Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Comment Match the tech to the threat (Score 1) 118

Your average (or even top of the class) housebreaker is not a criminal mastermind. They do not keep up to date on security vulnerabilities and won't spend much time trying to spoof, or tap into an internet-based alarm system. they will smash your front door or window, grab what they can and be gone before the cops arrive.

If you want to protect against them, get a metal door or a large dog (always the best deterrent). If you want a home security system and you think that your attacker will have disabled it via a web based attack you've been watching too many bad movies. Although if you really are that impressionable, you'd be very easy for companies to sell you stuff.

If it does turn out that your enemies really are prepared and able to hack your house, cut your phone and power, jam your mobile phone and then break in - you've got bigger problems than a little system like this, or all the guns in the world, will protect you against.

Comment Getting the inside track (Score 1) 83

OK, I can understand that if your boss is located a long way away, it's far easier to spend the entire day goofing off - playing Facebook, chatting, drinking coffee, arriving late / leaving early and talking on the phone to your friends and family. (and this works for bosses, too).

However, it makes it impossible to eavesdrop on their conversations and phone calls or see what they leave lying around on their desks. I have also found that with my boss in the same cluster of desks I get to answer her desk phone when she's away - and get to talk to all manner of "upper ranks" that I wouldn't normally get a chance to impress.

Comment Pi Zero++ (Score 1) 122

a small embedded device like the Raspberry Pi Zero require either Wi-Fi or Ethernet connectivity

One assumes that the Pi ONE will fix this shortcoming. Given the price of the ESP8266, I doubt it would cost more than $1 to add connectivity. The only reason I can think of for them not doing this in the first place is to wait for a better WiFi device to hit the streets.

Once the Pi has WiFi, it will be difficult to beat at that price.

Comment who's in charge/ (Score 1) 192

convincing the development teams

Very simple. Presuming you are in the position to lead and have the backing of the directors it simply comes down to .... Right you lot, here's what we are going to do. If there are any objections please note them during your exit interview".

Of course, this does assume that the work has been fully scoped out, risk assessed (the risk appears to be lazy programmers) and costed.

if the development teams really are in the position to cherry-pick the work they do, the best course of action is to run away, very fast.

Comment If that wording reflected a change in attitude (Score 1) 291

Information security is an endeavor that is frequently described in terms of war

And no sane person likes war ... right?

The point is that to make Infosec more attractive to normal, sane, people the intent should be changed from one of confrontation and dominance to one that coveys an intent to make the world better, more secure, safer, and protected from the crazies out there.

If that sounds a lot like the (female dominated) caring professions, then so be it. But if you really believe that Infosec is there as part of a "war" then carry on as you were ...

Comment Yeah, but we're talking about psychology (Score 1) 63

A group of psychologists has found that their collective gambling—with real money—predicted the outcome of attempts at replicating experimental results better than their own expert guesses.

That might work for something like psych, where few results are reproducible - or even where few "experiments" are re-tried. However, I doubt that the real world reflects the wishes of some profs with a penchant for a flutter and too much free time.

Now if they could apply quantum mechanics to the problem, instead of gambling, there might be some interesting results.

Comment For amateurs, it's the making not the having. (Score 1) 196

The guy who said this seems to be disconnected from the "maker" world. Amateurs make stuff in the full knowledge that it would be cheaper and faster to buy a ready-made pruduct that would (probably) have more features, be more reliable, DEFINITELY have a better quality enclosure and in all likelyhood be smaller, too.

But that's not the point. Amateurs make stuff: electronics and software because they like it. They know that there are alternatives that are better but there's no fun in that. There's no satisfaction in the knowledge that something is your own work, possibly your own design and in the true spirit of ameteur-ism, completely undocumented and an utter mystery to anyone else who would ever try to work out what it does, or how it does it.

Comment War, not war (Score 2) 241

With respect to the remote weapons operators, using drones and unmanned vehicles to "fight" a war doesn't count as warfare. The reason is that the country persuing this route has no skin in the fight. It is not risking its own people (while putting the population: military and civilian, of the target state at risk).

The other aspect of proper warfare is occupation. Without that, an attack is merely destruction of either people or property. It might achieve a certain, intended, goal - especially for a domestic audience baying for blood. But as a long term, inter-country conflict, without an occupation to produce long-term changes in the mindset of the "enemy" population, it fails.

Comment success criteria (Score 1) 218

The kids don't know much English and speak a local language called Odiya. There aren't any technical publications/resources in Odiya. Poor internet connectivity. No computer experts on the school staff.

Before you go anywhere near trying to find a technical solution, it is imperative you write a single sentence to say what direct, measurable, benefit will arise from this venture. Preferably a benefit to the children taking part, rather than imparting a nice warm feeling of having "helped" to the educators.

If that turns out to be a stumper, you really need to stand back and think of a different question - one that you CAN answer, before talking about languages, OS's, games and all that technical gibberish.

Comment Too high level. (Score 1) 429

The most important (or widespread) languages that nobody ever hears about are assembly and microcode. They are everywhere and are almost completely invisible. I would suggest that PIC assembly code is probably the one that we could least do without, today.

Comment Teach the coders accounting, instead. (Score 1) 87

He will not be able to get to a level where his technical expertise matches the coders. However he should (already) be able to listen and understand the business-orientated aspects of the issues put before him. It is probably worth his while becoming conversant with the basic workings, limitations and abilities of the platforms the startup is using, but any more would not be a good use of his time. You might as well require the coders talk accountancy.

For example, he should probably be aware, that no: you can't keep expanding the power of a computer indefinitely. Nor is a cloud solution always the best, cheapest and most reliable. He should probably be told that creating software is (still) basically a hit and miss exercise and that a great programmer does not make a great GUI creator or a great technical designer.

However, he should be brought up to speed on the need for designing in security and that testing, while a large cost in terms of developer time, is an even larger cost if not done. Give him a copy of The Mythical Man Month which should be right up his street.

Comment Don't tell me what it's GOT, say what I can *do* (Score 1) 109

The release claims a long list of changes: new versions of this and that.

But nowhere on the release page does it make any mention of what that means to the end user. If I run this, or upgrade from release 1, what will I be able to do, that I couldn't do before?. I don't care about features and versions or rolling this-that-or-the-other. What I need to know is why should I spent time and effort getting it, installing it and using it?

Since the announcement makes no mention, it would not be unreasonable to assume there aren't any actual, end-user, benefits. Or they'd be headlining the piece, right?

Never appeal to a man's "better nature." He may not have one. Invoking his self-interest gives you more leverage. -- Lazarus Long