Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: I maximize risk-adjusted net returns (take home) (Score 1) 238

by raymorris (#49763291) Attached to: Amazon Decides To Start Paying Tax In the UK

> You maximize profit. the amount of tax you pay on profit is irrelevant to the process of maximizing it.

No, I maximize my take-home, also called risk-adjusted net returns. Along with any other values you have such as environmental concerns. Gross profit (what is taxed) doesn't matter. What matters is how much ends up in your pocket. Here are some rough numbers from the choice I actually had to make three years ago. I could either:

A) Continue to run a business with the following numbers:
Revenue $200,000
Payroll expense $100,000
Tax and compliance $40,000
Other expense $20,000
Net take-home $40,000

B) I could take a job working for the government with these numbers:
Salary $52,0000
Benefits $13,0000
Tax $10,0000
Take-home $55,000

Note that "before-tax gross profit" doesn't appear in the calculations, because it doesn't matter. What matters is how much goes in my pocket after all expenses, including payroll with payroll taxes, direct taxes, compliance cost, everything. You'll note that the number that matters, net take-home, was higher if I laid off my two employees and took a government job. So that's what I did.

You may also note that if the taxes and compliance costs were half as much, the net take-home would have been better by keeping the business open and my employees would still have jobs.

Comment: Dishwashers. See Apple Records vs iPod & iTune (Score 1) 222

by raymorris (#49761811) Attached to: Google Developing 'Brillo' OS For Internet of Things

We already know this is designed to be used in dishwashers and other appliances. Google doesn't know what else it'll be used for. It IS kind of silly to pick such a well-known trademark when the POTENTIAL for a possible conflict is so obvious. Brillon, Billo, or Belo wouldn't have the same problem. One of those could be a trademark, but being far less well-known, it would be a much smaller problem.

I recall in the early days when Apple (computer) chose their name, they thought there would be no problem with Apple (records) because they weren't in the music business. Then, iPod suddenly accounted for 90% of their revenue. Oops.

Comment: Arduino can do RSA and others (Score 1) 222

by raymorris (#49761743) Attached to: Google Developing 'Brillo' OS For Internet of Things

> If you use those on an Arduino (I am) I guess it lacks the juice to do proper encryption?

Arduino can do RSA and others. Good algorithms are generally quite feasible on very small devices, at least for small amounts of data. Which goes to show 32MB is rather high for current IoT devices.

  However, there is a $9 board about to be released which has 512MB and runs Linux. So while it's not NECESSARY to have megabytes of RAM in a "thing", it's not all that expensive either. The price per byte keeps going down, so in five years an MCU with 64 MB may cost the same as an MCU with 1MB does today.

User Journal

Journal: Patriot Act position of one security professional to Senator Cornyn

Journal by raymorris

Texas republican senator Ted Cruz is leading the fight to do the right thing regarding (non)renewal of the Patriot Act, to protect our Constitutional rights. Our other senator, John Cornyn, wants to renew the Patriot Act in full. Here is my letter to Cornyn.

As a career security professional, I implore you to reconsider your position regarding the Patriot Act, the USA Freedom Act, and the Fourth Amendment.

Comment: my letter, as a security professional, to Senator (Score 1) 135

by raymorris (#49761137) Attached to: NSA-Reform Bill Fails In US Senate

Texas republican senator Ted Cruz is leading the fight to do the right thing, to protect our Constitutional rights. Our other senator, John Cornyn, wants to renew the Patriot Act in full. Here is my letter to Cornyn.

As a career security professional, I implore you to reconsider your position regarding the Patriot Act, the USA Freedom Act, and the Fourth Amendment.

  For twenty years I have worked to keep protect American citizens, interests, and our way of life. Currently, I am employed at TEEX, where I work with our National Emergency Response And Rescue Training Center, assist in homeland security training, and support our role as a founding member of the National Cybersecurity Preparedness Consortium. I do this work in order to protect the American way of life, that we might be the beacon of freedom that founders envisioned. The antithesis of this would be that the United States would be taken over by those who would subjugate the citizens. Our role, sir, is to, protect Americans from not one specific foreign threat, but from any and all who would threaten our Constitutional liberties. Your current position, senator, places you on the wrong side of this fight. Please reconsider whether you wish to be the force fighting against the Constitution, against the fourth amendment, and against the American way of life. We work today, and will work at election time, to realize the vision of American as the brightest beacon of freedom and liberty in the world.

Comment: But they ignore experienced devs who sent patches (Score 1) 266

by raymorris (#49752667) Attached to: Ask Slashdot: Career Advice For an Aging Perl Developer?

