Oh, I forgot to mention. I don't want to defend the "too expensive" argument. It definately IS expensive, but that's just due to lacking diligence previously, accepting sub-standard quality applications into your organization.
Many IT-admins either don't care, don't know, or fails to explain to stake-holders why crappy odd-ball software, even though it "works" is a really bad idea in the long run.
At least government departments don't generally have people working in them who'd do anything to install crapware from the Net!
I don't work in government, but from what I've seen users are users regardless of occupation. Non-tech users rarely read popups, and install whatever blinks and looks shiny. Technical users are always sure THEY have a reason to circumvent your firewall and application policies, if only because they can.
From what I've seen in the enterprise sector though (I work for one of the global fortune-500 corporations, and I daily see their it-struggles) , I suspect there may be a LOT of 3d-party "web-apps" that isn't really "web"-apps, but IE6-apps, dependent on specific VBscript and ActiveX-quirks to work properly. Multiply your library-applet case a couple of times, and add an exponent to reflect the cases when the problem is at a level where you need to consult vendors to get it, and an exponent for all the inter-dependencies of all the "hotfixes", and you've probably got a reasonable cost-estimate.
“What is the essence of America? Finding and maintaining that perfect, delicate balance between freedom “to” and freedom “from.” – Marilyn vos Savant
From my Swedish perspective, in the US, "Freedom From" often gets neglected.
Besides, I doubt taking care of your workforce, for the cases of work where their loyalty and experience actually matters, is really bad business anyways. I do know of one example for a pure development house, where they switched from 8h workday to a 6h workday, as an experiment in productivity. The result? Staff were more focused, more creative and more productive. During the 6h workday, they produced about as much code as previously during 8, but the produced code got cleaner, with fewer bugs, saving a lot of time for new features.
Generally speaking, Linux drivers are only installed if signed by the distro repository
Actually, for most distros, "drivers" (code executed as root, which is the main barrier in a Linux-system) are installed if they're signed by _any_ key in the keyring, including 3:d-party repositories.
Many people add 3:d party repositories to access newer versions of various packages, or packages not included in the distro, significantly increasing the attack vector. If you manage to get a hold of a key for any of those repository-signers, you pretty much have root-access to thousands-millions of users.
One of the things Linux distributions must really rethink is the concept of 3d-party software, and how it can be integrated and allowed more safely than it is today.
One concept could be special repository-system for 3:d-party packages, chrooted to separate container, and not allowed to execute any scripts during installation (or allowed, but at non-root privileges). Another idea could be per-user installs of 3d-party apps that installs to $HOME/.local or similar, and never root.
If you're looking for people interested in computer science, especially ones that have agile language-skills, Backus-Naur might be a good keyword for to indicate that you know about fundamentals of formal languages or have formal education.
This pretty much pinpoints my feeling about certifications. They deal much more with product knowledge, than understanding the field they work in. I've seen many Cisco engineers completely dumb-struck when I use the IETF name for various standards and systems, just because they're used to the Cisco-name, for almost-the same thing.
In the same way, those Cisco-engineers very often fails to find problems in the Cisco-systems, as soon as there is a "vendor X"-device somewhere in the mix, producing a report say basically that since they found nothing wrong in the Cisco-systems, the problem must lie in the "other device", which they of course could not test. The thought didn't even occur to them to just sniff the traffic and see what actually happens.
I guess my main perceived problems with certifications are; A) They are usually Vendor-centric B) They usually have a strong practical focus, yet lacking perspective of the field as a whole, and the corresponding theory behind it. C) Builds "knowledge" rather than "understanding".
By the way, this is not only my experience in IT, but also in other areas, such as cable operators.
Actually, I (or rather my company) have paid money for code that actually allowed BASH-injection from an unauthenticated URL-rest-service, in an application designed to require root. Although, the software were only designed to protect still unreleased Movies, they were probably already on Pirate Bay anyways.
And no, the bug wasn't fixed, and yes, the developers still got paid, despite my objections.
I've actually seen one of our providing companies respond "chmod -R 777/" as a solution to a bug we filed with them.
On another topic, that we measured their application leaking about 200MB ram every 24hours, their reponse: "Buy more ram, restart weekly.". I actually took the time to troubleshoot this one myself, and since I knew it was a tomcat-based application I hit up Google, and 45 minutes later I'd nailed it down to a known bug in one of their dependent (and delivered) libraries. About 45 minutes to solve, without much prior skills. I'm not THAT expensive, I'm sure I was cheaper than the RAM.
