Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Could High Bay-Area Prices Make Sacramento the Next Big Startup Hub?

mrheckman Re:NO (190 comments)

I have to add, however, that UC Davis has been a top research university for many years, but that has not led to the creation of a large number of start-ups. Having a bleeding-edge academic institution in the region may be a necessary, but not sufficient, condition for creating a tech innovation hub.

about 5 months ago
top

Could High Bay-Area Prices Make Sacramento the Next Big Startup Hub?

mrheckman Re:NO (190 comments)

Tech innovation hubs are centered around bleeding edge academic institutions because start-ups need academics to consult for them. Sacramento does not offer this.

UC Davis, as the article states, is a top research university. Here are some statistics, collected by UC Davis itself (http://admissions.ucdavis.edu/about/rankings.cfm):

* 14th in research funding among U.S. ranked public universities and 22nd for public and private universities
National Science Foundation 2011 R&D Expenditures

* 9th among public research universities nationwide and 39th among public and private research universities
U.S. News & World Report's 2014 "America's Best Colleges"

about 5 months ago
top

Immigration Bill Passes the Senate, Includes More H-1B Visas

mrheckman Re:Care to mention which study? (274 comments)

One more thing,

The study says that "there is a higher departure rate of older workers in STEM occupations with greater young skilled immigration into the firm. This heightened old/young differential is especially pronounced for workers earning over $75,000 a year."

Why didn't the NY Times reporter mention that?

about a year ago
top

Immigration Bill Passes the Senate, Includes More H-1B Visas

mrheckman Re:Care to mention which study? (274 comments)

Would the author care to mention the name of the study, who it was performed by, or even (*gasp*) provide a link? Otherwise a reference to "one recent study" has no credibility whatsoever.

The OP was quoting from the NY Times article that was linked to in the post. There are even quote marks in the post to indicate that. The times article gives a link to the study: http://www.people.hbs.edu/wkerr/Kerr_Kerr_Lincoln%20Feb2013.pdf .

One could blame the OP for not providing some personal commentary on the article that he or she quoted, but you can't blame the OP for not citing the study. On the other hand, one can and should blame the reporter who wrote the Times article for not summarizing the study better.

The study says that hiring of "young skilled immigrant employment, where young workers are defined as those under 40 years old" is correlated with "expansions in other parts of the firm's skilled workforce". And "a 10% increase in a firm's young skilled immigrant employment correlates with a 6% increase in the total skilled workforce of the firm." That seems logical -- a firm on a hiring spree will look for engineers from many sources. But it doesn't say anything one way or another about why the companies are hiring the immigrant workers. Is it because there's a shortage or because the immigrant workers will work for less money? The study does not say. Moreover, the study does not seem to consider that hiring of foreign workers means that fewer native workers are hired who would otherwise be hired, even if there is an overall increase in the number of native workers hired.

And I wonder how the researchers who published the study would deal with companies who lay off much of their IT staffs and replace them with contractors through Cognizant and the other large consumers of H1-B visas. The company who laid off their staff does not directly hire the H1-B visa holders, but Cognizant does. Naturally, Cognizant hires support staff and some native engineers to support the buildup of the H1-B staff. This conforms to the study's conclusions, but the net effect is that many native engineers have lost their jobs.

about a year ago
top

CES: Automatic Plant Monitoring Through Your Computer or iPhone (Video)

mrheckman $99 for a plant sensor? (44 comments)

Amazon sells them for $99 a sensor. At that price, I can almost afford to have someone come in and water the plants for me.

Or, better yet, I can just continually get new plants and toss the old ones.

about 2 years ago
top

Announcing Adafruit Gemma – Miniature Wearable Electronic Platform

mrheckman Re:It's all good and interesting... (44 comments)

Tapping out "-- . .-- .- -. -" no doubt.

ME WANT (for those who don't read code).

about 2 years ago
top

Google Chrome 25 Will Serve Searches Over SSL From the Omnibox For All Users

mrheckman Re:How does firefox handle searches? (101 comments)

Use the HTTPS-anywhere addon, from the EFF (https://www.eff.org/https-everywhere). It has rules that cause Firefox to automatically use HTTPS for dozens of web sites, including Google Search and APIs.

about 2 years ago
top

IT Job Market Recovering Faster Now Than After Dot-com Bubble Burst

mrheckman Re:I am about to abandon job search. (242 comments)

I am about to abandon job search.

I have an excellent academic profile, I have successfully created my own business, and I cannot get a job because I want to switch to a technology where I don't have 2 years of experience.

I have applied for many graduate jobs as well as junior ones but still nothing.

Well, I don't need the money, so I will be programming some open source which I like...

