Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Master Cow, my New Age Bull said this (Score 1) 189

Humans are all too easily addicted to the Shiny Thing, all too easily placated, and all too easily rendered docile, like a chickens neck is stroked before being broken. Humans are too content to be made cattle, and look where allowing themselves to be cattle farmed led Cowkind. #Moo

Comment Repeat After Me (Score 4, Insightful) 507

If you value security, don't run the mission-critical parts of your infrastructure on a general purpose operating system like Windows, but rather run it on a minimalist, locked-down OS that has _only_ the facilities needed to do its job. The update carousel is a nightmare. If you want to ensure your Windows box doesn't sporadically reboot during a long unattended operation in order to update, what do you do? If you want to lock Windows down so it can only do the job to hand, and nothing else, you're screwed. If you run mission-critical stuff on a full-featured general purpose OS (and the same can be said for off-the-shelf Linux distros like Ubuntu and Fedora), you are kinda asking for it.

That this idea is older than me, but is ignored, is laughable.

Comment Microsoft are heavily to blame (Score 0) 324

By heavily marketing Microsoft Windows to the point that it is used, in a capacity where it can run things like Minecraft, in mission-critical IT infrastructure, they have done much to bring the current situation about. Mission critical IT infrastructure should be decomposed as a system of well-defined, hardware-isolated roles, each of which has only the authority necessary to do its job, and nothing more. (This is the principle of least authority.) There is more profit for Microsoft and major IT consultancies in just pushing Windows. Indeed Linux, in its 'desktop' flavour is no better. But Linux, being open-source, is sufficiently customisable that, as in Android or embedded uses, you can remove as much as you like.

For example, there is no need, in a patient records system, for the facility to arbitrarily create, overwrite, and delete files. If you have one machine that stores important details, another that categorises records stored by the first, and another that reads back the result, and can do nothing else (such as run Microsoft Word or Minecraft), then there is simply far less to go wrong. But systems need to be architected around this. The current trend to maximise 'bang for buck' has led to maximising flexibility and agility and, with it, maximising the flexibility and and agility offered to attackers and, thus, maximising vulnerability.

Microsoft and other proprietary software vendors, in pursuing their market positions, have done much to bring this situation about, and only when we learn that a general purpose OS is not a good idea for actually running mission-critical infrastructure (even while they are great for designing and programming them), will we start to get out of this mess of 'cyber insecurity' that we find ourselves.

Comment When will people get it... (Score 1) 197

When will people get it that, with a mission-critical computer system, it should have no more ability or authority to do _anything_ than it needs. If you computer is only there to do your financial stuff, the it doesn't need to be able to run Minecraft, so it should not be able to run Minecraft at all. Having a single all-things-to-all-people OS that, once booted, can do anything and everything, and is so complex that even its manufacturer can't track all the bugs and holes, and nobody else can even tell if it works, just so MS and other vendors have hid-e-holes to put their copy protection stuff in, and you can run Word, Minecraft and watch your Kitten videos on the same machine... that is just plain fing asking for it. (Linux isn't really much better _except_ that you can, and people do, produce tailored versions with extraneous stuff removed, and if you want to see the code for every last bit of software running, you can.)

Principle of least privilege (or least authority). For mission-critical stuff this is a must, and that precludes a general purpose OS like Windows or a typical Linux distro.

Comment Control, control, control... (Score 1) 450

The trouble here is that the study hasn't controlled for the _quality_ of code written, and the knock-on consequences. If, for some reason, the female part of the workforce that facebook has happens to be producing lower quality code compared to the average (and _why_ this is the case then needs to be looked into, not simply put down to gender), then naturally the knock-on effect of that is, assuming rejection of code is fair, both women rising more slowly through software engineering ranks (assuming the ranks are done solely on merit), and also women's code being rejected more. Each of these possibilities leads to more questions, and the trouble is that you have an awkward choice of either publishing a study where significant factors haven't even been identified, let alone controlled for, or else trying to do it properly, and either coming up with something inclusive, non-headline-grabbing, and basically forgettable, or else failing to produce something to publish at all. This is one problem that plagues much of the modern world.

I do think there is still a significant gender bias against women, but this kind of 'study' does little other than wave the flag for that. When the contribution of variables you haven't controlled for dwarfs the trend your analysis has picked out, and these 'not controlled for' variables are not statistically independent of your experimental variables, then for all practical purposes, whatever 'signal' you have picked up, is basically swamped by noise. Only when the 'can be explained by noise' explanation can be eliminated can you really confidently claim a result.

So I can believe there is a bias against women, but this sort of study is not going to convince me of anything.

Comment Re: Becaue you aren't offering to do the work. (Score 1) 388

Terms I use here are 'cognitive load' and 'learning fatigue'. But as an example, you don't ditch a car or PC and buy another one simply for small marginal improvements. Our capacity to learn and adapt is a limited, albeit vast resource. The modern world, however, has expanded like a gas to fill the available learning capacity, and too few care about this, myopically focussing on one 'pet trademarked feature' after another.

Comment Hmmm (Score 4, Insightful) 163

"Tasks that previously would have required the Mac Pros of old are now being well addressed by today’s iMac."

And creative tasks that require a high-end machine, where once creative pros would turn to Mac Pros, are now being well addressed by high-end Windows workstations, that, you know, allow newer CPUs than Sandy Bridge.

Slashdot Top Deals

Get hold of portable property. -- Charles Dickens, "Great Expectations"