Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Whats the fix? (Score 2) 53

Can a desktop computer do better? Has this all been fixed on most desktop OS?

The article is sparse on details, but yes it sounds like an issue with not validating the certificate. From reading it looks like the apps are just connecting and accepting whatever certificate is presented.

Assuming that's the case, the MitM takes place because the app doesn't verify the entire chain of trust back to the CA. The operation of going back through each link in the chain can take a (relatively) long time across a network, and can be quite slow on mobile networks. It may have been an intentional choice to make things faster, or an accident of not validating it.

Desktop computers and any other systems that implement the protocols can suffer from the same defect or design flaw, and it is quite likely that many desktop programs have the same issue.

Comment Re:Never give a number (Score 1) 435

While you are right about some aspects, you are dead wrong about others.

First, if I have a req for an engineer with a range of $160K-$190K, if you are making $220K I know it's unlikely that you will accept this job. If I'm really excited by you in an initial interview, I might find another position and talk with you about considering that one instead.

It is true that the person is unlikely to accept the job. But the rest of your reasoning is unsound. If you are so eager to hire within that price range, YOU should be making the price range public.

But you don't do that, because you know deep down that your job as a hiring manager is to negotiate the lowest wage you can. You can possibly offer a different job instead, but you didn't publish those wage ranges either, for exactly the same reason. If you mention the number first, you will lose your bidding war. People will just pick your highest number as the lowest you're willing to go.

If' I'm not really excited by you, I'll not pursue it as there's no reason to waste the team's time interviewing someone who is unlikely to take the position and/or will start out with low morale and will likely leave before your on-boarding costs have even been recovered.

That is exactly the reason YOU should reveal your salary range to the potential hire, not the other way around. No point applying to the job if you aren't going to pay well.

Personally I will usually get several job offers before accepting one. I have absolutely no problem telling the people they need to wait a few weeks for all the offers, and I'll negotiate while I wait. If I as an applicant am not really excited by you or your offer, I will have no problem wasting YOUR time. I will find various ways to explain why it is too early to state a wage.

One reason I give most often is "It depends on the entire package. A good benefits package can offset a lower wage, other times if there are risks or travel time that we discuss during the interview I will need a higher wage. It is too soon to discuss the details, and we must discuss the entire package and not just one number."

Second, the person who knows you best as an employee is likely your last employer. If they were paying you an unusually low (or high salary) taking into account the company as some are known to pay high while others pay high, they likely don't think you are very valuable (or think you are very valuable). This is an interesting hint to me.

Translation: If your last company was able to screw you over, you should let me know in advance so I can screw you over, too.

In all cases, if there's a reason that the applicant knows their last salary (and perhaps salary history) is problematic, they are free to explain early on (as in, "You may notice that my salary was very low at my last position. This is because I was working for my brother-in-law and trying to help keep his business afloat as a family favor.").

Not in all cases, no. Many people don't know what the best wages are because they are kept as secret as possible. The person may be completely ignorant that they were the lowest paid worker in their group.

As a hiring manager, I try to bring people in as high as I can without creating disparities among the group between engineers of similar skill and productivity. This is simply logical -- when raise time comes around, I get x% to spread around and I don't want to consume it bringing people "up to grade", I'd rather spend it rewarding people. It's usually much easier to get another $15K for a new hire (esp. when the position has been open for a while and the boss really wants it filled) than it is to get another $15K a year later to give the new hire a "grade adjustment" raise.

Then you work for a company that doesn't really value its workers.

What do you tell them? "I'm sorry Joe, you did an amazing job this year and brought this company $5M in revenue, but I'm only allowed to give you a 2.4% raise. That's a $5000 raise so I'll suggest maybe you could use it for a vacation or something, although in reality it is less than COLA so it means you'll have to cut back on groceries and other expenses." Too many managers forget that even a full COLA raise is actually a slight pay cut year over year. If you really want to give workers a raise, first give them COLA and then give another several percent over the top.

For my location, regional COLA was about 4% last year, and about 5% this year when housing costs jumped nearly 10% year over year. That means anything under a 5% raise is a pay cut. A 6% raise is really a 1% raise, meaning anything under 8% is something to fight back against. For my company the rumors are already starting that the company is talking about a 4% increase nationally, and about 1/4 of the department is quietly asking for references and resume reviews because of it. When you start talking about being given x% from corporate that you need to shift between the workers, you need to consider if you are the person unwittingly hired to do the immoral dirty work yet having it framed in positive terms.