But, if you program open source projects for two years, that will give you the resume-worthy experience you need to get a tech job. But, by then, you'll probably have your own tech business and won't need to look for a job anywhere else.

about 2 years ago
top

IT Job Market Recovering Faster Now Than After Dot-com Bubble Burst

mrheckman Prediction: Bye-bye "re-shoring" (242 comments)

Employment in high tech is cyclical - boom to bust, followed by boom again. It seems to happen roughly every 10 years (1991, 2001, 2009 come to mind, but there was another boom around 1980). When employment booms, there's a shortage of skilled engineers and programmers, so companies look to off-shore. Meanwhile, the number of CS students in the US skyrockets. Then those students graduate, and not long after, the industry tanks, the job market softens, and there's a local surplus of skilled workers who are suddenly more affordable vis-a-vis off-shore workers. Seeing the surplus of skilled on-shore workers, companies start "re-shoring" -- bringing jobs back to the US. But lots of unemployed engineers and programmers go on to other things and, seeing so many engineers and programmers out of work, CS enrollments plummet. When the next boom hits, there's a shortage of workers again and the cycle continues.

about 2 years ago
top

Instagram Loses Almost Half Its Daily Users In a Month

mrheckman Maybe it was just a fad (250 comments)

A change in usability could explain the drop in users, or maybe it was a fad and people have moved on to something else. Most of social media is faddish. It's like the night club business. It's very difficult to maintain popularity, even if you achieve success, because people are moving on to the next hot club.

about 2 years ago
top

GM CIO Says HP Hiring Probe "Not the Best Use Our Legal System"

mrheckman Workers leaving in droves (101 comments)

HP layoffs (not all layoffs, really, but also including early retirement offers accepted and attrition without replacement) total over 120,000 for the past decade (includes the 29,000 in the latest round announced last Spring and increased by 2,000 in September, but not all yet realized). The issue with the workers jumping to GM is simply whether GM violated the contract. If those employees had gone, en masse, someplace else, HP would not have grounds to question it. From my point of view, the employees in question helped HP get closer to reaching the downsizing goal.

about 2 years ago
top

New Group Paves Way For 2012 Online Primary

mrheckman Nader, Gore, Bush redux? (249 comments)

"A credible, nonpartisan ticket"? Third-party candidates have historically done very poorly in American presidential elections. There is no reason to expect this one, even if it comes off, to do any better. I don't see the effort as "credible". And it certainly won't be "non-partisan". The mere fact that they want someone to vote for the ticket makes it "partisan". At best, the organizers want to straddle some kind of middle-ground between Republicans and Democrats, but that middle ground is a fantasy and, despite the expressed desire to "force Democrats and Republicans in the nation's capital to start bridging their cavernous ideological divide", that divide is unbridgeable at this point. Republicans believe they can win by not compromising. They have been busy not compromising for Obama's entire time in office. The effort could only succeed if it convinces Republicans that they have more to gain by compromising than by stonewalling, but Republicans are very good at holding the line. More likely this effort will siphon off Democratic voters. Do you remember how voters for Nader drew enough voters in Florida from Gore to (after Supreme Court intervention) throw the election to Bush? Are the organizers of the Internet primary moderate Democrats or Republicans? Who would have the most to gain?

more than 2 years ago
top

SCADA Problems Too Big To Call 'Bugs,' Says DHS

mrheckman Re:Argh (92 comments)

>Stuxnet infected a PC, causing it to change the signals it was sending to
>motor speed controllers, thus fouling up a process. Which is why you keep
>your SCADA PCs as far away from the Internet as you possibly can.

Stuxnet actually reprogrammed the PLCs, too. See the analysis at

http://www.symantec.com/connect/blogs/stuxnet-breakthrough

about 3 years ago
top

GE's World War II Era "Copper Man" Gets His Due

mrheckman Copper goes for $3/pound (61 comments)

The article says it is worth $400 as scrap. Assuming all the value is in the copper, at $3/pound (based on what a local metal recycling center was paying during a recent visit), that means there's about 133 pounds of copper (61 kilos) in the Copper Man. The Copper Man has a thick skin.

more than 3 years ago
top

TN BlueCross Encrypts All Data After 57 Disks Stolen

mrheckman Re:Cheap, but what about ongoing costs? (140 comments)

I work for a company where data is subject to HIPAA (United States' Health Insurance Portability and Accountability Act - a law whose provisions also address the security and privacy of health data). Our data has been encrypted -- at rest and in transit -- for years. The loss of private health information, like what Blue Cross did, is a serious crime under HIPAA and subject to major fines (in this case, at least tens of millions of dollars, probably, given how large the breach was). The initial cost to encrypt and any ongoing expenses will be pocket change compared to the fines that Blue Cross is potentially facing, with increased fines for repeat offenses.

In practice, once you have disk-level encryption set up for data at rest, and network encryption for transmitted data, your on-going costs are pretty minimal. There's some central administration and IT support to administer and maintain the tools, and your ISO needs to do some compliance reviews and risk assessments to make sure that things stay encrypted, but after installation they are pretty transparent.

Blue Cross should have been doing this all along. Nothing like a large fine to focus the mind.

more than 3 years ago
top

Another Cell Phone-Cancer Study Emerges

mrheckman Cancer takes years to show up (212 comments)

Children and adolescents? Heck, I suspect that one could run a test of children and adolescents working under UV lights in asbestos mines who eat nothing but saccharine, and there still wouldn't be any sign of a cancer connection. Cancers generally take years to show up.

more than 3 years ago
top

Google's Bangalore Streetview Project Stalled

mrheckman "Secret phonebook problem" variant (108 comments)

>Scale makes all the difference in many things.

