Vendors have no right to non-disclosure. Vendors have no right to have their 'image' or 'reputation' protected. If the company is that concerned it's up to *them* to invest the time and energy tracking down the bugs and repairing them.
Darn tootin'. To my mind this is nothing more than a re-hash of the old "disclose or not" debate, except the authors have gone to the trouble of writing up the "not" standpoint as an RFC. My comment is, it sucks.
The customer is left unprotected, under this scheme, until the vendor gets around to fixing the problem. Did you see the part about how the vendor will provide the fix free or charge, or for a nominal charge? No? Maybe that's because it wasn't there.
And I don't think anybody has yet commented on their new, improved, standardized e-mail address for reporting security problems. Standard for whom? AFAIK, nobody uses that now; why not pick something obvious, like security@domain.com.
I'm afraid @stake has sold out. Maybe it's something in the "@" symbol -- the same way @home sold its mailing lists to every spammer under the sun.
Damion Conway was a professor, who took a sabbatical to do his perl thing this year. Larry Wall was an O'Reilly employee, the last I heard, and was being paid to develop (wait for it) perl. So what's the story behind the story here? Is ORA looking for help to pay Larry's salary, or just a tax deduction, or is something else going on
Given the current political climate, nobody's going to be building ANY nuclear power plants in the U.S. for years to come. Even if a Li-cooled plant were to prove its superiority over conventional water-cooled plants, nobody's going to build a new reactor design outside the U.S. using unproven American technology until the Americans do it first. It's a combination of NIH and fear. Unless some other government like France or Japan does it, this will be wonderful bookshelf lining research.
(How many down-mods do I get for a catchy title like that??)
I think the problem is that the developers are arranged in the reverse of how they need to be. Linus has chosen the role of point man for advanced development. All very well, it's his baby. But lots of people, like me, need a stable kernel. We want the ultimate sign-off to come from quality control. The problem is that QC is subordinate to Linus. The patch penguin proposal doesn't do anything to fix the problem.
Ala Cox did a fine job on 2.2 as QC manager. Linus was off putting in new stuff. Trouble was, a lot of those neat new things never made it up to the quality needed for inclusion into a stable kernel. As a result, 2.2 stagnated somewhat, and when Linus decided 2.4's time had come, there was a major hiccup.
Will the same thing happen to 2.4/2.5? I wouldn't bet against it, unfortunately. It looks like cleaning up the mess that Linus left (like the VM issues) is going to take a while. By that time, 2.5 may be too far ahead to incorporate new stuff while maintaining quality.
If my thesis is right, what is needed is some way to bridge the gap between the development and the stable branches. Perhaps the "group of developers" can fill this, with the equivalent of a perl pump-king doing the final QC, with the final say as to what gets in and what doesn't. This would reduce the discontinuities when Linus says, "OK, now we're ready to start doing 2.6 or 3.0."
Isn't there an area in West Virginia, something like 10 miles square, where you can't get radio, TV, or cellular? Started by accident but then the radio astronomers and spooks decided they like the low RF background.
There's a lot of back-and-forth discussion, not only on the VM, but on the feature (un)freeze of 2.4/2.5, and on how Linus is a lousy patch control system. But maybe that's not the most important thing here.
Way back when, the purpose of a development kernel was to feed things in to a stable kernel tree. Now part of the problem has to be that Linus started 2.4 way before 2.3.X was ready for it, but it looks like history is repeating itself. 2.4 isn't all that stable, even now, but Linux is happily accepting lots of new goodies to play with in 2.5.
Something is not working right here. Is Linus less demanding of quality now, since he's willing for somebody else to come in and fix up the allegedly stable kernel tree? Or is he accepting too many things to allow a development tree to stabilize?
I suspect it's a combination of too much stuff and too big a kernel. Instead of the heady days of 2-3 kernels per week in the development tree, and the stable tree gets another kernel every week or two, now we have a development kernel every week or two and a stable patch every month or three. And the kernel size is 10x bigger than in the 1.0 days.
