×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: What Tech Products Were Built To Last?

WaywardGeek Re:Commodore Amiga 3000T (537 comments)

I solved my cellphone battery life problem with a Moto-X from Republic Wireless. Republic still has a few growing pains to get past, but for big geeks who don't mind putting their phone in airplane mode and enabling wifi once or twice a day, it's amazing. In that mode, I go for days without having to charge it, though my phone is only a few feet from the wireless router most of the time. For $25/month for "unlimited" Sprint 3G everything but tethering, it's hard to beat.

9 hours ago
top

Ask Slashdot: What Tech Products Were Built To Last?

WaywardGeek Re:Commodore Amiga 3000T (537 comments)

Oh! You totally beat me to mentioning RealCalc. The HP-41CV is a better calculator, even if RealCalc is awesome, but like my camera, it doesn't fit nicely in my pocket.

9 hours ago
top

Ask Slashdot: What Tech Products Were Built To Last?

WaywardGeek Re:Clock Radio! (537 comments)

This may not count, but my great-great-grandfather's gold pocket watch, built in 1891, just passed the "chronometer" tests, gaining no more than 3 seconds or loosing 6 in a 24 hour period. Heck, back then they didn't even design them to be that accurate.

10 hours ago
top

Ask Slashdot: What Tech Products Were Built To Last?

WaywardGeek Re:Commodore Amiga 3000T (537 comments)

My HP-41CV calculator from 1981. My wife still uses her HP-12C. My HP calculator's cutting edge usefulness vastly outlasted any computer. It's finally been replaced by a calculator app on my Android phone that emulates it!

10 hours ago
top

Netflix Gets What It Pays For: Comcast Streaming Speeds Skyrocket

WaywardGeek Re:huh? (322 comments)

What about the folks who prefer Hulu? What about the next great Internet service that now can never happen again like it did in the past? Netflix paying Comcast is not just about gaining access to customers. It's about locking out competition.

3 days ago
top

First Phase of TrueCrypt Audit Turns Up No Backdoors

WaywardGeek Re:To Crypt or Not To Crypt (171 comments)

I'm always amazed at how hard something as simple as password hashing can be. Yes, it's the user's fault for reusing passwords, but we should try and protect him anyway, because it's very common. Part of the job of the computer security industry is protecting stupid people. Improving this is situation one reason for the Password Hashing Competition.

You are right that password strengthening before encryption is a different problem from user authentication, but the solutions tend to be the same. You can use Bcrypt or Scrypt for strengthening a password hash on an authentication server just like you can while deriving a volume decryption key. The main difference seems to be that a common server may not have a significant fraction of a second to spend on authenticating a user/password combo. TC has some additional constraints, like the volume needs to appear as random data, making it harder to embed various encryption parameters, such as which key stretching algorithm is in use. To an attacker, he doesn't care whether the password/salt is protecting a login account or an encrypted volume. To him, it's just so many rounds of PBKDF2 (or whatever), and then a quick check to see if he got the right answer, and do as many in parallel as possible. Salt is used either way to defeat rainbow tables, so instead attackers use GPU farms to do massively parallel brute force guessing, where each guess is user/salt specific.

However, the two cases I've mentioned are both encryption: TC encrypted volumes, and OpenSSh id_rsa private keys. We could argue about how much effort a server should put into protecting it's user's passwords, but both TC and OpenSSh do *nothing* more than a typical server, devoting only a millisecond to key stretching. That's just lame.

3 days ago
top

First Phase of TrueCrypt Audit Turns Up No Backdoors

WaywardGeek Re:To Crypt or Not To Crypt (171 comments)

I just added a keyfile as you suggested. I put it on a couple of USB keys, so I have a backup, and now in theory my encrypted volume can't be mounted without having the physical key. That should greatly increase my passphrase protection, as well as the volume contents (basically a list of all my various user/password credentials at various sites). I'm still running TC in Windows, and several times I've answered "yes" to let various programs make changes to my hard disk, and my machine probably comes with back-doors from both Lenovo and Microsoft and maybe even Intel. I don't trust our company's closed-source VPN provider, either. So, I still don't feel secure, but at least it's an improvement. Thanks for the tip.

