Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Study Suggests No Shortage of American STEM Graduates

timothy posted about a year and a half ago | from the shortage-is-in-the-eye-of-the-beholder dept.

Education 344

An anonymous reader writes "A study released Wednesday by the left-leaning Economic Policy Institute reinforces what a number of researchers have come to believe: that the STEM worker shortage is a myth. The EPI study found that the United States has 'more than a sufficient supply of workers available to work in STEM occupations.' Basic dynamics of supply and demand would dictate that if there were a domestic labor shortage, wages should have risen. Instead, researchers found, they've been flat, with many Americans holding STEM degrees unable to enter the field and a sharply higher share of foreign workers taking jobs in the information technology industry. (IT jobs make up 59 percent of the STEM workforce, according to the study.)"

cancel ×

344 comments

Sorry! There are no comments related to the filter you selected.

I've been unable to find a job for years... apk (-1)

Anonymous Coward | about a year and a half ago | (#43556841)

A corrupt slashdot luser has pentrated the moderation system to downmod all my posts while impersonating me.

Nearly 230++ times that I know of @ this point for all of March/April 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 230 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March/April 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March/April now, & 230++ times that I know of @ least)... apk

P.S.=> here is CORRECT host file information just to piss off the insane lunatic troll:

--

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
  http://someonewhocares.org/hosts/ [someonewhocares.org]
  http://hostsfile.org/hosts.html [hostsfile.org]
  http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
  http://hosts-file.net/?s=Download [hosts-file.net]
  https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
  https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
  http://ddanchev.blogspot.com/ [blogspot.com]
  http://www.malware.com.br/lists.shtml [malware.com.br]
  http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
  http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
  ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
  OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
  HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
  HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
  APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
  HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
  HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
  HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
  HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
  HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
  HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
  HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
  HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
  HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
  0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
  HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
  HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

Windows 7, VISTA, & Server 2008 have a couple of "issues" I don't like in them, & you may not either, depending on your point of view (mine's based solely on efficiency & security), & if my take on these issues aren't "good enough"? I suggest reading what ROOTKIT.COM says, link URL is in my "p.s." @ the bottom of this post:

1.) HOSTS files being unable to use "0" for a blocking IP address - this started in 12/09/2008 after an "MS Patch Tuesday" in fact for VISTA (when it had NO problem using it before that, as Windows 2000/XP/Server 2003 still can)... & yes, this continues in its descendants, Windows Server 2008 &/or Windows 7 as well.

So, why is this a "problem" you might ask?

Ok - since you can technically use either:

a.) 127.0.0.1 (the "loopback adapter address")
b.) 0.0.0.0 (next smallest & next most efficient)
c.) The smallest & fastest plain-jane 0

PER EACH HOSTS FILE ENTRY/RECORD...

You can use ANY of those, in order to block out known bad sites &/or adbanners in a HOSTS file this way??

Microsoft has "promoted bloat" in doing so... no questions asked.

Simply because

1.) 127.0.0.1 = 9 bytes in size on disk & is the largest/slowest
2.) 0.0.0.0 = 7 bytes & is the next largest/slowest in size on disk
3.) 0 = 1 byte

(& HOSTS files extend across EVERY webbrowser, email program, or in general every webbound program you use & thus HOSTS are "global" in coverage this way AND function on any OS that uses the BSD derived IP stack (which most all do mind you, even MS is based off of it, as BSD's IS truly, "the best in the business"), & when coupled with say, IE restricted zones, FireFox addons like NoScript &/or AdBlock, or Opera filter.ini/urlfilter.ini, for layered security in this capacity for webbrowsers & SOME email programs (here, I mean ones "built into" browsers themselves like Opera has for example))

MS has literally promoted bloat in this file, making it load slower from disk, into memory! This compounds itself, the more entries your HOSTS file contains... & for instance? Mine currently contains nearly 654,000 entries of known bad adbanners, bad websites, &/or bad nameservers (used for controlling botnets, misdirecting net requests, etc. et al).

Now, IF I were to use 127.0.0.1? My "huge" HOSTS file would be approximately 27mb in size... using 0.0.0.0 (next smallest) it would be 19mb in size - HOWEVER? Using 0 as my blocking IP, it is only 14mb in size. See my point?

(For loads either in the local DNS cache, or system diskcache if you run w/out the local DNS client service running, this gets slower the larger each HOSTS file entry is (which you have to stall the DNS client service in Windows for larger ones, especially if you use a "giant HOSTS file" (purely relative term, but once it goes over (iirc) 4mb in size, you have to cut the local DNS cache client service)))

NO questions asked - the physics of it backed me up in theory alone, but when I was questioned on it for PROOF thereof?

I wrote a small test program to load such a list into a "pascal record" (which is analagous to a C/C++ structure), which is EXACTLY what the DNS client/DNS API does as well, using a C/C++ structure (basically an array of sorts really, & a structure/record is a precursor part to a full-blown CLASS or OBJECT, minus the functions built in, this is for treating numerous variables as a SINGLE VARIABLE (for efficiency, which FORTRAN as a single example, lacks as a feature, @ least Fortran 77 did, but other languages do not))!

I even wrote another that just loaded my HOSTS file's entirety into a listbox, same results... slowest using 127.0.0.1, next slowest using 0.0.0.0, & fastest using 0.

And, sure: Some MORE "goes on" during DNS API loads (iirc, removal of duplicated entries (which I made sure my personal copy does not have these via a program I wrote to purge it of duplicated entries + to sort each entry alphabetically for easier mgt. via say, notepad.exe) & a conversion from decimal values to hex ones), but, nevertheless? My point here "holds true", of slower value loads, record-by-record, from a HOSTS file, when the entries become larger.

So, to "prove my point" to my naysayers?

I timed it using the Win32 API calls "GetTickCount" & then again, using the API calls of "QueryPerformanceCounter" as well, seeing the SAME results (a slowdown when reading in this file from disk, especially when using the larger 127.0.0.1 or 0.0.0.0 line item entries in a HOSTS file, vs. the smaller/faster/more efficient 0).

In my test, I saw a decline in speed/efficiency in my test doing so by using larger blocking addresses (127.0.0.1 &/or 0.0.0.0, vs. the smallest/fastest in 0)... proving me correct on this note!

On this HOSTS issue, and the WFP design issue in my next post below?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I am convinced they (MS) do NOT have a good reason for doing this... because of their lack of response there on this note. Unless it has something to do with IPv6 (most folks use IPv4 still), I cannot understand WHY this design mistake imo, has occurred, in HOSTS files...

AND

2.) The "Windows Filtering Platform", which is now how the firewall works in VISTA, Server 2008, & Windows 7...

Sure it works in this new single point method & it is simple to manage & "sync" all points of it, making it easier for network techs/admins to manage than the older 3 part method, but that very thing works against it as well, because it is only a single part system now!

Thus, however?

This "single layer design" in WFP, now represents a SINGLE POINT OF FAILURE/ATTACK for malware makers to 'take down'!

