Slashdot Mirror

← Back to Domains

Domain: dilbert.com

Stories and comments across the archive that link to dilbert.com.

Comments · 1,714

  1. not bounties... by Fubari · · Score: 2 · on The Case For a Global, Compulsory Bug Bounty
    Mandatory bounties is the wrong way to go; it reminds me of this: http://dilbert.com/strips/comic/1995-11-13/. An approach like TFA advocates would have an underground economy in bug fixes spring up and wouldn't solve real zero day. Instead...

    Allowing users to recover damages seems more suitable; a "zero day" class action suit or two would result in tremendous advances in best practices for security and qa (aspects of software development that, for some odd reason, just don't seem to get much funding today). By 'allowing' I mean changing software licensing so that verbiage like '...AS-IS WITHOUT RECOURSE TO RECOVER ANY LOSSES OR DAMAGES, DIRECT OR INDIRECT...' no longer holds.

    Which is a pretty huge change, and a number of interests would lobby against that. So I expect it will take a pretty severe incident (e.g. loss of life, or maybe a loss of significant money) to shock existing legislation and treaties (it would have to be global; hello WTO) sufficiently to encourage change. By "significant" I mean larger than the multi-billion dollar loss 'estimates of global damage from cybercrime' cited in TFA. That "cost" isn't nearly enough to change behavior, especially when you average it out across the world population.

  2. Re:Is there any way to gain trust in a chip? by tippe · · Score: 5, Funny · on FreeBSD Developers Will Not Trust Chip-Based Encryption

    Really? I just did this:

    $ cat /dev/random | xxd | head -n 10
    0000000: 414c 4c59 4f55 5242 4153 4541 5245 4245 ALLYOURBASEAREBE
    0000010: 4c4f 4e47 544f 5553 5448 414e 4b53 4652 LONGTOUSTHANKSFR
    0000020: 4f4d 5448 454e 5341 414c 4c59 4f55 5242 OMTHENSAALLYOURB
    0000030: 4153 4541 5245 4245 4c4f 4e47 544f 5553 ASEAREBELONGTOUS
    0000040: 5448 414e 4b53 4652 4f4d 5448 454e 5341 THANKSFROMTHENSA
    0000050: 414c 4c59 4f55 5242 4153 4541 5245 4245 ALLYOURBASEAREBE
    0000060: 4c4f 4e47 544f 5553 5448 414e 4b53 4652 LONGTOUSTHANKSFR
    0000070: 4f4d 5448 454e 5341 414c 4c59 4f55 5242 OMTHENSAALLYOURB
    0000080: 4153 4541 5245 4245 4c4f 4e47 544f 5553 ASEAREBELONGTOUS
    0000090: 5448 414e 4b53 4652 4f4d 5448 454e 5341 THANKSFROMTHENSA

    Maybe there's a pattern there; I'm not sure. I guess that's the problem with randomness: you can never be sure.

  3. nine nine nine... by jakedata · · Score: 5, Funny · on FreeBSD Developers Will Not Trust Chip-Based Encryption

    http://dilbert.com/strips/comic/2001-10-25/

    That's the problem with randomness, you can never be sure.

  4. Re:Wise by maxwell+demon · · Score: 5, Funny · on FreeBSD Developers Will Not Trust Chip-Based Encryption

    I think it phones to this place. However some developers don't trust that random number generator and instead opt for this implementation.

  5. Re:Study suggests by plankrwf · · Score: 1 · on Study: People Are Biased Against Creative Thinking

    NO! Please keep all references to xkcd, and not to Dilbert as well ( http://dilbert.com/strips/comic/2008-05-08/ ). ;-0

  6. Re:The final device by TangoMargarine · · Score: 1 · on The Desktop Is Dead, Long Live the Desktop!

    http://search.dilbert.com/comic/One%20Button%20Factory

  7. Her friend should have faxed in a wad of juice. by 140Mandak262Jamuna · · Score: 1 · on EV Owner Arrested Over 5 Cents Worth of Electricity From School's Outlet

    There is some historical precedence for this this thing. One boss caught the employee using company electricity for personal purposes, and the employee explained that he had his friend fax in a wad of electricity. Oh, yeah, here is the citation for you.

