Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:*BSDs are rendering Linux irrelevant. (Score 3, Insightful) 114

Oh. Oh, my. I'm sorry to say that that there is almost no paying work involving any of the BSD's, except for MacOS as a descendant of FreeBSD. Even the most casual search of job sites, whether hiring or looking for work, lists Linux over any or all of the BSD's by a ratio of hundreds to one.

The idea that they are a "go-to" operating system ignores that actual job listings involving the non-MacOS BSD's are almost entirely migration projects, to migrate from the BSD selected by a former technology architect, to a supportable and hardware compatible operating system. The individual BSD's can, and many do, have significant feature benefits over Linux. The lack of systemd is one of them, I can agree. But the featues you list have proven insufficient to gain market share compared to the ease of development, the ease of installation, and the broad usage of Linux.

Comment Re: Short view, Long view (Score 1) 503

There's a quite vocal contingent of the LGBTQ community that are insistent on the use of their preferred gender pronouns, and seek government restriction through the use of Title 9 funding, and who even demand civil prosecution for failing to use their desired pronouns. I recently attended a mandatory presentation with a business partner about just such gender identification issues. If we did not attend the seminar and sign agreement with the policies, we would not be permitted to work with that company.

Comment Re:Slashdot readers should sure hope so (Score 1) 503

I believe you failed to mention the theft of intellectual property when Microsoft hired David Cutler and his VMS team to write critical parts of Windows NT. That theft was part of the downfall of DEC. It was coupled with the wholesale theft of their hardware designs to create the Pentium chip.

Comment Re: Victory!!! ...? (Score 1) 169

>> This occurs for _any_ nation that invades Afghanistan.

> Ironically the Taliban are the only ones to ever stop opium production there.

May I disagree? I suggest that "not being at war" was the factor that curtailed opium production. I suggest that it wasn't merely that the Taliban were in charge, it was that food crops could be grown, harvested, and distributed legally, possibly even at a profit. For people in a war zone, short-term profit with smaller investment and more easily portable goods becomes critical.

I agree with you that managed legalization is a good step. But it does not seem to be an "approach that would eradicate the drug epidemic". It's not "eradicated" the problem for alcohol or tobacco, it's merely helped contain it.

Comment Re: Victory!!! ...? (Score 0) 169

> Of course there are easier, more rational approaches that would nearly eradicate the drug epidemic No half intelligent person would dispute that fact.

If people had self discipline, as any half-intelligent person should, addiction and drug related crime wouldn't occur. Neither would child abuse or serial murder. And yet, they do. It takes a very small number of "half-unintelligent" people to create enormous problems with addiction, with drug abuse, and with crime resulting from it. Even for reasonable people, the deceit involved in various drug trades has been extremely dangerous. Please look at the economic and social history of tobacco, of alcohol, and even of non-physical addictions like gambling to see a history of rational attempts to control them, and the failure of rational policies.

Could it be done better? I agree, many US drug policies are outrageous and ineffective. Are there rational approaches that would almost eradicate it? I must disagree: It has roots in human physiology, in human weakness, in crime, and in politics that make it extremely difficult to eradicate. Many are _not_ driven by greed. Many are founded in erroneous ideology. The idea that the war on drugs is a monolithic policy that "fits every aspect of the government's agenda" suggests that it is a thought out plan. I'm afraid it is not. Different members, and different branches, of the Us government have different goals which combine to extend current policies.

I'm afraid it's not one problem, so it can't be defeated by a single logical analysis.

> Obviously there is no real threat, there hasn't been since invention of atomic weapons.

If Io may say, this is disingenuous. There was a real threat from Afghanistan, which was hosting the Taliban. which had just murdered thousands of the most powerful and wealthy US citizens. The next logical target was Pakistan, which had since been hosting the Taliban and which has been selling nuclear technologies around the world. I'd prefer not to discuss why the US targeted Iraq next: it's a long discussion.

But in terms of the drug trade: sir, I suspect you were not alive during the Vietnam era, when US servicemen were often returning to US soil with opioid addictions. I myself only met, but was not old enough to greet on their return, Korea veterans who returned with similar addictions. The Soviets encountered it in dangerous proliferation when they occupied Afghanistan, one of the world's greatest sources for opium: I'm seeing reports of it now with US troops returning from Afghanistan today. This occurs for _any_ nation that invades Afghanistan. The proliferation of opium dens was a critical part of the Sherlock Holmes stories and Dr. John Watson's return from Afghanistan.

Comment Re:"anonymous" cash (Score 1) 169

> It may be anonymous *now*, but remember - every transaction lives on the blockchain FOREVER.

