Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Instability is the new normal? (Score 3, Insightful) 147

I've been on the Windows 10 Insider program for quite a while, and keep one work machine on a stable build and the other in the Fast ring. For a lot of our production machines, we're going to go with the next spin of Long Term Servicing Branch for just this reason. I'm not happy that you have to give up all feature updates for years in order to get an OS they're not going to be changing behavior on every month.

Having seen both the stable and super-new builds running similar application loads, it's obvious that Microsoft is skimping on code quality in both, sacrificing it for fast feature releases. However, very few "breaking" bugs make it into their stable (CBB) builds. I'm not happy that the home consumers have to deal with these though...they have no choice. And when it's something like breaking wireless, that's a big deal -- most users are at least on laptops now if not tablets.

On balance I think they made the right decision for the overall market on patching. Unpatched Windows home machines are just asking for ransomware or a botnet takeover, and consumers have no clue how to manage their machines. For business, I think they made an OK compromise, but wish they would make the updates not be all-or-nothing. The user population I support runs hundreds of applications from sources we don't control, and right now on Windows 7 we get a few security updates a year that break them, some in ways we can't fix without getting the vendor to make a change. In the old pick-and-choose model, we would figure out which monthly updates didn't break the application set and apply them, then wait for a time we could apply the "bad" ones when an application drops off the radar or gets fixed.

Comment That's why script execution is off by default (Score 2) 118

PowerShell isn't a scripting language in the traditional sense -- it's a whole ecosystem that can expose the entire machine if you have the rights, and perform extremely complex stuff on the user's behalf. If you can convince someone to remove the execution protection and run a script you provide, it makes for a very easy malware-distribution utility because it can basically do anything the native OS can, call .NET code directly, grab data from URLs, have JSON conversations, remotely manage other machines on the network and so on. The out of box settings are to only run digitally signed scripts and not allow scripts to be run from remote locations, but it's very possible to just run "Set-ExecutionPolicy Unrestricted" and drop all the protections...then the code you run has all the rights your user account does.

I've mentioned this before, but PowerShell is one of those things that Windows admins are slowly adopting, simply because the alternatives have worked well in the past and are easy to get the basics down in. Those alternatives are disappearing on Windows, so there will be a phase where these kinds of attacks could be very prevalent. It's a little bit like TLS certificates for internal applications -- many admins I know will do the absolute minimum required to stop the browser from showing a certificate error, then run away screaming. And that kind of makes sense -- unless your job is web programming or you're a PKI expert, the details of certificates are very complex and not well documented in an easily digestible form. Like certificates, PowerShell has a really steep learning curve before you can do really useful stuff in it. The basics are easy, but learning to think of every command as returning objects rather than text output you have to play with is a big jump for some people. Makes perfect sense for developers, but less sense for IT people or cross-platform people used to dealing with files and text I/O streams.

Comment Interesting data mining opportunity (Score 4, Insightful) 53

Microsoft could use the LinkedIn platform to sell ads, and do targeted "advice placements" from weasels like Gartner, but there's also an interesting company-focused opportunity. If they can guarantee that users work for a company (maybe through O365 logins, or Azure AD joins of Win10 machines users post from?) they can sell behavior monitoring of a company's employees. HR departments would probably pay dearly to find out who's looking for work, likely so they can increase their efforts in managing them out, but maybe to signal to managers that something's not right. Companies might also want to use analytics to make better guesses on how much other people are getting paid for the positions they're offering. Right now, there's so much secrecy around salaries, and companies would love any tool that allows them to prevent giving out the occasional above-average offer just because they don't have perfect information.

I work on the systems architect side of IT, so I do both technical and some business work and I see how both groups of people use LinkedIn. For those who use it, techies use LinkedIn as an always-updated resume and contact list. Business types, especially marketers or consultants use it as a narcissistic self-promotion tool, more like Facebook than a utility service. I run in the techie circles but have plenty of LinkedIn contacts from the other side -- it's amusing to watch them posting some lofty inspirational MBA article, then falling all over each other to shower praise for their contact's "visionary thinking" etc. It's a useful display of the other side's typical behavior, and a good indication of how much a technical opinion of any kind is going to be respected. (Hint, to make a technical argument with a business person you have to wrap it in all the MBA and consulting BS these LinkedIn narcissists post.)

