Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Symptom of a larger problem (Score 4, Insightful) 39

Us geeks and IT professionals who visit this website do not need convincing. Who here loves outdated insecure crappy software? Ok there are some who use XP still who do not like change but are in the minority.

THe problem is no value in IT in business infrastructure or processes. We all experienced it some time in our career. We are outsourced, not invited to meetings that we would be in dealing with IT, dictated too, forced to learn Cobol, Java, IE 6 stuff, and to keep unpatched systems secure somehow.

Sha-1 is not going anywhere where I work. IE 6 is too ingrained and our customers use it. So we use insecure IE 6 + insecure Server 2003 to process our HIPA and credit card data where we are fired if a security breach takes place. Sha-1 is required for the glue to hold most of our customer systems in place.

We are never invited to the meetings for these requirements. We are a cost. We are told I promised the client it will be done in 48 HOURS!! My company is the smae as the last one where we outsource everything for the cheapest bidder too for the work. At least the employer presently does not go to that extreme when they promise a client a months worth of work must be done in 72 hours.

Anyway our MBA's do not know what a Sha-1 is?? They do not care as IT is plumbing. As long as no water is leaked never replace the pipes. THe problem is if we dictate to the customer NO USE SHA-2 and update your mission criticial $1.5 million dollar app they will give us the finger and go to a competitor.

Until IT is respected like it was back in the 1990's as part of the business process team to help the organization perform it's functions SHa-1 will be like Java/Cobol and never be updated no matter how many geeks whine.

If java 8 stops sha1 or MD5 signing then we will use an insecure version. HR will fire me if I break their apps so what choice do I have?

Comment Re:mod parent up... (Score 2) 94

I agree 100% with the parent that RasperberrryPi has no competitors. The pie is for the I/O ports for IOT devices and tinkering with something that well documented and supported with up to date and working kernel and opensource components and working hardware (not buggy).

The Raspergy Orange/zero and the more expensive Beagle miss the point. A faster chip with no or I/.O or proprietary buggy i/O incompatible with the Pie defeats the purpose. The cheaper units lack these and the more expensive units are faster but miss these or run outdated stuff that no one uses when you try to get a IOT camera hooked up.

Comment Re:Competitors don't get it (Score 1) 94

It is use cases.

The pie is not a cheap computer. It is for camera, robots, sensors, and IOT type devices. It is sought for due to it's ultra cheap price and GP-IO ports. It is well documented and understood.

If you want to learn to code or browse the web get a 2nd hand thrown out XP box with viruses and do a re-image with Linux. Done. I used to go through garbage in the streets of New York to get broken hardware. I would swap the PSU or hard disk out and put Linux on it for fun projects :-)

If your time is worth something like $50/hr you need a professional system. Go buy one or build one and use whatever OS you want. THe pie is not for you unless you are working at a security company developing a new product or something.

Comment Re: The article suggests only 1.8 (Score 1) 53

Java is write once ... with the same version of Java. The problem is the security fixes break the functionality of the platform. RMI or remote method invocation for calling win32 objects as a local admin with no sandbox defeats the purpose of the VM.

Get rid of this and Java is actually secure. THis angers me because Java was awesome and it rotted and went to shit due to bad management. Java still has a rich 100,000 methods and objects to call from and could have been still popular today if management let it compete with C#/Mono.

It needed native binaries, updated interactions (NO RMI) with other things outside the realm of a VM so it can compete with Ruby on Rails and node.js. Generics were introduced so late. Sun stopped updating it and the other languages outdid it and were not limited by it's own VM and ecosystem.

The obsession over portability and lack of features, and poor security decisions probably due to outsourcing to India to JR level programmers killed it. Not to sound socialist but RMS has a point if the community owned java instead of a corporation.

Comment Re: The article suggests only 1.8 (Score 1) 53

dude whoever updates Java?

Seriously the joke is it is soo incompatible ... without itself. Too many programs use security exploits to function. I have seen poorly written java version from major US banks that use Java 1.4.2 (yes forces this on companies with accountants) use COM+ objects for Excel to function. Or they use RMI to go to c:\program files\jre\bin to check the version number (face palm).

So no 64 bit computing for YOU! That moves java to program files(x86) which the java applets will error saying "Please intstall java!"

No WIndows 9 ... java will say UPGRADE FROM WIN98!. Java is HORRIBLE. Man I cry too as it had so much freaking potential. It shows RMS is right when corporations fuck up a good thing. Java could have stayed secure and been updated to native binaries like C#/mono. Bad management and years of neglect killed it so now web developers are stuck in nasty node.js land with javascript.

Comment Re:Seems to me (Score 1) 53

It seems to me that the stewardship of Java in the past few years, particularly it's security aspects, have rendered it useless and undesirable.

I must use java in my employment with well - let's just say "a lot" - and all over the world. It is not simply my own conclusion, but the conclusion of many people I consider more facile and accomplished than myself that Java is undesirable. My employer has gone to the point of shutting down a planned services introduction. That product, instead of launching, was shut down and the teams re-assigned to other tasks.