3 days ago
top

First Phase of TrueCrypt Audit Turns Up No Backdoors

WaywardGeek Re:To Crypt or Not To Crypt (171 comments)

I don't do this for a living, but I'm not totally ignorant about this topic. TrueCrypt does a poor job strengthening passwords. TC's users would be far better protected if TC ran something even as lame as PBKDF2 for a full second, with rounds somewhere in the 100's of thousands or millions. Not only does TC do a poor job protecting my data, but when an attacker does manage to guess a user's low-entropy password, he can then try that password all over the place to see where else the user has used it. This is why I say that the user's password is at risk due to TC, not just the data TC encrypts.

To give TC some credit, OpenSSL has the same lame password strengthening as TC, putting id_rsa passphrases at risk, in addition to the user's private key. So, there seems to be plenty of lameness to go around. I hear that a Bcrypt option is in the bleeding edge version of OpenSSL. I which they'd push out that patch along with the Heartbleed fix.

3 days ago
top

First Phase of TrueCrypt Audit Turns Up No Backdoors

WaywardGeek Re:To Crypt or Not To Crypt (171 comments)

I use TrueCrypt. Not that it likely matters given all the other back-doors on my Lenovo Wintel laptop, but I use a passphrase from Hell, and I suspect even the NSA's biggest cracker would have trouble with it.

Other than the backdoors in various places on this toxic waste dump of security, the biggest security threat to my passphrase from Hell is TrueCrypt itself. TrueCrypt by default does 100% useless password strengthening (key stretching or whatever it's called). It's strongest mode, which you have to select manually, is 2000 rounds of SHA-256. I can buy SHA256 boxes that do 1 Giga-hash/second per $10. Figure a government has a few million at least for such boxes, and go compute how strong your password needs to be, and it isn't pretty.

I use my password and TrueCrypt to protect my data. Why didn't it occur to the TrueCrypt authors to protect my password? I mean, Bcrypt at least, come on...

4 days ago
top

Theo De Raadt's Small Rant On OpenSSL

WaywardGeek Re:not developed by a responsible team? (301 comments)

Sometimes the individuals involved can be responsible while the team acts irresponsibly. For example, why is my passphrase of my id_rsa key protected by only one round of hashing with no option for increased rounds? I hear there are good things coming, like being able to use bcrypt, but this is a scandal. Only a security ignorant fool would want his passphrase attached to an id_rsa key with no password stretching at all. So... how many fools do we have out there? I surely hope you weren't counting on your passphrase being secure just because the OpenSSL team was involved.

about a week ago
top

Ask Slashdot: How To Handle Unfixed Linux Accessibility Bugs?

WaywardGeek Re:RMS mentions a comparable situation (266 comments)

So, if I maintain a set of say 20-ish critical accessiblity patches in everything from GTK+ to FireFox, in a git repo, would you pull them when you build Gentoo? An OS compiled from source should make this simpler, though the testing goes out the window.

about three weeks ago
top

Ask Slashdot: How To Handle Unfixed Linux Accessibility Bugs?

WaywardGeek Re:RMS mentions a comparable situation (266 comments)

There's one major problem there: most disabled people in the US are living on Supplemental Security Income of $600-850/month, and have no other source of money. Even a group of them are unlikely to be able to pool enough to hire somebody to fix a bug in something like Xorg.

This is also potentially a huge benefit. I really enjoy working to make GNU/Linux more accessible. I'd do it full time if I could, but I cant afford to. I don't have the time, and companies wont pay me to do it.

