Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment The money issue is not as simple as stated (Score 4, Interesting) 686

I've been taking my 18 year old to tour colleges as he will be pursuing chemical engineering. Engineering starting salaries across the board (chemical, civil, mechanical, and electrical) are between $50 and $70k.

The solution for many comp sci students is to double major comp sci with one of the above "demand" areas, pass the professional engineering exam, and then the money issue is a non issue. Computer skills are now part and parcel of every engineering profession, so getting paid well to do what you love (if you love computers) should not be difficult.

The challenge for people hell-bent on starting their careers as programmers (as opposed to computer engineers) seems to be that starting programmers are not worth as much.

[By the way, the number of girls on his engineering tours seem to be between 10% and 20%. In other words, nothing there is changing. My son's solution to the ratio issue is to attend a large university where there are more female students overall.]


Widenius Warns Against MySQL Falling Into Oracle's Hands 278

jamie sends in a blog post from MySQL co-founder Monty Widenius calling for help to "save MySQL from Oracle's clutches." While the US DoJ approved Oracle's purchase of Sun back in August, the European Commission has been less forthcoming. Widenius points out that Oracle has been using their customers to put pressure on the EC, and he questions Oracle's commitment to MySQL, saying their vague promises aren't good enough. He writes: "Oracle has NOT promised (as far as I know and certainly not in a legally binding manner): To keep (all of) MySQL under an open source license; Not to add closed source parts, modules or required tools; To not raise MySQL license or MySQL support prices; To release new MySQL versions in a regular and timely manner; To continue with dual licensing and always provide affordable commercial licenses to MySQL to those who needs them (to storage vendors and application vendors) or provide MySQL under a more permissive license; To develop MySQL as an Open Source project; To actively work with the community; Apply submitted patches in a timely manner; To not discriminate patches that make MySQL compete more with Oracle's other products; To ensure that MySQL is improved also in manners that make it compete even more with Oracle's main offering."

Zombie Pigs First, Hibernating Soldiers Next 193

ColdWetDog writes "Wired is running a story on DARPA's effort to stave off battlefield casualties by turning injured soldiers into zombies by injecting them with a cocktail of one chemical or another (details to be announced). From the article, 'Dr. Fossum predicts that each soldier will carry a syringe into combat zones or remote areas, and medic teams will be equipped with several. A single injection will minimize metabolic needs, de-animating injured troops by shutting down brain and heart function. Once treatment can be carried out, they'll be "re-animated" and — hopefully — as good as new.' If it doesn't pan out we can at least get zombie bacon and spam."

Programmable Quantum Computer Created 132

An anonymous reader writes "A team at NIST (the National Institute of Standards and Technology) used berylium ions, lasers and electrodes to develop a quantum system that performed 160 randomly chosen routines. Other quantum systems to date have only been able to perform single, prescribed tasks. Other researchers say the system could be scaled up. 'The researchers ran each program 900 times. On average, the quantum computer operated accurately 79 percent of the time, the team reported in their paper.'"

Submission + - Allow /. members to fund specific features? (roomberg.com)

managerialslime writes: "Ask Slash Dot:

The purpose for this letter is to present a suggestion for an additional path toward developing features for Slash Dot while also generating some additional revenue.

Several of my clients over the years have been small and medium software companies where the ideas for new features were endless and the programming resources always too limited.

In one, we would develop a cost estimate to develop a particular new feature and then mark it up 30% to account for both cost-overruns and a bonus pool for the programmers. We would then post a "Shared Dutch Auction." Under this scenario, each customer would bid the amount they were willing to pay for a feature. Customers who really wanted a feature badly might bid a quarter or half the cost. Many other customers might submit bids of a couple percent of the cost. (In that situation, 2% was the minimum bid.)

At any point where the bids covered the development cost, we charged credit cards for little customers and started sending invoices to the big ones. As soon as we escrowed the development cost, the programming race was on. (Coming in under the estimate triggered bonus distribution. Blowing the cost estimates meant we ate the loss. Theoretically, failure to deliver a feature meant giving back the money â" we never needed to.)

