Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:intent or consequence? (Score 1) 85

Please try reading.

It indicates that their systems are so old as to require special purpose hardware.

A VGA monitor is now considered "special-purpose hardware"?

Having a CRT monitor indicates only that the system is compatible with a CRT monitor. If you're making further assumptions about the system's capabilities based on the age of a peripheral device, that's your fault, not the system's.

As one example, in the mid-2000s, I worked at a company whose main computer was built in 1988...

Sure, one single system in the back of one company did not get upgraded.

No, that was the main system running the whole industry-leading company.

I'd be willing to bet that the reason it didn't get upgraded was simple - it had got so old that it was at this point a major pain, and a major cost to upgrade.

That's only half of it. The other half was that it wouldn't bring any benefit. The company's production was limited by physical processes and market demand, not the computer's record-keeping.

Furthermore, how many of the systems sat on the desks of average employees were that old?

Outside of the customer service area (who had shiny new Windows XP boxes, with DSL Internet access!), there were three other new computers in the company, all for special-purpose workstations that needed to do processing-intensive tasks. Most desks had VT terminals (ranging from VT300s to VT520s) to connect to the mainframe.

Care to take a guess at the reason?

I'll go with "the cost/benefit analysis did not support an upgrade", since that was the CEO's answer when I asked. Each department did one thing, and one thing only. The system already existed, and was known to work well for the necessary tasks. The company had the source to the software, and made software changes when necessary to support improved workflows, but for the most part the process was mature.

It takes a bunch of literal paper pushing, and probably a bunch more employee time in the back office.

So it's not actually related to the CRT monitors?

In the UK, this is 5 minutes of the customer's time to fill on a form on the internet, and no time spent by employees at all (bar the amortised cost of the guys running the IT system and database).

...that you know of. Realistically, there could be a herd of paper-pushers in the back end that you'd never know about, because you're getting distracted by the shiny interface.

The act of ...

Let me just interrupt this rant with "your mileage may vary". The last time I went to the DMV, it was for a full re-issue of a driver's license after a relocation, and required a test. The whole process, from entering the building to walking out, took about an hour.

After the queue, the agent scanned my old license to read the data, checked it for accuracy, and sent it to the back for processing while I waited for an available test machine. The tests were administered on kiosks built around CRT touchscreens, that looked like they had been operating since I was using that aforementioned mainframe. One test machine was being serviced, and I noticed that the kiosk was just a commodity desktop PC running Windows 7. The PC had a small form factor case, sitting in a cabinet just the right size for a full tower. Clearly, the machine had been upgraded, but the cabinet and interface was original.

By the time I had finished the test, my forms had been processed, and the agent handled the registration of my vehicle while my license was being printed. The agent submitted the vehicle paperwork to be processed while retrieving the license and handling payment. Once the vehicle processing was finished, I was handed new vehicle plates and wished a pleasant day.

Every single interaction with the DMV involves 3 hours of the customers time, 20-30 minutes of the time of various employees filling out and stamping forms, and all of this has to happen in a pretty large building which has to be maintained. Those buildings have to be regularly spread out all over the place, because the amount of time taken is huge. Meanwhile, the DVLA manages to process all this, with far far fewer employees, because they actually had some investment in setting up database systems and web pages so that most of the job can be automated.

Do you really think that a large computer system doesn't need employees? In addition to the sysadmins keeping the thing running, there is also a team of programmers handling the incompatibilities with clients' new browsers and operating systems, a support team to handle the users who can't figure out the new-fangled system, and a security team trying to make sure your personal information isn't being handed off to any script kiddy with a new exploit.

Of course, they're also in a huge building which has to be maintained, and the servers are in a data center that needs maintenance, and there are offsite facilities to ensure availability. The expenses are different, but they're hidden.

The US's government systems are *hugely* inefficient and bureaucratic, not because they're doing things that they don't need to be doing, but instead because no one has spent any money on doing those things in an efficient way.

That may very well be the case, but you have absolutely no evidence that it's any more the Republican party's fault than the Democrats, or the Independents, or the Green, or the Whig, or anybody else's. All you've managed to say is that the UK does things differently, for a different demographic with different service requirements under different regulatory needs, and they have a different efficiency. It's absolutely shocking.