  8. Re:One word by johnsnails · · Score: 2 · on Ask Slashdot: How Do I Convince Management To Hire More IT Staff?

    http://dilbert.com/dyn/str_strip/000000000/00000000/0000000/000000/00000/1000/200/1248/1248.strip.gif

  9. Re:Don't worry by Wootery · · Score: 3, Funny · on SSD Manufacturer OCZ Preparing For Bankruptcy

    and some of the staff

    Relevant Dilbert strip.

  10. Re:If central bankers are like rats... by Shakrai · · Score: 1 · on Bitcoin Tops $1,000 For the First Time

    Lead and nitrocellulose will be worth far more than gold if the economy ever actually gets to the point that gold is needed for day to day transactions....

    Obligatory Dilbert reference.

  11. Mandatory (but "too soon", sorry) by Anonymous Coward · · Score: 0 · on Why Scott Adams Wished Death On His Dad

    http://dilbert.com/strips/comic/2009-02-24/

  12. Can we pay the ransom? by Okian+Warrior · · Score: 2 · on Kdenlive Developer Jean-Baptiste Mardelle Is Missing

    Perhaps we can assemble and offer a large pile of underwear as ransom?

    Will the gnomes return him unharmed, or is that a different business model?

  13. Re:Yes. by TheTurtlesMoves · · Score: 1 · on Should the US Copy Switzerland and Consider a 'Maximum Wage' Ratio?

    http://dilbert.com/strips/comic/2004-10-02/

  14. Re:Error in summary by idontgno · · Score: 1 · on EFF Says Mark Shuttleworth Is Wrong About Trademark

    I was expecting to get the EFF site, not some random "tech journalist" who couldn't pass 5th grade English!

    The "editors" here don't want to link to TFAs that make their own skills look too bad by comparison.

    The joke's on them, though; there is no sample of text on the Internet written by a human being that doesn't make the editors look like spastic monkeys slapping keyboards around.

    In other words, this effect.

  15. Obligatory Dilbert by Anonymous Coward · · Score: 0 · on Microsoft Warns Customers Away From RC4 and SHA-1

    I invented a new data encryption program called P.H.B. which stands for Pointy-Haired Boss.

  16. Obligatory Dilbert by Anonymous Coward · · Score: 0 · on Porn-Surfing Execs Infecting Corporate Networks With Malware

    PHB: Alice, my laptop is slowing down. Can you take a look at it?

  17. Oblig Dilbert by khasim · · Score: 3, Funny · on Ask Slashdot: Communication Skills For Programmers?

    Sadly, it is the lowest common denominator (well maybe highest common denominator): those that do need a lot of social interaction will get very frustrated by not having it. The assumption is usually that those that are quite or less social are not harmed by being forced to say hi and deal with small talk (even though that isn't the case when you need hours of consecutive time to figure out things sometimes, or just like the socialites might feel with no social interaction that like your life is being wasted with "how's the weather" talk).

    http://dilbert.com/strips/comic/1996-01-12/

  18. Fails its purpose by DrYak · · Score: 1 · on Researchers Dare AI Experts To Crack New GOTCHA Password Scheme

    It fails at what it was designed for, in a worse way than captcha.

    The theory behind such passwords or passwords enhancement, it to introduce something which is pretty damn simple for a human to perform (reading and typing something down, or making a few simple cognitive tasks), while being awully complicated for a bot to do in order to slow down automated attempts.

    Even if you have 10 such images to match each with one of 10 user-generated phrases, that *only* has 10! combinations, which more or less is equivalent (21bits of security), to a 4-5 letters case-*IN*sensitive password (or 3 signs long "mixed case, alphanum with punctuations" passwod). That's something that's absolutely trivial to brute froce for a computer.

    If they use the test password as a generator for the images, this is only like extending it by a couple of caracters. Not even doubling the size of the password (doubling would have been better).

    Meanwhile, trying to make some sense out of this ugly colored mess is quite taxing on the human brain.
    These image don't mean anything directly. And if you try using imagination, it's going to be very hard remembering which is what. If you're not in the same mood, it could take quite some time to remember which of the two collection of colored dot reminded you of "a bunch of kittens in a basket" and which one looked more "jesus face appearing on the surface of a peanut buttered toast".
    By the time you finish wondering, a brute force method would have already found the answer several times in a row.