Actually, a few years ago, I bought a Mac Mini which showed grave problems with BlueTooth and Wifi-reception. After digging around a little, that too was a hardware-problem, present in a lot of Mac Minis. Owners were never reimbursed, and (AFAIR) apple.com forum-threads removed.
Also, for that Mac, in OSX 10.4.6, Apple broke all support for FullHD-TV-monitors. Basically, the analysis claimed that for some unknown reason, Apple introduced a change in resolution-detection, filtering out 1920x1080p, if the monitor somehow identified itself as a televison-set. The bug were, to my knowledge, never solved, and owners recommended to buy 10.5 instead.
So, in my experience, Apple is at least as guilty of quality and usability-problems as anyone else, and well-known to not really reimburse customers when these things happen.
Just a tangential thought. The terminal interface is fluid and clean. It is also "user-friendly", depending on definition. What it isn't, is intuitive.
The Cisco CLI, for those familiar with it, is actually really "intuitive" (as intuitive as complex multi-protocol network configuration ever gets), by introducing contextual hints. "What could you type here"-type help.
Personally, I've for years been hoping for a keyboard-driven terminal-like interface, that is actually intuitive, but doesn't limit itself to 80x25 (or whatever) text-mode.
AFAIK, Bluetooth is License-free. That is, the protocol, and all related specifications are free for implementation.
Of course you may still need to pay a little for a chip that implements it, but the same thing goes for any wireless chip, and I doubt Bluetooth is THAT much more expensive?
MPEG2-TS, muxing format. Does nothing whatsoever for internet media-delivery, except could possibly be shoehorned into being the payload muxer, although better options exist. (Native RTP-muxing, MP4...)
ISDB-T, are you high? It's a broadcasting-specification, and -T stands for terrestial, that is, developed for fixed terrestial antenna transmission.
DVB-H, again, physical transmission-technology for Handhelds, only with related technologies such as DVB-IPDC even touching some kind of Internet service. And then still operator-controlled, as opposed to the proposed standard which focuses on direct Producer(BBC) -> Consumer (your STB or Computer).
If anything, this sounds more like HBBTV, except that too is broadcaster-centric.
Of course there are things that by necessity must remain secret, such as firing codes for weapons etc.
Potential evidence of things that can/should lead to investigation and prosecution however, is never a justifiable secret, (not even in a corporation, for that matter).
Of course the developers all use Firefox for Firebug
Just a tip: I too used to use Firebug, but have since mostly moved over to Chromium for it's excellent built-in developer-tools. I'm very happy with it, and generally recommend everyone to give it a try.
I generally agree, but the description given here hints that the page might only be viewed on controlled terminals (bringing into question why using HTML), in which case targeting single browser is still principally bad, but practically maybe his best choice.
HTML wasn't designed for printing, and it never will be.
Actually, it was much more built for printing than it was for YouTube (or Slashdot, for that matter).
HTML itself is a document-format, intended to convey documents, with easily followed links to other documents. It's designed for essay-type documents, kindof what your word-processor produces.
What HTML wasn't designed for, is absolute control over presentation and rendering. HTML originally was a content-oriented format, where it were much up to the browser to determine apt rendering, (similarily to Latex or DocBook) such that different browsers could present the content in a format suited to the terminal in question.
Control over presentation came in much later with CSS, and have been struggling ever since, but at the core, HTML is still a content-conveying document format.
That said, it's really quite sad, given the document oriented nature of HTML, how browsers STILL cannot format it decently for printing.
Slashdot Mirror
Oh, I forgot to mention. I don't want to defend the "too expensive" argument. It definately IS expensive, but that's just due to lacking diligence previously, accepting sub-standard quality applications into your organization.
Many IT-admins either don't care, don't know, or fails to explain to stake-holders why crappy odd-ball software, even though it "works" is a really bad idea in the long run.
At least government departments don't generally have people working in them who'd do anything to install crapware from the Net!
I don't work in government, but from what I've seen users are users regardless of occupation. Non-tech users rarely read popups, and install whatever blinks and looks shiny. Technical users are always sure THEY have a reason to circumvent your firewall and application policies, if only because they can.
