jaxent - Slashdot User

Submission + - What is the best way to thank users for reporting security issues?

Submitted by Anonymous Coward on Monday January 09, 2017 @02:34PM

An anonymous reader writes: I have worked in the IT field long enough to know that many issues can be avoided if users pay attention to popups, security alerts, 'from' addresses et al and not just machine gun click their way through things. Unfortunately most users seem to have the 'fuck it' mentality in terms of good security practices. Sometimes I will have users submit a ticket asking if an email is safe to open or if that strange 800 number that popped up in their browser is really Microsoft. When that happens I like to talk to them in person (when possible) to commend them and tell them how much trouble could be avoided if more users followed their example. I'm curious to know if anyone has ever worked somewhere with bug bounty type incentives for corporate users or if you have a unique way of thanking people for not trying to open Urgent_Invoice.exe.

Comment Skills are what count, keep them current (Score 4, Interesting) 582

by jaxent on Friday September 02, 2011 @09:55AM (#37285692) Attached to: Age Bias In IT: the Reality Behind the Rumors

I'm turning 50 this year. Have a good full time job and more side work than I can do. But I have an advantage, I didn't go to college so I never got a piece of paper saying I am an engineer, I have to prove it everyday! I learned C from the K & R book, then C++ as it came along. I learned Java in 96 or 97. PHP around 2003. Learning Scala these days. I can administer networks databases, and, servers of most types (I know several dead operating systems and languages). Because I never stop learning and I never refuse to do something just because I don't know how. I just say up front, I don't know that API, it will take a little longer. I love to do the things I don't know. Plus I don't live in a world that has a cleanly defined line between management and contributor. I have moved back and forth many times. I currently have a VP title in a smaller company, but spend most of my time writing java code, and when something like a DNS record needs to be changed or a new router needs to be configured, I just do it. I used to have to find the manuals, now I can pull it up on my phone. No excuses. Flexibility is what it takes to keep your career going as you get older. I have worked for big industry players as both an engineer and as a manager. Those companies don't always last and neither does any single technology, the only constant is change. If you don't love change, get out of this business.

Comment Re:Why is this news? (Score 1) 777

by jaxent on Monday May 07, 2007 @10:48AM (#19020747) Attached to: Australian Extradited For Breaking US Law At Home

The victims are in the US. If you have not had the rewards months of work taken away from you by a some punk who thinks that your work should be free, you may not fully understand that there are victims of software piracy. If you want to put your own work out for free that is your choice, I do some of that as well. But most programmers, musicians and professionals in the movie/tv industry do their work to support our families. Baby needs new shoes.

We have created a way to erase borders in where we live and work. We have also erased them in where crime is committed. We have to erase them in how we protect victims of crime.

I am a US citizen and I would expect that if I committed a crime against anyone (a company is just a group of people, it is not faceless) it would be punishable by that country. You should not be able to hide behind a keyboard.

Before you start, I think that the people in the Bush administration that knowingly went to war under false pretenses should be tried in an Iraqi court first since that country has the most victims.

Slashdot Top Deals