×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Hacker Faces 105 Years In Prison After Blackmailing 350+ Women

Paul Johnson Plea bargain (473 comments)

But no doubt he'll take the plea bargain and spend a mere 1% of that in a low security prison, just like Aaron was supposed to.

about 2 years ago
top

NYPD To Identify 'Deranged' Gunmen Through Internet Chatter

Paul Johnson "Distraction" by Bruce Sterling (292 comments)

In "Distraction" the US government (whats left of it) has software to do this, and it works. But it has been repurposed. Now the idea is to find the borderline crazy guys and spam them with messages saying that is a drug dealing paedophile commie terrorist who needs to be shot. So now has to cope with a steady stream of crazy shooters. Even if survives, they will be too busy dodging the crazies to cause any more trouble.

about 2 years ago
top

Ask Slashdot: Transporting Computers By Cargo Ship?

Paul Johnson Just keep backups separate from your main box (249 comments)

When we moved to and from the US, we just packed the back-up disks in our luggage (one copy each) and sent the computers with the rest of our stuff in a shipping container. No problems, apart from on the way back when the combination of buggy-board case mechanics, a USB disk and a piece of jewellery managed to combine into a suspicious shape on an X-ray. If you're not happy taking the back-ups with you then just ship them via some other route. The important thing is to make sure that two copies of your data go by separate routes in case one doesn't make it; our stuff in the container was insured, but you can't insure pictures of your son growing up.

more than 2 years ago
top

How Do You Prove Software Testing Saves Money?

Paul Johnson Re:Develop a mathematical model of costs (312 comments)

Someone didn't go to college enough. Remember: "All models are wrong, but some models are useful." Any model of the future is going to be inaccurate to some degree, maybe a lot. But any model is better than "I just know that...". Even at the worst, it provides a framework for the conversation about the costs and benefits. Besides, sometimes when you plug in the numbers you find that the difference is so great, the debate is over. But you have to run the numbers to get there.

more than 3 years ago
top

How Do You Prove Software Testing Saves Money?

Paul Johnson Develop a mathematical model of costs (312 comments)

Basically you have to develop a mathematical model of the costs of the current situation, and compare it with a mathematical model of the costs of using tests. As part of this you will have to produce a plan for introducing tests, with the costs for each step itemised. Use the best numbers available, but don't worry if some of those numbers are "best guess". Just don't try to hide the fact. Put both models in a spreadsheet and come up with a number for how long it will take to recoup the initial investment (break even). Don't forget to discount future cash flows. In MBA-speak this is known as a "business case".

more than 3 years ago
top

EU Conducts Test Flights To Assess Impact of Volcanic Ash On Aircraft

Paul Johnson Russian roulette (410 comments)

So they send up half a dozen flights without problems, but this doesn't prove anything. The ash is not evenly distributed; it appears to be in layers in the atmosphere. If you fly up or down through a layer the exposure is brief and you don't see a problem. But if ATC unknowingly tell an aircraft to fly at the same altitude as a layer of ash then you have a big problem. The bottom line is that a few flights prove nothing. If the risk to a single flight is 1% then you won't see anything, but when you restart aviation aircraft will be dropping out of the sky.

more than 4 years ago
top

Full Body Scanners Violate Child Porn Laws

Paul Johnson Re:Government (751 comments)

It's not illegal if the government does it. Right?

In this case I think that is literally true. The CP laws in the UK have an exemption for those with a legal reason to possess or create the stuff (making a copy counts as "creation"). It was intended for lawyers and policemen who have to handle CP in the course of prosecutions, but it looks to me like it would be pretty trivial to extend it to the normal operation of full body scanners, just by having the home office declare this to be the case.

Besides, a nude image of a child is not necessarily CP. The key word is "indecent", which in this context has its normal dictionary meaning of "not generally acceptable". This means that the context matters as much the image itself. I seem to recall a case where a collection of cuttings from the underwear sections of child clothing catalogues was found to be indecent, even though none of the source catalogues were. Similarly a collection of scanner images made in the normal course of someone's work would be OK, but if some employee excerpted just the images of children then that would probably be indecent.

Of course, IANAL.

more than 4 years ago
top

What Belongs In a High School Sci-Fi/Fantasy Lit Class?

Paul Johnson Guilty of Literature (1021 comments)

Check out the book "Terry Pratchett: Guilty of Literature". Its a book of critical essays on the writings of comic fantasy author Terry Pratchett. It would be a good way of introducing the class to ideas of literary criticism within the context of SF.

more than 5 years ago
top

Company Laptop, My Data — Can They Co-exist?