From what I've seen in the enterprise sector though (I work for one of the global fortune-500 corporations, and I daily see their it-struggles) , I suspect there may be a LOT of 3d-party "web-apps" that isn't really "web"-apps, but IE6-apps, dependent on specific VBscript and ActiveX-quirks to work properly. Multiply your library-applet case a couple of times, and add an exponent to reflect the cases when the problem is at a level where you need to consult vendors to get it, and an exponent for all the inter-dependencies of all the "hotfixes", and you've probably got a reasonable cost-estimate.
Blame Microsoft, their ruthless tactics led to that situation.
Fool me once: shame on you.
Fool me twice...
“What is the essence of America? Finding and maintaining that perfect, delicate balance between freedom “to” and freedom “from.” – Marilyn vos Savant
From my Swedish perspective, in the US, "Freedom From" often gets neglected.
Besides, I doubt taking care of your workforce, for the cases of work where their loyalty and experience actually matters, is really bad business anyways. I do know of one example for a pure development house, where they switched from 8h workday to a 6h workday, as an experiment in productivity. The result? Staff were more focused, more creative and more productive. During the 6h workday, they produced about as much code as previously during 8, but the produced code got cleaner, with fewer bugs, saving a lot of time for new features.
I absolutely love the argument "let's buy faster hardware, so that we can run more stupid crap on it".
Meanwhile, Internet Uses 9.4% of Electricity In the US and Laptops catch on fire.
Generally speaking, Linux drivers are only installed if signed by the distro repository
Actually, for most distros, "drivers" (code executed as root, which is the main barrier in a Linux-system) are installed if they're signed by _any_ key in the keyring, including 3:d-party repositories.
Many people add 3:d party repositories to access newer versions of various packages, or packages not included in the distro, significantly increasing the attack vector. If you manage to get a hold of a key for any of those repository-signers, you pretty much have root-access to thousands-millions of users.
One of the things Linux distributions must really rethink is the concept of 3d-party software, and how it can be integrated and allowed more safely than it is today.
One concept could be special repository-system for 3:d-party packages, chrooted to separate container, and not allowed to execute any scripts during installation (or allowed, but at non-root privileges). Another idea could be per-user installs of 3d-party apps that installs to $HOME/.local or similar, and never root.
If you're looking for people interested in computer science, especially ones that have agile language-skills, Backus-Naur might be a good keyword for to indicate that you know about fundamentals of formal languages or have formal education.
study material to acquire product knowledge
This pretty much pinpoints my feeling about certifications. They deal much more with product knowledge, than understanding the field they work in. I've seen many Cisco engineers completely dumb-struck when I use the IETF name for various standards and systems, just because they're used to the Cisco-name, for almost-the same thing.
In the same way, those Cisco-engineers very often fails to find problems in the Cisco-systems, as soon as there is a "vendor X"-device somewhere in the mix, producing a report say basically that since they found nothing wrong in the Cisco-systems, the problem must lie in the "other device", which they of course could not test. The thought didn't even occur to them to just sniff the traffic and see what actually happens.
I guess my main perceived problems with certifications are;
A) They are usually Vendor-centric
B) They usually have a strong practical focus, yet lacking perspective of the field as a whole, and the corresponding theory behind it.
C) Builds "knowledge" rather than "understanding".
By the way, this is not only my experience in IT, but also in other areas, such as cable operators.
Actually, I (or rather my company) have paid money for code that actually allowed BASH-injection from an unauthenticated URL-rest-service, in an application designed to require root. Although, the software were only designed to protect still unreleased Movies, they were probably already on Pirate Bay anyways.
And no, the bug wasn't fixed, and yes, the developers still got paid, despite my objections.
I've actually seen one of our providing companies respond "chmod -R 777 /" as a solution to a bug we filed with them.
On another topic, that we measured their application leaking about 200MB ram every 24hours, their reponse: "Buy more ram, restart weekly.". I actually took the time to troubleshoot this one myself, and since I knew it was a tomcat-based application I hit up Google, and 45 minutes later I'd nailed it down to a known bug in one of their dependent (and delivered) libraries. About 45 minutes to solve, without much prior skills. I'm not THAT expensive, I'm sure I was cheaper than the RAM.
Buzzword is the keyword here. FTA:
“This is also a green technology – it is capable of carrying twice the volume of traffic that London phone systems carry.
Since when do throughput equal green?
Why hand-carry when you can just use the protocols of pigeon-carried-ip?