    Things get even worse if they use the text password as a generator of images:
    maybe the reason that you cannot find which image was the "fat lady spanking a midget" is that you mistyped the password and thus generated the wrong set of pictures.

    Only two methods to help:
    - ask user to use a very simple password:
    congratulation, you've successfully reduced the security of the whole system. you've combined a very easy password to brute force, with something that's almost trivial (only extends the security by 21bits).
    - proceed in two rounds: first validate the password against (preferably against a KDF like Scrypt, but will very probably be only a easier-to-bruteforce hash in most applications). And then a second step using images generated using the now guaranteed correct password. As said above, such a second step is almost trivial to brute-force. Most of the time spent in bruteforcing such 2-step authentication would go in the first step. The presence of the 2nd step doesn't pose much problems to a brute-forcer, while being a real pain in the ass for humans.

    In short, it looks like this Dilbert strip.
    Very inconvenient to put in practice.

    And that's not even counting disabilities that would prevent a human from even being able to operate this: I'm not even thinking about weird disabilities propopagnosia (impossibility to distinguish faces), but much more frequent and mundane like colourblindness (and thus striping one information you could use to distinguish between image, like "picture 1 is 'redest of the serie' and picture 5 'has the most gree') or simply being a socially awkward geek (and having a much smaller reference pool in term of faces).

    If you're not confident enough on relying on Pass-*phrases to increase brute-force search space, at least use something that is not too cumbersome for the end-user (2-factors identification. Either get an SMS or sign something with a private key in you QR-code enabled smartphone).

  19. Re: In phase 2... by MickLinux · · Score: 1 · on A Chat with Kristian von Bengtson, co-founder of Copenhagen Suborbitals (Video)

    I was thinking about using elbonia as the launch site....

    http://dilbert.com/strips/comic/1992-11-18/

  20. Re:You Sound Like One Of Those by OakDragon · · Score: 1 · on PHP.net Compromised

    Well here's just the GIF!

  21. Re:You Sound Like One Of Those by ArcadeMan · · Score: 4, Funny · on PHP.net Compromised

    Here's a better URL without all the superfluous Web 2.0 crap around it.

  22. You Sound Like One Of Those by Anonymous Coward · · Score: 1, Funny · on PHP.net Compromised

    You sound like one of those Java fundies.

    STFU, Doucharonimous.

  23. At this rate... by JohnA · · Score: 5, Funny · on Firefox's Blocked-By-Default Java Isn't Going Down Well

    Firefox will be exactly what Scott Adams predicted...

    http://dilbert.com/strips/comic/1995-03-25/

    Applets may be "The Debil", but they also fill a need that can't be filled by Flash or HTML5.

    Mozilla needs to get over themselves.

  24. Re:Estimation by phantomfive · · Score: 1 · on Ask Slashdot: What Are the Hardest Things Programmers Have To Do?

    Glare at her.

  25. What's "hard"? by pseudorand · · Score: 1 · on Ask Slashdot: What Are the Hardest Things Programmers Have To Do?

    First off, let's define "hard". You could mean
    a) absolutely hard: it takes lots of effort to make this work at all
    b) hard to do well: it takes lots of effort to do this well even though I can do this somewhat acceptably with minimal effort
    c) time consuming: this takes a lot of f-ing time, and it's unclear that the effort justifies the benefit

    a) seems like the most appropriate definition, but judging by the list they seem to mean either b or c.

    9. Designing a solution :
        b. I can make you some working software based on your off-the-cuff requirements pretty easily. Anticipating what you really meant, what you will ask for next, and writing code that can be easily leveraged to do those things would be 'a'.

    8. Writing tests
        c. For small projects, automated testing way more time than it's worth. For large projects writing tests is the only way to make it work at all. Of course, all those medium sized projects and those projects that start small but may become large are a challenge. And weather or not the software lends itself and the programming team knows how to use a testing suites make a difference.

    7. Writing documentation
      c. No one /ever/ reads documentation because we all learn the hard way that it's perpetually out of date. The UI and API /are/ the documentation. If, by "writing documentation" you mean "designing a good UI/API" that makes it obvious to the user what's going on, then this becomes 'a'.