Look how long it took the USB stuff to filter through the development into the stable tree.
It seems obvious the Linus Linux development process is not scaling. I'm not sure what the answer will turn out to be, but it may be some combination of the following:
(1) More "boutique" kernels like Alan Cox's ac series, feeding into the "stable development" kernels that Linus has been generating.
(2) More formal check-in methods, a la CVS commit. This may take some developer training in how to use CVS -- does anyone want to offer Linus a course and set up a server for him? I bet he'd take a complementary Geek Cruise!
(3) Some kind of more rigorous control in the stable kernel tree. I suppose you could say Redhat and SuSE are doing this informally now; if they start coordinating their efforts, and get IBM involved, the kernel will be incredibly stable. And even more incredibly slow to update.
(4) More beta testers to crack the newer kernels. This is going to get harder, as more of us need to get work done on our Linux boxes. It used to be a hassle when Linux crashed; now it's not acceptable any more!
(5) Better ways for these users to track down problems and report bugs. This last week I heard myself say, "Try rebooting your Linux box and see if the problem goes away." I just don't have the time, energy, knowledge, and skills to deal with lusers' "I've got a problem" whines any more.
(6) Is the quality of kernel patches too low? Do we need to develop some regression tests for the kernel, which a patch would have to pass before it would be accepted? (And how do you do a regression test program of this magnitude without Microsoft's beta testers, AKA customers?)
Anybody want to contribute more ideas to the list? We can spam Linus with them until he agrees!
Don't dwell too much on this going on for years in the courts. The best thing that can come of this would be similar to what happened in the 80's with IBM -- that the government and anybody else possible shines as much attention on Microsoft for as long as possible, slowing their monopolisitic practices long enough for the competition to catch up. Unfortunately for IBM the one that caught up to them was Microsoft:-/.
It's already happening, and will continue. Have patience.
I think the tobacco industry might be a better metaphor. They had tons of money and could throw cash at lawyers for thirty or forty years until they just got tired of it. I'd have preferred the Redhat-style penalty; hit them and make them pay cash.
Since I understand most documentation is now requested on a floppy or CD-ROM, why not go ahead and file it electronically?
OTOH, pleading a case before an electronic judge sounds like a loser to me. When you are in front of someone, you can read them -- what do they like or dislike about what you're saying, what do they find persuasive -- and adjust the brief in real time. I've yet to see that kind of instantaneous feedback in a videoconference. May as well do it all in written submissions, phone in and ask, "do you have any questions?"
a young whippersnapper got hooked on objected-oriented design. He derided all the existing Fortran we had as spaghetti code. To some of us, though, his "object-oriented" code was lasagna code. No overriding structure, code spread out all over the place, a single function scattered over three files. And this was still Fortran; I've seen C++ coders who took six files for a similar, simple function.
Amen. This is the smartest observation of all. May I quote this?
"Too much p53 and you get this aging effect. Too little and you get cancer. My guess is that evolution has evolved just the right level."
Would somebody explain to me how evolution would play in this finely-tuned scenario? In the U.S. our average lifespan is over 70 years, yet most women pass menopause around age 45. There's a 25 year lifespan discrepancy, in which evolution has no effect, because the population (at least of women) can't reproduce!
I've seen some truly awful procedural code (lots of it was Fortran, BTW). I've seen some truly gorgeous procedural code (lots of it was Fortran, BTW). I've seen some some wonderful, and even more pretty awful, OO code (mostly C++, but with some Java).
Go ahead and study object oriented programming. You'll learn some new ways to do things. But I think it's the act of studying, and the act of learning, that will be the most valuable thing you get out of the process. Too many people never study how to program, how to document, how to design code. They learn one or more languages. Their code shows it.
A few people have a natural tendency to write elegant code. A few more, but still not very many, study and try to learn how to write elegant code.
