Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:The view fails to account getting &*#@ed (Score 1) 250

Ditto, almost every bit of advice from a boomer has been bad advice.

Every year, houses increased more than 4x my annual savings, even when I packed away $80k/year in after-tax savings, it wasn't enough to make my downpayment more effective than if I bought 20 years ago.

The lesson is the rules will change to suite the majority. The millennials will do fine.

Comment Re:What is it? (Score 0) 109

So that you can use GNU software without straightjacketing yourself into a Linux desktop.

See the summary

Web developers have been relying on MacOS for years to get a decent Unix environment. MS is looking to take that market before Apple comes to their senses and starts manufacturing hardware again.

Comment Re:this is why you need two factor auth (Score 1) 237

I've never seen a DC without 2 factor authentication. The second factor usually being a fingerprint, and implemented in a mantrap. If your rubber finger doesn't work, and you don't have a good explanation for the guards, the doors won't be opened until the police arrive.

Comment Re:this is why you need two factor auth (Score 2) 237

Infosec teams often have direct read-only access to equipment and audit logs to central servers, with alerts on use-cases such as turning off logging, modifying account permissions etc. etc. In some circumstances even command history is logged.

It's hard to imagine why infosec would conspire to hide an account. If it has a good reason to exist, the case can be made to the CIO.

It might be possible to circumvent this stuff if you have physical access during a network outage, but your card access logs would still be in the system, it just might take a couple years for it to turn up when people investigate "how did the back door get there?" and it may be enough to put you in prison.

Comment Re:24/7 job (Score 5, Informative) 513

That's exactly what IBM did. It even ended pager-pay... since we were always on the clock.

For reference,

Information technology professionals are not entitled to overtime pay.

And my favourite:

Information technology professionals are not covered by the daily and weekly limits on hours of work

From what I could find, these were laws meant to cover fisheries and agriculture, where the seasonal nature of the work meant that the only time you would work on a harvest or catch was when there would be work. It was understood that the nature of the work was feast-or-famine, and it was paid hourly. If they had to pay overtime, they would be paying nothing but overtime. Strangely, the rules also included accounting, some screwball argument that month-end and year end was a busy period and that people could take time in lieu or have downtime between busy periods.

Somehow this slippery slope was extended to IT. As a salaried employee, it meant they could pay you *nothing*.

Thank you Dalton McGuinty.

Comment Re:Infosec professionals (Score 1) 498

Alicebob, ALICEbob, aliceBob, aliceBOB, ALICEBoB, AliceBob....

But then, we're talking about systems which usually require three character classes, so more likely:

AliceBob!, Alic3bob, AliceB0b, Alice1Bob, alice-Bob, Alice!bob, alice4Bob....

All of this assuming a twit user who's intentionally trying to pick something weak.

"something better" is more likely trust relationships or automated secret management in the form of tight password manager integration. I don't think it unlikely to see this in the next 10 years. Some people have it today. You might say a 64 character random unicode string is still a password, but it's getting tough to distinguish it from a more arbitrary shared secret.

Slashdot Top Deals

Never call a man a fool. Borrow from him.