So yeah, I'm not 100% sure what Microsoft's got planned for LinkedIn, but I think they're just trying to gather up as much data as they can to feed the analytics machine. The Watson-style AI being sold by IBM and friends to gullible executives is this decade's free money machine for management consultants. Remember, if you can't measure it you can't manage it!

Comment About time (Score 1) 83

I know a lot of people are thinking this is the first step to forcing people to pay HP by the page for their printers or something, but FTP and telnet have been on JetDirects forever, back when they were big chunky boxes you plugged into the parallel port of your LaserJet 4si. I doubt much of that JetDirect code has changed in decades, given what I see when I have to FTP to the odd printer to send it firmware or something.

I guarantee the main motivation is to make it so that HP doesn't have to keep patching security holes in a printer NIC OS that is probably 20+ years old at its core. A lot of people forget the following two caveats about network security when it comes to printers:
- Most organizations still think anything on their side of the firewall is 100% trusted.
- There are massive amounts of public-IP printers out there (think universities, large companies, government agencies, etc.) The big state university I live right next to has a Class B range just for its CS department.

In either of these cases, having a reasonably capable OS fully accessible with no password in most cases provides a very useful jumping off point into the network. HP, like every other big tech company, is gutting all their technical personnel and offshoring most routine work, so I imagine the key driver is to make it less likely people will find security holes in a product that doesn't get any love anymore, but is deployed literally everywhere. For the few places that have some archaic system that manually FTP PUTs jobs to the printers, they can turn it back on, but hopefully those are few and far between!

Comment Deinstitutionalization + Social Media + Guns = ? (Score 5, Insightful) 788

It's interesting how much these fake news social media campaigns are drawing out the nutcases. It makes sense, social media tools are designed to reinforce one's beliefs and continuously show you things that interest you -- as well as relevant ads of course! I could definitely see a conspiracy nut get hold of an idea from Facebook or Twitter, then have it keep popping up in his feed over and over again, then have his friends repost it, then see streams of tweets reconfirming their beliefs.

Social media in this case is kind of like conservative talk radio, in that the most devout listeners to it seem to get locked into a feedback loop over certain ideas, never to change them again. Their host is angry, gets the listeners riled up and the audience feeds on the anger.

That said, this whole story is a pretty sad statement on how we treat mentally ill people these days. New York (where I live) is completing the process of shutting down almost all of their custodial-care institutions and dumping people out onto the streets. Basically, you'll need to be Hannibal Lecter to get an inpatient psych bed, so you'll likely end up in prison instead -- or if society's unlucky, you'll just sit there stewing for years until something makes you snap and shoot up a pizza place. I'm not saying we should go back to the bad old days of locking people up for depression, giving them lobotomies or abusing them...but I do think deinstitutionalization went way too far. People should be able to seek a diagnosis for mental illness without stigma, and get treatment if they need it. I'm convinced this is why we have so many mass shootings in the US. Look at Adam Lanza (the Newtown guy) -- according to all accounts, his mother basically hid his developing mental illness for years and refused to accept there was a problem. But, the sad thing is that even if she had sought help for him, she wouldn't have been able to get it.

Comment Amateur hour strikes again (Score 1) 133

OK, the ISP in question should have known that this guy was a sysadmin and revoked all of his credentials as soon as he was terminated. But, even if I have a key to my old house, I can't just walk in, turn on the TV and make myself a sandwich when someone else owns it (or is renting it from me.) That part of the story is why the jail time is warranted. Sysadmins should be professionals...yes, I know very few businesses treat them as such, but acting professionally is the first step to being recognized as one. I've been doing this for quite a while, and have experienced capricious firings, offshorings and layoffs. The way to deal with it is to go have a couple beers then find another job...not use your old (admittedly still valid) credentials to get back into your employers' systems and get some petty revenge. This stuff gets even more interesting when you're talking public cloud -- in that case if you have the right access you can just fire off a script to erase every service and VM your company has given you control over, along with backups, all over the Internet.