The argument against Google's streetview seems to be a variant of the "secretive government agency phone book problem", In that example, the entire phone book is classified but individual numbers are not.

https://webcache.googleusercontent.com/search?q=cache:-x18fG3G-ioJ:www.acsac.org/secshelf/book001/24.pdf+&hl=en&gl=us

Similarly, Google is right that it is taking pictures of public streets, which people are generally free to do (sensitive locations notwithstanding), but the objection is to the compendium of pictures as a whole. This seems to many to be a security problem, possibly because of how easy it makes it for someone to do reconnaissance without actually visiting and taking their own photos, the act of which, presumably, could be detected.

more than 3 years ago
top

NSA Says Its Secure Dev Methods Are Publicly Known

mrheckman Re:Here's proof that... (114 comments)

...it is definitely possible to write secure software if you just simply follow sound and smart development methods and practices... and don't write half-assed, slipshod, thrown-together-in-a-hurry code.

Proof? I don't see any proof in the article that the NSA produces secure software, or even a claim that they do. Instead, the NSA Technical Director quoted in the article said "even within the NSA, the problems of application security remain maddeningly difficult to solve." That doesn't sound like they have solved the problem, but that they, too, are grappling with a fundamental issue in software development.

more than 3 years ago
top

Targeted Attacks Focus On Economic Cyberterrorism

mrheckman Re:"Legacy"? (73 comments)

Firewalls, anti-virus, and URL blockers are not legacy systems at all. They are the state of the art in security precisely because they have to protect legacy operating systems and applications, or new systems built to be backward compatible with legacy systems, which are the real "legacy" problem.

People use all sorts of old software because they have such a huge investment in systems and applications that are built on them. But that old software keeps needing to be patched. For example, there's Windows, of course, 'nuf said, and applications like Adobe Reader. Adobe has to come out with a new patch every week to fix another critical flaw, but they can't simply drop it and start from scratch to fix fundamental flaws - it's not economically feasible. And large numbers of businesses still use IE6, for crying out loud, because of all the infrastructure they've built around it. You can put all the security system armor you want around that soft, chewy center, but there will always be gaps.

As critics like Bruce Schneier have been pointing out for a long time, on the other hand, we've known how to prevent whole classes of attacks for many years, but no one seriously expects these fixes to be implemented because of the economics.

That said, there's no protection when administrators and users do stupid things with passwords and the like. Phishing will always work, no matter how hardened we make our systems. At best, we can put bounds on the damage.

more than 3 years ago
top

Believing You Are Very Good Or Evil Boosts Your Physical Capabilities

mrheckman Re:Oh, Great (192 comments)

How much evil can an Olympic athlete do before it is considered "doping"?

more than 4 years ago

Submissions

top

California sues Delta Air Lines over mobile privacy

mrheckman mrheckman writes  |  about 2 years ago

mrheckman (939480) writes "California is suing Delta Air Lines for violation of California's on-line privacy law. Delta failed to "conspicuously post a privacy policy within their mobile app that informs users of what personally identifiable information is being collected and what will be done with it" after a 30-day notice. Delta's app collects "substantial personally identifiable information such as a user’s full name, telephone number, email address, frequent flyer account number and pin code, photographs, and geo-location". Why is it we still can't control what permissions an app has on our phones? It's absurd and disturbing that an app for checking flights and baggage demands all of those permissions."
Link to Original Source
top

"Flame" didn't take a nation state to develop

mrheckman mrheckman writes  |  about 2 years ago

mrheckman (939480) writes "Security researcher Todd Heberlein shows how easy it is to create AV-evading viruses:
http://www.netsq.com/Podcasts/Data/2012/GlowingEmbers/ (HTML5 video)

"Flame is the latest high profile cyber espionage attack, and two things stand out about it: how long it has been around without being noticed and its size and breadth of capabilities. This has led to a lot of handwringing in the anti-virus community and computer security community in general. One explanation given for the fact that such capable malware could have gone so long without being noticed is that it was developed by a nation state with huge budgets. Glowing Embers sets out to show that this is not the case. A single person in a single week can accomplish many of the things Flame can all while evading anti-virus software. ""

Link to Original Source
top

LIfe and death reasons to protect digital data

mrheckman mrheckman writes  |  about 2 years ago

mrheckman (939480) writes "Sure, those in the information security trade are concerned with complying with various regulatory requirements, etc., but here's how a journalist's failure to protect his data led to the arrest (and probable torture and death) of activists he interviewed: http://www.cjr.org/feature/the_spy_who_came_in_from_the_c.php?page=1

The article links to an EFF site on the basics of how to protect data. How many of us and our organizations do even these things? https://ssd.eff.org/your-computer/protect

Shouldn't basic encryption of data on smartphones, for example, be the default? Why are things like that even a question at this point in time?"

Link to Original Source

Journals

mrheckman has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?