Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Direct Sales OK Baked Into Nevada's $1.3 Billion Incentive Deal With Tesla

James-NSC Connecting I-80 and U.S. 50 (149 comments)

I live in the area and that's going to be a significant change to the landscape. Putting in what will eventually be a high-traffic road into an area (on the 50 side) with people who live there specifically to get away from this sort of thing. It's also going to cut one of the areas where wild Mustangs still roam in half.


Speaking of Mustangs, Mustang Ranch will be a big winner here as they will be located just a stones throw from the new Tesla factory....

about a week ago

Ask Slashdot: What Recliner For a Software Developer?

James-NSC Programming with a broken back (154 comments)

I broke my back a decade ago and kept working throughout. I built - well, I oversaw as I couldn't move - a custom rig using a wall mount for a small TV that, when inverted could hold a laptop upside down in just the right position over the hospital bed I was in for the next six months.

Since then, being comfortable while working is paramount to my survival - I've searched and searched, but in the end, if you want something that works just right *for you*, you're going to have to either build it from scratch or find something close and customize to fit.

For a recliner, if it's against a wall, you could go the TV mount route and have something that swings out when you need it - otherwise you can build a support on one side - recall that you have a lot of room under the chair for giving the side mount a large footprint so it's stable.

Good luck.

about a month ago

LinkedIn Busted In Wage Theft Investigation

James-NSC Salaried Employees Get This All The Time (108 comments)

Some companies skirt this rule simply by paying "hourly" employees a salary above $23,600 (per FLSA) then work them 80+ hours a week and call it good. More and more employees, regardless of actual job duties are being paid a salary so they are then "exempt" from any overtime pay, even those that would traditionally qualify under the FLSA & I see this more and more often in the IT sector. If you look at the Computer Employee Exemption - you can make pretty much any IT job fit the bill if you phrase it correctly.

Workers are left with little recourse because:

  • They've been exempt at every job they've ever had, so they no know different
  • Many - even some of the learned ones - do not know how the FLSA applies to them in this situation
  • Everyone around them is expected to work overtime w/out compensation, so it's not unusual.
  • Regardless of what job duties they will be doing up to and, frankly, especially those including "non-exempt" duties they are told by management that they are doing "exempt" duties
  • They have little real recourse, even if they know they are "non-exempt", unless other co-workers join them in a complaint. Co-workers who are unlikely to do so as:
    • There is little perceived gain and significant risk
    • It is expensive to the point of being cost-prohibitive in order to make a successful claim
    • Any employee who were to be successful would likely find repercussions pertaining to employ-ability later down the road. While not legal to do so above the board, it happens nevertheless (just look at all the wage-fixing and collusion in the valley - you actually think they'll hire someone again, or promote them over a co-worker who didn't sue?)

At the end of the day, LinkedIn is far from an anomaly, it is standard business practice - unless there is a top to bottom review by some third party (I don't know if there is even an entity that would be suited for this sort of endeavor), this practice will continue unabated. We will work more and continue to be paid less than what we earn.

about a month and a half ago

Ask Slashdot: When Is It Better To Modify the ERP vs. Interfacing It?

James-NSC Vendor vs In House (209 comments)

One of the key problems I've run into, not only in regards to ERP, but in general, is that when you outsource all of your development your future is in the hands of someone who doesn't have your companies best interests as their primary concern. Their primary goal is to get paid and to keep their company in the green, the only way they can do that is to, as you noted, keep putting their hands out. It is not in their best interest to produce a system that is self sufficient, it is in their best interest to keep you on the line.

That said, it's not always practical to in-house everything, so a balance needs to be struck - keep the design and some worker bees in-house and then leverage vendors/contractors to spin up extra bodies for build cycles.