I can see in your post you are trying to do what is right, and that's good. But please realize there is so much more out there you could be doing but are not. You try not to create disparities yet also try to hire low, and don't like hiring people over the rate you have already established. You are also stuck in a company that follows the owner-friendly practice of limiting the money to reward people. The rewards are not based on the actual benefits to the company, but instead based on how much money the company deigns to give the workers. The flaw is not yours as a manager, but theirs as a corporate policy.

Comment Re:The User is responsible for open sourse softwar (Score 1) 114

So what you are saying is, al queda and ISIS have to simply open source their bomb making recipes and release it under GPL, then they will be free of liability. Right?

Nah, they don't even need to do that. Publishing is not a problem in most of the world. Even building and posessing them isn't a problem if you follow the law and basic safety rules. People and companies use explosives that could be used as bombs all the time.

If you're talking about publication only, The Anarchist Cookbook, first published back in 1971, describes how to make all kinds of bombs, explosives, and poisons, as well as assorted drugs like LSD. It is still in print, and pirated versions are available online. While it is banned in a few nations, in the US and several other countries it is protected under free speech rules.

Many groups use high explosives and bombs all the time. They just do it responsibly and follow the laws about keeping safe distances and notifying police, etc. Movie makers TV shows (like Mythbusters) build high explosives all the time. They generally need to take them to the bomb range and have supervised explosions, or have various permits in place. But even so, bomb-making recipes aren't a problem, neither is building high explosives when you follow the basic safety rules and laws.

Possessing a book about something dangerous typically isn't a crime in itself. Otherwise anyone who majors in chemistry or biology should be jailed. I saw a sign once saying: Welcome to Organic Chemistry where questions like 'where do you keep your chloroform?' are not suspicious. Not just chemistry and biology classes, but anybody learning about bomb disposal would need to study bombs, researchers in the industry need to write about the topics and share with other experts, and so on. Even fireworks manufacturers would be in serious trouble if they couldn't share documents or buy and sell explosive parts.

Comment Re:Explains some things (Score 1) 101

Apple internally working on a pot project explains ...

I thought it was bizarre that the article went there as the first option. Nicotine and marijuana. Vaping.

And then, almost as an afterthought: also vaporizers and nebulizers are used all over healthcare, beauty, aesthetics, and other industries.

<sarcasm> I agree with the article's view: they're ignoring the lucrative healthcare markets, the rich business markets, and all the scent-related companies that are looking for ways to expand their multi-billion dollar scent lines. Instead Apple is developing a product for potheads, that's truly where the money is.</sarcasm>

Comment Re:White space (Score 2) 489

Seriously, there is a limit to the width of a column of text that it's comfortable to read

On the PC if I manage to hit that limit -- and currently I'm not at that limit with a large widescreen monitor -- I can resize my window to something narrower.

I certainly won't hit that limit on my phone or tablet, and if I did, I could rotate to portrait mode.

Don't take away my choices. Just because one person happens to prefer a width doesn't mean everyone does. I hate the news sites that give you a fixed panel about five inches across. Measuring horizontally I've got about 25 inches on my screen, and if I want to spread the text across the whole thing, that is MY choice.

Comment Re:White space (Score 4, Insightful) 489

"Responsive" doesn't mean take a design and make it work on all devices, it means

Unfortunately that IS what the term currently means among that group. Generally they (wrongly) believe they control all aspects of the web page display, that all devices are equally powerful and can run an unbounded amount of scripting, they often see no difference between a picture of text versus actual text, and don't bother to learn anything about the media they are designing for.

Aside: More than once I've had to convince a web designer that their pictures of text were the biggest reasons things weren't showing up to search engines, they kept claiming the hidden meta tags, text recognition, and image search would handle all that. Frighteningly some were never convinced, even after showing them with Google's own tools how Google interpreted their pages. Some were absolutely convinced that Google reads all text on all images and indexes pages based on image content. They could not fathom how there was a difference between text and fancy-rendered images of text.

Many wrongly assume the web browser displays the same thing on all screens, no matter what. Often they design for a few patterns they think are common, 1024x768 or 1080p, and try to force it on everyone else.

Got a Super HD display showing 7680x4320? Too bad, we'll just upscale the fonts and add some whitespace.

