DARPA Wants To Kill the Password
Only if you're dumb enough to let authentication program be suspceptible to such an attack. Dictionary attacks can be trivially defeated by rating limiting tries and after, say, 5 tries not allowing any more attempts for some cooldown period. No attacker is going to bother if they can only have 5 tries every 15 to 20 minutes.
Please, if you ever have to implement one of this cool down periods, don't be an asshole and allow just 5 attempts (or 3 or something equally idiotic).
There's no good reason why not allow, let's say a 100 attempts, and even really short cool down period should be enough, for example 500ms. Time for some quick & dirty math, assuming 36 possible characters and an 8 character password, a 500ms cool down would add: 36^8*.5/60/60/24/365 ~= 48000 years to brute force all combinations.
Good Engineering Managers Just "Don't Exist"
I should not feed the trolls, but anyway, I'll bite.
I disagree on both counts, Medallia has been profitable for quite some time and it's growing really fast, so hardly a waste of VC capital.
On the engineering side, we do build new things, some are really challenging. For example we have a very cool real-time OLAP engine (we can render reports with a median time of 183ms, on datasets with a hundred million records and thousands of columns), our text analytics team does build it's own models (we have researchers on payroll), our sentiment analysis models for some industries are better than anything else out there, the testing infrastructure is wonderful, and there are things I cannot discuss :)
Working here I've met some of the brightest people in the world (I stand by that). In all, it's a great place to work as an engineer.
Ask Slashdot: Why Are Tech Job Requirements So Specific?
It's not congress that matters, for certain visas the company has to do a reasonable effort to find someone locally before the visa is granted, so you post a job offer that it's essentially un-fillable by anyone other than the person applying for the visa.
Ask Slashdot: What Are the Hardest Things Programmers Have To Do?
Naming things is hard, because to give something a good, meaningful name, you must understand the thing you're naming deeply.
Maybe that's where the notion of a true name comes from.
Whenever I find myself having trouble naming a class or a method/function, it's typically a sign that something in my understanding of the problem (or the framing of the solution) is wrong. And I need to revisit the thought process that took me there. Usually, once I do so, names fall in place without much friction.
Scientists Use Sound Waves To Levitate, Move Objects
The paper was submitted on January this year, and approved for publication on June 8. This is a change in design that allows transport and handling rather than just levitating it in air. The flourish was in the original article BTW.
AMD Details Next-Gen Kaveri APU's Shared Memory Architecture
Today I read an an article in Gamasutra that details some of the internals of the PlayStation 4 and the architecture looks a lot like what's described here.
With GDDR5 memory this could be very interesting.
New Study Suggests No Shortage of American STEM Graduates
For many companies, hiring is a matter of finding the best people they can (for whatever definition of best they have). Even if you have enough people graduating, the distribution is always the same, 50% are still below average. If you aim for top 5-10% (based on whatever criteria) then the market is a bitch. Even if you pay above average, it's still hard to get good people.
It's not just the technical qualifications, you have to also find a cultural match.
In my experience, most software companies hiring H1-B do so because by hiring abroad you have a larger pool of candidates to choose from, if you search several job markets at the same time you increase your chances of finding the profile you want. I'm sure there are many cases where this is not the case (incompetence, malice or whatever). But I cannot believe that price is the only driving factor.
Microsoft, Partners Probed Over Bribery Claims
It is pervasive in many places. Since the US frowns upon US companies bribing foreign officials, there are many consulting firms local to the country in question that take care of the bribes. These are never mentioned explicitly, so the US company doesn't actually pay the bribes, it just pays the consulting firm. And the consulting firm takes care of the bribes. That way you have deniability.
Since the consulting firm is out of reach from the SEC et.al. discovery is a bitch and the cases cannot normally be pursued (unless you get one of the officials to testify, which is at least difficult).
Botnet Uses Default Passwords To Conduct "Internet Census 2012"
He did 420000 intrusions, it's probably a lot more than that. In NY it would be up to 420000 years just for unauthorized computer use I believe.
Still, really cool hack (in the classic sense), it is conceptually similar to a Von Neumman probe.
Ask Slashdot: How Do You Stay Fit At Work?
+1 for crossfit.
I just started doing Cross-Fit, the great thing about it is that every training session is different (I get bored easily) and you get results pretty fast. I also bike to work often, and I used to run a little.
Going back to the poster's question, the thing is, when you get older you have to do something or your body will not be kind to you. What has worked for me is to try something, do it for a while, and if I start to get bored, try something else. The secret to success is to keep trying. You'll start something, maybe you'll drop it (and that's fine), but when you do that, instead of giving up, just find something else to do.
If you are really that strapped for time, try running 20 minutes three times a week. At first, if you're out of shape, you'll walk most of the 20 minutes, but you'll get better pretty soon. One bonus of running is that it doesn't take much time (changing your clothes and maybe a shower), and you can do it pretty much anywhere.
