Confidence Shaken In Open Source Security Idealism
It would probably not be much different, just on the basis of 'open source' alone.
Both open source and closed source can make their case that their way means better software.
Open source basically claims code is available for anyone to see/fix/build on top.
Proprietary software claims their software is more controlled, they can formalize review processes, and they have paid people attending to the code.
But in reality, the open/closed nature of a project is probably one of the smallest factors in terms of affecting quality.
There are open source projects that no one really looks at, there are projects that people use that no one thinks of going into the depths of...
For closed source, often time legacy software/libraries get abandoned, support handed to people who know nothing about it, they go bankrupt...
It really just depends on the company/team/organization assigned to working on said project.
Fighting the Culture of 'Worse Is Better'
I had an interesting talk with an accountant friend of my wife. Being on the accounting side, she was completely puzzled by IT projects. Time isn't book properly on projects, budget overruns, time overruns, no one can give proper estimates because no one knows the backend...
We had a really good discussion actually, and one thing that actually came to my mind is there is a real accounting deficit on the engineer/IT side.
Here's the example that we both really understood.
She wanted some field added to some web application. In her head, it's a simple field... you know like adding a new column in Excel.
She goes to IT. They say, it's complicated. They need to interface with some backend system that no one knows anymore. It takes like 6 months.
The real issue here is a lack of accounting on the IT side. When this backend system was commissioned, it was viewed as a 'project'. Like building a building. You build it, and it is done.
Yet, maintenance is not really accounted for, when it absolutely should be. There should be an accounting cost for every piece of software so someone 'knows' that software. So that when a field needs to be added, there is a person there that knows it.
I gave the crude analogy that basing IT on a per project basis is like building a washroom, and not planning for cleaners. It's going to result in a lot of sh*t.
There is a similar cost to maintaining interoperability. Somehow, because it is 'software', people seem to think they have a natural right to simple 'upgrade'. When you buy a new Honda Civic, there is no general expectation of being able to update to a new engine. Yes, you can do it if you're a modder or really into things, but the general expectation is you buy a new car.
Now I understand all too well that providing such cost estimates is beyond my scope, but I can surely tell you there is such a cost.
Honestly, the most I've seen is 'agile' when it works properly, which is basically assume a fixed cost (fixed number of developers/tests... and hours) and then do what work can be done using those resources. And that's basically accepting the reality of not being able to properly cost things out, which might very well be a good solution, but it's not how most places operate.
Similarly, there is a cost to not hiring long term engineering minded people to think about compatibility, interop...
Former GM Product Czar: Tesla a "Fringe Brand"
"He thinks that the company will remain a "fringe brand" until it introduces its next generation of cars, the smaller and less expensive Model 3 currently planned for a late 2017 introduction.
That's pretty much a reasonable statement. Telsa gets a lot of buzz and I'm sure a lot of wealthy people have them. Yet, it is not a common person's car until the less expensive models come in 2017.
There's a lot of anticipation with Tesla and we all wait and see to see how it impacts the regular person with respect to delivery, service, cost, warranty, scale...
The test of Tesla is coming soon to the mass market. The big auto are already ingraining their hybrids and all electrics.
Who knows what they will have by 2017.
Tesla has the benefit of a fresh start. But the rest have all their service centers, branding...
Amazon Forced To Reboot EC2 To Patch Bug In Xen
Seriously, if you ran your own server, you think you would never have to reboot it?
Yes, the cloud will have downtime. Just like we sometimes have blackouts/brownouts from an electricity outage.
BUT, chances are that downtime is LESS than the downtime you'd have running things on your own.
In every company I've worked in, there have been days the internet goes down, some intranet app goes down, exchange goes down... things need to updated and are down for a few hours.
Why India's Mars Probe Was So Cheap
I'm not sure what connotation you are implying, but this is a good thing.
That the general public and general worker is not accustomed to bribery is a good thing.
Yes, it would be better if the upper crust didn't bribe as well. But understand that bribery for the average person is horrible.
Being pulled over by police looking for a bribe.
Getting your passport takes a bribe.
Teachers take bribes for grades. ...
Those are issues that would affect and ruin most interactions of most regular people. Thank god, us regular people are 'not allowed' to bribe. Most of us who grew up in countries like that know what kind of environment it is.
Let's face it if it is a choice between BIGCORPA and BIGCORPB getting a big government contract and there is bribery involved, it doesn't affect the average person on a day to day level. Yes, it is wrong. Yes, it should be fixed. But you cannot compare this high level corruption to the day to day corruption that infects your daily life.