Paul Johnson Agree a memo with the boss (395 comments)

It sounds from what you say that your boss is making this suggestion in a spirit of fairness and helpfulness, and hence you have a good relationship. Normally the best advice over something like this is "consult a lawyer", except that a lawyer is probably going to cost more than the advice is actually worth. There is another issue you don't mention: if you use a company laptop for your own purposes, or take it away with you when you leave the job, then the taxman may view it as a "benefit in kind" and want his percentage. Thats the real reason why most company AUPs forbid personal use of company resources. I suggest drafting a memo saying that the computer will be used 20% for private purposes, and 80% for company purposes (or whatever the right proportion will be) and then claim the company percentage of the price as a business expense. You and the company will jointly own the laptop; you own your data and the company owns theirs. You might even set up separate accounts on it for company use and personal use, just to keep an effective wall between the two. The value of the company share will be depreciated in line with normal company IT equipment (probably linear over a year or two), and if you leave for any reason before that expires you can take the laptop by paying the remaining value of the company share in it. Then you and the boss sign two copies and keep one each. If you do this then the taxman will be happy, your boss will be happy, nobody is paying for anything they don't get, and the position is clear.

more than 5 years ago
top

US Couple Gets Prison Time For Internet Obscenity

Paul Johnson The real reason (574 comments)

From the linked article:

Extreme Associates was the subject of a PBS Frontline documentary entitled "American Porn,"

I suspect this is the real reason they went to prison. You can enjoy your odd habits, as long as you keep them out of sight. Its telling other people about it that is the real crime.

more than 5 years ago
top

From an Unrelated Career To IT/Programming?

Paul Johnson Get in via testing (374 comments)

I'd recommend going into testing in a medium or large company. A big product with lots of user interface needs a lot of testing, and a significant part of this testing requires someone to sit at the console and follow a script. So not much software skill is required. This is a pretty boring job, but it gets you in the door.

Then look for ways to do software-like things. Start by writing some of the scripts, based on the requirements. Test groups tend to be small, under-funded and loosely organised, so anyone with brains and gumption will be given responsibility. From there, try to get into writing automated test scripts. This should give you an opportunity to do some real programming, but on a small scale. After that try to migrate to development.

more than 4 years ago
top

How To, When You Have To Encrypt Absolutely Everything?

Paul Johnson First, get a proper security policy defined (468 comments)

It sounds like this is a knee-jerk reaction to all those "data-loss" stories. Encrypting *everything* is probably the wrong answer. Start by deciding what the goals are. Then look for the answers that meet those goals in the most cost-effective manner. Security is not a product, its an emergent property of the entire system, including the people who use it. If you don't tackle it in a system-wide manner then you haven't a hope.

* Goals: what are you trying to protect? (Confidential data, presumably).

* How might it leak out? (Lost mobile devices, trashed hard drives, posted CDs, angry/corrupt/public-spirited employees all spring to mind).

* Who does the data have to be shared with? Do they have similar polices? Are they enforced?

* How can you prevent leaks? Depends on the problem. Declaring an "everything encrypted" policy probably won't help much, because you can't stop someone bringing their own unencrypted thumb drive in and stuffing data on to it. Also its not cost-effective to encrypt ordinary applications. Its user data you need to encrypt.

So you have to start with an education job. Get the senior management to see that this policy is not going to fix their problem, then show them something more intelligent.

Windows is probably not capable of supporting a complex security policy. But SE Linux might. If you declared that all mobile devices (laptops, thumb drives, PDAs, mobile phones) must not have sensitive data unencrypted, then put a SE-Linux policy in that divides directories into "sensitive" and "unrestricted", and won't let data move from sensitive to unrestricted without passing through an approved encryption process. That will help stop dumb accidents, but it won't stop deliberate leaks, and it won't stop someone writing the key on a post-it note on the CD.

I don't know how to set up something like this in SE-Linux: you are likely to need a guru for that.

more than 5 years ago
top

Should You Break TOS Because Work Asks You?

Paul Johnson TOS are backed by cracking laws (680 comments)

I seem to recall that in the US terms of service have been found to define "authorised access" to a computer, and access outside of the TOS is therefore unauthorised. That puts you in direct violation of US anti-cracker laws about unauthorised access to a computer. If more than $5,000 worth of "damage" is caused (including investigation and cleanup costs) then it carries a maximum of 5 years in the pen. If its done for gain (as in this case) then thats 10 years.

more than 6 years ago

Submissions

top

Petition for full disclosure in broadband adverts

Paul Johnson Paul Johnson writes  |  more than 6 years ago

Paul Johnson writes "I've become depressed about the not-entirely-complete information and terminological inexactitude in UK broadband advertising (and I gather its similar in other countries). Rather than just moan I've started a petition on the UK government petitions website. It calls on the government to require all limits and caps in an Internet package to have a prominent place in their advertising. If you are a UK citizen or resident and feel the same way I do then I urge you to sign this petition. If we can get 200 signatures then the government will provide an official response. If we get more then they might even do as we ask."
Link to Original Source
top

Paul Johnson Paul Johnson writes  |  about 8 years ago

Paul Johnson writes "Simon Peyton-Jones reckons that trying to build reliable concurrent software using monitors and semaphores (like in Java) is like building a tower block out of bananas: even the best builders can only produce something that sort of stays up most of the time. And things are getting worse; programs for multi-core processors have to be concurrent to take advantage of their power. But Professor Peyton-Jones thinks he has the solution. For years databases have provided transactions that either succeed completely or roll back, with all the locking and concurrency hidden under the hood. Now Professor Peyton-Jones is bringing the same capability to ordinary programming. His chosen language is Haskell, and you can find him delivering a video lecture on Software Transactional Memory here."

Journals

Paul Johnson has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?