I grok the snark, but in my experience people who take their own initiative on learning and personal development gain 10x more than people who get sent to some boot camp or seminar on their employers dime.
False dilemma. I take lots of initiative to learn new stuff and my employer reimburses me for the classes and books.
A web developer should know what SSL certificate is, what CA is, what happens when the cert expires. A database developer should know to not store plaintext passwords in the database and use hash instead. Salted hash.
But neither need to and plenty don't.
The applications on Windows nowadays use assembly manifests that contain publicKeyToken - SHA1 hash of public key used for signing the assembly. I would expect a competent windows developer to know that.
But it's not a requirement, thus most don't use it.
When developing a game you want to prevent rogue modifications of game client that would give the player an advantage (there is probably a term for that).
Only applicable for multiplayer games. And the technology that most companies use for that is third-party middleware. The game developers themselves don't need to know any of how it works just how to integrate it.
If you use ssh to access the CVS you should know about public-private key cryptography. If you use git, you should know what a hash is. If you deploy to a staging server you hopefully do that with encrypted protocol.
But don't need to.
Yes you can do without that.
Well, yes, that was what I already said.
IMHO in IT it requires conscious effort to not know some basics of cryptography.
Knowing it at all isn't relevant for many people who are currently writing software. The person who submitted this question is just some guy who has just arbitrarily decided that encryption is an important thing that everyone should know. And I doubt he really knows more than the basics himself. He just thinks he smarter than others because he could stump a couple of a people with some silly pop quiz.
Front-end web development, database programming, audio/video/DSP, compiler/dev tools, computer graphics, game programming are just a few things you can do without ever needing to use cryptography or needing to know anything about it to do your job.
How many deployment avenues don't use cryptographic signatures?
Plenty of them.
Usually you're either producing downloadable code, in which case the packages or tarballs are generally signed, or deploying to an HTTP or similar server, in which case you should at least understand what the purpose of TLS is.
Plenty of people make installers that aren't signed and there are tons of sites that don't use TLS.
To me a senior developer should at least know some basic concepts of encryption
Why? What if their previous jobs have never involved cryptography? Why is encryption arbitrarily any more important than a dozen other specialties I could list?
Why is this more to ask than that someone knows the language that a shop uses. Knows how to use the framework we use. Etc?
Sure, if being able to generate public/private keys and knowing about PKI was relevant to the position it would be a useful question. We don't know that these questions DID have any relevance to the job qualifications.
Sure, but the person asking this question never even mentioned if PKI even had anything to do with the position being hired for. All we know is that he pop quizzed them on it and they didn't happen to answer the question as he wanted. If this is for a senior development job for developing encryption software than that is one thing, but if this is just random pop quiz questions than it's as silly as me asking someone questions about ARM Neon for a position writing.NET services.
Yeah, these pop quiz type interviewers are just as bad as the brain teaser people. Both don't realize that their questions don't actually bring in good people. It's the very reason these types of questions have been phased out or are in the process of being phased out by companies like Microsoft, Google, etc. The only thing the questions ended up hiring is people who trained themselves for the interview.
I'm pretty sure knowing about algorithms, data structures, and being able to quickly pick up new languages/frameworks/etc. is far more relevant to the quality of a software developer than knowing some single specialty of software.
Plus no one does software development purely off of what they have memorized. Everyone has reference manuals, web sites, stackoverflow, etc. easily accesible while working. Now, if you don't even know the basics that is one thing, but there is no way any software developer knows everything about everything.
You learn it on your own time at your own expense. Duh. You aren't one of those "freeloaders" that expect their employer to invest any of their time or money in the growth and career development of their employees do you?
Yeah, these questions would only be relevant if it was vital to the job being interviewed for. Otherwise, these are just stupid questions. Unless knowing the ins-and-outs of PKI is relevant to the job, this is about as dumb as me asking a Web developer about how to optimize multimedia codecs using ARM Neon.
For instance, today I asked an engineer with 20+ years of experience to describe to me the basic process of public/private key encryption. This engineer had no clue.
Yeah, and? Not everyone is going to know the ins-and-outs of every single field of software.
I am disappointed with the applicants thus far, and quite frankly it has me worried about the quality of developers/engineers available to us.
Unless you claim that you know everything about everything, I'm sure I could find areas that you had no clue about as in these engineers you refer to in the previous sentence. Does that make you a bad developer?
Maybe you need to actually get a clue about what aspergers actually is.
I have a clue what it is. It was a faux disorder with tons of its "sufferers" being self-diagnosed. That's why it was removed from the diagnostics manual.
Slashdot Mirror
Free work like that can be valuable in networking and showing off, and hence in finding paid work.
Or not:
been invited to talk to Mashery's development team twice and am considered the leader in API automation... but can't find work to save my life.
Did you even bother to read the post I responded to where he's done all this free work and has gotten jack and shit from it?
I'd also suspect that it was valuable to more people than Netflix.
I'm sure it must have been. It is great to get someone to do a whole bunch of work for you without having to compensate them.
Maybe, but the jobs are far less abundant than the great paying Java backend dev jobs.
I grok the snark, but in my experience people who take their own initiative on learning and personal development gain 10x more than people who get sent to some boot camp or seminar on their employers dime.