Good throughput, albeit a bit high in packet-loss and poor latency.
http://www.faqs.org/rfcs/rfc2549.html
Tactile feedback is actually important when it comes to being effective with your input device
Exactly. It's not JUST the screensize that makes a touch-cellphone keyboard uncomfortable.
And it sounds like it served its purpose.
Yup, I zapped my harddrive, ritually burned my MacOS CD, and installed Linux instead. It detected the screens native resolution without questioning.
Bonus feature; the system gained ~20% performance, enabling HD playback without framedrop, and Samba started behaving sane.
Actually, a few years ago, I bought a Mac Mini which showed grave problems with BlueTooth and Wifi-reception. After digging around a little, that too was a hardware-problem, present in a lot of Mac Minis. Owners were never reimbursed, and (AFAIR) apple.com forum-threads removed.
Also, for that Mac, in OSX 10.4.6, Apple broke all support for FullHD-TV-monitors. Basically, the analysis claimed that for some unknown reason, Apple introduced a change in resolution-detection, filtering out 1920x1080p, if the monitor somehow identified itself as a televison-set. The bug were, to my knowledge, never solved, and owners recommended to buy 10.5 instead.
So, in my experience, Apple is at least as guilty of quality and usability-problems as anyone else, and well-known to not really reimburse customers when these things happen.
Just a tangential thought. The terminal interface is fluid and clean. It is also "user-friendly", depending on definition. What it isn't, is intuitive.
The Cisco CLI, for those familiar with it, is actually really "intuitive" (as intuitive as complex multi-protocol network configuration ever gets), by introducing contextual hints. "What could you type here"-type help.
Personally, I've for years been hoping for a keyboard-driven terminal-like interface, that is actually intuitive, but doesn't limit itself to 80x25 (or whatever) text-mode.
I think http://www.hci-matters.com/blog/2007/06/16/archives/9/ has a very good starting point.
Sure would be nice if they would go 1.0 instead of .10 if it's going to be a stable release...
1.0 = 100%. When they reach 1.0, there can never ever be any more releases. ;)
I have used autotools, and they're still incomprehensible.
AFAIK, Bluetooth is License-free. That is, the protocol, and all related specifications are free for implementation.
Of course you may still need to pay a little for a chip that implements it, but the same thing goes for any wireless chip, and I doubt Bluetooth is THAT much more expensive?
- So what is it? A beta, or a release candidate?
- Let's call it Beta-candidate
Ehm, no?
MPEG2-TS, muxing format. Does nothing whatsoever for internet media-delivery, except could possibly be shoehorned into being the payload muxer, although better options exist. (Native RTP-muxing, MP4 ...)
ISDB-T, are you high? It's a broadcasting-specification, and -T stands for terrestial, that is, developed for fixed terrestial antenna transmission.
DVB-H, again, physical transmission-technology for Handhelds, only with related technologies such as DVB-IPDC even touching some kind of Internet service. And then still operator-controlled, as opposed to the proposed standard which focuses on direct Producer(BBC) -> Consumer (your STB or Computer).
If anything, this sounds more like HBBTV, except that too is broadcaster-centric.
Of course there are things that by necessity must remain secret, such as firing codes for weapons etc.
Potential evidence of things that can/should lead to investigation and prosecution however, is never a justifiable secret, (not even in a corporation, for that matter).
Of course the developers all use Firefox for Firebug
Just a tip: I too used to use Firebug, but have since mostly moved over to Chromium for it's excellent built-in developer-tools. I'm very happy with it, and generally recommend everyone to give it a try.
I generally agree, but the description given here hints that the page might only be viewed on controlled terminals (bringing into question why using HTML), in which case targeting single browser is still principally bad, but practically maybe his best choice.
HTML wasn't designed for printing, and it never will be.
Actually, it was much more built for printing than it was for YouTube (or Slashdot, for that matter).
HTML itself is a document-format, intended to convey documents, with easily followed links to other documents. It's designed for essay-type documents, kindof what your word-processor produces.
What HTML wasn't designed for, is absolute control over presentation and rendering. HTML originally was a content-oriented format, where it were much up to the browser to determine apt rendering, (similarily to Latex or DocBook) such that different browsers could present the content in a format suited to the terminal in question.
Control over presentation came in much later with CSS, and have been struggling ever since, but at the core, HTML is still a content-conveying document format.
That said, it's really quite sad, given the document oriented nature of HTML, how browsers STILL cannot format it decently for printing.