People with disabilities, as you suggest, often have no job and little money. They often have lot's of free time that could be spend improving FOSS accessibility. A primary vision of the Accessible Computing Foundation is creating a world where people with disabilities help themselves by creating all of he accessible software they need. There are far more than enough brilliant blind people around the world than would be needed to make Linux virtually 100% accessible to the blind. They just need to come together, learn to code, and make it happen. One of the primary messages for young blind kids is that this is even possible. We seem to live in a world where people with disabilities are encouraged to settle for less than what they can achieve. How cool would it be to organize this unemployed force to make the changes they need? How cool would it be to get young blind kids across the country learning to write code?

about three weeks ago
top

Ask Slashdot: How To Handle Unfixed Linux Accessibility Bugs?

WaywardGeek Re:RMS mentions a comparable situation (266 comments)

Kudos to RMS for believing accessibility is a human right, and taking action personally to promote accessibility in Linux. Fixing accessibility in Linux is a mess, but if we can get enough people involved, it's doable. This is the mission of multiple efforts, and the one I'm involved in is the ACF (Accessible Computing Foundation). The free software movement, and the goal of people with disabilities taking control of their computing environments are well aligned. GNU/Linux provides a platform where at least in theory any and all accessibility issues can be corrected, unlike Windows and Mac OS X.

Unfortunately there are considerable obstacles to "fixing" accessibility in Linux. I believe they can be overcome if enough people come together to make it happen, but there are huge challenges. There are also people who devote a lot of their lives to improving the situation, often for free or very low financial incentive. I spearheaded the 3.0 release of Vinux, which is Linux for the Vision Impaired. I fixed a dozen or so accessibility bugs, but the right fix in many cases would involve major changes to GNU/Linux. I'll list a few.

The accessibility API in GNU/Linux, atk/at-spi, should have shared more functionality with Windows. For typical corporate and FOSS anti-Windows reasons, the accessibility stack was built intentionally in a Windows incompatible way. The result is that accessibility in Firefox and many other major applications never works as well in Linux as it does in Windows. It simply is not reasonable to make every software vendor do all their accessibility coding N times for N operating systems. There is even an effort called Iaccessible2, which is basically a FOSS accessibility stack for Windows, which the creators seemed to hope could also work for Linux. The code was even donated to the Linux Foundation. However, there was never any money or motivation in FOSS land to actually port the software to Linux, SFAIK. Building a single accessibility API that works in Windows, GNU/Linux, Android, and Mac OS X would go a long way towards fixing accessibility in all of those places, but especially in GNU/Linux, since it is usually the OS vendors put the least effort into. As it stands, few GNU/Linux distros are able to keep FireFox and LibreOffice accessibility working.

Then there's the problem of Linux being a multi-headed Hydra monster with no one in charge. At Microsoft, Bill Gates took a personal interest in accessibility, and that's all it took for the entire company to take accessibility seriously. In GNU/Linux land, RMS also takes a strong personal interest in accessibility, but it's not like most of the devs work for the guy. RMS can make his case, but when your boss is asking for prettier GTK+ widgets in Gnome 3 and you're late delivering, accessibility fixes fall by the wayside. When we are lucky enough for a patch to be developed, many times the GNU/Linux authors refuse to include them, because the "fix" is not perfect. For example, I added accessible descriptions to pixmaps in GTK+, which enabled blind users to hear 'star' for a star icon in a table containing pixmaps. The devs could not decide if pixmap was the right place for this accessible description, enabling them to justify doing nothing, and the continued lack of support for accessible icons was the result. It saved them a few hours of work in testing, which was their real priority. Multiply this asinine situation 100X, and you begin to understand why making Linux accessible is hard. GNU/Linux land seems to take pride in making it hard to fix accessibility, because we make it almost impossible to override any given stupid author's decision not to support accessibility. I should be able to patch GTK+, and have that patch automatically distributed to every user of every distro who believes my accessibility patches are something they want. Instead, we've built a system where patches have to be accepted by the authors, and then distributed slowly over years to the stable distros. Stupid, stupid, stupid...