Regarding your single point of failure concern - while valid, a properly designed ERP system with redundancies and load balancing should alleviate the core of that problem. Again, balance needs to be struck, while you want a single place to do all of your ERP functions, it doesn't always make sense to have them in one application that has to be customized to within an inch of it's life in order to do everything it needs to do. This needs to be addressed in the design phase to create logical business units that can sit on separate applications that, ex, communicate with the proverbial mothership via an API

about a month and a half ago

Nevada Construction Project Could Be Tesla/Panasonic Gigafactory

James-NSC That's just down the street from me (81 comments)

I think I may go out and do some drone recon on it this weekend, see what's really going on. As long as I just use my GoPro to record video onboard and LoS for tracking, but don't use my FatShark it's not a drone and it's OK, right FAA?

about a month and a half ago

The Internet's Own Boy

James-NSC Re:What's so remarkable? (194 comments)

Tell it from both sides and you risk leaving the audience with unsatisfyingly ambiguous feelings about the whole affair; it's almost as if life isn't black and white!

No-one likes that in a movie.

Quite the contrary, had Gibson included the Roman perspective in "Passion" I would have enjoyed that movie a whole lot more.

Roman Citizen: You taking the chariot out tonight?
Roman Soldier: Yea, me any my cohort are going to do some drive by crucifixions...

about 3 months ago

Ask Slashdot: Taking a New Tack On Net Neutrality?

James-NSC Pre-Law (185 comments)

Hopefully they'll have plenty of pre-law students filing law suits on 1a grounds, unfair competition and whatever else they can think of as at will be A) good practice for them and, more importantly, B) costly for the property company.

about 4 months ago

It's Time For the Descent Games Return

James-NSC Re:Hell Yes! (251 comments)

And it supported zmodem. I spent my entire two weeks of a spring break in college playing descent with a class mate. So much so, that when I went to bed (in the morning, lol) my inner ear was playing tricks on me as I still felt like I was rolling around in three dimensions. An amazingly immersive experience for the time.

It even incorporated a POV flight recorder, so when I got back to class, I had a few 5.25 floppies with some great kill shots on them. Hanging against a wall as my opponent flew through the tube and came out above me, missing me completely, I rose up - ala Wrath of Kahn - and took him out from behind. Good stuff.

D2 even had a single from Type O' Negative "Haunted" that was, IIRC, released on the games soundtrack w/out vocals before the October Rust (1996) album was released.

D3 was a serious let down for the series, followed up by "Free Space" and by then, the ride was over. While Free Space was a decent game, it's inclusion in the Descent series made it drift too far from what made "Descent" Descent.

about 4 months ago

Bachelor's Degree: An Unnecessary Path To a Tech Job

James-NSC All My Jobs Required a BS at Minimum (287 comments)

That's not my experience in the "tech industry". Every job I've had - Arizona, Nevada, Colorado, Florida, Tennessee - have required a BS at minimum. I work with people who don't have a degree, and they are in "tech" positions that pay less and have fewer advancement options.

I guess "Tier One Help Desk" would meet the articles criteria, but who would want to do that job for the rest of your life?

In fact, now that I think about it, TFA is 180 from my experience, not only is higher education critically important, but almost equally important is *where* you went to school. Ivy > state > trade > Pheonix > none

about 5 months ago

Tesla Model S Has Hidden Ethernet Port, User Runs Firefox On the 17" Screen

James-NSC Re:Should void warranty (208 comments)

Actually, we do something very similar to jailbreaking in the world of sportbikes, as we replace parts and alter components around all of our engines computers in the name of performance

I personally, have a SPST switch under my seat that will jump two pins on the main CPU with a resister,when on,it "tricks" my bike into believing it's in 6th gear no matter what gear it's in. It is only In 6th gear that I have no timing retardation (retardation set by the factory) and have access to all the power my bike can produce throughout the entire gear range

Additionally, I run a PowerCommander, which allows me to attach a laptop to my bike and load custom fuel maps into it

We've been "jailbreaking" our bikes for years since fuel injection became the norm in the early 00's - this was actually why I purchased my last bike as a fuel injected one, normally I prefer the throttle response of a normally aspirated carborated super sport (600cc) - I went with a fuel injected super bike (1000cc) just so I could "jailbreak" it... in 2001..

lastly, less I upset anyone by omission, the Import Tuner - or "Hot Hatch" with a nod the Jezzer - crowd have been doing it to the computers in their cars even longer.

about 5 months ago

Best Alternative Client for Outlook/M$ Cloud Mail

James-NSC Re:This is a "me too" post. (2 comments)

Don't use Mozilla Thunderbird. I figured I'd just use that, but it came packaged with so much bloatware - PC system "tuner", weather alert app (that crashed as it was a 32 bit app on my 64 bit OS), a tool bar that my AV blocked and no check box to decline such additions.