How Our Botched Understanding of "Science" Ruins Everything
Well he is on to something and has a good point.
There is a real problem with the public's perception of science. From a sociological point of view, it very much does resemble a priestly cast like religion.
Let me give you a rather mundane example. Transit is a big issue in my home town of Toronto. Now there is a very real debate to be had here in terms of subways, rapid bus, LRT, regional rail...
But there is a certain class of citizenry that takes it's beliefs from the people who 'claim' science by stating the answer is so obvious because it is in this REPORT.
You will often hear in Toronto for example this report clearly says that light rail is the answer. Here's the catch... ever read into these 'reports'
Allow me to summarize:
Create a bunch of weights (subjective criteria)
- average travel time (x %)
- people near stop ( y %)
- cost ( z %) ...
Then do the calculation and come to a conclusion. The problem is you basically already know the answer by choosing your weights.
For example, in light rail versus subway, the real choice in the reports is actually based on people near a station. Light rail in their report using shorter stop spacing which means more people near transit. Subways, typically have fewer stations/fast travel time, but of course have less people near a station. You might have to walk more.
Again, a perfectly reasonable debate that can occur based on what you value or what you think is best or what you can afford.
But there is this undeniable group of people who decide to adhere to a report, unaware of what is actually in the report... how things were weighted, unaware that most of it is basically subjective based on the values assigned in the weighting process, unaware of the restriction of options, etc.
But again, no need to have a discussion or admit a simple difference of opinion. Afterall, a study showed it is the best option, and you must just be anti-science if you disagree with it.
And yes, it is very hard to know the context of each study without actually delving into the details. It is very much like religion in the sense that the average person gets their understanding from a pastor/organization of some kid.
science gained a great reputation largely because it had little power. Sure, I'll use science to investigate the law of gravity...
But now 'science' is being invoked on how to spend billions in healthcare, transit, decide the taxation policy, manage human made systems like the economy...
In my view, science will not cure politics... politics will infect science.
The more people see 'science' being invoked into all these subjective areas, the less they are likely to believe the institution of 'science' in other areas.
From a layman point of view, it is the same body that tells one global warming is an urgent problem and that light rail must be chosen over subways.
Logitech Aims To Control the Smart Home
Really, you've never gone grocery shopping and can't remember how many eggs you have left or how much milk you have left?
These are real problems. Now they're fairly minor and certainly not worth the problem of installing or setting up a system. None of the solutions out there solve it in a reasonable way, but let's not pretend it is not a valid problem.
I for one would love to be able to have a fridge that somehow automatically knew exactly what and how much was stored in it that I could access over my smartphone.
Extent of Antarctic Sea Ice Reaches Record Levels
Being resistant to change is a good thing.
I mean, if things are working as is, any change could be bad.
Of course change can be good too.
The irony of course is this is not tied to conservative/liberal. It is merely on the issues.
For example, conservatives are resistant to social change. The family has been working for a long time now. What's a world of single mothers, non-married people, children raised in daycares... going to result in? They are resistant to that change and fear that world. They have plenty of studies to back up their fear on the surface.
But for some reason, they don't have as much fear of environmental damage. The data is there, but they still believe we can conquer nature by managing it.
Just think about it. Have they really thought about farming, relocating population, eroding shorelines, increased storms...? Really it is a huge change we've embarked on in the last 150 years of industrialization. Yet, they charge on without question assuming they can always correct that damage if any occurs.
Liberals/Progressives are resistant to environmental change. The environment has been working for a long time now. What's a world of increased C02, changing climate, and others going to result in. They are resistant to that change and fear that world. They have plenty of doomsday studies to back up that fear on the surface.
But for some reason, they don't have as much fear of social damage. The data is there, but they still believe we can conquer society by managing it.
Just think about it. Have they really thought about pensions, taking care of the elderly, slowing growth, raising kids in daycares... in their master social plans? Really it is a huge change we've embarked on in the last 50 years. Yet, they charge on without question assuming they can always correct that damage if any occurs.
Rational thinking people avoid big changes to large scale complex systems (like society or the environment) when they can. They move incrementally as much as possible and see the changes (both good and bad). That's about all you can really say about these huge complex system be it the environment/economy/society.
Heck, maybe C02 rise and we just adapt to it by moving people away from shorelines, moving farmland to areas that used to be colder..
You know... like maybe the family structure is outdated to a large extent, and we as a society adapt to it via more government programs.
Why Atheists Need Captain Kirk
You can state until the cows come home what science is. Yes, science is the scientific process and a very good way of getting at the *truth* of things.