False dilemma. I take lots of initiative to learn new stuff and my employer reimburses me for the classes and books.
A web developer should know what SSL certificate is, what CA is, what happens when the cert expires.
A database developer should know to not store plaintext passwords in the database and use hash instead. Salted hash.
But neither need to and plenty don't.
The applications on Windows nowadays use assembly manifests that contain publicKeyToken - SHA1 hash of public key used for signing the assembly. I would expect a competent windows developer to know that.
But it's not a requirement, thus most don't use it.
When developing a game you want to prevent rogue modifications of game client that would give the player an advantage (there is probably a term for that).
Only applicable for multiplayer games. And the technology that most companies use for that is third-party middleware. The game developers themselves don't need to know any of how it works just how to integrate it.
If you use ssh to access the CVS you should know about public-private key cryptography. If you use git, you should know what a hash is. If you deploy to a staging server you hopefully do that with encrypted protocol.
But don't need to.
Yes you can do without that.
Well, yes, that was what I already said.
IMHO in IT it requires conscious effort to not know some basics of cryptography.
Nope. Most jobs don't require knowing it.
Knowing the ins and outs isn't necessary.
Knowing it at all isn't relevant for many people who are currently writing software. The person who submitted this question is just some guy who has just arbitrarily decided that encryption is an important thing that everyone should know. And I doubt he really knows more than the basics himself. He just thinks he smarter than others because he could stump a couple of a people with some silly pop quiz.
This is where we as techies have to step up and not let the clueless take charge.
Yep, especially the person who asked the question.
Front-end web development, database programming, audio/video/DSP, compiler/dev tools, computer graphics, game programming are just a few things you can do without ever needing to use cryptography or needing to know anything about it to do your job.
How many deployment avenues don't use cryptographic signatures?
Plenty of them.
Usually you're either producing downloadable code, in which case the packages or tarballs are generally signed, or deploying to an HTTP or similar server, in which case you should at least understand what the purpose of TLS is.
Plenty of people make installers that aren't signed and there are tons of sites that don't use TLS.
To me a senior developer should at least know some basic concepts of encryption
Why? What if their previous jobs have never involved cryptography? Why is encryption arbitrarily any more important than a dozen other specialties I could list?
Demand computer science then train
Train people? What sort of communist nonsense is that? Train yourself on your own time at your own cost you freeloader!
Why is this more to ask than that someone knows the language that a shop uses. Knows how to use the framework we use. Etc?
Sure, if being able to generate public/private keys and knowing about PKI was relevant to the position it would be a useful question. We don't know that these questions DID have any relevance to the job qualifications.
Sure, but the person asking this question never even mentioned if PKI even had anything to do with the position being hired for. All we know is that he pop quizzed them on it and they didn't happen to answer the question as he wanted. If this is for a senior development job for developing encryption software than that is one thing, but if this is just random pop quiz questions than it's as silly as me asking someone questions about ARM Neon for a position writing .NET services.
Yeah, these pop quiz type interviewers are just as bad as the brain teaser people. Both don't realize that their questions don't actually bring in good people. It's the very reason these types of questions have been phased out or are in the process of being phased out by companies like Microsoft, Google, etc. The only thing the questions ended up hiring is people who trained themselves for the interview.
Nah, it's much more fun to catch those people and then mock them for being morons.
I'm pretty sure knowing about algorithms, data structures, and being able to quickly pick up new languages/frameworks/etc. is far more relevant to the quality of a software developer than knowing some single specialty of software.
that really should be common knowledge in software engineering.
For what reason exactly? Cryptography doesn't apply to many fields of software.
Plus no one does software development purely off of what they have memorized. Everyone has reference manuals, web sites, stackoverflow, etc. easily accesible while working. Now, if you don't even know the basics that is one thing, but there is no way any software developer knows everything about everything.
And quite a few of them migrated into positions in charge of hiring others.
Why would you have done a whole bunch of free work where only Netflix benefits?
You learn it on your own time at your own expense. Duh. You aren't one of those "freeloaders" that expect their employer to invest any of their time or money in the growth and career development of their employees do you?
Yeah, these questions would only be relevant if it was vital to the job being interviewed for. Otherwise, these are just stupid questions. Unless knowing the ins-and-outs of PKI is relevant to the job, this is about as dumb as me asking a Web developer about how to optimize multimedia codecs using ARM Neon.
For instance, today I asked an engineer with 20+ years of experience to describe to me the basic process of public/private key encryption. This engineer had no clue.
Yeah, and? Not everyone is going to know the ins-and-outs of every single field of software.
I am disappointed with the applicants thus far, and quite frankly it has me worried about the quality of developers/engineers available to us.
Unless you claim that you know everything about everything, I'm sure I could find areas that you had no clue about as in these engineers you refer to in the previous sentence. Does that make you a bad developer?
Maybe you need to actually get a clue about what aspergers actually is.
I have a clue what it is. It was a faux disorder with tons of its "sufferers" being self-diagnosed. That's why it was removed from the diagnostics manual.
No shit? It's almost as if the GP said the exact same thing:
It's a shame that the distro is dead.
It's highly inefficient. It would be trivial to automate this process.