But don't expect the object-orientedness to make much difference. A dozen or more years ago, a young whippersnapper got hooked on objected-oriented design. He derided all the existing Fortran we had as spaghetti code. To some of us, though, his "object-oriented" code was lasagna code. No overriding structure, code spread out all over the place, a single function scattered over three files. And this was still Fortran; I've seen C++ coders who took six files for a similar, simple function.
I've also surprised myself! when some of my OO C++ code needed four lines to add new functionality. But it was carefully designed, after years of programmer improvement and study.
I see some posts have touched on the "reboot to Windows" aspect of this. Has anybody else noticed that, with most Windows games, you also have to reboot when you're done? My girls got at least one game this Christmas (Tony Hawke 2) that causes more strange stuff than even the average Microsoft Windows upgrade.
I think we need a Linux box for serious stuff and a Windows box to play with. But a Playstation would be cheaper.
I think one reason so many satellites have so little computing power is the length of time it takes to build and launch one. Remember, these are all custom electronics; so you take the best chip available, and build around that. Five years to design, build, and launch a bird is fairly reasonable. (Space qualification and integration into the launch vehicles can easily take a year of that!) Then they may stay up there for another 5-15 years.
Keep in mind that most commercial processors might last a week or two, so you have to qualify or harden what you put up there. IIRC, there are hardening programs now for the PowerPC chips (650 and 670s) and a Pentium; seems Intel doesn't want to sell its intellectual property until its wrung what it can out of the commercial market.
I've heard Iridium was powered by 68000s, probably because of the hardening lag. If the Hubble has a 486, it was almost certainly an upgrade! Hubble's launch schedule was delayed because of the Challenger explosion. Fifteen years ago, I wanted a 80286 and had heard Intel might release a new 80386 in another year or two. So it probably went into orbit with something like a Z80.
As you move along in your career a degree matters less and less however. If you are 30 and have proven yourself with a bunch of good years of experience behind you, 95% of 'professionals' will actually respect you, whether or not you got that piece of paper 10 years ago.
You're correct that as you prove yourself the degree becomes less important. Until you've done that, however, you may live through some unpleasant times. If I were 20 years old and in his place, I'd try to go to school. It's much more pleasant than going against the stablished order and gives you better odds.
I agree, to some extent. A college degree, especially for someone less than 30-40, is a job ticket. You may be able to do the job, but without a degree you may never get the chance. Likewise, you may move up in one company but not have job mobility to move to another (although networking may help here). Age and demonstrated experience (with demonstrated results) can overcome this. But you need to show results, in terms of "saved my company $X" or "completed project Y ahead of schedule and under budget" at some point.
Perhaps you can do this while job-hopping, but I know lots of folks in hiring positions who look at anything less than 4-5 years in a company with suspicion. They suspect anyone who leaves in 6-18 months got out before the s*** hit the fan, and may have gotten a raise by job-hopping, not by job performance.
But I don't work as a computer geek, exactly. Anyone have similar experience from inside "IT?"
Five years experience and you're 19? Like several others have said, no way. Unless, of course, you dropped out of junior high and started working full time, which I doubt. Ask your boss and HR people how they count years of experience, and restate yours to match their standards.
Sue them? Well, count on paying a lawyer a few hundred bucks to ask him a few questions. You could save it to pay for your baby, but you're pissed, right? Then drop it. You're unlikely to make out like a bandit, and you're very likely to taint yourself (for suing your employer) so badly nobody will ever hire you except as a temp or consultant again.
Confront the bastard. Well, you can. Most 19-year-olds don't have the maturity and self-control to pull this one off, but you may be the exception. If you do, figure out what your goal is and how you're going to get there ahead of time. Two more hints: First, you won't win if you threaten him, and probably won't if you try to convert the IT guy on the spot by jawing at him.
Second, if you want to win a confrontation, you should ask him (and your immediate boss, too) how you can improve your performance. Tell him you have a kid on the way, and you're serious about trying to be the best employee he has, and has him how to do that. Ask him why he wants to get rid of you, and what you can do to improve so that he wants to keep you. If you don't get any response there, try the IT director's boss, one level up, with the same approach. Then listen, write down what he says, and get to work on those suggestions.