The workarounds to use Java in the current environment are such that we commonly create VM images to spin up and destroy for tasks requiring Java.

Going forward, I will carefully review employment offers - if it deals with Java, they're going to have to work very hard for me to accept it. I don't need the pain and heartache dealing with it causes if there are alternatives.

I am being intentionally careful not to give out details, and I'm sure there are many that will start off a reply "You stupid idiot, you can do X!" - again, these are not solely my own conclusions, but shared with many people I consider to be very, very good. I assure you, anything you may think of has surely been considered if not by myself, then by others in the same situation. Please do suggest if you wish, but also consider that a lot of other, very smart people, have looked at this same situation for more than a few years.

Like all opinions, this may or may not fit your situation and exact needs. It can even be quite wrong.

In other words it is more modern version of COBOL the other language that refuses to die that employers scream they can't find qualified applicants. Just a 1990s version with objects and some media support.

Go for smaller or startup companies. Java is here not for new things but for legacy stuff when Java was cool circa 1997 - 2008 timeframe. These systems are so big now and integrated into the business process chain that they can't be removed as jobs were eliminated due Java automation. Sigh

Comment Re:Remember when (Score 1) 53

It was secure .... then Sun put in RMI which unsandboxed code at admin level could leave the sandbox and full access to the filesystem/environment FACEPALM.

Java is fairly secure at the sever level. It was browser applets that freaking deserve to die using RMI or remote method Interface at local admin to put in God knows what just from visiting a website that created this disaster.

FYI I want java to die now so I am not a fanboy. Php was bad too and still is. Most geeks have moved on from these 2 for these and many other reasons to ruby, node.js, and Erland/Exilir.

Comment Re:Why give them H1Bs? (Score 1) 213

It is illegal to pay them less.

What we do need is a 20% tax and have the actual job description match the job title and allow H1B1 visa applicants to file cases against employers who violate this just like we have with the department of labor.

Do not give them green cards as they will just move the money back to India anyway. Put the tax and limit the cap on these visas. This way we get doctors and architects and senior engineers who are very important, but not help desk sweat shops.

Comment Re:Broken Copyright (Score 1) 141

This is the system that Barak Hussain Obama defended and did not fix for the last 8 years. We will have to see what the next administration brings.

Likewise President Bush for eight years. Neither of them did anything about it because neither of them could. U.S. copyright policy is in the hands of the legislative branch. The US Patent and Trademark Office is part of the Department of Commerce, but the Copyright Office is part of the Library of Congress. Blame the Republican senators and the Democratic senators. Better yet, blame the incumbent publishers that provide campaign contributions, super PAC contributions, and in-kind donations of coverage on their affiliated TV news outlets.

Comment Re:Seriously wtf (Score 1) 141

Link's not an elf; he's a Hylian. The Zelda universe has its own counterpart to wood elves, called Kokiri. Link in Ocarina of Time was raised by Kokiri.

But at least CBS and Paramount have decided to embrace fan creativity by publishing guidelines for what constitutes an acceptable fan work. Nintendo doesn't at all.

Comment Re:Child labor law (Score 1) 492

I had a job: maintaining my A minus grade point average in honors classes in high school. It paid not immediately in cash but instead years later in eligibility for a merit-based college scholarship. If you are trying to claim that every child ought to have two jobs, a first for scholarship eligibility and a second for cash, I fail to see how that's practical. Most nights, I was assigned too much homework to be able to complete first it and then a paper route before the subscribers expected to have their newspapers.

Comment Re:Child labor law (Score 1) 492

When I was 14 (or maybe 13) I had a paper route. Didn't need to ask my parents for permission, either.

Were you recommending sneaking out of the house, walking several blocks to the newspaper company, and putting in an application, in direct disobedience of my parents? It's been years, but I seem to remember that if I failed to let my parents know whenever I left the house, or if they vetoed it and I left anyway, I'd lose privileges once I returned home for having made them "worried sick" and "about to call the police". One such privilege was the privilege to connect my computer to their electric power and operate it on their land.

Just went and got it (actually, bought it off a classmate for $X a week until it was paid off).

With my (professionally diagnosed) social awkwardness and need to leave school immediately to catch the school bus home, I wouldn't have known how to find a classmate off whom to buy a paper route without disrupting the classroom. I wouldn't even have known that one can buy a route off someone else; in fact, I didn't know that until I read your comment.

And I'm sure that sidewalks needed to be shoveled in winter, so snow should have been an opportunity

I don't remember if this was the case when I was growing up, but nowadays, there's someone in our neighborhood who runs a snowblower on about four blocks' worth of sidewalk for free. It's hard to compete with free.

Comment Re:where's the safe space for apps (Score 1) 48

Let me make it more explicit:

Pay for a domain, web hosting, and advertising. Obtain a TLS certificate for your domain through the Let's Encrypt button of your web host's control panel. Offer your application as a self-signed apk file for download through your website, along with instructions for users to enable Unknown sources or use adb install to add the application to a device.

Slashdot Top Deals

Wasn't there something about a PASCAL programmer knowing the value of everything and the Wirth of nothing?

Working...