Another major GNU/Linux accessibility problem is the lack of stability and portability between distros. If I write an important Linux accessibility app, like voxin for example, it would be great to compile it once, share it with every person who needs it, and have a way for those people to use that compiled binary as long as they like. This is mostly the case in Windows, and not at all the case in Linux. Voxin, a text-to-speech wrapper for the IBM engine prefered by many vision impaired people, has to be ported to each release of Ubuntu, causing the author considerable effort just to maintain his package for one distro, even though there is no new functionality ever. Pretty much unless you are an ace coder yourself, you wont be able to get voxin working on your prefered distro, and your blind users may avoiding your distro for just that reason. Even if you do go to this effort, that effort will be good for only one version of your distro, and you will have to repeat it forever. As a result, only the espeak TTS package is natively supported in even the most accessible GNU/Linux distros.

GNU/Linux is basically designed to break, and the first thing that breaks is typically accessibility. One problem is that while we can share source code between distros and releases, we cannot share testing, and often we can't even share packaging. If Debian goes the extra mile and insures that the accessibility stack works from boot for each release, that effort does not help RedHat, who must also put in the huge additional testing effort. The result is that only the biggest and most popular distros and applications typically have a working accessibility stack at all. When I looked at what it would take to make Trisquel Linux accessible, I had to let the devs know that they simply didn't have the resources to get there. This was back in 2010, so things may have changed, but this remains the case for most distros.

All of these issues can in theory be fixed. We should stop purposely making GNU/Linux incompatible with any other OS, and instead work for cross-platform accessibility solutions. We should share well tested compiled binaries (which can be verified as matching the source) between distros for critical portions of the accessibility stack, such as TTS, so that it just works. We should make it easy to patch an author's broken accessibility code, compile and test patched binaries, and share them with people on many distros, without making the patch author jump through insane hoops like we do now to get fixes included.

The same problems holding back accessibility in GNU/Linux are also stifling innovation. The fact that we let petty gate-keepers decide what packages can be shared easily is a crime. It is insanely hard to get a new accessibility package in to RedHat, Debian, etc. Accessibility just isn't cool enough. Most good ideas aren't cool enough. That's why so few people develop "apps" for GNU/Linux anymore. The fact that we refuse to share critical testing of binaries between distros, and make GNU/Linux APIs incompatible with the rest of the world on purpose... it all has to change. Otherwise, GNU/Linux will continue it's decline.

about three weeks ago
top

New Stanford Institute To Target Bad Science

WaywardGeek Re:This is where the money is short sighted. (86 comments)

Scientists need to clean house before complaining about politics?!?

Try googling John Ioannidis and Koch brothers. They do not show up in posts were the Koch brothers give him millions of dollars, but the two show up a ton on conservative blogs. He's clearly going for the money. There's money to fund anti-science, unfortunately. f-ing ignorant billionaires who inherited it all (do you ever wonder why two brothers are so influential?) are the ones who really need to take a better in the mirror.

That said, it's absolutely true that most published research is BS. The same is true of *all* publications. That's the nature of the beast. There is still 100X more truth in average scientific studies than in politics.

about 1 month ago
top

Why San Francisco Is the New Renaissance Florence

WaywardGeek Re:sshh! (250 comments)

Back when my folks moved us back to their native California in 1981, I asked my dad about his favorite city: San Franciso. He said, "Don't tell your friends, or everyone will want to live here." He was right.

about a month ago
top

3 Reasons To Hate Mass Surveillance; 3 Ways To Fight It

WaywardGeek Re:HTTPS Everywhere (120 comments)

The crypto weenies over on metzdowd.com seem to think HTTPS is currently a badly broken security layer that gives users a false sense of security. There are a number of suggested fixes, however.

My own pet peeve is that we don't even protect our passwords properly. My ssh id_rsa password protection is a joke: literally a single round of MD5 by default. My TrueCrypt password is protected a bit better, but with custom ASICs, a thousand rounds or so of SHA-256 runs so fast it's not even a significant part of the password guessing latency. I got so POed over this issue ,that I've submitted my own password hashing entry in the Password Hashing Competition. Fortunately, there are guys way smarter than me working on this specific problem, and in a couple of years we should have a far better password protection solution. In the meantime, someone should do friendly forks of TrueCrypt and OpenSSL and incorporate Scrypt as the default password hash for user-land encryption (as opposed to servers that may have to run thousands of hashes per second).