Under this approach, we knew that the features being developed were truly important to the customer base. (At least enough for payment.) The decision to which project to work on was easy. While at any time we took bids for many features, we only worked on one-at-a-time. The first task to be fully funded was the next project to be attempted.

I know the current path for Slash Dot improvement is through Source Forge. But as I work 70+ hours per week and also volunteer as a geek for the neighborhood recreation association, all I can offer Slash Dot at this point is a small donation here and there.

If my small donations were for features I wanted instead of "early reading," I might be tempted to make them, and make them more frequently. (Big point. Really big point. Yes, I am not kidding.)

I guess I could end the letter here, but while I'm at it, I'll list one of the many features I wish for that may or may not be important enough for your personal attention.

While I read a great many Slash Dot posts, I am hesitant in my replies. I develop every response in Word, check my spelling and grammar, and then usually wait one to four hours. I then re-read and re-edit most responses before posting via cut-and-paste. That is where the aggravation begins.

Even after all these years, (and with a comfort with HTML tags), my formatting is different enough from what I want to see that I spend too much time messing with tags (paragraph, break, list, ec.) and other spacing until my text is suitable for the reader.

While I don't mind carefully thinking about my post content, this fighting over formatting has always been annoying. (Annoying enough to think about how to incent Slash Dot to fund an add-in that would accept and interpret either MS Word cut-and-paste or RTF file importing.) (OK. Now you know. AN old fart with Attention Deficit Disorder and the /. editing skills of a moron. But we count too.)

For my part, I bid $50 toward such a feature. Not a princely sum. But allow a few hundred (or a few thousand) people to contribute to features THEY want to see and Slash Dot might benefit in becoming a better service. Once someone actually gets what they pay for, the reward might incent some to become repeat contributors in "virtuous cycles" of improvement.

Happy Thanksgiving.

Leon Roomberg
Site: www.roomberg.com

Slash Dot ID: managerialslime (739286).

Reader since 1998. Posting since at least 2004. (Sometimes it takes me a while before I have something useful to contribute.)"

User Journal

Journal Journal: Allowing \. members to bid $ for additional features? 1

Dear Commander Taco,

Thank you for Slash Dot and your years of service to the community.

I probably check in with the site more than 250 times a year and depend on it for clues about topics the technical press has missed (or which I overlook even though they are there).

The purpose for this letter is to present a suggestion for an additional path toward developing features for Slash Dot while also generating some additional revenue.

Comment Here is how I got some advice from a professional (Score 1) 264

Before you complete your plans for your upgrade path, you might want to hire a professional to review your infrastructure and assumptions. That is just what I did.

Before doing my upgrade, I wanted to be sure my infrastructure would be up-to-date with current standards. The following 2-part document first qualifies the person giving advice and then presents 25 questions I needed that person to answer.

(As each of the 254 questions are covered on the CISSP exam, a competent consultant should be able to guide you in the right direction.)

Feel free to adjust the estimates of person-hours for each task. The estimates below are for a company with about 50 servers, 50 network devices, and a WAN / MPLS covering a dozen offices across the US.

Good luck!

RFQ Goal: THE COMPANY desires to contract with a consultant who will, on an annual basis, review THE COMPANY’s compliance with its own security policies and standards. The consultant will summarize their findings in a brief report, including any recommendations for future improvement. In addition, as planning for a major upgrade is underway, additional recommendations for the upgraded system are expected.

Consultant Background: The consultant will be an individual skilled and experienced in this task. The consultant will have no less than five years experience in the information security field.

Credentials: The consultant must have at least one of the following credentials and furnish verification that the credential is current:

* Certified Information Systems Security Professional (CISSP)

* Certified Information Systems Auditor (CISA)

* Certified Information Security Manager (CISM)

Work to be Performed:

* THE COMPANY will send the consultant a Purchase Order authorizing the start of the engagement. Depending on consultant availability, the engagement is expected to take from four to ten weeks to compete.