Whenever I leave a job, I've been very careful to show that I've removed all my access to anything...it's a good way to say "everything else from this point on is the new guy's fault." I've been at my current employer for a long time, so I do the same whenever I change projects and don't need access to the things I was working on last. However, given the brief description of this guy, he sounds like he indeed has personality issues. I've worked with people who take the slightest criticism as personal insult and make absolutely no attempts to work with others, but they're kept on because they are in control of a key process or have some other nugget of knowledge they haven't been forced to share. I know it's IT and we folks who are good at it tend to be a little "different" -- that goes double for me. But I'm not saying we have to be buddy buddy with the coke-snorting strip club-going salespeople...just decent humans to work with. Do just that, and chances are you won't be fired for not being "a team player" if you're any good.

Comment Not in law, finance or healthcare (Score 1) 260

The industry I work in (air transport/airlines) has a few things holding it back from being paperless. Non-paper bag tags are only starting to be adopted, and aren't universal. Paper boarding passes are optional these days provided people have mobile check-in apps on their phones and choose to use them. I'm still old school and use paper boarding passes because it's easier to get past the TSA...one less bulky thing to present. (Back when travel agents were selling tickets directly to consumers instead of the consumers booking on the web, the airlines required paper tickets. Tickets were highly controlled documents, since getting your hands on a blank one used to mean you could write yourself a ticket to anywhere and have a reasonable chance of it being accepted!) There was also a huge set of manual processes at each airline to match boarding pass stubs with flight coupons to do the accounting and interline reimbursements...this is mostly gone. A lot of paper is also required to comply with regulations.

The other industries I can't see going totally paperless in the near future are law, finance and healthcare. Electronic signatures, when done right, are secure but not as "believable" as a signed, notarized legal document. Imagine showing up in probate court with a contested estate - will the judge believe the person with the document or the one with an e-signed thing on their phone? Finance may go sooner, with paper checks rapidly disappearing, but large transactional documents like mortgage notes, CDs, etc. fall into that "I have a paper document, so it must be true" category. Finally, healthcare -- I've heard so many stories from colleagues who do healthcare IT. Electronic health records exist, but the standards that exist are loose enough to allow each vendor to make their EHRs slightly incompatible with other vendors' EHRs. So, office staff defaults to faxing everything between doctors' offices. That's why the fax machine (or its virtual IP abstraction) will never die -- for whatever reason it's still considered the only secure way to transmit patient information electronically.

Comment That's one way to increase adoption :-) (Score 5, Interesting) 280

As a long-time Windows admin/systems guy, I think it's definitely time to do this. The batch language is very easy to use for procedural scripts, but in the world of things like desired state configuration, API-driven everything, etc. it makes sense to have a scripting language that basically makes the same calls a compiled program would.

I think the two major drawbacks that are presenting a learning curve are the syntax and the "scripting Legos" aspect. Syntax is...interesting. I have tons of cross platform experience so I have good understanding of lots of command languages. PowerShell's syntax is like DCL (the OpenVMS script language,) Bash and Perl got together and had a 3-parent baby. It's extremely verbose a la DCL, yet extremely symbolic like Perl, and has Bash-like constructs in there as well. Once you get used to it it makes sense, but there's definitely some learning before you're proficient enough to write full redistributable tools in it. The other thing that puts a lot of people off, but that's actually great about it, is that commands don't output text and you have to think things like object types. Bash, batch files or VBScripts have to include tons of logic to parse output, read/write INI files or XML data, etc. That gets reduced to a single statement -- want a CSV of the output? Export-Csv replaces tens of lines of function code to open a file, construct the strings and write them out. It's awesome but very different from the craft-your-own days....just like writing modern software, it's just gluing someone else's code Legos to each other and interfacing with APIs. It's hard to tell what you should be writing and what is already written for you and you're just assembling if you're used to building it all yourself and manipulating stuff with sed/awk/grep and friends.