The advice to use more encryption seems sounds, but most of us geeks here on slashdot don't even know how weak our own password security really is.

about 2 months ago
top

The JavaScript Juggernaut Rolls On

WaywardGeek Re:Web Workers (505 comments)

Heck, you're right and didn't even have to go into how f-ed up JavaScript is as a language... "dynamic scoping"... really??? That idea sucked in Lisp and I thought we got past it in the 60's after that cock-up. And now we're supposed to take this bastard child serisouly?

about 3 months ago
top

Will Electric Cars and Solar Power Make Gasoline and Utilities Obsolete?

WaywardGeek Re:Uh? (734 comments)

Even if they get the batteries working great, which I hope they do, we'll still most likely charge our cars over the grid. Maintaining huge arrays of solar panels is done more efficiently at a utility level than on our rooftops. In the end, solar may revolutionize the energy sector, but I suspect we'll still buy our power from our local utilities.

about 3 months ago
top

Dual_EC_DRBG Backdoor: a Proof of Concept

WaywardGeek Re:Another view on teh RSA / NSA thing... (201 comments)

The crypto email list discussed this at length. People chimed in who remember when this happened. Here's my take away: EMC had just bought RSA, and was looking for profits, and many of the best and brightest at RSA had left. The NSA offered $10M to make their RNG the default in BSAFE, and no one at RSA could offer EMC management any compelling argument as to why they should not take the money. RSA issued a press release about it. There was no secrecy. Competitors thought it was foolish to take money from the NSA, and at the same time wondered how they could get onto this gravy train.

This is a case of typical incompetence. The response RSA published is slimy lawyer crapola. The lawyer sucks as bad as the incompetent EMC management. The good news is that there was no secret deal that RSA agreed to with the NSA to compromise all our security. The NSA did their job well. RSA didn't. I'll just point out that only crypto ignoramuses would accept closed-source un-auditable stuff from anyone when it comes to encryption, IMO. Money corrupts this industry.

about 4 months ago

Submissions

top

Republic Wireless Announcement Could Revolutionize Cellular

WaywardGeek WaywardGeek writes  |  about 7 months ago

WaywardGeek (1480513) writes "Do you remember how you felt paying $0.25 per photo you downloaded from your own camera phone? How do you feel when you pay $250 for a Verizon wireless extender for the privileged of burning minutes over your own Wi-Fi? Enter Republic Wireless to save the day with today's announcement of a $300 Moto-X, and all-you-can-eat everything plans for $25/month (3G), and $40/month (4G). By using free Wi-Fi for calls whenever possible, and Sprint's network only when Wi-Fi is not available, RW cuts cell phone charges in half. With the Moto-X, RW is finally ready for big geeks like me."
top

Romney Team Dumps $2M to Sway Intrade

WaywardGeek WaywardGeek writes  |  about a year and a half ago

WaywardGeek writes "Intrade was subject to massive political manipulation today. Starting just past 6am, someone dumped about $100,000 worth of Obama shares to tank Obama's odds from 69% to 64% within a few minutes. Only 15 minutes later, Intrade's Obama odds had recovered to 68%. Throughout the day, the huge Obama dumps were repeated over and over, to the tune of about $2M. Can you buy Intrade odds? Apparently, yes. For $2M, you can reduce a candidate's odds from 69% to 66%. Did American Crossroads find this a good use of secret donor funds?"
Link to Original Source
top

Is Oracle Trashing Your FOSS Project?

WaywardGeek WaywardGeek writes  |  more than 4 years ago

WaywardGeek (1480513) writes "Oracle has finally started gobbling up Sun. The first casualty of consequece? Oracle has decided to decimate Linux accessibility, laying off the entire Orca team, who provides the Linux screen reader. Around the world, thousands of blind individuals now have their computer access threatened. What Oracle cuts have affected you so far? Where can users go to have their concerns heard?"
top

Sony Ericsson Xperia X10/Android: official video!