Shoddy, shoddy packaging.

I uninstalled it immediately and my search for a good mail app continues - unassisted by /. moderators. Cheers guys!

about 6 months ago

Why Movie Streaming Services Are Unsatisfying — and Will Stay That Way

James-NSC Re:Um. WRONG. (323 comments)

No, no it isn't

Last night I was surfing netflix and noticed the old Twilight Zone, so I went to watch "Time Enough at Last" (Episode 1 from Season 8 which aired in January of 1953) - but noooooo, netflix only has S1-3 and 5.

The *only* reason I couldn't watch the episode I wanted is because someone, somewhere, is a fsking arsehole.

about 6 months ago

Diablo 3 Expansion Reaper of Souls Launches

James-NSC No Expansion for x360 users? (166 comments)

I just searched google, amazon and gamespot and no where can I find an expansion for the x360. Not even a commitment to release it. I found multiple references to D3 being worked on for the x1 and p4, but nothing for the 360. I haven't found confirmation yet - though with all the news on this right now, finding meaningful search results is getting arduous - but it doesn't look like x360 users are getting this expansion and if they do, it will be via the x1 - can anyone confirm?

What a great way to screw your customers, sell them a game for one system, then only make expansions available for the next gen console - which, BTFW, *requires* them to purchase the game a second time in order to play it on the new system. Making their purchase on the 360 a total waste of money in the long run.

about 6 months ago

Target Ignored Signs of Data Breach

James-NSC Re:To be fair? (95 comments)

I'd wager it wasn't the security team that dropped the ball. I work in the same role (I'm the most senior member of the security team), and I can tell you first hand that I don't have the authorization to act in matters of that scope independent of the executive team in situations like those. I have to forward my recommendations up the chain and get approval.

That causes delays. Often times, things then get lost in the executive level. Whenever there are contractors involved it's even worse as they spend a week or so arguing over whose responsibility it is, who is going to pay for it, how much down time it's going to represent, how much money they're going to lose, etc,etc, etc. Executives are also really bad at judging risk when it comes to security. They'll expose themselves and their companies to staggering amounts of risk - if for no other reason - than the fact that the failure/security breach/what-have-you isn't impacting business "right now" but shutting down an ecommerce system to patch it will impact the bottom line *right now* and they would rather risk "maybe" losing money at some future date than know they're losing money "right now".

Executives will mortgage their companies futures at every possible opportunity for a few extra dollars today.

The number of times I've taken a GLARING security issue up only to have the "how long can we leave it before it impacts business" be their main concern. If it's a vulnerability on a production, WAN facing system - but we don't have evidence of it being actively exploited - it's not considered to be as critical as taking that system offline for an hour to patch/test it. The certainty of lost revenue in that hour is more meaningful than the potential of abuse at a later date. Worst part of it all is that when that later date does come around and things get really bad, they all point their collective fingers at the security team and none of them take any responsibility whatsoever.

You're damned if you do, damned if you don't and blamed all the way around.

Corporate InfoSec is a very, very frustrating occupation. I feel for those poor guys at Target.

about 6 months ago

Google Chairman on WhatsApp: $19 Bn For 50 People? Good For Them!