(Which is 1 of the 1st things a malware attempts to do, is to take down any software firewalls present, or even the "Windows Security Center" itself which should warn you of the firewall "going down", & it's fairly easy to do either by messaging the services they use, or messing up their registry init. settings)

VS. the older (up to) 3 part method used in Windows 2000/XP/Server 2003, for protecting a system via IP Filtering, the Windows native Firewall, &/or IPSEC. Each of which uses diff. drivers, & layers of the IP stack to function from, as well as registry initialization settings.

Think of the older 3 part design much the same as the reason why folks use door handle locks, deadbolt locks, & chain locks on their doors... multipart layered security.

(Each of which the latter older method used, had 3 separate drivers & registry settings to do their jobs, representing a "phalanx like"/"zone defense like" system of backup of one another (like you see in sports OR ancient wars, and trust me, it WORKS, because on either side of yourself, you have "backup", even if YOU "go down" vs. the opponent)).

I.E.-> Take 1 of the "older method's" 3 part defenses down? 2 others STILL stand in the way, & they are not that simple to take them ALL down...

(Well, @ least NOT as easily as "taking out" a single part defensive system like WFP (the new "Windows Filtering Platform", which powers the VISTA, Windows Server 2008, & yes, Windows 7 firewall defense system)).

On this "single-part/single-point of attack" WFP (vs. Windows 2000/XP/Server 2003's IP stack defense design in 3-part/zone defense/phalanx type arrangement) as well as the HOSTS issue in my post above?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I'll stick to my thoughts on it, until I am shown otherwise & proven wrong.

----

Following up on what I wrote up above, so those here reading have actual technical references from Microsoft themselves ("The horses' mouth"), in regards to the Firewall/PortFilter/IPSec designs (not HOSTS files, that I am SURE I am correct about, no questions asked) from my "Point #2" above?

Thus, I'll now note how:

----

1.) TCP/IP packet processing paths differences between in how Windows 2000/XP/Server 2003 did it (IPSEC.SYS (IP Security Policies), IPNAT.SYS (Windows Firewall), IPFLTDRV.SYS (Port Filtering), & TCPIP.SYS (base IP driver))...

2.) AND, how VISTA/Server 2008/Windows 7 do it now currently, using a SINGLE layer (WFP)...

----

First off, here is HOW it worked in Windows 2000/XP/Server 2003 - using 3 discrete & different drivers AND LEVELS/LAYERS of the packet processing path they worked in:

http://technet.microsoft.com/en-us/library/bb878072.aspx [microsoft.com]

The Cable Guy - June 2005: TCP/IP Packet Processing Paths

====

The following components process IP packets:

IP forwarding Determines the next-hop interface and address for packets being sent or forwarded.

TCP/IP filtering Allows you to specify by IP protocol, TCP port, or UDP port, the types of traffic that are acceptable for incoming local host traffic (packets destined for the host). You can configure TCP/IP filtering on the Options tab from the advanced properties of the Internet Protocol (TCP/IP) component in the Network Connections folder.

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK [mailto]

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).... apk

Re:I've been unable to find a job for years... apk (0)

Anonymous Coward | about a year and a half ago | (#43557371)

Ok, now the title of this post gives it all away. The real APK would never admit to a weakness such as being unemployed. He's instead rant and rave about how much of a genius he is, and why the world is wrong for not listening to or employing him. This is clearly some troll copypasta. Still, I do fully support smearing APK's name, so great job!

Jeremiah Cornelius: Grow up (-1)

Anonymous Coward | about a year and a half ago | (#43557491)

You're embarassing yourself Jeremiah Cornelius http://slashdot.org/comments.pl?sid=3581857&cid=43276741 [slashdot.org] since you posted that using your registered username by mistake (instead of your usual anonymous coward submissions by the 100's the past 2-3 months now on slashdot) giving away it's you spamming this forums almost constantly, just as you have in the post I just replied to.

Re:Jeremiah Cornelius: Grow up (0)

Anonymous Coward | about a year and a half ago | (#43557743)

Paul, you fail it. Your skill is not enough.

obviously a lie then (5, Insightful)

Anonymous Coward | about a year and a half ago | (#43556879)

Obviously the shortage is dreamed up by corporations attempting to justify importing cheap foreign labor.

Re:obviously a lie then (1)

TWiTfan (2887093) | about a year and a half ago | (#43556983)

But...but....but....all the politicians and CEO's say companies can't get Americans and need more H1B indentured servants. Surely they wouldn't lie to us, right?

Re:obviously a lie then (1)

Bigby (659157) | about a year and a half ago | (#43557459)

I say give them the H1B workers. Those companies will be worse off because of it. I work with these guys and the quality suffers greatly. Some companies are smarter than to go that route. In many cases, 1 good non-H1B IT guy can do something 100 H1B workers can't. There are exceptions...

Whatever happened to the "you have to pay an H1B worker what you would pay a non-H1B worker"? And that you "have to prove you can't find a non-H1B worker"? Do they just say they can't find them because the price is too high? Do they pay a "contractor" the same rate as a non-H1B, which pays the H1B a very low rate, and gives a kickback to the company?

Re:obviously a lie then (5, Informative)

Anonymous Coward | about a year and a half ago | (#43557665)

I say give them the H1B workers. Those companies will be worse off because of it. I work with these guys and the quality suffers greatly. Some companies are smarter than to go that route. In many cases, 1 good non-H1B IT guy can do something 100 H1B workers can't. There are exceptions...

Whatever happened to the "you have to pay an H1B worker what you would pay a non-H1B worker"? And that you "have to prove you can't find a non-H1B worker"? Do they just say they can't find them because the price is too high? Do they pay a "contractor" the same rate as a non-H1B, which pays the H1B a very low rate, and gives a kickback to the company?

The typical way it works goes like this:

1) Talk to the recruiting firm and locate the H1-B worker you want to hire
2) Figure out (or create) a very precise skill set for that worker
3) Tailor a job posting to those exact requirements
4) Post job in local newspaper and wait a few weeks
5) Legally disqualify 95% of the applicants that don't match those exact requirements
6) Call a few in for interviews that do come close to matching - then disqualify them for other made-up reasons (not a good fit for our culture is a good one)
7) Claim that you can't fill the job with native talent and hire H1-B worker at fraction of price you'd have to pay a native worker

Employability (5, Insightful)

eldavojohn (898314) | about a year and a half ago | (#43556885)

This actual study itself has at least one very good point that may not be obvious to people: our leadership's drive to promote the idea of a STEM shortage is primarily to justify guestworkers and allow them to add provisions like OPT-STEM extensions [uscis.gov] . Don't get me wrong, there is a sort of shadow brain drain war going on here that for a long time the West had easily been winning. UK, Germany, USA, etc had been sucking up the talent from India, China, Russia, Ukraine, Turkey, you name it we took the brightest from it. And it was really really easy. And now Western leaders are kind of getting uncomfortable because, well, it's not really working in our favor anymore. I care that our politicians are being deceiving about this concept but I don't care about the "taking our jobs." In fact, I'm one of those meritocratic boogeymen that thinks our borders should be open with nothing more than a background check into your criminal record before you're granted entrance to the United States. Sure, some other stuff would need to change but that's an entirely different argument I'm not going to get into.