WaywardGeek WaywardGeek writes  |  more than 4 years ago

WaywardGeek (1480513) writes "Sony may try to steal a bit of Motorola's Droid thunder this week, with a blockbuster announcement of their own later today. They just posted a preview video and specs, and frankly, they nailed it! The girls are hot, and the phone looks good on them. They look smart and sophisticated using it, rather than geeky. Finally, someone has figured out the Apple magic, and looks poised to deliver a real competitor! The phone should look like sex, and this one does."
top

What Filters are Right for Kids?

WaywardGeek WaywardGeek writes  |  more than 5 years ago

WaywardGeek writes "My daughter is using phrases like "hot guys", and soon will have a chat about the birds and the bees. I believe in letting kids discover the world as it is, and have no Internet controls on any of our systems, which are mostly Linux based. However, it's not fair for aggressive porn advertisers splash sex in her face without her permission. My question is: What Linux-based Internet filtering solution do Slashdot dads favor, and do they hinder a child's efforts to learn about the world?"

Journals

top

Zvi OrBach, and Romania in 1999

WaywardGeek WaywardGeek writes  |  more than 3 years ago

As I've just thrown out a bit of a nasty comment about Zvi OrBach, so I'd like to explain a bit more here. First, Zvi considers himself a man of high ethical standards. I'm no moral relativist, but Zvi is from the Middle East, where I suspect lying to the patent office and Romanian employees is considered wise, rather than unethical. At AMI, I dealt mostly with very ethical Christians and Mormons, and I figured it'd be hard to be screwed by the likes of these people. However, I discovered that a company with weak leadership is capable of acting like the worst individual that could be made from the worst aspects of all of it's leaders. One John Stone provided much of those worst aspects, but others provided irrational fear, NIH, kingdom building, genuine stupidity, etc. The individual made from these traits is not someone you can actually deal with.

I loved the trip to Romania Zvi sent me on in 1999. I often wish I could go back there for a while. I'm sure Romanians on this list could properly describe Romania, but I'd like to say how it was for an American geek. First, I was not allowed to carry any significant amount of cash, and there was no such thing as credit cards. Instead, I had a person assigned to make sure I was well taken care of all the time. This is probably a very good thing. The first day, my guide and friend stepped between me and a poor child on the street who was reading a newspaper while walking past me. My guide explained that it was likely that the kid had a knife behind it to cut the laptop shoulder strap while another kid stole it. The poverty on the streets in Bucharest was quite sad, but the city was in many ways like all international cities, vibrant with activities, great food, and culture. We drove to a city which I believe is IaÅYi, though Zvi called it Yas or something similar, so I remained confused as to where I actually was.

IaÅYi for me was a place of great contradictions. The beauty of some architecture was breathtaking, old and magnificent, while much of where people actually lived was dull and uninspired, built under communist rule. I stayed at a hotel considered very nice for the area, and have no complaints. The bed was very small, more like a cot, but it was fine. One night a very beautiful tall slender girl knocked at my door, and opened her over-coat, revealing barely legal clothing underneath. She said "Speak, and I there", and pointed to the floor. Now, I am a huge geek, and I was married, but you'd think I'd figure out what she meant. I thought she was saying she had lost her dress under the couch, but there was nothing there. It took about five minute for her to get me to understand what she was suggesting, and then I was quite embarrased and turned her down as nicely as I could, which frankly was hard for me to do. I think fear was what kept me honest to my wife that night, fear of catching some disease, fear that my room was being taped and I'd be black-mailed, fear that she would somehow wind up taking my laptop (the only valuable thing I had).

The software team was a group of around 10 employees, mostly in their 20's, who had degrees from the University. They worked in one room, on stools, with the worst PC hardware available on the market. Zvi had a Jewish buddy living here, who was running the whole thing, and one thing Zvi may not have realised is that he paid for Dell computers or equivalent, but the team got much cheaper hardware. His buddy pocketed the difference. A major problem was that the network barely worked at all, because the wiring was sub-standard. Their eithernet cables were super thin, and many just didn't work. I'd never seen eithernet cables like that, but someone was making money by skimping a penney per foot, and the software team was hard pressed to collaborate at all. It was litterally a sweat shop, where the heat from the machines and our bodies made the room quite uncomfortable.