However, does there exist an ideology that claims the name of science? Absolutely. You can call it whatever you want, but it does exist. It comes complete with all the good/bad things that any ideology/religion comes with.
Most regular people are not scientists following the scientific method. Be it global warming, the economy, transit, food, education, healthcare, war... They're follows of a movement and act as such. Heck, even scientists who might be in the field and doing science probably fall prey to some of the issues of priests (self interest, power, political affiliations...)
Ontario Government Wants To Regulate the Internet
This has little to do with Canadian Content. Most Canadians are well passed the 'Canadian Content' and tend to consume regular popular TV shows. I can't recall the last time cultural influence from 'America' was even an issue (except for maybe Quebec).
You will notice this comes from Ontario. Bell and Rogers have a huge presence here. As does the film and media industry.
It is about jobs and corporate welfare. This government has been very big on trying to create/contain jobs. Just today, Ontario wants to contract out the OLG (Ontario Lottery and Gaming) to Bell or Rogers. Throw that into job creation and containment schemes in the auto sector, green energy...
Jobs might very well be a good goal, but I generally hope subsidies work better than these schemes.
IEEE Guides Software Architects Toward Secure Design
Biggest lesson I learned... Do not claim the compiler is a perfect machine :P
VMware Unveils Workplace Suite and NVIDIA Partnership For Chromebooks
I don't know about you, but this is generally how I've always worked when I WFH.
I have my desktop at work. The company provides a great laptop, that I simply used to VPN and remote desktop into my work desktop.
I don't have fiber. Just a regular cable connection.
This kind of service is definitely doable.
The obvious question becomes... what happens IF the internet goes down. I think this really depends on your work place. But in many places, the work simply shuts down anyways if you have no internet or network connection. Downtime is pretty low anyways.
Yes, there is still a need for people who travel a lot or are in more remote areas, but for a lot of work, this is all they will need.
Cisco To Slash Up To 6,000 Jobs -- 8% of Its Workforce -- In "Reorganization"
So I hear there is a shortage of tech workers.
Apparently, we need more education, more IT and engineering grads, more H1B Visa.
This makes total sense considering the massive layoffs we keep hearing about. It's all nicely packaged.
Apple's Diversity Numbers: 70% Male, 55% White
This issue is very complicated. First off Apple's numbers are not that bad considering the US itself is a pretty white country.
Here's the issue, and it is a real one.
Almost every large society has upper class groups and lower class groups. The extreme case is something like India where the caste system was actually enforced and you're pretty much stuck there.
In every one of these societies, the upper class group is probably a good hire at any moment. It's not just a matter of money. It's also a matter of having mentors, parents, connections in your community, high expectations, leadership, knowing how to talk to people...
Now here's a little caveat. I'm speaking heavily from the Asian perspective as that is my heritage. I know many here are commenting from America where they would associate the upper class as 'whites' and the lower class as 'blacks' and they would then suggest a big problem in America is that the class rejects upper class values as being too white.
That is true to the extent it goes. It is one of the reasons even a low class Asian can rise up in the US. They still think of the upper class values as good.
But societies DO TEND to segregate in these groups. It's one of the reasons Asian societies are so heavily family based and obsessed with good families and communities. They keep it in the family, and the extreme poverty and exclusion is attributed to lower class groups as dirty.
It is a real issue. Thinking of things like diversity and societal groups is helpful to the the extent that it goes. I fully understand it is complicated and all the faults with quotas and everything, but thinking about the issue is useful.
Myself, I am a person with a disability, a pretty bad stutter. It is much better now. Does this impact my hiring? Of course it does.
I am also of Indian heritage. Although I received a mainly British education.
First appearances matter and they matter a great deal. Yes, once in a team, these barriers all become meaningless. But how do you get started. The starting point is huge. Who gets first sent to training. Who is assumed on first hire to be the code monkey? Who is assumed to value abstract thinking?
You also get a certain culture within teams that tends to crowd out different thinking individuals. As a bit of a different example, I've been in heavy Indian groups (like 8/10 people were Indian). A culture of heavy work, just get it done regardless of quality, developed on that team. Anyone not of that mindstate would quickly feel excluded and would not perform their best.
Like I said, I am not a big fan of quotas and what not because they don't really create results. They don't change cultures or get the best out of people. But it is definitely something that is useful to ponder and take note when there are grand disparities.
Getting IT Talent In Government Will Take Culture Change, Says Google Engineer
Yes, there is probably some tie in with the need for a dress code like shirt and tie and over bureaucracy.
