Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Bug Bounties Don't Help If Bugs Never Run Out

omgwtfroflbbqwasd Re:There aren't infinite bugs (235 comments)

Counterpoint: Even the best teams are not capable of making secure software.

Case in point, the NASA shuttle avionics system. CMMI level 5 certified software development program, track record of 2 Sev-1 defects per year during development.

Timeline Analysis and Lessons Learned (see page 7/slide 6) You'll find that there were hundreds of unknown latent Sev-1 defects (potentially causing loss of payload and human life) and even ~150 defects 15 years after the program started.

The question isn't whether your team is capable or willing to fix the issue, you must acknowledge that there is nearly 100% certainty that there are unknown vulnerabilities in any software you write. The question goes back to whether a bug bounty program will ever cross the inflection point of a ROI chart.

about 9 months ago

Federal Judge Says No Right To Secret Ballot, OKs Barcoded Ballots

omgwtfroflbbqwasd Re:Federal Judges Need to Go Back to School (584 comments)

The constitution simply defines the scope and authority of the federal government, and relationships between states as well as between state and federal government.. All powers not explicitly defined in the constitution as being federal are resigned to state jurisdiction. Constitutional amendments have added specific rights to address state and federal abuses.

more than 2 years ago

Sci-fi Writer Elizabeth Moon Believes Everyone Should Be Chipped

omgwtfroflbbqwasd Re:3 Words (409 comments)

Go fuck Elizabeth yourself?

What was that in response to??

more than 2 years ago

Ask Slashdot: How Do You Deal With Priorities Inflation In IT Projects?

omgwtfroflbbqwasd No one has a "low priority" project (304 comments)

The answer lies in quantifying the project impact, not in calling it low/medium/high (which is a subjective, relative term). Also, as business grows (or shrinks), the measurement of impact should be weighted as well. For example, a project that generates $1M/yr in revenue is a big deal when you're making $2M/yr, but not as much when you're making $20M/yr.

In the end, limited resources need to be focused on the area where it makes the most impact rather than trying to solve everyone's problems. That is exactly what IT management's job is.

The other answer is that no group/team/company does this really well, it comes down to individual manager's or IC's style and how you dismiss the trivial requests.

more than 2 years ago

Passwords Are the Weakest Link In Online Security

omgwtfroflbbqwasd Re:gpg-authentication? (277 comments)

That's fine, until someone wants to log in from a different computer where they don't have their private key available..

more than 4 years ago

Who Should Own Your Smartphone?

omgwtfroflbbqwasd Re:It can be a blurry line (129 comments)

First things first. Is "company data" - email, contacts, files - accessible from your phone? If so, they have a vested interest in making sure that data is not compromised when your phone is lost or stolen. As a result, PIN/password requirements, encryption, antivirus, and remote wipe capabilities are generally required. In some cases where devices have a tunnel to the corporate network (Blackberry), they will possibly want to control what apps you install to prevent malicious ones from accessing the corporate network via your BES server.

Most laypeople don't have any clue about protecting company data on a regular basis, they just want their data instantly and aren't concerned with what happens in a worst-case scenario. "Oops, it got stolen. Guess I need to get the latest model now!"

more than 4 years ago

Who Should Own Your Smartphone?

omgwtfroflbbqwasd Re:Another Reason to Love My Employer (129 comments)

Hey Blockbuster - want to know what Netflix is up to?

1) Steal this guy's phone.
2) Gain competitive intelligence
3) Profit!

more than 4 years ago

Rootkit May Be Behind Windows Blue Screen

omgwtfroflbbqwasd Re:SFC Find It? (323 comments)

Generally, rootkits will modify function pointers in the kernel so that typical detection activities are trapped and handled so that the system appears unaltered. In the case of file access, the original file (in an alternate location, data stream, etc.) can be accessed in place of the trojaned one that was loaded on boot, thus preserving original the file size and contents.

more than 4 years ago

Managing Young Sys Admins At Oregon State Open Source Lab

omgwtfroflbbqwasd Sysadmins have good growth opportunity (141 comments)

While entry-level programmers may make a slightly higher salary than a similar systems administrator, over time there's a lot more upward opportunity for the sysadmin. Systems Engineering and Systems Architecture - being the guy that ties the network, the server, and the apps together, is a very in-demand skill and is something programmers will never have the opportunity to become. Programmers only make the big bucks when they have other specialized knowledge that's specific to the apps they are developing, i.e. finance, GIS, physics, etc..

I'm personally glad I made the decision 12 years ago to move into systems after earning my Comp. Sci. degree. I went from web app development for an ISP to Linux/Solaris/HPUX sysadmin, to Systems Architecure, to Info Security.

about 5 years ago

Microsoft Investigates Windows 7 "Black Screen of Death"

omgwtfroflbbqwasd Re:Heh, simple. Don't update. (351 comments)

yeah, cause, you know, there aren't any client-side vulnerabilities for any Windows apps. All Windows attacks only target 135/139/445.

more than 5 years ago

Road Rage Linked To Automobile Bumper Stickers

omgwtfroflbbqwasd Re:in other news (1065 comments)

Is this a troll? Self-righteous prick? You be the judge.

If you're not passing someone (and you're not, if you're going 64) then don't drive in the leftmost lane. Period.

more than 6 years ago


omgwtfroflbbqwasd hasn't submitted any stories.


omgwtfroflbbqwasd has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?