But, the team love to write code, some of them were pretty good, and the others seemed to learn quickly. There was an experienced coder named George who's code was outstanding. I hope he was allowed to run the team and train the rest. There was a very nice and very smart girl I believe I called "Cat", who always wore a suit jacket. It turned out she was 8 months pregnant, but didn't want me to know, and she hid her condition under her coat, and gave birth something like 2 weeks after I left. We needed access to Synplicity FPGA software, which I helped develop in my previous job. Everyone already had copies on their machines, and I wondered how they could all be running softare worth seveal times the machines. It turned out that every piece of software in the place was pirated, mostly code broken by Russians. They had Cadence layout tools, and Synopsys Design Compiler, and virtually anything they wished. They had a million dollars worth of software running on $200 computers.

The highest paid employee got $200/month, but a Big Mac cost something like $4. Instead of American fast food, we ate at local resturants with outdoor seating and amazing food for $0.50. The chicken soup was so thick and delicious it could warm your whole body and leave you wanting to return just for the food. Beer by some unit greater than a pint was cheaper than Coke, and not bad. They had a local wine for $3/bottle that I loved so much, I brought some back to California, to discover that the wine acutally tasted pretty bad in California. The difference must have been the food pairing, and ambience, or maybe even a shift in attitude. To go to the bathroom at the resturant, you had to pay a nickle to an old lady who guarded it.

The University was a combination of beautiful and ugly buildings, probably because of when they were built. In one of the older beautiful ones, the bathroom was more elegant than a bathroom should be, with carved marble everywhere. However, the plumbing leaked a continous stream from multiple places to a drain in the middle of the floor. Everything was in a sad state of dis-repair. In courtyards that should have had fountains and students studying, there were broken down cars and mud. The same was true of the people. The programmers I worked with were healthy, and from what I could tell, happy, intelligent and mostly pretty nice looking. They were geeks with a good sense of humor. One of them was a guy with long hair who I thought of as a bit of a hippy, but I think he was the best adjusted of the lot. He alone told me he had no desire to ever leave Romania. He loved his home and told me of hiking and fishing in the mountains, and how he enjoyed his family. I think the poverty weighed heavily on the rest, though they were doing well compared to most in the city. On the streets, we'd see Gypsies who looked like they were starving, and the place had pitiful wild dogs, who breed to the extend that they can find enough food to survive. I think the Gypsies were suffering a similar fate, and I think the Romanians and I tried to not look at them. It was too hard, and there was nothing we could do.

Zvi wanted to get visas so he could have a couple Romanian programmers working at his house in San Jose all the time. Basically he wanted super cheap labor, that would be paid $200/month or less, living in Silicon Valley. I went to the American Consulate with my guide, waited through a long line and suddenly was in America, with Americans speaking proper American English, and trying to hold to very American values. We talked with the lady who had the power to grant such a visa, presenting myself as evidence that this was a real American company, not some Romanian sham. My guide brought her flowers, and clearly indicated that he just wanted to pay the expected bribe. Even I could figure out what he meant. The lady seemed insulted, as I would expect Americans to be, and turned us down flat. When Zvi found out, he was angry, and tried every means to increase the bribe, etc. I've never seen him so angry. He was outraged. Was his money not good enough for Americans? Zvi and the Romanians seemed to agree that the lady suffered from many evil qualities I wont go into. They were deeply insulted that she would not accept a generous bribe. It was racist. It was ugly Americans who thought they were better than Romanians. You wouldn't believe how long they could go on about the injustice of it all.