Got an old smartphone with a 480x640 portrait screen? We'll downscale and do an ENORMOUS amount of JavaScript processing on these devices least suited for the processing.

It seems these are the same designers with the first-world problems of their disposable $800 smart phone is more than 18 months old, and their $2000 macbook is more than three years old and ready for replacement.

Comment Re:White space (Score 3, Insightful) 489

Its expensive to create 3 different interfaces

Then don't. That is foolish yet is common among people who wrongly believe they have control over how a web page looks.

One premise of the markup language was that all rendering would be agnostic of the display. It was not meant to be, and should not be treated as, a pixel-perfect display.

Yet that is exactly what most "responsive" systems are trying to do. Enormous amounts of calculations to figure out how to precisely organize the display, doing the most processing on the mobile devices least capable of doing it.

Web designers need to let go of their fascination with precisely scripted layouts. Let the browse handle it. If the browser is a 480x640 phone or a 7680x4320 ultra high density monitor, designers should allow the web browser to do what it was designed for rather than going through enormous hurdles to force it to the web designer's vision -- which is usually limited to a 1024x768 or 1280x720 design.

Comment Wrong tool for the job. (Score 2) 71

The DOJ is butt-hurt. But too bad. The US can't just decide that their warrants are valid EVERYWHERE ... If there is anything fishy, they won't go that route

The problem -- which the DOJ and other parties absolutely know -- is that they are using a warrant.

You say they won't go that route if there is anything fishy, but the fact that they are attempting to use a warrant is extremely fishy.

There is an enormous difference between a warrant which they are using, and a subpoena that they would be trying to do if the one person in the case was all they wanted.

With a subpoena the company must produce information. They must produce the information no matter where it is held, and they must produce it as binding evidence. If they really want to capture the one person, a subpoena to provide all the information about the request is a simple matter. The government gets copies of all the documents they are demanding, particularly all the business records related to the subscriber. Since the DOJ is claiming they are trying to catch a subscriber and the people they're email, these subpoenas are more than enough.

With a warrant to collect a server, they get the entire physical server. And the government gets to make a copy of the server, and search it for whatever they think is relevant to the information. A warrant means they can take all the objects so they can prevent evidence from being destroyed. They can also collect for more information from the customer about the contents of the communications.

The DOJ could take measures to collect the information using tools other than a warrant that provide all the information and require Microsoft to keep it confidential. Instead of use those, they continue to demand a warrant to seize the entire server.

Comment Re:Three decades? (Score 1) 766

Read harder. I didn't say "browsers". I said "serving a page to a client". The world didn't begin with browsers. The web didn't start the internet. The internet wasn't the first network.

In 1994 Bill Gates gave a speech at a computer conference in San Francisco on the concept of a Client Server System.

And he was late to the party with it. MIT had been doing it for 11 years at that point. They had a project that muddied the definitions at the time; the terminal in front of the user was converted to a server and the machines doing the work became the client. The work eventually branched into the X Window System, which anyone who uses Linux knows well.

But even that wasn't the original. Dumb terminals have been around since the beginning. Code trying to make the client into the server has been around since the mid 1970s. The pendulum has been swinging for ages. "Get this stuff off the mainframe and out to the terminals." "Consolidate it back from the terminals and back on the mainframe." "Send this out on the web browser and let the browser do the processing." "Web 2.0 lets us send it all back to the server and get data updates live." "New Responsive pages move the work out to the individual freeing up the servers."

Like the people above, it's a pendulum that we've watched swing back and forth, over and over, for decades. They come with similar problems that we've seen time and time again.

Comment Re:So... (Score 1) 406

but this is actually /. :-)

Doh! Of course, this is the green site. These days I spend more time over there than over here, so I had slipped over in my head.

But I wouldn't mind a link to some of his threads so I can read what he's written.

Easily done. Like most people the comments are generally replies to daily news, but sometimes he makes news by complaining about his life as a depressed rich person.

Comment Re:So... (Score 4, Insightful) 406

If I hit the lottery and had enough money where I'd never need to work again, I'd leave work so fast I'd leave skid marks out the door!! ... I work for one and ONLY ONE reason, to make money to support the style of life I enjoy when not working. ... I have lots of hobbies....I'd like to spend time traveling, doing photography, chasing women, etc. ... I just don't get it why anyone would still work if they didn't have to. ... I have no love for my work or vocation.