You may want to become a "Master of the Universe," but you obviously are not in a position to get there by acting like one. (For one thing, masters of the universe don't bring their problems to./ asking for advice.) Eat some humble pie, learn how you can improve, and you may get there in another 19 years.
Are your grammar and dress in line with the rest of your company? The dot.bust has come, and you may be trying to get away with last year's mannerisms. Don't push it too hard. Khakis and no ties you can justify if you routinely crawl around behind machines or lug monitors around. Torn t-shirts and holes in your jeans may chafe a raw spot somewhere up the hierarchy. Keep that up only if you want to remind them you're a special case. The special case they may want to get rid of.
Or quit. Just make sure you have another job lined up before you go. Be sure that if you take this route, you are going to leave. You can look for other work, and test the waters, on your lunch hour or before/after work. But you're not trying to get a raise, you want a job. If you get an offer, you're out of there.
Of course any code red infected machine already can be set up as a mail relay...
Right, but the point is that this bug (may) already have it set up. All the spammer would have to do is scan for a machine with a valid header response on port 25, and relay away.
Wonder what my logs will show in the next week or so...
From a corporate perspective, IRC is very, very far from legitimate or reliable tech support. Same goes for usenet. People want a phone number that they can call and get an answer RIGHT NOW. Or if they don't get one RIGHT NOW, they want to know that a technician is working on the problem until it's solved.
Which they don't get from Microsoft. Except for the phone number.
Ergo the original conclusion, college kids don't have much real world experience. I think it's similar to a political campaign. Doesn't matter what "true" is; whoever hollers longest and loudest wins.
And what will he do? OK, maybe I don't get around CPAN enough. But Damian Conway I know from his books and modules. I just don't recognize Dan's name.
Damian has a nice description of things he wants to work on at the yetanother.org link above (terrible color scheme, btw - only suitable for very late-night browsing).
And who are they going to "buy" if they can only raise half the necessary funds?
And wait, it gets better. If Ashcroft and his DoJ pursue the case and win, courtesy of judges carefully bought and paid for, nobody gets hurt (except the civil liberties of Americans). Elcomsoft goes to a Russian court, which throws out any penalty because what they did wasn't against Russian law. Elcomsoft chooses its banks carefully and wisely, and the government can't collect. Asscroft looks like a fool.
Slashdot Mirror
Darn tootin'. To my mind this is nothing more than a re-hash of the old "disclose or not" debate, except the authors have gone to the trouble of writing up the "not" standpoint as an RFC. My comment is, it sucks.
The customer is left unprotected, under this scheme, until the vendor gets around to fixing the problem. Did you see the part about how the vendor will provide the fix free or charge, or for a nominal charge? No? Maybe that's because it wasn't there.
And I don't think anybody has yet commented on their new, improved, standardized e-mail address for reporting security problems. Standard for whom? AFAIK, nobody uses that now; why not pick something obvious, like security@domain.com.
I'm afraid @stake has sold out. Maybe it's something in the "@" symbol -- the same way @home sold its mailing lists to every spammer under the sun.
Oops. My bad.
But the spine I can read from here only says "Conway!"
Damion Conway was a professor, who took a sabbatical to do his perl thing this year. Larry Wall was an O'Reilly employee, the last I heard, and was being paid to develop (wait for it) perl. So what's the story behind the story here? Is ORA looking for help to pay Larry's salary, or just a tax deduction, or is something else going on
Given the current political climate, nobody's going to be building ANY nuclear power plants in the U.S. for years to come. Even if a Li-cooled plant were to prove its superiority over conventional water-cooled plants, nobody's going to build a new reactor design outside the U.S. using unproven American technology until the Americans do it first. It's a combination of NIH and fear. Unless some other government like France or Japan does it, this will be wonderful bookshelf lining research.
You'll notice the second question is "will you help?" -- the money question is below that. I wonder which is more important to them.
(What do ICANN volunteers do? Set up web sites with polls?)