It's too bad that when you have 10+ years of experience and your cover letter mentions that they are already using patches you've sent them over the years, they completely ignore you.

One issue I fixed for them was particularly "entertaining". I sent them a note mentioning a problem. They replied saying basically "yes, we are aware of that problem, but we're not sure how to fix it, so it may take quite a while". A few minutes I replied back with a fixed version of their file, which I was using for our customers. Soon after they released an update with my fix.

So it took me a few minutes to solve a CPanel bug that they couldn't figure out. Then I send them a resume and crickets.

Comment: Harder: self-stabilizing parachute, or balance on (Score 5, Funny) 490

by raymorris (#49739841) Attached to: The Brainteaser Elon Musk Asks New SpaceX Engineers

The harder brainteaser they SHOULD ask:

A large, cylindrical object is falling. You want it to land upright, with the correct end down. Which of these strategies do you choose:
a) Attach a parachute to the nose and let basic physics work.
b) Try to balance it atop rocket engines firing from the bottom.

Comment: Proprietary, not open source (Score 4, Insightful) 70

The buggy software is not open source. It is proprietary. I'll FTFY, updating your post to reflect that it's proprietary software:

Another day another MASSIVE security problem caused by proprietary software. I cannot wait for this shitty industry of crappy software written by crappy programmers hired by managers focused purely on profit to die the death it so richly deserves. This is going into my yearly talk I give at the local compsci department about why proprietary software should be SHUNNED, not embraced, by up and coming programmers. Not only does it cost us JOBS and INCOME potential, it demonstrably results in WORSE software.

Comment: DD-WRT no. Vuln. if proprietary & shares webca (Score 2) 70

The vulnerable module appears to be proprietary, not open source, so dd-wrt and other open source firmware wouldn't include it.

If you have a router or similar device with a USB port which can be used to share USB printers and webcams, it's vulnerable. Sharing of USB STORAGE is done differently.

Comment: agreed . 18 years in infosec here (Score 2) 150

I've been doing infosec for 18 years and fully agree. Forcing people to change passwords simply forces them to increment a number at the end or write them down. It also forces you to allow more failures in your brute force detection.

With pass phrases, it's mostly about using LONG ones. Yeah, pass phrases, not passwords. Then make damn sure your not using des hashes or something else that truncates passwords anywhere.

Comment: a dictionary might help you (Score 1) 335

by raymorris (#49730539) Attached to: Stock Market Valuation Exceeds Its Components' Actual Value

You might find a dictionary helpful for understanding the difference between subjective and objective and the difference between melting and pressure sintering.

The percentage of gold in an alloy is an OBJECTIVE measurement. The beauty of a diamond's color is SUBJECTIVE. Beauty is in the eye of the beholder.

You might also look up MELTING vs PRESSING. Tungsten powder is NOT melted to make jewelry or other objects. Rather, it's mixed 50/50 with carbon powder, then subjected to extreme pressure in the mold. It holds together the same way a snowball holds together. You don't melt snow to make a snowball, you press it. Tungsten carbide is formed the same way. As you correctly noted, tungsten carbide (which is only half tungsten) can't be scratched, or bent, or cut. (Except diamonds can scratch it.) It's pretty difficult to make things out of a metal that you can't cut, drill, bend, or file. It's used occasionally when extreme hardness is required, but 99.99% of metal objects aren't made from tungsten because most things CAN'T be. Most metal manufacturing requires drilling, or milling, or threading, or bending or ... . You can't do any of that stuff with tungsten.

Comment: Diamonds have subjective cut, color, clarity. Divi (Score 1) 335

by raymorris (#49729373) Attached to: Stock Market Valuation Exceeds Its Components' Actual Value

> So enlighten us why not hold diamonds? They are shiney and last forever too.

May people do hold diamonds as investments / stores of value, but diamonds have several subjective properties which effect their value. See color, cut, and clarity. An ounce of gold is an ounce of gold, it's completely fungible. Not so with diamonds.

Also, if you have an ounce of gold and you sell half, you still have half the value left. If you have a one carat diamond and you cut it in half, you just destroyed much of the value. They aren't as readily divisible. Primarily, though, it's the subjective value factors - one 1 carat diamond might be worth ten times as much as another.

Re tungsten oxide filaments, look up William D. Coolidge. He developed a complicated multi-step process to pound tungsten oxide (tungsten rust) powder into bits of wire. It's not useful for much else, though - notice how easily it breaks. The difference between tungsten metal and tungsten oxide is the same as the difference between iron metal and iron oxide (iron rust). You can make engines, cars, and wrenches from iron. Try making these things from rust.

Memory fault - where am I?

Working...