    6. Implementing functionality you disagree with
      WTF - If you're getting paid, do what you're told. If not, tell 'em to do it themselves. This is only "hard" in any sense if you're a pedantic a-hole. Oh, wait. This is /., so I guess that's all of us.

    5. Working with someone else’s code
        b - But if they instead had "writing code that isn't a PITA for others to work with", then it's an 'a'.

    4. Dealing with other people
        That's only because: http://www.dilbert.com/2013-10-10/
        But I guess if we spent any time developing our social skills, we wouldn't have had time to learn how to program.

    3. Estimating time to complete tasks
        Okay, this one really is 'a'. On the other hand, you just shouldn't do this. Instead, you need to get good at getting customers/users on board with iterative development where they wait/pay a bit and get some incremental functionality as you work towards some end goal that neither of you can really predict up front.

    2. Explaining what I do (or don’t do)
        See #3.

    1. Naming things
        See #5. Naming things is easy. And my names make perfect sense to me.

    Also, queue the penis jokes based on my use of the word "hard" in the subject.

  26. Dilbert RNG by johnsnails · · Score: 5, Funny · on Linux RNG May Be Insecure After All

    http://dilbert.com/dyn/str_strip/000000000/00000000/0000000/000000/00000/2000/300/2318/2318.strip.gif

  27. Why not have in house staff or pay an 3rd party by Joe_Dragon · · Score: 2 · on Google Offers Cash For Security Fixes To Linux and Other FOSS Projects

    Why not have in house staff or pay an 3rd party to do stuff like this full time and not an system that can lead to Dev's coding them self's (or people they know) minivans?

    http://dilbert.com/strips/comic/1995-11-13/

  28. Obligatory Dilbert by Anonymous Coward · · Score: 0 · on HP CEO Meg Whitman To Employees: No More Telecommuting For You

    When you're here I know you're unhappy and that's the same thing as work.

  29. Re:Sure, to lower paying jobs by AkkarAnadyr · · Score: 1 · on The Luddites Are Almost Always Wrong: Why Tech Doesn't Kill Jobs

    Yeh, it sure will be great to see kids under corporate management, free from the awful dysfunction of an incompetent, indifferent bureaucracy full of power-hungry sociopaths trying to make themselves look good, without regard to the quality of their product.

    After all, corporations have always treated children very well indeed.

  30. Re:The dream of the Nineties by Anonymous Coward · · Score: 0 · on Alcatel-Lucent To Cut 10,000 Workers, Calls It "Shift Plan"

    The ring logo was the tipping point.

  31. Re:Might Indicate More Females by ebno-10db · · Score: 1 · on The Changing Face of Software Development

    Cats may be good at using computers, but unlike us bipedal lemmings, they're way too independent minded to listen to management. May I suggest monkeys instead: http://search.dilbert.com/comic/Zimbu

  32. The other 14% are Unix programmers by CQDX · · Score: 3, Funny · on The Changing Face of Software Development

    http://search.dilbert.com/comic/Unix%20Programmer

  33. Definitive Dilbert on the issue by gnalre · · Score: 2 · on Students Hack School-Issued iPads Within One Week

    Snowball in hell
    Sound of eyeballs getting reall big

  34. Definitive Dilbert on the issue by gnalre · · Score: 2 · on Students Hack School-Issued iPads Within One Week

    Snowball in hell
    Sound of eyeballs getting reall big

  35. Definitive dilbert on the problem by Anonymous Coward · · Score: 0 · on Students Hack School-Issued iPads Within One Week

    Here, this will explain it to you

    Dilbert 1

    Dilbert 2

  36. Definitive dilbert on the problem by Anonymous Coward · · Score: 0 · on Students Hack School-Issued iPads Within One Week

    Here, this will explain it to you

    Dilbert 1

    Dilbert 2

  37. Re:Who cares what the community thinks? by darkstar949 · · Score: 1 · on Ask Slashdot: Does Your Work Schedule Make You Unproductive?

    I guess it depends on the type of work though. When it comes to writing software, I find that if I get up, go for a walk, chat with some coworkers, etc. - which is technically "unproductive" - that I can move past a roadblock that I was encountering and sometimes wrap a problem up in about thirty minutes. Other-times where the expectation was that you had to sit and code all day, I could easily spend four times as long working on the same problem due to mental fatigue.