James-NSC Re:Read between the lines (303 comments)

I'm a Visa holder, and even I don't get the need to loosen the immigration laws. I'd like to make things easier on myself, sure, but for American's seeing improving wages?? how is that anything but counter productive? Further, if they really wanted to help JQP, they would tie all wages to inflation (so they grow at the same rate, at minimum) and stop paying themselves 100's of times more than their lowest paid employee. Anyone who sits on a Scrooge McDuck stack of cash DOES NOT have your best interests in mind.

about 6 months ago

Drone Pilot Wins Case Against FAA

James-NSC Re:How did this go to trial? (236 comments)

I fly 33" to 65" with a POV link to the ground (FatShark) and a GoPro onboard - it's a very common configuration. Everyone I know (and "know" via the Internet) posts videos to YouTube and some even make money from adds on YouTube. So if it's just about shooting video from the air via a radio controlled craft and making money from the resulting video, there are thousands (if not more) of people across the country guilty of this.

about 6 months ago

Target's Internal Security Team Warned Management

James-NSC Re:Every single company (236 comments)

I’ll second that. When approaching management with security concerns, many of us fall short on being able to properly communicate with management regarding risk. While it’s helpful that management, specifically upper management, deal with risk every day the downside to that is, you have to present your risk to them in terms they can understand. Using the formula of:

Cost of failure * rate of failure = total cost of failure is actually detrimental to this approach, most notably because the rate of failure for an undiscovered/undisclosed security defect is quite small and yields a total cost of risk that is well within norms for most companies.

What you need to do is familiarize yourself with the upper management, specifically those through which you report up to the CEO, and understand the types of risk they deal with and – more importantly – the total costs of failure they find acceptable. Then, when approaching them – just by way of example - prepare a report which demonstrates this specific risk in terms they both understand and with a gravity that they appreciate. Never say “we could be hacked, it would be awful”, instead “when this defect is eventually discovered (include citations on the rate of remote network probes/scans), the resulting security breach will cost us $X to resolve, further (citations are handy) as this has been in the news lately, expect additional fallout in both news cycles and social media. Instead of facing $X in known risk, by investing $Y in prevention we can address this issue and improve (insert impact on project/product they are personally invested in).”

Lastly, never leave the rate of risk ambiguous – never leave it at “might, may, could or worse still, one in a million” – always represent those uncertainties with math: number of remote attack attempts over time. If your perimeter is anything like mine, it will be read by management as an eventual certainty and *not* like something that can be safely ignored as an unlikely “storm of the century” type event.

about 7 months ago

Good Engineering Managers Just "Don't Exist"

James-NSC Re:they exist but do not have titles? (312 comments)

I'll second that observation. Ever since "manager" has become a career option in and of itself, it's attracted "those who can't do anything else and who don't produce anything of value". Prior to that being a self serving career path, managers were people who worked their way up the ranks and carried with them both the experience of being "worker bees" and the knowledge of what the pain points of the bees were. Once they became management, upper management benefited from their experience of being a worker, and the workers benefited from their experience of being "one of them" - everybody won. These days, you have managers (we have one where I work) who have never done anything else and as a result, bring absolutely nothing to the table.

about 7 months ago

The Cybersecurity Industry Is Hiring, But Young People Aren't Interested

James-NSC Re:hire me (289 comments)

I thought so too, but it doesn't seem to make a darn bit of difference that I'm British and we (US/UK) have been allies for ages. I was almost not let back in the country the last time I left - I now won't leave the country as I'm not confident I'll be able to get back in. I'm obviously on the TSA's list for additional screening (I wasn't allowed through security on my last flight because I had printed out my boarding pass from United - as suggested by United in order to save time and I was required to have one issued by the airline on the day; missed my flight because of that).

I may as well be Chinese for all the difference it makes to the TSA and CBP.

about a year ago

The Cybersecurity Industry Is Hiring, But Young People Aren't Interested

James-NSC Re:hire me (289 comments)

When I was first out of college I got a contracting job working for the USAF. I'm a British national (born in England) and I am a legal US resident (green card). I was able to work on some pretty sensitive stuff that required everyone else to have a clearance (I worked on the roll-out of the "glass cockpits" - upgraded avionics - for McConnell AFB in the early 90's) even though I wasn't eligible for clearance. Nor was I eligible for working on this contract for the Air Force. My employer got around that requirement by subcontracting me several layers deep. The subcontracting went something like: USAF to his company to another company to him (as a third company) to me (as a fourth company) and finally to me as a 1099. As it was explained to me at the time, it was due to regulations in place with the military where contractors who were X many times removed from the primary contract were not required to have the same security clearance as the origin contract holder and/or that the origin contract holder wasn't required to review the status of those X times removed.