* Supporting material review: Within two weeks of receiving a purchase order authorizing work to begin, the consultant will spend 6 to 8 hours reviewing any supporting materials provided by THE COMPANY (typically answers to prior security assessments) and developing follow-up questions.

* Estimated consulting time: 8 hours.

* Follow-up questions: Within four weeks of receiving a purchase order authorizing work to begin, the consultant will then email those questions to a designated contact at THE COMPANY and then read any answers that are returned.

* Estimated consulting time: 2 hours.

* Within six weeks of receiving a purchase order authorizing work to begin, the consultant will then spend up to 4 hours on-site at THE COMPANY’s data center, asking questions to validate readings.

* Estimated consulting and travel time: 8 hours.

* Within six weeks of receiving a purchase order authorizing work to begin, the consultant will use an industry standard tool of their choosing and at their cost, to attempt a penetration test of THE COMPANY’s system.

* Estimated consulting time: 16 hours.

* Within eight weeks of receiving a purchase order authorizing work to begin, the consultant will then use Microsoft Word to fill in a twenty-five question survey with their observations and recommendations and email their report to their contact at THE COMPANY. Any question not applicable to a security assessment may be left blank.

* Estimated consulting time: 2 hours.

* Within nine weeks of receiving a purchase order authorizing work to begin, the consultant will conduct a conference call reviewing their findings.

* Within ten weeks of receiving a purchase order authorizing work to begin, the consultant will The agrees to forward to THE COMPANY copies of all supporting documents and other working papers and products performed on behalf of THE COMPANY, and also provide THE COMPANY with an invoice for the amount agreed to in the Purchase Order. THE COMPANY will pay the invoice within fifteen days. Confidentiality:

* The consultant agrees that all information, working papers, and work results gathered and developed as a result of this engagement are the confidential property of THE COMPANY and will not be divulged to any other person or organization than contacts at THE COMPANY.

25 Question Security Assessment for (Company Name and location: )

Date of consultant contract:

Date of review meeting:

* Access Control

o 01. Categories and Controls

o 02. Control Threats and Measures

* Application Security

o 03. Software Based Controls

o 04. Software Development Lifecycle and Principles

* Business Continuity and Disaster Recovery Planning

o 05. Response and Recovery Plans

o 06. Restoration Activities

* Cryptography

o 07. Basic Concepts and Algorithms

o 08. Signatures and Certification

o 09. Cryptanalysis

* Information Security and Risk Management

o 10. Policies, Standards, Guidelines and Procedures

o 11. Risk Management Tools and Practices

o 12. Planning and Organization

* Legal, Regulations, Compliance and Investigations

o 13. Major Legal Systems

o 14. Common and Civil Law

o 15. Regulations, Laws and Information Security

* Operations Security

o 16. Media, Backups and Change Control Management

o 17. Controls Categories

* Physical (Environmental) Security

o 18. Layered Physical Defense and Entry Points

o 19. Site Location Principles

* Security Architecture and Design

o 20. Principles and Benefits

o 21. Trusted Systems and Computing Base

o 22. System and Enterprise Architecture

* Telecommunications and Network Security

o 23. Network Security Concepts and Risks

o 24. Business Goals and Network Security

* Penetration Test

o 25. Description of test approach, results, and recommendations.

Comment An attempt to actually be helpful (Score 1) 549

The poster asked a simple question: Is there a source for 24-27" monitors running at 1366x768 that are affordable and don't have all of the 'TV' stuff?

I then read more than 200 reply posts about changing font size in Word, Safari, and Firefox along with non-specific posts telling the poster to go out and "buy something," but not saying what. Unbelievable.

Here's my best shot at answering the question as asked:

Research the Hanns*G 28" monitor for about $336. (with 3-yr warranty)

If you set the monitor at 1280*1024, the "stretchiness" of characters at 28" may give you the visual result you sought when requesting 1366*768.