Zvi's buddy, the Jewish man running the operation, was friendly and deeply religious. He invited me to his home, a small condo, and I met his charming family. Everyone was so nice, the Jewish boss, the Romanian programmers, everyone. However, the Romanians hated Jews with a passion that was clear bigotry. Jews had over time exploited them, they felt, as Zvi's buddy was doing at present. The Jewish boss certainly didn't feel bad about exploiting the local labor. The one thing they agreed on was that they hated Hungarians and Gypsies. Everyone was willing to lie to and steal from everyone else, and this did not seem immoral to them, so far as I could tell. Everyone hated every other identifiable group, and blamed them for their problems.

My guide and friend was certainly no exception. Before leaving, he proposed to start his own programmer sweat shop, and he'd only charge me $2,000/month per person. By the way, Zvi's buddy had ten programmers, but he had them working for multiple clients without the clients knowing about it, so he was overcharging. I'm sure my guide thought he could pay a programmer $200/month and get $4,000 from clients. This, I suspect, is why Romania remained so poor... it was impossible to find an honest person to do business with. After ending my consulting relationship with eASIC, I would have gladly helped set up a business paying programmers $400/month for programmers rented out for $800/month. My friend the guide could have made probably $300/month per programmer, and would have been relatively wealthy compared to others in his city. I would have felt great about increasing the income of the workers, helping them to raise families, and would have gotten a screaming good deal in terms of software development costs. But how could I trust my friend and guide? He was scheming to steal away his boss's business, and clearly thought I had no idea how little he would have to pay his programmers. I know that I would be taken advantage of in every possible way. Code I paid to be developed would be secretly sold to the highest bidder, or more likely all bidders. The programmers themselves would keep copies and use it for any benefit they could find. I honestly hope things have gone well for all of these people. They are charming and intelligent. If I knew of some way to work with them, I would. I don't feel that Zvi, his Jewish buddy in Romania, or any of the Romanians are unethical. They're just different, in a way that naturally happens to people who have been through hell. When times get hard, I would hope that people would come together to try and help each other. I think it does in some places and some cultures, but at some point the cheaters and lairs start doing better than the rest, and if the hard times persist, more people become cheaters and lairs until no one can remember why anyone would want to be honest. It's a self-perpetuating state, where a culture of cheaters and lairs becomes unable to pull itself out of poverty.

The last time I went out at night with the programmers (they were expected to go out with me to dinner every night), we were in a couple of cars that came to a railroad crossing just as a train pulled to a stop maybe 50 feet away. The train was close enough to trigger the lights warning drivers not to cross, but there were no gates to come down an block our way. It was a single track, and the train was clearly stopped, and in no hurry to get moving again. We were at the front of the line. There was zero danger in crossing and continuing to the restaurant. Never the less, these kind people who clearly would steal me blind given a chance, sat there, refusing to move. Cars lined up behind us for maybe 50 yards, and another line formed on the other side of the tracks, going the other direction. Not one person honked or complained. When I said we should just cross, everyone in the car seemed to get upset, as though I had just recommended incest or something. It's like they believed I had no ability to determine right from wrong. You just don't break laws in Romania like crossing tracks when the lights are flashing. Whatever... I guess I didn't stay long enough to begin to understand the culture.

I asked my friend and guide if I could take him and his fiancée to the best restaurant in town, to thank him for everything he had done for me. He agreed, and wound up at a place that charged huge prices - probably $10 per person for dinner. It was a Tex-Mex American restaurant. It was packed with poorer retired Americans who were in Romania for a cheap vacation. The food was nothing special. However, everything was clean. The waitresses were pretty and friendly, and nicely dressed. The bathroom was spotless. The Romanian couple with me seemed to feel this place was wonderful. I would have rather spent fifty cents for some of that great Romanian food.

Romania, at least the part around IaÅYi, is beautiful, with rich culture, art, and architecture. The mountains remind me of the Black Hills of South Dakota (which if you haven't seen, by all means, get going!). The people are genuinely kind and well educated. I love the place. I agree with the long-haired programmer. If I were Romanian, I wouldn't ever leave. It's one of the best places on Earth. I hope the last decade has brought luck and prosperity to those people. They need it.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...