The main point of this study, however, is what the Post picked up on and is being reiterated: there is no shortage of STEM workers here in the US. And while that's likely true, the study (though comprehensive) doesn't really seem to ever step up to the plate and look at STEM versus non-STEM in the cases of employability and what those industries do for our GDP. Our leaders like Obama are operating on the assumption that a surplus in STEM workers is better than a perfectly equalized workforce with zero unemployment. They're not going to say that but my guess is that they're getting uneasy that China is mandating how many STEM workers it will produce and limiting the number of liberal arts degrees. The West is now uneasy that they might start losing the STEM war and they're trying to figure out how to scare their populations into letting them selectively brain drain other countries. A fake "massive shortage of STEM workers" is pretty much their only card so far.

Re:Employability (0)

Anonymous Coward | about a year and a half ago | (#43557049)

In fact, I'm one of those meritocratic boogeymen that thinks our borders should be open with nothing more than a background check into your criminal record before you're granted entrance to the United States

TPTB would never allow it. If imported talent weren't tied to a sponsoring corporation, they would be free to better their lot through job movement and wages would rise.

Can't be having that.

Re:Employability (0)

Anonymous Coward | about a year and a half ago | (#43557061)

Which is exactly why he called himself meritocratic.

Re:Employability (5, Insightful)

spiffmastercow (1001386) | about a year and a half ago | (#43557431)

In fact, I'm one of those meritocratic boogeymen that thinks our borders should be open with nothing more than a background check into your criminal record before you're granted entrance to the United States

TPTB would never allow it. If imported talent weren't tied to a sponsoring corporation, they would be free to better their lot through job movement and wages would rise.

Can't be having that.

I would say we should only have this arrangement with countries that agree to the same conditions. It's worked out well for the Commonwealth nations, and I don't see why it wouldn't work for us.

Re:Employability (0)

Anonymous Coward | about a year and a half ago | (#43557399)

Enjoy your standard of living when it is brought down to that of a call-center rep in India.

No we're not special, but we can keep the high-wage gravy train going while we can. This whole H1B thing is about getting cheaper labor in the US, plain and simple.

Re:Employability (1)

thomasw_lrd (1203850) | about a year and a half ago | (#43557815)

I'm truly curious about this. Don't the laws of supply and demand state that if the overall wage goes down, purchasing power goes down, and then prices must fall to match? I know this won't work in our current society of government mandated prices for commodities (through subsidies for farmers and such), but in a truly free market society would this not work?

Re:Employability (4, Interesting)

ebno-10db (1459097) | about a year and a half ago | (#43557489)

USA, etc had been sucking up the talent from India, China, Russia, Ukraine, Turkey, you name it we took the brightest from it.

Maybe, but that doesn't mean that all, or even most, of the STEM people we "took" from those places are the best and the brightest. Nobody in the US opposes having the "best and the brightest" come here, but the vast majority are simply of average ability and recruited to reduce pay of people in the US.

I'm one of those meritocratic boogeymen that thinks our borders should be open with nothing more than a background check into your criminal record before you're granted entrance to the United States.

No problem. I think we should do that for STEM people as soon as we start doing it for doctors, lawyers, accountants, etc., eliminate sugar, ethanol, orange juice and other agricultural tariffs, and get rid of things like region coding and nabbing the elderly for buying their prescriptions in that third world hellhole of unsafe pharmaceuticals called "Canada".

The West is now uneasy that they might start losing the STEM war and they're trying to figure out how to scare their populations into letting them selectively brain drain other countries.

How do we "loose the STEM war"? Since the study makes clear (as have other studies, many done much earlier) that there is no shortage of STEM people in the US, the purpose of massive guest worker programs (e.g. H-1B) is to reduce the pay of people in the US. This has nothing to do with how "globally competitive" the US is, and everything to do with how the pie gets divided up here. The plutocracy doesn't like this whole "middle class" thing where many Americans make a decent living.

Re:Employability (0)

Anonymous Coward | about a year and a half ago | (#43557543)

Maybe the shortage is real, but only for high-IQ people?

Re:Employability (0)

fermion (181285) | about a year and a half ago | (#43557571)

There is another point that is not addressed in at least the version of the summary that I read. In the version I read, it was stated that many, if not most, of the STEM graduates in the US were not being hired to stem jobs. This statistic is used, and has been used, to say that this indicates that there are more than enough people in the US for the jobs, and no immigration is necessary. If there were a deficit, then why would so many not have jobs.

One reason of course is employability. We live in a competitive free market, and just because one presents oneself for a job with proper credentials does not mean anyone is obligated to give you a job. This is exactly in line with a consumer not being obligated to pay they asking price on a microwave, or not being obligated to buy encyclopedias from a random stranger appearing on thier stoop(I know that this does not happen anymore and I am dating myself, but the point remains).

The other issue is maybe many, if not most, of these students actually do not know anything. Maybe they cheated their way through their classes. Maybe when asked to ping a server, the could not do it. Maybe they could not put up a web page, use a screwdriver, look up a part, or do one of the many tasks that might be asked on an interview. I have gotten my coding jobs because I was able to go the interview and code. I would not be surprised if 50% of the STEM college graduates are employable but fundamentally unskilled.

So here is the fallacy I see. Usually when policy makers talk about STEM, they talk about increasing the numbers in STEM. OTOH, I believe we have too many people in STEM. Look at engineering programs. Half the people leave within the first year. In sciences, many, even the qualified, can't find a job. No, what we need is a more selective process that identifies better people. More importantly, we need K-12 education initiatives that will move students toward a critical think, production, and dare I say, maker, mentality. This needs to be done by leveraging our comprehensive educational system, which is our greatest asset, to provide the opportunity to all our students.

Of course this is orders of magnitude more expensive that just pushes all minimally qualified people through college and then having employers say, upon graduation, oops, you are not good enough. And we will still have the reality that, in a world economy that isn't going to go away, being in the top 20% is no longer good enough. Now with the labor free market world wide, we have to be in the top 5%. Which is why, if the US is going to compete, we can't just throw away kids because they live in the wrong neighborhood.

Re:Employability (1)

0xdeadbeef (28836) | about a year and a half ago | (#43557857)

I liked the part where you tricked us into reading your conspiracy theory. You should have a show on Fox.

"STEM" is a useless grouping (5, Insightful)

GGardner (97375) | about a year and a half ago | (#43556905)

There's a huge difference in the job market for pure scientists (the "S" in STEM), and IT folks. The job market for someone with a PhD in, say Astronomy is terrible. Lumping these folks together with the legions of code hackers is ridiculous.

Re:"STEM" is a useless grouping (3, Interesting)

BigDaveyL (1548821) | about a year and a half ago | (#43557037)

This is a valid point. Perhaps the numbers are a bit overstated. But, the point in the article is still valid to an extent. Companies complain that they can't fill their run of the mill jobs with graduates. Secondly, at a time when underemployment/unemployment is higher than usual, and wages are flat, one should not have a problem finding "qualified" canidates.

Re:"STEM" is a useless grouping (5, Interesting)

i kan reed (749298) | about a year and a half ago | (#43557121)

Yes, but people will perceive that distinction as goalpost moving. Let's be honest about what's happening here: we are moving into a post-worker society. The set of jobs that a computer+automated machinery can achieve is rapidly approaching the point where it surpasses average human capacity in almost every field.