Source: http://www.amazon.com/Hanns-G-HG281DPB-Widescreen-LCD-Monitor/dp/B000TJV9KW/ref=sr_1_1?ie=UTF8&s=electronics&qid=1258467065&sr=8-1

Good luck

Comment Educate while looking for another job (Score 1) 1006

First, it is up to you to do your best to educate your executives about the real risks of disgruntled former employees turning in your employer in return for a portion of the damages they will be held liable for.

If your employer truly does not have money for MS Office and the like, it is up to you to present the free and inexpensive legal alternatives to 99% of what most users need. (For the rest of the stuff, either pay or accept the risk of shut down.)

If the ethics of your employer are that it is OK to screw your software vendors, there is every probability that they will eventually take other actions not in the interests of their employees, their customers, or their own long-term financial security.

You think Bernie Madoff STARTED big time? No, he got away with little stuff and eventually became the monster that ruined so many lives.

I've become a moralizing old fart and I feel just fine about it.

Submission + - Glenn Beck's Lawsuit Against Parody Site Rejected (mediapost.com)

app13b0y writes: An arbitrator has rejected controversial talk show host Glenn Beck's contention that the domain name glennbeckrapedandmurderedayounggirlin1990.com infringes his trademark. World Intellectual Property Organization arbitration panelist Frederick Abbott ruled Friday that the less-than-flattering domain name was protected by fair use principles because the URL, when combined with the site's content, constitutes protected speech. Eiland-Hall had argued that the site parodied Beck by using the same rhetorical techniques that Beck uses on the air. In legal papers filed on his behalf by First Amendment lawyer Marc Randazza, he referenced a YouTube clip of Beck interviewing Rep. Keith Ellison (D-Minn.), a Muslim, during which Beck asked Ellison to prove that he was "not working with our enemies."

However, after Eiland-Hall won the case, he transferred the domain over to Glenn Beck anyway.

Comment What management needs of you (Score 1) 301

As a System Administrator, I am charged with providing more insight into the functioning of the system ... What types of reports and information do other System Administrators submit to executives and on what frequency?

First, management needs to know what indicators they need to follow to know how to prepare for equipment and line replacements and upgrades. That includes staying current on the moving target of what constitutes "best practices" for network security and capacity management. If your utilization is low enough that there are no spikes to capacity, don't worry about charts and reports. Management wants to know about exceptions and opportunities and most other stuff is not of interest.

While your text implies a static system, are your backups not consuming more bandwidth each year? What will be the implications of moving voice and video onto your network? Do you have the granular levels of QOS required? Would file de-duplication lead to lower bandwidth costs and lower costs site-to-site?

You indicate your company's purpose is "web based irrigation management."

Is there anything you can propose about the use, and/or deployment, and/or expansion of your network that would make your company an ever better choice for your customers?

Are you at the end of your contracts and can you combine voice and data lines and cut costs?

Could your network be expanded to provide any of your customers with bandwidth and service they don't get now?

Could you save your company money by outsourcing any part of your network or could you bring in more revenue by marketing your extra bandwidth to to others?

In general, what intersection might there be between things your team does best and challenges annoying your customers?

Combine your technical expertise with any knowledge you can develop about your employer's industry and opportunities and your contributions may increase in their value.

I hope one or more of these questions leads you to the answer you seek. Good luck.....

Comment not be a perfect meritocracy... (Score 1) 411

Which means that children in the lowest 1/5 of households have an even shot at moving halfway across the class spectrum. It may not be a perfect meritocracy, but it's no caste system, either.

In the high school that my children attend, there appear to be few poor families. The remainder seem to be split largely between middle class families with white collar jobs (i.e teaching, sales, programming,) and professional class families whose income may be the same or many times higher (i.e. law, medicine, executive, and accounting). 98% will graduate high school (U.S. Grade 12) at age 17 or 18, and more than 80% of them will eventually graduate from college. (Bachelor's degree or better.)