However, this article is full of real and very practical issues. Yet, what gets touted in the headline? Engineers don't want to dress up. Yep, that is why healthcare.gov flopped. Engineers wanted to wear shorts to work. Do you have any idea how ridiculous that makes us look?
How about point 3. The biggest point of all. The companies hired to do it had no experience in it. You know, like how business people think you know Java.... therefore you can build anything as long as it has the word Java in it as opposed to recognizing the immense industry specific knowledge and general talent. How about highlighting that part.
Or how about point 1. The dozens of different vendors and products. There's a discussion there on standards, training on each product, specialization, staff levels...
Yep, all good points that would really get the most out of engineers. But hey, why emphasize those important things, when we can worry about shirt and ties.
It does make me wonder if the reason IT is so poorly managed has more to do with how IT people and engineers represent themselves.
If what management hears is we don't want a dress code instead of all the other valid points... real issues are not going to be addressed.
DARPA Wants To Kill the Password
I think of passwords like DRM. Sure there's a lot of technical solutions and issues, but its fundamentally a a people and market problem.
As others have mentioned, anything can be hacked, copied, stored... if it is turned into bits and bytes. The best you can do is make it inconvenient enough for *most* people to do it.
Most people's homes are hardly secure, but you don't have people talking about the need to get rid of locks. Rather, it is dealt with as a matter of criminal law in terms of break-in and entering.
In the end, you really have to take things as a people problem.
For example, let us assume your authentication system can be broken into it.
What damage can be done?
Is it reversible?
Can people go to an office and fix the problem?
What are the penalties for those caught? ...
These are the real problems. Consider banking. If someone hacks my bank account, more effort can/should be made to make sure this can be addressed and reversed. Whether that is putting a holding period on transfers, notifying account holders of transactions (especially odd ones), relying more on local methods of authentication, increasing penalties for those caught. heck, one of the benefits of knowing your local bank is that they actually know who you are.
Heck, this could be part of the solution as well. Banks or other locally trusted authorities (like governments) could be providers of RSA-tokens or something like that. It could even be the government as well.
That in combination with a pre site password as today would be an improvement and still be practical. We already trusts banks with our phone numbers... this way we won't have to send it to each website. Or we can standardize on a RSA-token app for each website or something like that. I hate that they want your phone number.
Fortunately, I have not been hacked, but I have no idea what say Google's response would be if I had to contact them because my account was hacked. Hopefully they have processes in place at least to ask me about some recent emails or something like that. Or if they have kept track of my IP addresses used. But those things can be checked by the person hacking my account.
Or maybe local authorities can increase investigators to help resolve such issues. Police officers are out there dealing with crime and traffic and parking... perhaps we need to expand to online issues.
California Man Sues Sony Because Killzone: Shadowfall Isn't Really 1080p
Absolutely. People need to be held to account.
If no body says anything, they will just keep doing things.
In some fantasy world, regulatory bodies handle everything. But if they don't catch everything or are not looking, so people can should launch such lawsuits.
Verizon Throttles Data To "Provide Incentive To Limit Usage"
why? In networked systems, there is no direct correlation between how much you use it and the cost of it once the network is built.
Verizon Throttles Data To "Provide Incentive To Limit Usage"
Network management is a real thing. Like any network (internet, roads, trains...) you need to manage it for load/safety...
Unlimited usage simply means that you can use it as much as you want.
I can use the public roads as much as I want. It doesn't mean there are no traffic lights, accidents, speed limits, speed bumps...
Throttling is going to happen. The only thing that matters is what kind.
Throttling specific content is probably bad policy as you can run into anti-competitive practice. Things like throttling netflix traffic as a cable company.
Throttling heavy users as network capacity becomes an issue (maybe > 70%) is probably quite sane.
This allows a simple billing policy as well. You don't need to worry about overage charges or anything like that.
'Just Let Me Code!'
Source control is a big thing. Someone needs to setup the servers, scale it properly, investigate performance issues, know how to fix things when things go wrong, do complex work that is not normally done (maybe changing history on a git server) or whatever the case maybe, settingup/planning branches, integrating with the build system...
The devs should naturally know how to do the basics for their job (checkin/checkout/commit...) But there's a whole lot there that is not normal. On every Git project I've worked on, there has always been a case where something messed up and we had the one git expert who happened to be a dev who could come in and fix it. Ideally, that person is not doing regular day to day coding and is a git expert. That's the point I'm making.
Yes, using premade solutions or hosted things is a great way to reduce the size of the team needed in such functions.