And I don't mean this as a neo-luddite "computers are taking our jobs" kind of way, just that the set of skills that are unique to humanity are shrinking. We're running, as fast as we can, at a point where ownership of capital is the only factor for success in a free-market economy.

Globalization only compounds this fact, by making historically disenfranchised workers able to compete for the same shrinking set of valuable labor skills. We're headed back towards a 2-class society, and I don't like it.

Re:"STEM" is a useless grouping (4, Insightful)

ShieldW0lf (601553) | about a year and a half ago | (#43557245)

And I don't mean this as a neo-luddite "computers are taking our jobs" kind of way, just that the set of skills that are unique to humanity are shrinking. We're running, as fast as we can, at a point where ownership of capital is the only factor for success in a free-market economy.

That's when the blood begins to flow. And rightly so.

Re:"STEM" is a useless grouping (4, Insightful)

i kan reed (749298) | about a year and a half ago | (#43557289)

Unfortunately, I disagree with people who think a revolution will be a viable solution. Killing is one of the many things that computers are getting better at than us.

Re:"STEM" is a useless grouping (3, Insightful)

Shajenko42 (627901) | about a year and a half ago | (#43557327)

And then the elites put themselves into gated communities with automated turrets set to kill anything that moves within range.

Re:"STEM" is a useless grouping (1, Insightful)

Zero__Kelvin (151819) | about a year and a half ago | (#43557123)

So you are saying that we need more 3l33t Astronomers because the job market for them is terrible?

"Lumping these folks together with the legions of code hackers is ridiculous."

When you learn the difference between a Software Engineer and a "code hacker" you might be able to make an intelligent post. Until then, you are just another clueless guy without a job spitting out sour grapes because we don't need as many pie in the sky theorists as we do people who actually produce useful technology that solves today's problems.

Re:"STEM" is a useless grouping (0)

Anonymous Coward | about a year and a half ago | (#43557359)

So you are saying that we need more 3l33t Astronomers because the job market for them is terrible?

He was just saying that a statement about the abundance of employees in one particular specialization of a broad field may not apply to another.

"Lumping these folks together with the legions of code hackers is ridiculous."

When you learn the difference between a Software Engineer and a "code hacker" you might be able to make an intelligent post.

Have you seen the code that some people churn out? A software engineer also has to be able to gather requirements, do high-level system design, etc. There exist many code monkeys for every software engineer in the industry.

Until then, you are just another clueless guy without a job spitting out sour grapes because we don't need as many pie in the sky theorists as we do people who actually produce useful technology that solves today's problems.

Okay, you have to be some sort of a troll. Wild assumptions about the OP and dismissing basic research at the same time, with the whole post scattered with juvenile insults?

Re:"STEM" is a useless grouping (1)

Zero__Kelvin (151819) | about a year and a half ago | (#43557391)

Unless you are the OP, what makes you qualified to say what he was "just saying"? Nobody is "dismissing basic research", and you really should improve your reading comprehension skills.

Re:"STEM" is a useless grouping (0)

Anonymous Coward | about a year and a half ago | (#43557483)

I am not the OP. I'm simply parsing what he was saying. A terrible job market for astronomers implies that there is the opposite of a shortage for astronomers, in fact. Programmers have much better job prospects which mean that the supply-demand ratio is smaller than that of astronomers. He was saying that these areas are so different and have such different economic situations that lumping them together is ridiculous. Do you disagree?

Re:"STEM" is a useless grouping (1)

Zero__Kelvin (151819) | about a year and a half ago | (#43557669)

The point of the article is that there is no shortage. You are saying there is no shortage of Astronomers, and that there is no shortage of IT people, but that making the statement that there is no shortage of Astronomers or IT people (i.e. "lumping them together") is ridiculous. A graduate of middle school English could tell you that lumping them together is exactly what is called for in this case.

Re:"STEM" is a useless grouping (0)

Anonymous Coward | about a year and a half ago | (#43557745)

I really don't know why you insist on insulting people when you're trying to make a point.
Lumping together consists of more than just a simple statement on astronomers and IT people. The OP was demonstrating that variance exists between separate jobs in the STEM field. I do not think that it is that hard to apply abstract thinking and realize that some subsets may vary into the "shortage" category, and thus that a blanket statement about the "STEM" field can lead to an invalid conclusion about a specific job.

Re:"STEM" is a useless grouping (1)

spiffmastercow (1001386) | about a year and a half ago | (#43557517)

So you are saying that we need more 3l33t Astronomers because the job market for them is terrible?

"Lumping these folks together with the legions of code hackers is ridiculous."

When you learn the difference between a Software Engineer and a "code hacker" you might be able to make an intelligent post. Until then, you are just another clueless guy without a job spitting out sour grapes because we don't need as many pie in the sky theorists as we do people who actually produce useful technology that solves today's problems.

I'd be willing to bet that someone with a PhD in astronomy could become a software engineer in a relatively short time... Maybe we should retrain our existing workforce instead of importing indentured servants?

Re:"STEM" is a useless grouping (1)

Zero__Kelvin (151819) | about a year and a half ago | (#43557605)

I totally agree that we should retrain, but having a PhD in Astronomy says almost nothing about that persons ability to become a competent software engineer. They are two completely different disciplines. Some would love it and be excellent at it, others would hate it and suck at it.

Re:"STEM" is a useless grouping (3, Interesting)

spiffmastercow (1001386) | about a year and a half ago | (#43557775)

I totally agree that we should retrain, but having a PhD in Astronomy says almost nothing about that persons ability to become a competent software engineer. They are two completely different disciplines. Some would love it and be excellent at it, others would hate it and suck at it.

Generally speaking, someone with a PhD in Astronomy has done a fair amount of coding to implement their ideas. It's not far to go from scientific computing to Software Engineering, and in fact such a person would likely have a better math background than most of his fellow SEs.

Re:"STEM" is a useless grouping (1)

Anonymous Coward | about a year and a half ago | (#43557897)

I made it half way through grad school in astronomy/astrophysics, and many people in the field are already software engineers by using the tools for doing modern astronomy work (no one looks through eyepieces...) Overall, I found the critical thinking and logic abilities in astronomy to be higher than is typical among programmers I've worked with/managed. I think things like VB so lowered the bar to be a "software engineer" that the median ability in the field is pretty low. When I'm hiring, I consider hard science degrees in difficult fields combined with some practical programming experience to be at least as strong a resume as most CS/IT degrees and certs with equivalent experience.

Re:"STEM" is a useless grouping (1)

gandhi_2 (1108023) | about a year and a half ago | (#43557315)

It doesn't stop there.

The education industry has been foaming at the mouth for a buzzword to get behind, and STEM showed up and fell right into the trap.

Then the Arts people got involved. And now you have STEAM.

The idea behind concentrating on a few topics is being watered down until everything is included. Because inclusion is part of the self-esteem curriculum. And excluding anything is contrary to the anti-bullying curriculum.

Re:"STEM" is a useless grouping (1)

EmagGeek (574360) | about a year and a half ago | (#43557347)

I think it's funny how Science, Technology, Engineering, and Math are all considered the "same thing" by the media that likes to talk about them, yet they don't lump "Physchology, Sociology, Social Work, and Humanities" together because they are "fundamentally different things deserving of their own categories."

