering, and the like, as essential. The word processor and spreadsheet are secondary to that. Once some exec starts talking to sales about getting just Outlook, they are sold on the wonders of getting the whole MSOffice suite.

There are enough users who refuse to even try OpenOffice for the word processor. "I can't because...". I've tricked some users into switching, by just giving them shortcuts on their desktop with the MS names instead of the OO names, and changing the default save types to the MS counterpart. When they ask about why it looks different, I just tell them "oh, this is the newer version.", and they're fine.

What hath Bob wrought?

Working...