Forgot your password?
typodupeerror

Comment: Re:This initiative is futile (Score 1) 47

by presidenteloco (#47789545) Attached to: IEEE Guides Software Architects Toward Secure Design

I'd say security failure is partly due to incentive alignment failure for developers.

Bad security design is a problem that's going to bite, but usually a little later, after version 1 is out the door and everyone's paid.

Not meeting the pretty much arbitrary and insanely optimistic delivery schedule is going to bite developers right now.

Corners will be cut, even if some of the developers know what SHOULD be done.

In general, almost every architectural aspect of software, including security, (well-factoredness, maintainabilty, scalability, extensiblity, low-coupling, you name it) is hidden, except to a few experts who aren't usually those in decision-making roles. That's why so much software delivered is a Potemkin village.

Comment: Re:Fire the Architects (Score 1) 47

by presidenteloco (#47789531) Attached to: IEEE Guides Software Architects Toward Secure Design

I don't know about you, but I'd say that someone who is creating architecture, is, oh, I don't know, an architect.
Who cares about the title. "Chief codemonkey with a clue" will do just fine.
There seems to be some mythology out there about software architects who don't come from coding.
Sort of like MBA managers.
Never seen one of those. If they're not still coding, they don't love the craft enough to be good architects.

To me, it's just someone who can model a complex system in different cross-cutting aspects, can understand big-picture and long-term concerns with the goals and evolution of the software, know and use many appropriate tried and true patterns, and pragmatically marry that with project realities.

Comment: Re:Local storage (Score 1) 432

by Anonymous Brave Guy (#47788767) Attached to: Ask Slashdot: What Old Technology Can't You Give Up?

I use POP3, so I can have local copies of all emails.

What I'd really like with modern trends is more emphasis on "private clouds". I want to put my data on my own server on my own network, so it can be accessed from any of my devices around the house and over VPN if I'm out, but with the data always securely under my control and backed up according to my wishes.

This is easy for some formats, including plain files obviously. However, it's surprisingly awkward for stuff like e-mail, where there are plenty of relevant concepts like IMAP and mail stores and smart hosts and web mail systems, but actually setting them up in a useful combination if you're not an experienced sysadmin is quite a challenge.

Sadly, it seems even the best FOSS client software is dying out these days, often because "everyone has Google Whatever". As far as I know there hasn't yet been a lot of movement in the FOSS world towards having easily-deployable private clouds for e-mail, shared documents, and so on, which always surprises me given the implicit freedom, independence, privacy and security.

Comment: Re:Local storage (Score 1) 432

by Anonymous Brave Guy (#47788729) Attached to: Ask Slashdot: What Old Technology Can't You Give Up?

You might not have much recourse even if it's a commercial service you're using. Ironically, on-line back-up services are among the worst offenders. If you use one, go ahead and check its terms, and see whether any of those lovely restoration options they offer will still be there if they decide to close down on a whim. (Hint: Probably they won't, and all you'll get is maybe 48 or 72 hours to download as much as you can at the same time as every other customer they have is trying to do the same.)

If it matters, back it up on systems you control yourself. If it's private, don't upload it to anything, and encrypt the back-ups. It's really that simple. Then again, so is "make sure you back up your important files", and how many people don't do that because it's mildly inconvenient? Maybe those on-line back-up services aren't quite so bad after all...

Comment: Re:Fire the Architects (Score 3, Insightful) 47

by presidenteloco (#47786705) Attached to: IEEE Guides Software Architects Toward Secure Design

I suspect that most programmers who don't see the need for software architecture work within the confines of already heavily architected frameworks, platforms, and network stacks.

Thus their comments are akin to saying "I don't think we need an architect to help us rearrange the furniture and paint on the walls".

Comment: Re: A fool and their money (Score 1) 254

Sure, that's why no individual bothers to do it, but if the world at large wanted to demonstrate if there was any merit at all to dowsing, that's the kind of thing they ought to test.

You'd think somewhere there'd be one wealthy investor willing to spend a few tens of thousands to scientifically analyze this.

Comment: Re:I love it when the IEEE... (Score 2) 47

by Em Adespoton (#47786035) Attached to: IEEE Guides Software Architects Toward Secure Design

It took me a while to parse your comment... as the IEEE is an international standards body. Then I realized that you weren't talking about nation states, but half of the party system in the US... and then was lost again figuring out how a standards body pushing a security standard for SAs related to political gerrymandering in the US. Did you mean that the Republican party of the US is intentionally trying to make the Internet less secure, and that an international standards body setting down guidelines for big business to follow when architecting new software designs would somehow annoy them because somehow people would suddenly be required to use such standards to develop software like SSL/LTSP/SSH/etc?

Comment: Re:Not worth it. (Score 1) 46

by Rei (#47785193) Attached to: How the World's Fastest Electric Car Is Pushing Wireless Charging Tech

Electric cars wouldn't use half the country's electricity, passenger vehicles' share of total energy consumption is much smaller than that. But I don't disagree with you that it's bad to waste power. Still, for a potential EV consumer whose turned off from EVs because they're lazy, if the choice is between "waste 20% more electricity" and "keep driving a gasoline car", the wireless EV is still the much better option.

Comment: Re: Official Vehicles (Score 1) 256

by Em Adespoton (#47785015) Attached to: DoT Proposes Mandating Vehicle-To-Vehicle Communications

If I'd stated that damage on impact was polynomial, I would have been technically correct, but would have drawn blank stares, even on slashdot. Plus, x^1 is polynomial technically. Squared would have been more accurate, but would have just made the sentence more complicated.

So I'll leave the pedantry up to the responses, and let people understand the implication based on what I originally said.

"God is a comedian playing to an audience too afraid to laugh." - Voltaire

Working...