Perhaps our problem is that we treat thes important things as this basket of "stuff" that is "all the same, and unimportant."

Re:"STEM" is a useless grouping (0)

Anonymous Coward | about a year and a half ago | (#43557449)

I think it's funny the media seems to depict that everyone in the STEM group should work in IT.

No wonder why the whole confusion:
I have a PhD in Biochemestry.
Yes, but do you know how do customer support and do you know Linux Kernel internals?

or
Even if Americans have a PhD in computer science, would they go around installing drivers and fixing broken PCs?

There's a whole mix-up that one side want to make it look like it's a lot worse.

Re:"STEM" is a useless grouping (0)

Anonymous Coward | about a year and a half ago | (#43557367)

Though many PhDs in astronomy could be halfway decent coders... and oddly get better paid if they were willing to do that sort of work.

Re:"STEM" is a useless grouping (0)

Anonymous Coward | about a year and a half ago | (#43557495)

Money isn't everything.

Coding is boring.

Re:"STEM" is a useless grouping (0)

Anonymous Coward | about a year and a half ago | (#43557485)

There's a huge difference in the job market for pure scientists (the "S" in STEM), and IT folks. The job market for someone with a PhD in, say Astronomy is terrible. Lumping these folks together with the legions of code hackers is ridiculous.

Okay, but there's only like 200 PhDs in astronomy a year, so say ~10k astronomy PhDs in the entire workforce.

http://www.nsf.gov/statistics/infbrief/nsf10308/ [nsf.gov]

Re:"STEM" is a useless grouping (2)

gatesstillborg (2633899) | about a year and a half ago | (#43557893)

Not sure there is that much difference, because those who started out as astronomers frequently end up in IT.

Wages are flat in the United States (1, Informative)

Anonymous Coward | about a year and a half ago | (#43556911)

Unless you're in the top end, your wages have been stagnating, your purchasing power has been decreasing, and your relative wealth has been degrading.

Disambiguation (1)

carou (88501) | about a year and a half ago | (#43556917)

Why would we need so many people to work with Scanning Transmission Electron Microscopes anyway?

Stem shortage... (5, Insightful)

wpiman (739077) | about a year and a half ago | (#43556927)

of course it is a myth. It is just a ploy by large businesses to boost the H1B Visa program to increase the supply in order to push wages down.

Oooh, a conspiracy! (-1, Troll)

sjbe (173966) | about a year and a half ago | (#43557027)

It is just a ploy by large businesses to boost the H1B Visa program to increase the supply in order to push wages down.

Did they do it from the grassy knoll? Are there multiple shooters? Maybe they faked the moon landing while they were at it!

Re:Oooh, a conspiracy! (3, Insightful)

Frosty Piss (770223) | about a year and a half ago | (#43557273)

Parent is a Troll.

Certainly there is a conspiracy, but there is nothing mysterious about it.

It is clearly advantageous for companies to hire people that will be happy with flat earnings and no job advancement opportunities, as well as fewer costs associated with the eventual lay-off.

People like to say H1Bs make the same wages as other IT folks, and this may well be true, but they do help keep wages flat, and their overall cost is less.

Re:Oooh, a conspiracy! (1)

ebno-10db (1459097) | about a year and a half ago | (#43557811)

Did they do it from the grassy knoll?

Do you have a point? Perhaps you could even explain why you think the OP's point is wrong, or what your alternative explanation is. For a really tough assignment, find some objective evidence that says there really is a STEM shortage. Hint: tech billionaires saying "trust us, there's a shortage" is not objective evidence.

Re:Stem shortage... (1)

Anonymous Coward | about a year and a half ago | (#43557089)

Ever hear the words 'hit the ground running'? That is why the demand for h1b is so high. They want people who do the job with 0 training. No one wants to train anymore. Companies used to have their own schools to train people. Now? Not so much.

Training is why no one wants to hire graduates. Before the .com days people did this same thing (I remember the reason I had no job for 6 months, I asked, no experience). The .com thing was an anomaly where there was so much demand and not enough supply. You could pretty much have 'seen a computer' and 'know a bit of html' and get a job. Now it has mostly returned to norms. Experience counts (but not too much as you will screw up the insurance pool).

Remember you buy cheap you get what you pay for. Sometimes you get good results. Most of the time...

Re:Stem shortage... (5, Informative)

BigDaveyL (1548821) | about a year and a half ago | (#43557393)

You couldn't be more incorrect.

Back 30 years ago when my parents graduated from College with math degrees, they had multiple job offers from big companies to do computer programming. They would get the necessary training to fill in any holes of knowledge they had.

Now, companies have given up on any sort of training programs like that.

Now companies want experience to get a job but you can't get a job without experience.

Re:Stem shortage... (2)

interval1066 (668936) | about a year and a half ago | (#43557505)

They want people who do the job with 0 training.

I'm in complete agreement with you. Interestingly however, in my experience the zero training aspect is a myth. The H1B people often require more training, exacerbated because they often speak little english.

Re:Stem shortage... (1)

ebno-10db (1459097) | about a year and a half ago | (#43557753)

Ever hear the words 'hit the ground running'? That is why the demand for h1b is so high. They want people who do the job with 0 training.

Nonsense. Many H-1B's are recent grads. Your points about no training (for Americans) are dead on though. In many cases it isn't even formal training, but accepting that your new hire may take a month or two to get up to speed with the exact tools you're using.

Re:Stem shortage... (1, Troll)

VeriTea (795384) | about a year and a half ago | (#43557867)

By the time training is available all the important development work has already been done and the companies that did it have collected the profit. Companies need the type of engineers that can do the development work and create new things. These engineers are the ones that are hard to find and in short supply. Engineers that need training to work on a new technology will always be late to the party and a dime a dozen (read: not that valuable and not hard to find).

The problem is that people are talking past each other. There are different classes of engineers. Class A, are the type that invent new things that haven't been done before. For this class a great engineer is worth 10x, 100x, 1000x that of an average engineer. You cannot train someone to be this type of engineer, they are rare and hard to find. The second type (Class B) are the 'turn-the-crank' type of people that work processes that were developed by someone else, or create a product that is a copy of an existing product from a different company. There is no shortage of this type of engineer, they are easy to find, or can be acquired by training a new hire.

Pointing to a large number of Class B engineers is not a refutation of the claim that there is a shortage of Class A engineers.

Another thread about H1B (0)

Anonymous Coward | about a year and a half ago | (#43557213)

Where Slashdotters who are used to deriding those "racist anti-immigration rednecks" suddenly revert to "dey took our jerbs" mode.

Re:Stem shortage... (2)

Bigby (659157) | about a year and a half ago | (#43557609)

There is no such thing as a shortage. And large businesses know that as they know what markets are. As you said, they just see the prices are too high, so they claim a shortage...which is all perception.

As an employee, I think there is a shortage of jobs, because they pay too low. We need to add more companies to compete with them. Again, perspective...

It is like here in North Jersey after Hurricane Sandy. There wasn't a gas shortage, because the price would just go up. But then the governor and laws prevented "price gouging" which then emptied all the gas at the stations and moved them into a black market. There was still plenty of gas, but now it was being hoarded or resold at market (higher) prices. Some viewed it as a shortage and it was hard not to when you forced a low price on it.