Now, if you'd like to provide some actual statistics to back up your flames, I'd love to see them. How about comparing Republican-favoring states' DMV budgets and satisfaction ratings to those of Democrat-favoring states?

Comment Re:intent or consequence? (Score 3, Informative) 85

The problem is that that assertion doesn't line up with reality. Go down to your DMV some time, and observe the kinds of systems that they're using. They're using databases built in the 80s and 90s on top of DOS, running on ancient computers with CRT monitors (at least around here).

...And is that a problem? Does the thickness of the monitor really impact how legibly they can print your drivers' license?

What reasonable business do you know of that hasn't upgraded their systems since that time to allow for more efficiency savings, faster processing, reduced staff costs etc?

As one example, in the mid-2000s, I worked at a company whose main computer was built in 1988, with only minor upgrades (disk capacity, and a modem that was occasionally plugged in so it could be maintained remotely) since its construction. It had survived the obsolescence of its product line, the rise of DOS and Windows, and had only a minor stumble for Y2K. For a system whose primary purpose was tracking orders moving through departments, and tracking employees' time cards, it did the job perfectly well. That particular company was in the top 10% of the industry by order volume and profits, so it seems to have done just fine by most standards of "reasonable".

There's a lack of investment in this kind of system, plain and simple, being disguised as "government efficiency" by the republicans.

Again, to show the other perspective, there is grossly excessive spending in other kinds of systems, being disguised as "upgrades" by the Democrats.

I'm not promoting any particular political party here. Rather, my point is to illustrate that every partisan criticism in this thread has an equally-valid counterpoint that is too-often glossed over. When the Republicans shout about "spending", the Democrats shout "obsolescence". Nobody ever seems to want "get what's useful and nothing more", or "review the cost/benefit analysis for every component in the system".

I've worked for the federal government before, notably on one particular system whose lifespan was about 20 years. The system was designed and built to be state-of-the-art, using top-of-the-line COTS hardware available at the time (as a cost-saving measure, naturally). Ten years into the system life, those original components were obsolete, and being replaced with new top-of-the-line hardware, with the promises you mentioned: efficiency savings, faster processing, reduced costs, et cetera.

However, the basic workflow hadn't changed at all, and the software hadn't been rewritten (as that'd be prohibitively expensive), but only ported up to newer technologies. Even though each part of the process was indeed faster, the system as a whole hadn't changed significantly. It could run perfectly fine on modern (for the day) mid-grade or even low-end hardware, but because "upgrades" were seen as desirable, the system continued to be built with top-of-the-line parts, for about triple the cost.

Towards the end of the project lifespan, there was an effort to re-engineer it using minimal hardware, but by that point the idea had grown into something of a legend. The managers (and bureaucrats) who had seen the system's early versions and knew its original cost couldn't believe the system could actually run on such a low hardware budget. Every actual test was successful, but the mantra that "you get what you pay for" had become such an integral part of common sense that actually getting approval for a cost-efficient system was impossible. Eventually, my team ended up inflating our quoted costs to get approval, then delivering a working system under budget and getting extra praise.

That tale doesn't meet my idea of "reasonable", but it was definitely the reality that I saw.

Comment Re:intent or consequence? (Score 2, Insightful) 85

Political flamebait works both ways. The other side of the coin is that Democrats set up overly complicated systems that can't work without an ever-increasing price tag, then complain (loudly) that they just aren't getting the support they need.

Let's move on.

When the Federal government is [involved], don't blame on intentional malice that which can be explained by...

...anything else.

Bureaucracy in general is a breeding ground for unintentional malice. There are literally thousands of people in the federal government with the ability to influence programs like this, and they often have conflicting priorities. Some are mostly concerned about the economic cost, thinking that a strong economy is the clearest path to "general welfare". Others want social support services, being of the opinion that minimizing hardship makes everyone's lives better. Some think that government should do as little as possible, allowing individuals to decide for themselves how to pursue happiness, while still others believe that a life led according to religious principles leads to a better eternity.

Those are only a few examples, and not terribly nuanced, either. People can have multiple opinions, conflicting opinions, and even different opinions for different subjects derived from the same principles. The representative government reflects the opinions of the people, and in a country of over 300 million people, it is perfectly reasonable to have a very complicated set of opinions in government.