That said, it's definitely time for Windows admins to get on board with PowerShell. Admins that survive the next transition are going to be managing thousands of servers or microservice instances at some IT provider. You can't manage systems at that scale by manually connecting to them and tweaking things. It's the same thing with Microsoft's Azure service -- it's been developer focused from Day 1, and admins are just now getting documentation that's even somewhat tailored to their experience. I know DevOps is the cool new buzzword, and every admin should have some basic coding skills under their belts, but it's hard to take someone who's been taking care of systems and telling them to treat them like software deployments. This is going to be the next big leap for systems guys now that software defined everything is pretty mainstream.

Comment Makes perfect sense - it's their next phase (Score 4, Insightful) 202

Microsoft is completely done selling operating systems and software the way they were previously. Everything they're doing is 100% dedicated to getting people over to Azure, spending money by the hour forever rather than getting a one-time license payment. The company I work for is building a huge new project in Azure and it's amazing how much money Microsoft makes just by keeping data centers running on their services from failing...the bills are thousands per month and we're a tiny customer.

If they can make that much money just keeping the power and Internet flowing, why not outsource the development of operating systems to Linux? In that case joining the Linux Foundation makes sense. Windows Server 2016 is probably going to be the last "boxed" release of server software from them -- the push is to move workloads to Azure Service Fabric and rebuild everything as microservices anyway. All of their products are moving to the "Azure first" development model -- release everything to Azure first, then box it up as of a certain date and ship it to customers who want to pay for on-site licenses.

In about 10 or 15 years, Microsoft will be where IBM is now -- they will have an assured stream of perpetual revenue coming from customers who aren't locked into a particular OS, but are locked into them as a service provider. (True, you can switch cloud providers, but did I mention they're making it insanely easy for Microsoft customers to migrate in from the on-premises world?)

Comment Dotcom Bubble 2.0 here we come!! (Score 2) 55

It's definitely nearing the top of the bubble again. I'm not totally surprised Snapchat is trying to desperately IPO and get their founders cashed out before everything pops. Maybe they've learned something from history -- the late 90s was full of companies whose sole strategy was to rush a website or e-commerce offering out, then IPO or convince an established company to buy them out. Or, maybe they saw Twitter couldn't sell itself to anyone and want to hurry up and get their money out.

Everything "consumer social" is pretty saturated these days by Facebook and Twitter, so maybe it's a strategy to convince Facebook to buy them rather than actually going through with the IPO. The next big mini-bubble is "workplace social" -- Slack and Atlassian are all over that one and there are going to be billions wasted before people figure out that very few non-hipsters (in any age bracket) want a mash-up of Facebook and SharePoint as their primary work tool.

I think the big difference about this bubble is that it's going to last a longer time and sort of deflate slowly rather than pop. Ironically, that's because of cloud computing. These bubble companies are running on Amazon or Google or Microsoft cloud infrastructure and they don't have fixed costs like the late 90s dotbombs did. They don't have to buy a data center and servers -- the VC money is being used to rent them from providers. Companies can live a lot longer when there's no fear of a hard stop when you simply run out of money. It's too bad, because there was a ton of infrastructure items on the eBay market from bankruptcy sales last time around...not this time!

Comment China in 2016 = Japan in the late 1980s (Score 2) 29

As far as IDG goes, they're the old guard computing trade publications from the print era (Computerworld, CIO, InfoWorld, etc.) and run a bunch of marketing shill companies that put on trade shows. I wonder what the Chinese want with them...I can't remember the last time i sat down to read some of their publications. I'll check out an article here and there but I'd hardly call them the authority on fresh cutting edge tech news.