Welcome to STEM Jeopardy (4, Funny)

phrackwulf (589741) | about a year and a half ago | (#43556937)

I'll take, "Corporations prefer international young and desperate engineers they can lock into five or ten years of indentured servitude for much less money and minimal benefits for $500, Alex."

Re:Welcome to STEM Jeopardy (1)

VeriTea (795384) | about a year and a half ago | (#43557349)

More like "Companies need highly talented engineers of which there are just too few to be had in the world and having 50 engineers of average talent for every position does nothing to help with the shortage."

Engineers are not widgets. A great engineer is worth 50 mediocre engineers.

Re:Welcome to STEM Jeopardy (1)

neminem (561346) | about a year and a half ago | (#43557563)

Indeed. I'm sure corporations would *love* to lock young desperate engineers into five or ten years of indentured servitude for 500$. Generally it's at still at least a few tens of thousands, but I'm sure they'd love to change that. :p

Re:Welcome to STEM Jeopardy (2)

ebno-10db (1459097) | about a year and a half ago | (#43557689)

desperate engineers they can lock into five or ten years of indentured servitude

That's a ridiculous exaggeration. It's only three to six years.

Re:Welcome to STEM Jeopardy (1)

rollingcalf (605357) | about a year and a half ago | (#43557929)

It can extend beyond 6 years with a pending green card application.

Correction: (4, Insightful)

benjfowler (239527) | about a year and a half ago | (#43557015)

There's no shortage of STEM graduates.

There's most _certainly_ a shortage of _cheap_ STEM graduates.

Supply and demand drives price (2)

sjbe (173966) | about a year and a half ago | (#43557167)

There's no shortage of STEM graduates. There's most _certainly_ a shortage of _cheap_ STEM graduates.

If something is in short supply, prices tend to go up. If the market price for STEM graduates is relatively high compared with other professions, that is strong evidence that there is indeed a tight market for STEM graduates. If there was a surplus of STEM graduates, their wages would tend to fall. Market forces are pretty good at solving this problem. Stipulating for argument's sake your claim that STEM graduates are not cheap, then by definition they must be in relatively short supply.

Re:Supply and demand drives price (1)

Bigby (659157) | about a year and a half ago | (#43557675)

This holds true for everything but politicians. 300M people in America could fill those jobs, yet some get paid $150k-$200k per year with lifetime benefits.

Re:Correction: (0)

Anonymous Coward | about a year and a half ago | (#43557235)

There is only a shortage of competent STEM graduates. Unfortunately schools are turning out CS students that can't do basic programming. Because of this we look not for cheaper laborers, but rather competent programmers.

Re:Correction: (0)

Anonymous Coward | about a year and a half ago | (#43557635)

Obviously students can't program BASIC. BASIC was replaced by Java a long time ago, with Java being supplanted by Javascript and HTML 'programming'.

Re:Correction: (2)

interval1066 (668936) | about a year and a half ago | (#43557547)

When you come out of grad school owing 50K+ I wonder how cheap you'll be willing to work for. These H1B's, when they come over, I wonder how much in loans they owe? Does the Indian Government subsidize their sh*t? If so... well, there's yer problem.

No New Workers is a Problem - College Hires (5, Interesting)

Kagato (116051) | about a year and a half ago | (#43557033)

I consult as a programmer. I work for large corporations and mid-cap companies. When I stated a LONG time ago it was pretty common to see college hires and interns in programming departments. Interns are extremely rare, and I haven't seen a college hire in a programming team in 6 years. Companies would rather hire "experienced" off-shore programmers. So the only pressure there is on wages is off-shore.

Since the quality of off-shore work is a bit suspect I make a lot of money (almost certainly too much) as the lead/architect that's keeping things together. If companies want to stop paying people like me too much money they should be hiring young (cheap) workers to put downward pressure on wages. That doesn't happen because it's seen as easier to just go off-shore.

That's not to say all off-shore programmers are bad. There are several eastern European/ec-Russian block states that produce high quality code. They happen to cost about 2X the wages of India Off-shore and carry some IP Protection baggage.

Re:No New Workers is a Problem - College Hires (2)

Bigby (659157) | about a year and a half ago | (#43557767)

I complete agree with what you have. I just want to state that eastern European/Russian staff are FAR better than your typical Indian staff. They should be charging 10x the rate for 10x the productivity.

Re:No New Workers is a Problem - College Hires (0)

Anonymous Coward | about a year and a half ago | (#43557945)

If companies want to stop paying people like me too much money they should be hiring young (cheap) workers to put downward pressure on wages. That doesn't happen because it's seen as easier to just go off-shore.

Exactly what the company I work for did. Dumped the offshore workers and their appalling work and hired a ton of entry level developers mostly right out of college with low pay. The young devs are out the door as soon as they get 1-2 years of experience.

The HR fantasy (5, Insightful)

SirGarlon (845873) | about a year and a half ago | (#43557035)

The single-minded pursuit of the best and the brightest candidates is a fool's errand. There are only a few of "the best" by definition, and they can work wherever they want. If you are not getting enough good applicants, it's because you are failing to attract them in the competitive marketplace. That may not (just) be because of salary, but also factors like where you're located and whether the work is interesting at all.

H1-B visas broaden the candidate pool but they won't change a company's competitive standing relative to others. "The best" are still going to go to the most attractive employers, and if that's not you, then I see two alternatives: either make your jobs more attractive somehow, or admit that what you really want are not "the best," but "the good enough."

Re:The HR fantasy (1)

BigDaveyL (1548821) | about a year and a half ago | (#43557079)

This couldn't be more true. You're job you have is most likely average, by definition.

Re:The HR fantasy (1)

interval1066 (668936) | about a year and a half ago | (#43557631)

You're job you have is most likely average, by definition.

Your English is less than average, by example. You just said "You are job have is most likely..."

No wonder companies don't want to hire natives.

Suspect Logic (5, Insightful)

Antipater (2053064) | about a year and a half ago | (#43557047)

Basic dynamics of supply and demand would dictate that if there were a domestic labor shortage, wages should have risen. Instead, researchers found, they've been flat, with many Americans holding STEM degrees unable to enter the field and a sharply higher share of foreign workers taking jobs in the information technology industry. (IT jobs make up 59 percent of the STEM workforce, according to the study.)"

Wages will only rise if the labor supply decreases. The labor supply won't decrease if you import foreign workers.

In other words, your car will stop if you run out of gas. The car is still moving, so you must not be out of gas. Please kindly ignore the fact that you're rolling down a mountain.

Re:Suspect Logic (1)

dacullen (1666965) | about a year and a half ago | (#43557797)

So in others words BIG TECH wants the same illusion of free markets as BIG PHARMA, BIG TELECOM and BIG BANKING. They've figured out how to rig the market in ways that allow them to maximize profit and minimize the ability of customers and employees to employe market forces for real

The Same Would Hold Triple for Unskilled Labor (1)

Nova Express (100383) | about a year and a half ago | (#43557055)

Why then have our political and business classes made the decision not to enforce immigration laws against an unchecked flow of illegal aliens from Mexico?