(How many down-mods do I get for a catchy title like that??)
I think the problem is that the developers are arranged in the reverse of how they need to be. Linus has chosen the role of point man for advanced development. All very well, it's his baby. But lots of people, like me, need a stable kernel. We want the ultimate sign-off to come from quality control. The problem is that QC is subordinate to Linus. The patch penguin proposal doesn't do anything to fix the problem.
Ala Cox did a fine job on 2.2 as QC manager. Linus was off putting in new stuff. Trouble was, a lot of those neat new things never made it up to the quality needed for inclusion into a stable kernel. As a result, 2.2 stagnated somewhat, and when Linus decided 2.4's time had come, there was a major hiccup.
Will the same thing happen to 2.4/2.5? I wouldn't bet against it, unfortunately. It looks like cleaning up the mess that Linus left (like the VM issues) is going to take a while. By that time, 2.5 may be too far ahead to incorporate new stuff while maintaining quality.
If my thesis is right, what is needed is some way to bridge the gap between the development and the stable branches. Perhaps the "group of developers" can fill this, with the equivalent of a perl pump-king doing the final QC, with the final say as to what gets in and what doesn't. This would reduce the discontinuities when Linus says, "OK, now we're ready to start doing 2.6 or 3.0."
Maybe it's a revolt, but isn't this a revolution?
Isn't there an area in West Virginia, something like 10 miles square, where you can't get radio, TV, or cellular? Started by accident but then the radio astronomers and spooks decided they like the low RF background.
Residents hate it, and want cable.
paying-for-retrieving-premium documents returned in a search
Precisely. Think of this more as Lexis-Nexis for the rest of us instead of pay-for-google.
I would guess they'll continue to use google to search the free part of the web.
Can you *call* it OpenBSD, or does Theo have a trademark on that?
Anybody remember the brouhaha over openssh.org last year?
But why doesn't he just 'fix' the licensing on his code?
He did, but not until Theo's group had almost completed the replacement pf. See the "Amusing" post above for a pretty good summary.
It seems silly that the whole thing has gone this far in the first place.
I think it's more sad than amusing, but silly's a good description too. In (supposedly) adults.
There's a lot of back-and-forth discussion, not only on the VM, but on the feature (un)freeze of 2.4/2.5, and on how Linus is a lousy patch control system. But maybe that's not the most important thing here.
Way back when, the purpose of a development kernel was to feed things in to a stable kernel tree. Now part of the problem has to be that Linus started 2.4 way before 2.3.X was ready for it, but it looks like history is repeating itself. 2.4 isn't all that stable, even now, but Linux is happily accepting lots of new goodies to play with in 2.5.
Something is not working right here. Is Linus less demanding of quality now, since he's willing for somebody else to come in and fix up the allegedly stable kernel tree? Or is he accepting too many things to allow a development tree to stabilize?
I suspect it's a combination of too much stuff and too big a kernel. Instead of the heady days of 2-3 kernels per week in the development tree, and the stable tree gets another kernel every week or two, now we have a development kernel every week or two and a stable patch every month or three. And the kernel size is 10x bigger than in the 1.0 days.
Look how long it took the USB stuff to filter through the development into the stable tree.
It seems obvious the Linus Linux development process is not scaling. I'm not sure what the answer will turn out to be, but it may be some combination of the following:
(1) More "boutique" kernels like Alan Cox's ac series, feeding into the "stable development" kernels that Linus has been generating.
(2) More formal check-in methods, a la CVS commit. This may take some developer training in how to use CVS -- does anyone want to offer Linus a course and set up a server for him? I bet he'd take a complementary Geek Cruise!
(3) Some kind of more rigorous control in the stable kernel tree. I suppose you could say Redhat and SuSE are doing this informally now; if they start coordinating their efforts, and get IBM involved, the kernel will be incredibly stable. And even more incredibly slow to update.
(4) More beta testers to crack the newer kernels. This is going to get harder, as more of us need to get work done on our Linux boxes. It used to be a hassle when Linux crashed; now it's not acceptable any more!