    Back in 1995 Dilbert highlighted some of the issues with development and engineering type positions and what is considered work - namely, the time spent at home thinking about a problem isn't considered "work."

  38. Re:Usage of the word Phablet shall by bluefoxlucid · · Score: 1 · on Blackberry Z30 Phablet Announced

    Phablets have bigger problems. (Obligatory XKCD)

  39. Reminds me of an old Dilbert strip by oleg_stormforge · · Score: 3, Funny · on A New Way To Fund Open Source Software Projects, Bug Fixes and Feature Requests

    "I'm going to write me a new minivan this afternoon!" http://dilbert.com/strips/comic/1995-11-13/

  40. Science rules! ... or not? by paavo512 · · Score: 4, Funny · on First Gear Mechanism Discovered In Nature

    Extra credit for the article to put 'microseconds' in quotes! And then explain what it means. Whoa, so we can introduce entire generations in science who have not mastered difficult concepts like 'zero' before (http://dilbert.com/strips/comic/1997-02-27/).

  41. Re:Wasted effort by fritsd · · Score: 2 · on Space Food From Space Farms

    Obligatory Dilbert

  42. Re:As someone who worked at the elections by toddestan · · Score: 1 · on Australia Elects Libertarian-Leaning Senator (By Accident)

    Moral of the story is randomly choosing the order of the names on the ballot a single time then using that order on all the ballots doesn't actually accomplish anything.

    It's like making a random number generator with a single fair dice roll.[1]

    You forgot the reference.

    [1] http://xkcd.com/221/

    Which of course is just a lame rip off of [2].

    [2]. http://dilbert.com/strips/comic/2001-10-25/

  43. Re:Oblig Dilbert by Anonymous Coward · · Score: 1 · on Survey: Most IT Staff Don't Communicate Security Risks

    http://dilbert.com/fast/1996-05-02/
    Fast. Dilbert. Fast. Dilbert Fast.
    For not stupid people.
    People who use Unix/Linux.

    Unlike you. Moron.

  44. Re:one-way street by Tetch · · Score: 1 · on Survey: Most IT Staff Don't Communicate Security Risks
    Oblig Dilbert:

    http://dilbert.com/strips/comic/2004-01-11/
    "I fixed the Internet"

  45. Oblig Dilbert by PPH · · Score: 2 · on Survey: Most IT Staff Don't Communicate Security Risks

    here.

  46. Dilbert by rpstrong · · Score: 1 · on Prankster Calls NSA To Restore Deleted E-mail

    So am I the first to link to today's Dilbert?

  47. On the bright side... by nicc777 · · Score: 1 · on NSA Foils Much Internet Encryption

    Dilbert may have a point

  48. Re:Not Much On Me, Not Totally Wrong by snookerdoodle · · Score: 1 · on What Marketers Think They Know About You and What They Really Do

    Today's Dilbert is somewhat relevant.

  49. Hypocrisy in Government? by bmo · · Score: 2 · on FOI Request Reveals UK Houses of Parliament Workers' Passion For Adult Content

    No, say it isn't so!

    http://dilbert.com/strips/comic/1996-01-23/

    To update it to today, "So you're pitting your intelligence against the collective sex drive of everyone?"

    --
    BMO

  50. Re:There's both a glut AND a shortage by evilviper · · Score: 3, Insightful · on The STEM Crisis Is a Myth

    I have been interviewing IT candidates for years. We don't have a shortage of applicants. We do have a shortage of good applicants.

    So some idiot fooled you into believing a programmer in your area will work for $X. Then you find out $X gets you the bottom of the barrel, but you don't even consider that $X is too low, and attribute the poor pool of candidates to everything else but your own mistakes...

    I am increasingly dismayed by the number of individuals who profess ten or even twenty years of IT experience on their resumes, yet who cannot solve the most basic design problem or answer questions about the fundamentals of the language they use daily.

    When you insist on the qualifications a top-level expert might not even have, but you're paying entry-level wages, the only people you'll get are people who lie on their resume...

    http://dilbert.com/strips/comic/2008-02-29/

    If you're only willing to pay entry-level wages, then remove the "lies on their resume" requirements, and you MIGHT well find a few people that are quite capable, but only just got into the IT job market.