Re:The Same Would Hold Triple for Unskilled Labor (2)

NoNonAlphaCharsHere (2201864) | about a year and a half ago | (#43557207)

Yah. We need to stop the flow of illegal STEM graduates from Mexico.

Not all STEMs are the same (0)

Anonymous Coward | about a year and a half ago | (#43557069)

It's not the shortage of workers, it's the shortage of workers with right skills. The wage argument is a red herring. From the NAS/ACM Roberts report [stanford.edu] :

Despite such evidence, the very existence of an IT labor shortage remains controversial.
...
Why is there such profound disagreement on this issue? In part, the problem comes from looking at the IT labor market in an oversimplified way, without considering the specific character of work in the IT profession. We believe that a complete analysis of the labor market in IT requires not only an understanding of conventional analytical techniques from sociology and labor economics, but also a detailed sense of what work in the IT profession involves.
...
We believe that the failure to reach agreement on the existence of an IT labor shortage comes from the following overgeneralizations in traditional analysis:

  • Looking at the IT profession as a whole makes it difficult to understand the dynamics of particular specialty areas in which critical shortages exist.
  • Individual workers in the software-development area are by no means interchangeable.
  • Strategies adopted by the industry to identify and hire the talent they need are motivated much more strongly by the need to attract highly productive individuals than by a desire to reduce labor costs.

Re:Not all STEMs are the same (1)

BigDaveyL (1548821) | about a year and a half ago | (#43557713)

Here's the problem with this analysis. It assumes that there's no skills transfer and that human beings are static and can't learn new things when given the proper resources. For example, is there any good reason why someone who programmed in Java can't pick up C#? Or, why are many CS classes have pencil-and-paper assignments. For example, an algorithm/data structure class is highly conceptual since a Binary Tree is conceptually the same regardless of what I implement it in - If I understand the theory I should be able to pick up syntax rather quick. The ability to think through problems should be the emphasis.

Secondly, wage is not a red herring. Many of us are contacted by Managers/HR/3rd party recruiters/etc. for jobs that may offer you a joke of a salary increase (i.e. why would I move to $BIGCITY with a family for a $5k increase in salary for basically the same job).

More meaningful study: (1)

lq_x_pl (822011) | about a year and a half ago | (#43557113)

Separate S from T from E from M.

I studied E. Most of my former classmates are dutifully employed *posted from the job I had secured prior to graduating in 2011*.

Re:More meaningful study: (0)

Anonymous Coward | about a year and a half ago | (#43557231)

Grats to you, meanwhile the unemployment rate for EEs has shot up above 6% as large companies and national labs lay off staff and contract employees.

What IS in short supply (5, Informative)

petes_PoV (912422) | about a year and a half ago | (#43557149)

... are STEM graduates who are willing to work for the pittance most companies intend to pay. The shortage is of salaries, not candidates.

easy fix: ONE small change to the H1B rules (5, Interesting)

Anonymous Coward | about a year and a half ago | (#43557189)

Allow an H1B visa holder to change jobs freely within the 6-year timeframe of their visa.

An employer would *have* to pay them a competitive salary to keep them from defecting to the competition. In that case, the employer would only willingly go through the hassle of justifying an H1B hire (we'd keep that requirement firmly in place, BTW) if there was a true need, not simply a desire to get an indentured serf on the cheap.

This would be good for everyone who's honest and upfront about their motives. It would only hurt sleazy employers who are falsely claiming a shortage of labor to underhandedly keep wages low.

Of course, the cynical part of me says it'll never happen.

And, for full disclosure: I started out as an H1B myself, and would have LOVED for the system to work like this...

Re:easy fix: ONE small change to the H1B rules (1)

ebno-10db (1459097) | about a year and a half ago | (#43557645)

Allow an H1B visa holder to change jobs freely within the 6-year timeframe of their visa.

You're missing the point: why do we need the program at all? Why fix something that isn't even necessary in the first place?

Re:easy fix: ONE small change to the H1B rules (1)

Anonymous Coward | about a year and a half ago | (#43557827)

That's where my cynicism kicks in.

The protectionists want "no foreigners to compete against at all, period", and claim "there is no shortage".

The sleazebag employers want "cheap indentured foreigners to keep the uppity natives' salary down". And they claim a "big shortage".

The truth is probably somewhere in the middle. My proposal would function in a self-regulating way, allowing the honest cases to happen, and removing the financial incentive from the dishonest ones, while giving everyone what they are asking for *at face value*. How do you know *for sure* I'm missing the point, and the program is *absolutely unnecessary* ? :)

You mean Corporations lied? (0)

Anonymous Coward | about a year and a half ago | (#43557215)

You mean, they are just greedy fucks who want cheap slave labor?

Who knew! Oh, we did.

Supply-and-demand (5, Interesting)

MetricT (128876) | about a year and a half ago | (#43557233)

There is indeed a profound shortage of STEM workers, in much the same sense that there is a profound shortage of 2014 Corvettes on sale for $10.

The past twenty years has been dominated by the MBA and the JD. The same people who demand outrageous salaries on the premise that they are indispensible, seemingly have a difficuly time understanding supply-and-demand when it applies to other people.

If you are capable of getting a degree in a STEM field, then you are likely more intelligent and rational than the average person. And an intelligent, rational person is less likely to commit to years of graduate work given the low salaries and job security that seem to be the norm. Why work and sweat so hard, when your CEO is just going to send your job to India so he can get his quarterly bonus.

When STEM grad students can expect $100k job offers out of the gate, and MBAâ(TM)s have to live with their parents to make ends meet, I bet our âoeshortageâ of STEM workers vanishes rather quickly.

(Have both a MBA and most of a Ph.D. in physics. Gave up the Ph.D. after I met brilliant people in my field who were in their 10th year as a postdoc and needing food stamps to make ends meet.)

Re:Supply-and-demand (0)

ub3r n3u7r4l1st (1388939) | about a year and a half ago | (#43557905)

Second that.

The best combination is a master's in your field (the shorter the better) + a MBA.

"Gave up the Ph.D. after I met brilliant people in my field who were in their 10th year as a postdoc and needing food stamps to make ends meet."

Apparently the prevailing belief here on /. and many places elsewhere, if you have a PhD you must be a trust fund kid.

http://slashdot.org/comments.pl?sid=3639089&cid=43430073 [slashdot.org]

I would hire a humanities PhD who I can easily train to do coding than those H1B Indians that are most likely non-trainable.

Shortage of STEM may be a myth (0)

EmagGeek (574360) | about a year and a half ago | (#43557255)

But the shortage of *qualified, employable* STEM is very very real.

Destroying the High Wage Jobs (5, Interesting)

JWW (79176) | about a year and a half ago | (#43557271)

This report does effectively see what is going on. Its the continuing effort to destroy high wage jobs in the US because corporate interests do not want to pay high wages.

Manufacturing jobs have faced this over the past few decades. Middle management has faced this. Now the skilled technical worker is the target for wage lowering.

However, our Captains of Industry have lost the wisdom that Henry Ford had about making sure their employees can afford the things they make.