There are plenty of reasons to continue working.

Let's say you win $5M. After taxes you get about $2.5M. Assuming you're in your 30's that gives you 50K per year, except that when you account for inflation you are probably closer to 30K or 20K per year when you get old. Which will suck. So even if you get lucky and have an enormous windfall, you will want to spend it slowly. Maybe pay off your current house or get a slight upgrade, and perhaps step up to a 2017 model year car. You'll want to spend it slow enough that when you reach old age you can still pay for everything. Financial planning is important.

As for reasons to continue working, you get social aspects, there are benefits like insurance benefits in countries that have private insurance (an area where USA sucks), there is a constant mental challenge. The work environment is not only about income. There are many mental / psychological / social benefits as well.

I also know several people who became rich through various means. None of them work full time or put in overtime, they end up working 20 to 30 hours each week, and they take frequent extended vacations, but they are still working. You mention photography. If that is your true passion in life then it might become your new part-time job.

If you're looking for a notable example of this, Minecraft's Notch, Markus Persson, wrote that after becoming a multi-billionaire selling Minecraft his life became a living hell. His social life was destroyed because money effected everything, he didn't have his work or his life passion, he spends time waiting for his friends (who have jobs and families) to have time, and he occasionally writes here on reddit about his struggles to keep his life interesting or feeling motivated to keep his life filled with interesting things.

Personally, if somehow my bank account had 9 or 10 figures I know I would still keep my job, but instead of a 40 hour work week it would probably become a MWF 10-3 kind of job. Enough that I could keep my sanity and my social benefits, and enough it would still make me emotionally value my free time.

Comment Re:Would it be positive for your customers? (Score 5, Informative) 158

"Stream Game of Thrones now without using your data, exclusively on AT&T" is something that carriers and content providers really want to do.

Close. They want the MONEY that comes with EXCLUSIVITY.

Somebody is paying for that. The big companies want it to be HBO or Showtime or Disney or whoever, spending tons of money to other big companies so the big companies can promote their big ideas.

The problem is that everybody else is excluded. Want to be in the Free Data system? Pay up. This is completely against the concept of net neutrality where all content is treated as equal content.

Prioritization is a similar issue. It is true that networks need to prioritize some types of data over other types of data. Phone calls shouldn't be buffered behind a large file transfer, so a limited degree of QoS needs to take place. But categorizing one provider over another provider is unfair. Having HBO streaming arrive at a higher QoS priority and Netflix streaming appear dead last in the QoS where it is constantly buffering and suffering lost packets because Netflix refused to pay up, that is unfair to customers.

If I pay for data it should not matter to the phone company what data I get. They should be treated as common carriers. If I want to stream data from a premium channel, or from youtube, or from a private website, or from a site the phone company thinks is undesirable, it should not matter at all. Customer pays to stream data at a specific speed, then the data should be processed at that speed. Just like common carriers of the postal service or parcel companies, if the customer pays to transfer something then it gets transferred, they don't decide to keep one company's boxes in the warehouse for an extra week just because they didn't pay an extra fee, it arrives in the warehouse it is processed just like every other package. There are still QoS for certain types of packages, a "next day air" versus regular ground shipment, but nothing is delayed because of the carrier's choices.

Binge-On is great this way. The customer can say "throttle ALL my data", or "stop throttling ALL my data". It isn't the phone company getting paid to bless a specific company with different speeds.

Comment Re:Indulgences (Score 1) 176

Once electricity is in the grid, it is fungible.

Within a local network, yes.

But power in Los Angeles is a totally different system from the power in Portland, which are totally different systems from the one in New York City, which are totally different systems from the one in Dublin Ireland.

If the local power grid is powered entirely by fossil fuels, extra energy credits will not replace it with wind or solar or hydro power. Only building a new energy source (expensive) or running cables to another power supply (expensive and also suffers from energy loss over distance) will bring the other power to the system.

If a region is powered by fossil fuels, the payments do not magically make the region powered by renewable energy.

Comment Re:I beg to differ (Score 1) 162

That only works if the damage was on the plastic side of the disc. Quite a few we received had issues on the reflective side, including a few that had human teeth marks on the side, and others with small points that may have been dog teeth or something.

That is in addition to scratches, grooves, and the occasional toothbrush scrub marks on the thick plastic side.

Slashdot Top Deals

The trouble with money is it costs too much!