I've seen a lot of stories lately that go something like "Chinese firm buys American firm in mega-deal!!! OMG disaster!" I'm just old enough to remember when the US was freaking out as Japan bought very large, symbolically important American companies and properties at the height of their economic bubble. It was certainly worrisome enough that MBAs were being encouraged to learn Japanese, for example. And that kind of made sense -- in 20 years they had managed to break the domestic automakers' virtual "triopoly" on car manufacturing and produced some seriously good consumer electronics, so there was definitely consumer-level recognition of their rise.

I guess the only thing that's different is that China has a huge population advantage and a...more involved...central government. One of the advantages they have is that, while they're basically a market economy, they retain full control over some key economic and society levers. In their case, something that would take years of fighting and compromise to make happen here is done basically at will. Imagine trying the "mass migration" that China is working on in the US...moving hundreds of millions of peasants to the cities to stimulate growth. You'd have a revolution on your hands here if you tried to move someone.

Comment Doesn't matter the side...it's still fake news (Score 5, Interesting) 470

I'm very left leaning, but do understand the importance of an objective, unbiased press. What people aren't getting is that Facebook is the press for the 21st Century. I feel they do need to realize this and figure out some way to deal with it. Otherwise, this problem is going to get worse and cause a huge mess.

Back not so long ago, there were three news networks and a handful of "newspapers of record" that served as almost the sole authoritative source of information for most people. If something made it into the New York Times or Washington Post or Boston Globe, the story was at least believable and researched. it didn't get there just because some reporter bashed some keystrokes into his smartphone without thinking and hit Send. But, this is exactly what happens with Facebook and other Internet publishing media. Fringe groups (on both sides!) who would previously never get the time of day are suddenly given the world's biggest microphone and access to almost the entire population. Using sophisticated, polished publication techniques they can produce whatever content they want and call it unbiased news. Twitter is an even more interesting beast, in that you get access to unfiltered streams of consciousness. Not that it did any good, but look at how many times Donald Trump took to Twitter at 3 AM to personally insult a person or group of people...people loved it.

Why is this bad? I hate to say it because it sounds elitist, but people as a whole are dumb. There's just no getting around it...the average person is much more likely to be swayed by something they see on their Facebook news feed. And since Facebook is an echo chamber, and hones in on exactly what you're interested in, "your" messages keep getting reinforced. Humans are animals, and civil society gets way less civil when people are screaming at each other as loud as they can.

The thing I don't like about this social media revolution is that it brings out all the crazy fringe people on both sides who do things like incessantly post angry comments to news sites or spend hours a day listening to conservative talk radio people...and gives them open free license to yell whatever they want as loud as they want. Over time, moderate people are going to drift over to these extreme sides in an effort to be heard.

Comment It might be like war production (Score 2) 742

Magically re-creating the entire lost supply chain for every single good China produces would probably be similar to what would happen if we were actually involved in a World War III style scenario with them. If the country had to, immediately and overnight, consider China a dead country in terms of production capacity, some pretty serious interventions on our side would have to happen. During World War II, the military basically requisitioned the entire production capacity of the country because they couldn't build equipment and supplies fast enough. Good luck getting a divided country to get behind government intervention and possible rationing of goods. You couldn't buy a car during most of the war years, let alone fill it up with gas on your schedule...all of GM, Ford and Chrysler's production was redirected to making tanks and Jeeps. Food, rubber and other products were also rationed because there was just no way to satisfy the war demand and it wasn't safe to ship things across the ocean.

Remember, we have almost no native capability to manufacture small, cheap items anymore...that went away ages ago. We make lots of cars and airplanes, but not too many (if any) consumer electronics or appliances. I would imagine it would take a lot of intervention and incentives to get rare earth metal mines reopened, steel mills reactivated, and goods manufacturing basically force-restarted. It would be a very interesting experiment if it worked, but I highly doubt everyone would sign on unless there was a direct threat to our existence. It would be very strange -- iPhones for America and all that, complete with the patriotic posters.