The World's Fastest-Growing Cause of Death Is Pollution From Car Exhaust
From the actual paper linked in the article:
In 2010, the three leading risk factors for global disease burden were high blood pressure (70% [95% uncertainty interval 62—77] of global DALYs), tobacco smoking including second-hand smoke (63% [55—70]), and alcohol use (55% [50—59]). In 1990, the leading risks were childhood underweight (79% [68—94]), household air pollution from solid fuels (HAP; 70% [56—83]), and tobacco smoking including second-hand smoke (61% [54—68]). Dietary risk factors and physical inactivity collectively accounted for 100% (95% UI 92—108) of global DALYs in 2010, with the most prominent dietary risks being diets low in fruits and those high in sodium. Several risks that primarily affect childhood communicable diseases, including unimproved water and sanitation and childhood micronutrient deficiencies, fell in rank between 1990 and 2010, with unimproved water and sanitation accounting for 09% (04—16) of global DALYs in 2010. However, in most of sub-Saharan Africa childhood underweight, HAP, and non-exclusive and discontinued breastfeeding were the leading risks in 2010, while HAP was the leading risk in south Asia. The leading risk factor in Eastern Europe, most of Latin America, and southern sub-Saharan Africa in 2010 was alcohol use; in most of Asia, North Africa and Middle East, and central Europe it was high blood pressure. Despite declines, tobacco smoking including second-hand smoke remained the leading risk in high-income north America and western Europe. High body-mass index has increased globally and it is the leading risk in Australasia and southern Latin America, and also ranks high in other high-income regions, North Africa and Middle East, and Oceania.
The news here is that the risk factors have shifted in the last 20 years, not that "OMG cars are baaaaad", still, salty foods are a lot more likely too kill you than a car exhaust.
Valve Begins Listing Linux Requirements For Certain Games On Steam
Since I heard they were doing Steam for Linux I can't get it out of my head that they should build their own distro. They should probably pursue a similar strategy than the one Google did with Android.
They could partner with hardware manufacturers and certify PCs or console-like devices that they are compliant with the distribution hardware requirements, maybe setting several levels of hardware support. So you can buy a 'level 3' Steam PC, and be sure that a certain number of games run on it without issues.
I would probably buy something like that if the experience was hassle-free enough.
Everspin Launches Non-Volatile MRAM That's 500 Times Faster Than NAND
You're thinking about just a single use-case. Which would be to replace non-volatile storage, but this could conceivable replace some or all RAM for mobile devices, since it needs no power if not actively reading or writing and would allow even lower power states.
Light Bulb Ban Produces Hoarding In EU, FUD In U.S.
In Argentina the ban went into effect this year, and it was (surprisingly) fairly painless because of Halogen lamps which naturally replaced traditional lightbulbs. They are dimmable, and the color temperature is almost the same, and only slightly more expensive.
Polish Researcher: Oracle Knew For Months About Java Zero-Day
The thing is that even the way they relate to their customers is different. For example, once a customer came to visit Oracle HQ (it was a large European bank that shall remain unnamed) and I got pulled for some technical question that they had regarding an old version of some product.
I found astonishing to see the way the customers asked for things. The power play was reversed, rather than the vendor trying to convince the customer that his was the right way, it was the other way around. It was the customer trying (even begging) to sell us on some ideas that we should consider including in our roadmap for the next two or three years (pretty pleaasee?).
I actually was acquired by Oracle, so I started in a small company, and ended up in the belly of the beast. So I was used to thing being the other way around, more like having demands from customers, or we'll go to other vendor. In this case it was more like: we'll buy anyway, but please add this, it will make our lives a lot easier.
I'm not defending them, but an Oracle-size company is a very unusual beast. At the very least it should not be surprising that it takes them some time to move.
Polish Researcher: Oracle Knew For Months About Java Zero-Day
Oracle is a huge organisation. I mean mindbogglingly huge (think planet Vogon). There is a lot of red tape that you have to cut to get anything done, and in 4 months they're probably still scheduling meetings to figure out if it should be fixed, and when, and by whom.
Unless an SVP gets involved, it's unlikely that it will be rushed.
Google Distances Android From Samsung Patent Verdict
Mult-touch patents could seriously cause problems for the rest of the world. Apple might license them at $30-$50 per handset, if they license them at all.
Actually Apple does not license technology.So, you basically can't use it.
Should Developers Be Sued For Security Holes?
if that happens, we'll become a LOT more expensive.
Cisco's Cloud Vision: Mandatory, and Killed At Their Discretion
Not really, there are very good router manufacturers, such as TP-Link (it's a chinese brand, but they're really good). Their software is much better than CISCO Linksys or D-Link, and if you don't like it, most support DD-WRT, etc.
Ask Slashdot: Is Outsourcing Development a Good Idea?
Let me say that one more time: you should never outsource your core business
It's fine to outsource non-critical parts of your business, but never your core. I would think that building software is at the core of the company based on what you describe, and it should be treated as such, but apparently management at your company doesn't seem to think so.
juancn hasn't submitted any stories.
juancn has no journal entries.