Either way the result was that I had no clearance and I was on a project where everyone else was required to have one. I'm sure there must be H1B contractors who are similarly working on some pretty sensitive stuff for the government.

about a year ago



Best Alternative Client for Outlook/M$ Cloud Mail

James-NSC James-NSC writes  |  about 6 months ago

James-NSC (1414763) writes "My company is switching from onprem mail to a hosted "Exchange Online". This requires Outlook 2013, however, O13 is a *really bad* mail client — particularly in it's search function. Worst case I'll use two clients, one for actually interacting with my email and Outlook to interact with it's services, but it would be super handy if there was a good client that also supports all of the various added "functionality" bundled with Outlook. As I'm sure I'm not the first to be subjected to the "everything is better, because Cloud!" line of IT executive reasoning, what have my fellow /.'rs used as a mailer in this setup?"

Arts & Crafts

James-NSC James-NSC writes  |  more than 3 years ago

James-NSC (1414763) writes "I like to do arts and crafts. I’ve been saving up motherboards for a while as a new medium and I started working on it last night. I wore the same gear I wear while painting – fine particulate respirator and safety goggles. I just cut some templates out of some motherboards and when I was done I used the shop-vac to clean myself & workspace up before removing my mask. Even after 5+ minutes, in a well ventilated area (not as well as it should have been apparently) my first breath was pins and needles. I’m looking into containment and exhaust solutions – ala baby’s first iron lung, but seriously, am I nuts? Are these materials just too toxic to work with?"

Security/Privacy Advice

James-NSC James-NSC writes  |  about 5 years ago

James-NSC (1414763) writes "My employer is changing its policy towards employee use of social networks. I've been asked to give a 40 minute presentation to the entire company (attendance is mandatory) on the security and privacy concerns pertaining to social networking. While I was putting it together, I ended up with some miscellaneous information that pertains to security/privacy in general. Ex: the emerging ATM skimming (mainly for our European employees), a reminder that email is not private, malware/drive-by in popular search results, things of that nature. Since these don't really fall into the slated topic, I've ended up with a section titled "While I have you...". I'm going to have the attention of every employee and with attendance being mandatory, I thought it would be a great opportunity to give advice on security/privacy issues as a whole and not just those pertaining to social networks. As it's an opportunity that one seldom gets, I'd hate to not utilize it to its full potential. If you had the attention of an entire company with employees in the US, UK, Asia and Australia, what advice would you give?"

Best of Breed Windows Based Network Montitoring?

James-NSC James-NSC writes  |  more than 5 years ago

James-NSC writes "I've recently been promoted to head of security for my company. The "security" I inherited is, at best, atrocious. As the in-house IT employee with the most security experience, I was selected for the position, but my experience comes from a purely *nix environment, and I'm now in a "Windows Only" shop. I really need a tool which can monitor ports on specific IP's, network saturation/use levels, etc — so I can be abreast of what's going on in the network BEFORE problems arise. Basically, I need eyes on my network which the previous security guy didn't seem to think was necessary. As it's a "Windows Shop" — having the ability to monitor Exchange, SQL and other M$ network apps is a definite plus. I've been looking at Sonic Wall, Juniper, eEye, Object Planet and Fluke, but I'm hoping the /. Community can suggest some network monitoring gem's (well beyond raw packet analysis) that I haven't heard of or evaluated yet. Searching web is, well, it is what it is — I'm looking for actual use/case from users who actually use it in their day2day and can steer me clear of ones that look good on the demo, but when it comes down to it, don't deliver and conversely, those of you that have stuck with one vendor for years. This would be for the internal network only."


James-NSC has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>