The most that we as individuals can hope for is that occasionally, enough people agree on an issue that they'll do something matching one of our strong opinions.

Comment Re:technicality (Score 1) 101

I understand the difference; they already had him on numerous charges without playing the entire episode out to the point of placing a fake bomb.

Maybe, and maybe not... either way, if they let him just continue, the prosecution's case is that much more complete.

Yes sure, they offered multiple alternatives, prayer, made him aware there will be children and women present, no one is saying this terrorist aint a stinking pile of shit, but the FBI had him when they did the "practice run".

And at all those points, he could have said "no", and walked away... That'd be the law-abiding thing to do, and would be the easy way out of the sting.

While technically waiting to make the arrest with the fake car bomb is not exactly entrapment, the sting operation could have concluded with the detonation or even construction of the "test" bomb.

It depends on the particulars, but probably not, actually. In several states, building bombs is perfectly legal. Setting them off is also perfectly legal. In fact, I have done so personally in the past. Usually (and in my case) what would be illegal would be for that bomb to damage anyone else's (or public) property, injure any person or animal, or be transported on public roads without the proper approvals. Again, there may have been minor crimes along the way, but not enough evidence to make a case that the perpetrator was trying to commit a serious offense.

Actually, it probably could have concluded long before that with a conviction. Yes, I understand getting prosecution is harder than it sounds, but they have ample evidence prior to the fake bomb run, shit prior to the test run of his intention and activities.

What kind of irrefutable evidence did they have, exactly? Prior to actually executing the fake attack, the defendant could just argue that he took the opportunity to gather names and details into a nice little package that he planned to turn over to the authorities, and had to play along to do so. The defense could claim he was a hero all along, and the FBI just sprang their trap before he sprang his. To a jury of scared citizens who keep being told that if they "see something, say something", and with the common fantasies of being a big hero, if only they had the opportunity... Who wouldn't sympathize with this guy who just tried to do the right thing?

Also, what went wrong in this young mans head to push him this direction? Could have the perceived assistance of these agents, who to this idiot were willing accomplices (knowledgeable ones) that apparently supported his position?

How is that any different from the willing aid of an actual terrorist organization? He started by seeking willing accomplices. His head already had the criminal element. The agents just let it run its course in a (somewhat) controlled environment. In his mind, he was willingly committing a crime, and that's the ambition that the justice system is trying to remove from the rest of our law-abiding society.

Comment Re:technicality (Score 4, Interesting) 101

If that's not entrapment, I'm not sure what is.

You're not sure what entrapment is, then.

Entrapment is when the government agents make you commit a crime that you weren't otherwise willing to do. For example, if they threaten you or your family, that's entrapment. If they make you believe that what you're doing isn't actually a crime, that's entrapment. If they manipulate circumstances to where you believe you have absolutely no choice but to commit the crime, that's entrapment.

What is not entrapment is asking "Hey, are you willing to commit a crime?". It is also not entrapment to hand you the tools to commit the crime, and it's also not entrapment to drive you to a location for the crime, hand you the tools, and pay you a lot of money to commit the crime. Those things are not entrapment (though their legality may depend on having proper authorizations and approvals in place). You still have the option to avoid all criminal culpability by not doing the crime (though even if it turns out the tools they gave you were fake, what matters is that you thought they were real). If someone offers to help you and/or pay you to commit a crime, you can walk right down to the local police department and tell them all about it.

Comment Re:Untrue (Score 1) 765

I've been one of the few folks dispelling the "fiduciary duty" myth for a while, but since that job's done...

Nonetheless, if the company's behavior is incompatible with the bottom line, market forces will squash that company. The company with a constraint of "never behave like a sociopath" is at a competitive disadvantage to the company without that constraint.

Bullshit.

Those "market forces" are exactly why it pays to be nice. I know a number of good engineers who left Disney when they outsourced IT, just because they disagreed with the company. Some of them intentionally went to another company that chose to cut profits rather than lay off employees during a temporary downturn.

People talk, especially if you're in an area with several competing companies. Just like companies essentially must offer a benefits package to attract employees, their reputation also impacts what already-established talent will join the team. With a poor enough reputation, it's only the inexperienced and desperate who will accept the company's offers.