In the adjoining poor city, more than 90% of the families live below the poverty line. Their incomes often combine government assistance with low paying jobs. 75% of children born in that town will drop out of school by age 16, and a trivial percentage will graduate from college. A frightening number of these children can not read or write and will never rise to median incomes.

The rare children produced by the poor who find themselves raised by wealthier suburban families seem to succeed in life on par with other children raised in the suburbs.

As a result, it may be more accurate to acknowledge that while the US does not have the caste divisions found in India, that we are still far from the meritocracy envisioned by so many of our founders.

Comment Are petitions private business? (Score 1) 1364

. . . Signing a petition is very similar to voting - it's no one's business how I mark a ballot, nor is it anyone's business that I signed the petition. . . .

You bring up what may be important questions core to this topic. Are petitions public property or legally private (privileged) information? Is this different from US state to US state? Are the US practices different than those in Canada and Europe?

I'm not asking about your opinion (which is very clear). I am asking if anyone reading this string actually knows the relevant law. (I don't know and my limited search turned up nothing.)

Comment There are already workable solutions... (Score 1) 501

Every iPhone today sold is an immediate drain to AT&T's bottom line, leads to deterioration of the AT&T network, and reinforces public perception that if they only had Verizon, their calls would just stop dropping.

Were I the CEO of Verizon Wireless, right now, I would privately do everything I could to give Apple a hard enough time that they would stick with AT&T as their exclusive US provider. I would then do nothing to dash the wishful thinking of iPhone fans who fill up slash-dot and industry logs with wishful thinking that Verizon even wants to offer the iPhone at the end of Apple's current contract agreement with AT&T.

I wish AT&T well and fell sympathy for the no-win situation they are in. They are already in the midst of a multi-billion dollar network upgrade. Whether they can build enough new bandwidth to get ahead of the demand curve in the next one or two years is doubtful.

Right now, I not only have a conventional smart phone with Verizon, I have traded in my cellular USB air-card with for one of Verizon's "Mi-Fi" (MiFi2200 Intelligent Mobile Hotspot.) http://www.verizonwireless.com/b2c/store/controller?item=phoneFirst&action=viewPhoneDetail&selectedPhoneId=4726

Wirelessly supporting up to 5 devices within 4 meters of my backpack where the Mi-Fi lives, it not only connects my laptop to the web, but my iPod Touch as well!

So.my cell phone works with clear calls that do not drop and my iPod Touch works as a neat gizmo that draws on the Verizon network.

Yes, it means I have to own an extra device, but geeks like me won't settle for a single device that gives crappy results.

Comment Do you care about total cost? (Score 2, Informative) 557

I'm going to leave the longevity and O/S driver issues to the other posts as they have done a great and humorous job.

Instead, I'm going to present a different perspective.

You state that you printed about 30,000 pages over 16 years.

Rounding up, printing 2,000 pages a year on an old used HP Laserjet II, II, or IV might cost you between $0.10 and $0.12 a page when you calculate the cost of energy and supplies even if you get the printer for FREE. That amounts to between $200 and $240 per year. (FOREVER!)

Newer energy-efficient printers from Samsung, Dell, HP, and others print black-and-white pages for about $0.008 (yes - less than a penny a page) and color pages with saturation averaging 15% at between $0.08 and $0.12 per page. In other words, if you do your homework and spend between $150 and $250 in year one, your subsequent years may cost you between $16 and $30 a year depending on your print mix and volume.

Right now, I support a wide mix of new and old printers. We have a few legacy apps with weird drivers that require us to print only to HP Laserjet 4's. Until we re-engineer those apps, we buy old replacements on Ebay. The HPLJ4 energy draw is enormous and some employees that use them at home have reported flipping breakers and restarting cable boxes as all the lights in their home dim during warm-up prior to the first page of each print run. Yes they are solid. But operating costs are higher than new machines and this is not environmentally friendly.

On the other hand, if you live in a building with older electrical service and would enjoy aggravating others....

Slashdot Top Deals

You can tell the ideals of a nation by its advertisements. -- Norman Douglas