Comment HPE/EDS offshoring the mainframers? (Score 3, Interesting) 17

"Computer Issue" is a bit vague. I wonder what actually happened?

Sabre is pretty damn bulletproof. The core of it is ancient mainframe code that I'm sure hasn't changed since the good old days of zero-downtime systems. The upper layers, of course, have been replaced with something a little more modern but the model is still the same. It's so much the same that things like terminal screen layouts, message formats, etc. can never change or all dependent systems/services/layers must be changed to work around the change. Somehow I doubt the mainframe itself failed -- systems like that are designed to handle multiple component failures. Unless it's environmental, I'd imagine the issue has something to do with code changes or something that breaks that tower of dependencies.

What I do know is that Sabre's data center environment was run by EDS, which is now HPE, and which is soon to be CSC. I wonder if, in true IT services company fashion, they just started randomly laying off senior mainframers and sending the work offshore. This is extremely common everywhere in airline IT. Airlines are surprisingly low margin businesses, and there aren't too many people who know how the crazy web of old and new airline IT stuff works at a super-senior level. There have been a lot of high profile cases with UK banks who are heavily mainframe dependent (RBS, NatWest, etc.) who have been taken partially or completely offline due to mainframe upgrade failures associated with offshore IT workers. I wouldn't be shocked if this was something similar, especially with EDS/HPE/CSC involved.

I'm about 20 years into an IT career and have had the extreme luck to work in environments that have a healthy mix of old and new. Core TPF stuff will eventually go away but it's going to take a Herculean effort and a target environment as bulletproof as the mainframe it's replacing to work out right. In the run-up to Y2K, anyone knowing COBOL and other "senior" languages and platforms had a nice window of opportunity to deploy fixes. Now, I think the opportunity is bigger with all the mainframers who actually know what they're doing set to retire. Problem is, you'll never convince a recent grad to learn this stuff -- everyone's chasing the latest RESTful JavaScript based framework. Speaking from experience, anyone willing to work with a mix of technology is very useful to the right company/industry; I think IT folks should be really working on their generalist skills!

Comment This will be a very interesting experiment (Score 4, Insightful) 320

Growing up in a Rust Belt city, I watched as most factory workers got thrown out of work when factories moved to the South, then offshore. The next 4 years may or may not be a very interesting economics experiment depending on how many policies Trump implements from his campaign promises. The loss of stable high-paying manufacturing jobs has a devastating effect on the locations they hollow out when those workers aren't paying taxes, buying things locally, etc.

If he does succeed in building the wall, deporting immigrants and taxing foreign imports, how much of a tariff will be necessary to convince manufacturers to make goods for the US market in the US? I know India has a similar setup -- it's very expensive to import foreign goods to India, and manufacturers are responding by setting up plants in India. Unless there's absolutely no way around it, and the tariff is set at a punitive level, manufacturers are just going to say "tough" and raise the price of their goods to cover the cost.

I know all the arguments are against me on this one, but I would definitely like to see all the manufacturing come back. People say we're one of the top countries in manufacturing output, but the reality is that this is due to high dollar items like airplanes and weapons systems. I'm an educated person, working in a non-factory job for a non-manufacturer, and I see the need for this. The country needs to be able to dump low-skilled people directly out of high school into a job that will pay enough to sustain them and their families over a lifetime. Don't concentrate so hard on educating everyone -- some people can't handle it and don't want to be...look at how many students are just barely graduating college and not actually absorbing anything. I graduated high school in 1993, and even by that time the only route to a stable life without a college degree was to get a union apprenticeship in a skilled trade. This is still viable, but only in union states and it certainly doesn't pay the same as it used to.

College should be available to those who want it at a reasonable cost, but having it be the new minimum standard to be considered for any type of employment is crazy. Bring back old school factory work, and allow those who can't handle education to work in a steel mill, shipyard or car plant.

Slashdot Top Deals

The trouble with a lot of self-made men is that they worship their creator.

Working...