For large companies, it's a small market force, but it's often enough to outweigh a few percentage points on the profit report.

Comment Re: Always (Score 1) 765

Your father was connected. That explains it.

Fixed that for you.

Rank is not all that hath privilege. I'd wager that the vast majority of executives would do similar things for 25-year loyal employees in such circumstances, but usually the people who know about such things aren't the ones who can authorize such unusual accommodations.

For quite a while, I've suggested that anyone starting a new job should meet the highest-ranking person in the area. Whether that's a site manager, C-level executive, or even just the accountant who didn't relocate with the rest of the higher-ups, having friends in high places allows you to ask for perfectly reasonable things, and actually have a chance at seeing them happen.

It is a mutually beneficial arrangement, because the subordinate gains a channel for fulfilling extraordinary needs, and the senior gains access to operational details that might not pass up the chain of normal status reports.

Comment Re:FBI director announced she IS guilty, won't pro (Score 1) 801

The crime is not whatever you say it is. The crime is whatever the law defines it to be, and the law in question explicitly requires that classified material be "removed from its proper place of custody or delivered" for the crime to have occurred.

Since the server was unclassified, it would not be involved in removing classified information from its proper place, so we can disregard that part of the law. Since we can't prove anyone uncleared actually received the classified information, we have to disregard the second part, too. The other options are "lost, stolen, abstracted, or destroyed", and none of those terms apply well, either.

I'm sorry, but rule of law still applies.

Comment Re:FBI director announced she IS guilty, won't pro (Score 1) 801

Actually, yes, you can usually just remove markings from (or more precisely, rewrite without markings) unclassified material that's on a secure system. The unclassified material doesn't need to be "declassified" because it was never classified to begin with. That includes unclassified parts of a larger document that's marked as containing classified information, and by the same extension it applies to unclassified data on computer systems that are marked as containing classified data.

What's important is that no classified information actually gets out of the secure environment. Nobody cares about other information, with a few exceptions.

Comment Re:FBI director announced she IS guilty, won't pro (Score 1) 801

The words "extremely careless" were chosen carefully to avoid saying "negligent". To be careless is to be ignorant of the required security procedures, while to be ignorant is to know what's proper and required, and choosing to not attempt to follow it. If you're going to go down that road, you'll need to establish that the sysadmins responsible for that server were aware of the that the system could hold classified information, and they knew the security requirements necessary to protect a system holding classified information, and chose willingly to leave it unsecured.

What proof is there that the sysadmins were competent, beyond the faint hope that they should be?

What proof do you have that she personally put classified information on her server?

What proof is there that, at the time the server was built, it was intended to hold classified information?

There are an awful lot of bad things here... certainly enough to say the handling was careless. Unfortunately, without an absolutely solid case for a particular and completely-provable allegation, a successful prosecution is extremely unlikely, and would not serve the cause of justice in any meaningful way.

Comment Re:FBI director announced she IS guilty, won't pro (Score 1) 801

That email about the fax proves only that a particular message was requested to be transmitted in an insecure manner. That does not mean the contents of the fax were sensitive or that removing the markings was improper. As I understand, the subject of the fax was a set of talking points for a speech, which were sensitive only in that they were not yet publicly released. If there was indeed a classified piece of information in the fax, it could have been sanitized prior to the insecure transmission. Without seeing the classified version, it is impossible to tell.

It's not "moving the goal post" to point out that your kick fell far short. Again, consider that a prosecution would be arguing before a court of law. Nothing is obvious, and nothing is beyond question. If you want to prove something, you have to show your entire case.

Comment Re:FBI director announced she IS guilty, won't pro (Score 0) 801

Now, can you prove that the emails were "delivered to anyone in violation of his trust, or ... lost, stolen, abstracted, or destroyed"? Can you also prove that the delivery was due to "gross negligence", and not a hacker's skill or simple mistake? Can you also prove that it was Hillary's negligence at fault, and not an underling who was ordered to build a secure server?

Now, when I say "prove", mind you I don't mean simply making an emotional plea on the Internet to further your political beliefs. I mean you need to have actual evidence suitable to present to a court of law, and convince a jury beyond a reasonable doubt that all the criteria of the statute have been met.

Good luck with that.

Slashdot Top Deals

Multics is security spelled sideways.

Working...