Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:fill in the blanks (Score 1) 133

Companies Are ______ With Fewer ______.

Put me down for "wasting time and money" and "people who know what they're talking about to catch mistakes early", please.

The best example of this I've seen so far was an exercise in futility developing a simple in-house process automation system, essentially a glorified database with a bit of e-mail integration and a pretty browser-based interface.

There were literally months of discussions among a team dominated by middle managers. Along the way, they spent approximately a mid-level developer's annual salary just on external consulting about using someone's workflow automation software, and IIRC that consultation eventually produced a single page of documentation that was basically an ugly diagram of a simple database schema. Finally, one of the few real developers on the team gave up in disgust and just built a basic version in about one day. Which the rest of the team then almost completely ignored, because these things need to be managed and showing initiative to solve the actual problems is a rookie mistake.

It's easy to see why these tools are attractive for companies that don't generally do software development or web development or whatever it might be, but a little knowledge is a dangerous thing. Those of us who remember the joys of Microsoft Access databases and drag-and-drop "rapid application development" tools from the 90s have seen this all before. But now it's in the cloud, with convenient subscription-based pricing! There's a saying about those who don't learn from history...

Comment Re:AV only helps if you are bad (Score 1) 206

But those organizations [...] aren't adversaries.

Unfortunately, I don't think that's a safe assumption any more. For example, my businesses can't use Windows 10, because installing it on anything that touches client/customer data would immediately contravene assorted contractual and statutory obligations we have regarding confidentiality and data protection. Microsoft's policies regarding telemetry and forced updates appear to mean using their new software is literally impossible for us.

Whether or not their intention is to use data collected via telemetry for anything other than looking for ways to improve Windows, and whether or not they intend to collect any confidential or personal data via those tools, don't really matter. The facts are that technically they certainly could collect that data, their terms and privacy policy appear to allow them to, and even some of the biggest tech firms in the business have suffered both scope creep and serious security leaks in connection with data they've collected.

As I said before, security is mostly about risk management. For anyone working with sensitive data, using systems running Windows 10 or buying systems from laptop manufacturers that covertly preinstall insecure remote "support" functionality or phone-home reporting are way off the scale of acceptable risks in my professional opinion.

Comment Re: good luck with that one... (Score 1) 172

It remains the case that the law was brought down because of arguments about incompatibility with the current EU rules. Had those EU rules not applied, there would have been no basis for the issues raised in the judicial review. The legal technicalities of the judicial review process don't change that fundamental situation, nor does the lack (so far) of a CJEU reference.

Also yes, lots of other Member States have private copying exceptions, but most of them caved to industry pressure and introduced some sort of levy on their citizens in return. Those levies have been widely criticised, both for increasing prices of media and devices even where they would not subsequently be used for private copying purposes and for the manner in which the proceeds of those levies were distributed. If you read the EU resolution you linked yourself, you'll find it's extremely careful about the wording around that exception and it most certainly does not imply that the UK's private copying exception would be reinstated on the original basis or that similar levies should not be applied in the UK.

Comment Re:AV only helps if you are bad (Score 1) 206

Sure, but that trust only extends as far as whoever implemented those security measures and signed those binaries. We live in an era when your own OS may well be spying on you, your new laptop may be shipped with vendor-installed spyware right out of the factory, your new PC's CPU almost certainly has secondary functionality built-in that you can't examine or control, any of those things potentially lead to not just privacy but also system control vulnerabilities, and that's just the threats your chosen commercial partners openly-ish advertise before you get into criminals or state security services physically modifying something between the manufacturer's facility and yours.

Comment Re: AV only helps if you are bad (Score 4, Insightful) 206

Sometimes, but there are no guarantees these days. Once a system has been compromised, it is now almost impossible to make sure it's clean again no matter what you do to recover. In a world with the likes of UEFI and "hidden" secondary processors within CPUs, even wiping the hard drive and reinstalling from known good media isn't a reliable fix. It's all rather depressing, this so-called progress.

Comment Re: AV only helps if you are bad (Score 2) 206

The trouble is, all of that remains true if you have anti-virus software installed. Your odds might be slightly better overall, but AV software doesn't catch everything. In a few cases, AV software has even opened additional vulnerabilities itself.

It's surprisingly difficult to be sure that you're only running what you think you're running in 2016 and that your data is safe and private. That's a real and serious problem regardless of which if any AV tools you run.

Comment Re:Google's reply? (Score 1) 172

I agree it's unfortunate that so many people just rely on headlines, and that those headlines are sometimes less than perfect, but that's just the reality of what happens. Did you hear the one about the Slashdotter who actually read TFA before commenting?

So as long as that remains the reality, news organisations could plausibly be losing a significant amount of the value of their work if others are allowed to literally copy and paste the headlines and maybe some introductory snippets and republish them without doing any of the real leg work required to get the stories.

Comment Re:good luck with that one... (Score 2) 172

It's a complicated relationship, with pros and cons. Certainly a lot of things get blamed on the EU without any rational justification. On the other hand, plenty of things also get blamed on the EU with some rational justification. There is one particularly evil political technique where something that would never get passed back home gets punted to the EU where it's relatively out of sight, and then comes back usually via a Directive a couple of years later, at which time the government can not only claim they have no choice about implementing it but also say they have no way to influence the details... even while their own representatives and allies within the EU were the ones pushing for the new measures in the first place.

Comment Re:Google's reply? (Score 1) 172

The better news sites do provide more detailed and well-informed content. Unfortunately, it turns out that many of their readers still have the attention span of a goldfish, and thus that their headlines and early commentary are disproportionately valuable to those readers, regardless of the quality or quantity of the additional work from the news reporters.

Comment Re:good luck with that one... (Score 1) 172

Well, I'm with you on that principle as well. I can't see how an alternative scheme such as you suggested could be workable in practice, but if you had proposed some reasonable power of recall I would probably have agreed.

Still, even without that, it helps if we at least elect people who might act in our interests in the first place. Until money is an acceptable substitute for votes, the voters still have all the power on that one if they only choose to use it.

Comment Re:good luck with that one... (Score 2) 172

Yes, because EU. The entire basis for this disagreement was whether or not the UK government was allowed to introduce a private copying exception of the form that it did given the EU rules. If the government were not constrained by the EU Directive, all the questions about whether any harm was de minimis and pricing-in and so on would be moot.

Slashdot Top Deals

There must be more to life than having everything. -- Maurice Sendak

Working...