Even if they were individually protected from tracing, becaase for example they were built on rootkitted AWS servers or various worldwide rootkitted botnets: the owners of the various exchanges have _not_ proven trustworthy. It's very difficult to have confidence in people convicted of attempting to murder their business partners, as the arrest and convictions of the leader of the Silk Road Exchange has shown. And I'm afraid that their dalliance with money laundering and "hiding things from the government" encourages them to hide theft from their customers, as the raw embezzlement from Mt. Gox has demonstrated. Mt. Gox was the largest bitcoin exchange in the world: it had over 850,000 bitcoins stolen during their lifetime, half a billion US dollars in the valuation at the time of their shutdown.

The scale of the abuse and fraud was widespread, and was apparently at every level of the exchange. I've seen no evidence that any of the other bitcoin exchanges are more trustworthy or more cautious with their client's bitcoins: the insistence on being "edgy" and "outside the establishment" seems to lead directly to abuse from inside the companies and vulnerability to outside abuse. Dealing in secretive currencies for illegal transactions, which has remained a core use of bitcoin, is a corrupting influence for the people handling the exchnages.

Comment Re:Lazy Apathetic Enterprise Coders (Score 1) 236

> Now your typical enterprise may have third party security assessment and penetration testing - which is OK, but most of the time it's testing well-known exploits.

They're typically not allowed, by the company paying them, to probe for the most dangerous vulnerabilities. Passwords sent via github, VPN's that open full access to unencrypted services from poorly secured internal networks, permanent root credentials embedded in source code,and other issues abound.

I've recently been forced to cope with a software architect who insisted on a common OpenBSD policy, that if your local system is not secure, then there was never any point to having security, so they refused to have any on their local systems. The result is that they opened tunnels between the production network and their laptop, and opened SSH tunnels to and from their laptop into their home desktop, all tunnels open 24x7. These tunnels used private keys with no encryption, stored locally on all of these systems, and available on NFS and CIFS shares, and on publicly recoverable backups throughout the network.

Recovering from that was quite painful. I was compelled not to being up the issue formally in my project reports. I _may_ have been aware of someone inside their company to whom I presented a report on this, who _may_ have taken some private, internal steps to flood the channels. That brought it to the visible and official attention of their network group when the architect complained about poor performance of these channels. Unfortunately, this architect was in the habit of doing all their work on their laptop and never submitting their work to source control.

Before completing my designated tasks, I did hand over tools to take daily snapshots of the workspace on that exposed laptop, as a "proof of concept". I also hoped they could use that backup to reconstruct some of the work if that engineer quit or was let go.

Comment Leave out the words "Java" and "security" (Score 1) 236

Many of the Stackoverflow first answers are very poor, as are many followups from people who don't sanitize their inprts. The problem is aggravated for Java, where error reporting is often very poor and where programmers have been taught with object oriented principles to pay no attention to the rest of the system: it's considered outside the scope of their immediate task.

I do find Stackoverflow useful: there are often extremely useful hooks to start from, and it's well worth thanking the community by following up with my more detailed or robust answers, especially when the published answers did not quite work. That kind of feedback is critical to open source and free software projects.

Comment Re:I'm not clear. (Score 1) 289

> We could simply sum it up with "Radicals are people that resort to violence to solve disagreements".

That definition has some difficulty with its broadness. It includes the homeowner who shot down the drone over his private property. It also includes the Allied military freeing the Holocaust victims at Dachau. It also includes divorced people who murder their former spouses.

Comment Re:Go is not ready for prime time (Score 2) 63

This is a _very_ common problem for systems that re-invent versioning for their projects, especially when they ignore the very robust GNU numbering scheme. That major.minor.trivial numbering scheme 's described well at https://en.wikipedia.org/wiki/....

It's been a large problem with older tools as well, and it is why industrial operating systems do _not_ upgrade core components to major new releases. It's been devastating to projects that say "just build the code when you need it", because components in the public repositories change incompatibly with other components in the public repositories. Every new modular software suite encounters this problem.

As an older programmer, I must admit I have no _time_ for the teething pains of extremely exciting new technologies. I'm afraid their extremely high performance or exciting early progress will be lost when they actually have to support sanitizing their input, or correctly handling lexical versus dynamic scoping. The errors are commonplace, and it's very easy to write a snippet of code that tests _really well_ on your local laptop and not actually use it under load or with real data. Building out the test suite is often left out and leads to some very expensive uses of bleeding edge technologies.

Slashdot Top Deals