There is really a neo-feudalism being formulated right now with the CEOs and corporate officers and boards taking a huge chunk of the company money, and with the money changers on the other side skimming off the top as well. They fail to see that enriching and advancing the middle class is the best way to actually make more money in the future. Their current method is going to empty the tank for the engine of the economy and set us on a continuous downward spiral.

The key thing to fix this problem will be to have businesses move away from "Increase Shareholder Value" and back to "give the customer what they want."

This is what is so dangerous about the Hedge fund managers' desires to increase Apple dividend payments. Apple has a clear focus on giving the customer good products. Turning them into a shareholder value type of company will only lead to disaster.

credentials != capabilities (0)

Anonymous Coward | about a year and a half ago | (#43557291)

An unstated premise in this article is that people who have STEM degrees are actually capable of doing useful work in their field. But that is not necessarily the case. Anybody who has tried to hire STEM-skilled people recently knows that there are lots and lots of clueless job applicants out there who happen to have very impressive-sounding credentials.

Ideally, credentials would be a very good proxy for capabilities. But the world is not ideal. In my experience, the correlation between credentials and capabilities is not that great, and has been on the decline in recent years.

There may or may not be an abundance of STEM-capable workers already in the US - I don't know. But measuring the number of STEM-credentialed workers does not tell you anything useful about the number of STEM-capable workers.

Re:credentials != capabilities (1)

EmagGeek (574360) | about a year and a half ago | (#43557415)

I would have to agree, unfortunately. I gave up on the traditional hiring process years ago because it became nothing more than a contest to see who could bend the truth the farthest on their resume, and then bullshit their way through an interview the most convincingly.

I don't use resumes or cover letters or even my HR department in my hiring process. It's more of a "tap on the shoulder" thing.

Trained != competent (0)

Anonymous Coward | about a year and a half ago | (#43557313)

I'm a long-time Googler. Part of the job is conducting technical interviews. Which means that I spend many hours each week talking to people who, despite their impressive resumes and academic degrees from world-class institutions, *can't program a fucking computer*.

Don't talk to me about a sufficiency of trained workers until one of them shows up for an interview with some grasp of the fetch-execute cycle.

Re:Trained != competent (1)

darkwing_bmf (178021) | about a year and a half ago | (#43557401)

Maybe corporations can start their own trade schools to get the candidates they want.

Should be shortage of quality STEM workers (1)

Anonymous Coward | about a year and a half ago | (#43557397)

Just because a person has a STEM degree doesn't mean they are qualified to do the work. I work in the software industry and it has been impossible for us to find quality software engineers. Maybe that's a problem with our HR and recruiting but I highly doubt it that's the only issue. Most people we interview seems to look good on paper but once you start giving him a problem to solve, the person crumbles. And the people we do hire, all they are thinking about is when's my next promotion. When can I be the manager or the architect? What happen to the pride of just being good solid software engineer?

And I have to take offense for people saying that Indians and Asian are stealing all of their engineering jobs as stated by some readers in the Washington Post. A company will always try to hire the best and the brightest at the lowest cost. And if that means foreign workers then so be it.We are all part of global economy and if you want to compete, you better raise your game.

The initiative should not be to try get as many STEM graduates as possible but more STEM graduates that can compete at the world's level. There was a time when the US workers were a leader in the engineering and sciences.

Re:Should be shortage of quality STEM workers (1)

BigDaveyL (1548821) | about a year and a half ago | (#43557853)

I would agree, but the problem is that they make those of us who actually know what we are doing look bad.

Re:Should be shortage of quality STEM workers (0)

Anonymous Coward | about a year and a half ago | (#43557913)

Just because a person has a STEM degree doesn't mean they are qualified to do the work.

Very true. Degrees should never be accepted *in lieu of* ability and/or experience. It's screwy that HR seems to think credentials mean ability and experience is more of a 'fill in the gaps in your degrees' rather than the other way around.

Most people we interview seems to look good on paper but once you start giving him a problem to solve, the person crumbles.

Seen this way too often, it's why it takes so long to fill positions.

And the people we do hire, all they are thinking about is when's my next promotion. When can I be the manager or the architect? What happen to the pride of just being good solid software engineer?

Precisely... why must I be looking to "advance my career" if I'm getting enough pay and enjoy my job? I don't enjoy managing people, so why should I seek out a promotion to management? Advancing my skillset to stay relevant to my existing job, yeah, great, good idea. Radically different skillset I don't enjoy, in order to change jobs via promotion? Only if my job goes away entirely... and it never will, because you'll never have 100% of the human race able to manage and maintain their own servers. Or indeed, able to understand a user account.

Correlation with wages? (1)

tanujt (1909206) | about a year and a half ago | (#43557457)

I don't know if it's a good strategy to deduce from flat wages that there isn't a shortage in supply of STEM workers. In fact, it is more than likely that the 'replacement STEM workers' for Americans (i.e., immigrant workers) come cheaper. If there is a 'market force' of labor shortage, which brings wages up, there's a counteracting force of 'cheap labour', which brings the wages back to where they were. Essentially, if you pick 'wage behavior' and 'number of employments' as your two metrics for deducing something, you may be underestimating the dimensionality of your 'state-space'.

After looking at EPI's paper, the wages graphs vary around in an errorbar of about 100%, which is incidentally how much the number of employees graphs vary, too. Without actual errorbars, correlating two quantities with a similar-looking 'statistical spread' would lead to an underestimated total (or propagated error [rit.edu] ).

The real issue... (0)

kenh (9056) | about a year and a half ago | (#43557565)

The real issue isn't the number of "STEM" graduates there are looking for jobs, it's that so many current STEM degree holders are incapable of performing in their field with any real competence.

Heck, kids are graduating from high school INCAPABLE of reading, not just at a lower grade level, not able to read - and this after 12 years of taxpayer-funded education. That they go off and then work towards STEM degrees after spending half of their first two years on remedial writing and math classes may expalin their inability to secure employment.

of course not (1)

WillyWanker (1502057) | about a year and a half ago | (#43557779)

But it's obvious the foreign workers are willing to work for lower wages and benefits compared to US workers, which is why big corporations are pushing so hard to increase the visa limits. Why pay an American 50K a year for an IT job with medical, dental, vacation and sick pay when you can pay a foreigner $20K a year with no benefits?

There is no shortage of STEM workers. There is though a shortage of STEM workers that are willing to work for barely above minimum wage.

Definition of shortage -- more may still be better (2)

dlenmn (145080) | about a year and a half ago | (#43557843)

I think this is best summed up by the following short post at Marginal Revolution (an excellent economics blog):

http://marginalrevolution.com/marginalrevolution/2013/04/is-there-a-shortage-of-stem-workers-in-the-united-states.html [marginalrevolution.com]

It comes down to the definition of shortage. The standard economics definition of a shortage is when supply does not meet demand. The paper shows that the supply of STEM workers does seem to meet demand for them.

However, it could well be that we'd be better off if there were more STEM workers -- driven by higher demand for them. That is not addressed by this paper, and this definition (that more resources allocated to STEM would be better) is a fine definition for a shortage.

That's the underlying issue.

Microsoft lied to us? (1)

zeroryoko1974 (2634611) | about a year and a half ago | (#43557889)

Microsoft lied to us so they could hire foreigners at a lower cost then American workers? How can this be!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?