Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Take it out of the hands of users? (Score 1) 498

The eternal battle of password complexity hardship vs having 87% of your users' passwords on the latest "most common password" list.

How about taking it out of the hands of users? Find the largest dictionary available in the chosen language of the user, select two or three words from it, randomize which of those start or end with a capital letter, and random selection of a special character in-between them. Complexity attained, difficulty in selecting one gone.

Downsides include how to securely communicate this to a user. If it is shown on a screen it can be over-the-shoulder-checked, if it is sent via email then a hacked email account will supply passwords. Users can usually control the former, in the case of latter the user probably has a whole additional list of problems. But is something that assigns a password of a strength appropriate to the system being accessed better than the two extremes?

Comment 16GB Can Actually Be Enough (Score 1) 324

Just the other day I was considering what storage level of Nexus 5x to plan on getting. I usually default to getting the max-storage model and paying whatever the extra is. But on my last couple of phones I realized I mostly stream my music, and automatically cloud-save photos/videos and later cloud-view them. The phone I'm using now (a OnePlus One running Cyanogenmod) has 64GB storage but I'm only using 6GB, and that's with a small subset of my music locally-stored in case I'm offline.

This is in the Android world and I don't know if the old days of having to synchronize your entire library to an i-device are gone, but I think a side-story is maybe you don't need huge amounts of local storage anymore.

Comment CMMI != Certification (Score 1) 228

It should be noted that a CMMI maturity level designation is not a certification. It may help to have some CMMI appraisal team experience to understand it (I do), but the designation is the result of an organization's self-assessment based on an appraisal model (SCAMPI) developed by SEI/CMMI Institute. When a company claims a certain maturity level, CMMI Institute does not say "we certify this organization (or organizational unit) is CMMI maturity level n." CMMI Institute says "based on our review of the result forwarded by the organization, a result approved by a certified CMMI lead appraiser, we conclude the organization appears to have correctly followed the SCAMPI method and met the standards the organization's appraisal team agrees they did."

An organizational unit is not CMMI-certified by an external certifying authority, it is appraised based on work of a mostly-internal appraisal team (usual exception is the appraisal team leader, a certified individual not employed by the appraised organization in my experience). I don't blame anyone for being confused on the "certification" label... I see it all the time. The title of the /. article itself incorrectly uses the term.

My concern with CMMI is not the procedures and practices themselves, I think they are brilliant if implemented and the organization is resourced to handle it while not tripping up development teams. My concern is in self-assessment, that an inherent conflict of interest exists for the members of an appraisal team employed by the company they are appraising. A company that spends a lot of money preparing for and conducting a valid appraisal it expects a positive result for. But an accredited lead appraiser (again, not an employee of the appraised company in my experience) is not going to keep that distinction for long if they pass through insufficient/bogus appraisals, and that is supposed to be the check on self-assessment risks.

So it isn't the same as PMI, which gives a four hour exam to produce a quantitative, evidenced pass-fail score for a project manager and puts their stamp on a certification that the candidate knows the material with required proficiency and has met other work experience requirements. It is more nuanced and really comes down to how much you trust a given self-assessment.

Comment You don't need to (Score 1) 331

You already listed all the failures of the IT department, recognized from middle management to the CEO. The buck stops at leadership... whether he's the smartest guy on the planet or incompetent, a leadership change seems to be in order.

Put another way, what will some other gauge of his competence will add to what is known?

Comment Article says get rid of them ASAP (Score 5, Insightful) 480

I can think of no better way to inspire under-performers in a growing company than to jettison the worker who has been a superhero to date in a small company. This article is baffling to me and I don't understand why the author thinks dealing with super-performers should be different based on the company size. And the premise that it is unreasonable for the guy who constantly pulls backsides of others out of the fire to become a little irritated is odd.

Just so I have this straight, in order to drop the "jerk" suffix, a super-achieving worker who fills in for people when they are on vacation or sick, does not take vacation himself because the company is so reliant on his performance, and probably isn't getting credit for how many times he saved his coworkers must a) always be cheerful, and b) not speak up when he believes management is heading in directions that will increase reliance on said worker and make life even more difficult.

Basically the mind is cutting the heart out of a company, when both need to recognize each other's strengths and capitalize on them instead of picking a "winner".

Comment Flip the Question (Score 1) 397

How about ask the question another way... how much more would you need to be offered to make it a no-brainer for you to move? 20%? If you know that number, ask the new offerer to match that. Be honest, tell them you are on the fence, and for that much you'll close the deal today. That's the worth of fun to you.

I once had a gracious offer from an employer I left... I had a significant vacation balance and they offered to leave me on the books to run out that vacation over time (as opposed to a lump-sum following termination) in case I wanted to come back if the new job didn't work out. It bought me about six weeks of "tryout" in the new job. That is way beyond normal but that was nice to have... I almost didn't take the new job at all after hearing that and realizing how much they wanted me to stay, but the pay raise in this case was 25% and I was much younger and just couldn't pass up the money.

That goes to paragraph #1... instead of possibly hurting your relationship in the current job by introducing some boat rocking, work the other end by making the new position something too hard to pass up. Personally 10% probably wouldn't be worth the risk to me unless I felt the new job was a great fit.

Comment "Attempt"? Bad article summary (Score 1) 67

"Lame phishing spam attempt" should be reworded to "sucessful phishing spam launch that took advantage of an insider security threat".

If it is in the recipient's inbox, the spam happened sucessfully. If it didn't, it was an unsucessful attempt.

A read of TFA shows no mention of the word "lame". In fact the statement does what it should do... describes what happened and what action was taken. "The email this morning was an abuse of functionality by a volunteer who has been spoken to. This feature has since been removed as a precautionary measure."

Comment Opposite Direction of Where I Thought It Would Go (Score 4, Interesting) 97

I speculated some time ago that voice minute usage will dwindle down to the point where they would be offered as unlimited on all plans eventually, with the plan levels (tiering) moved from minutes used to data used. Part two was right, but I didn't really expect a movement toward data-only plans.

By the way those aren't new, before everyone had smartphones those of us with Blackberries and older units could get data-only plans.

Slashdot Top Deals

"Why should we subsidize intellectual curiosity?" -Ronald Reagan