(5) Better ways for these users to track down problems and report bugs. This last week I heard myself say, "Try rebooting your Linux box and see if the problem goes away." I just don't have the time, energy, knowledge, and skills to deal with lusers' "I've got a problem" whines any more.
(6) Is the quality of kernel patches too low? Do we need to develop some regression tests for the kernel, which a patch would have to pass before it would be accepted? (And how do you do a regression test program of this magnitude without Microsoft's beta testers, AKA customers?)
Anybody want to contribute more ideas to the list? We can spam Linus with them until he agrees!
Don't dwell too much on this going on for years in the courts. The best thing that can come of this would be similar to what happened in the 80's with IBM -- that the government and anybody else possible shines as much attention on Microsoft for as long as possible, slowing their monopolisitic practices long enough for the competition to catch up. Unfortunately for IBM the one that caught up to them was Microsoft :-/.
It's already happening, and will continue. Have patience.
I think the tobacco industry might be a better metaphor. They had tons of money and could throw cash at lawyers for thirty or forty years until they just got tired of it. I'd have preferred the Redhat-style penalty; hit them and make them pay cash.
Since I understand most documentation is now requested on a floppy or CD-ROM, why not go ahead and file it electronically?
OTOH, pleading a case before an electronic judge sounds like a loser to me. When you are in front of someone, you can read them -- what do they like or dislike about what you're saying, what do they find persuasive -- and adjust the brief in real time. I've yet to see that kind of instantaneous feedback in a videoconference. May as well do it all in written submissions, phone in and ask, "do you have any questions?"
a young whippersnapper got hooked on objected-oriented design. He derided all the existing Fortran we had as spaghetti code. To some of us, though, his "object-oriented" code was lasagna code. No overriding structure, code spread out all over the place, a single function scattered over three files. And this was still Fortran; I've seen C++ coders who took six files for a similar, simple function.
Amen. This is the smartest observation of all. May I quote this?
Be my guest.
"Too much p53 and you get this aging effect. Too little and you get cancer. My guess is that evolution has evolved just the right level."
Would somebody explain to me how evolution would play in this finely-tuned scenario? In the U.S. our average lifespan is over 70 years, yet most women pass menopause around age 45. There's a 25 year lifespan discrepancy, in which evolution has no effect, because the population (at least of women) can't reproduce!
I've seen some truly awful procedural code (lots of it was Fortran, BTW). I've seen some truly gorgeous procedural code (lots of it was Fortran, BTW). I've seen some some wonderful, and even more pretty awful, OO code (mostly C++, but with some Java).
Go ahead and study object oriented programming. You'll learn some new ways to do things. But I think it's the act of studying, and the act of learning, that will be the most valuable thing you get out of the process. Too many people never study how to program, how to document, how to design code. They learn one or more languages. Their code shows it.
A few people have a natural tendency to write elegant code. A few more, but still not very many, study and try to learn how to write elegant code.
But don't expect the object-orientedness to make much difference. A dozen or more years ago, a young whippersnapper got hooked on objected-oriented design. He derided all the existing Fortran we had as spaghetti code. To some of us, though, his "object-oriented" code was lasagna code. No overriding structure, code spread out all over the place, a single function scattered over three files. And this was still Fortran; I've seen C++ coders who took six files for a similar, simple function.
I've also surprised myself! when some of my OO C++ code needed four lines to add new functionality. But it was carefully designed, after years of programmer improvement and study.
Go ahead and try it; it can only help.
I wonder if WC3 will be reboot worthy.
I see some posts have touched on the "reboot to Windows" aspect of this. Has anybody else noticed that, with most Windows games, you also have to reboot when you're done? My girls got at least one game this Christmas (Tony Hawke 2) that causes more strange stuff than even the average Microsoft Windows upgrade.
I think we need a Linux box for serious stuff and a Windows box to play with. But a Playstation would be cheaper.
I think one reason so many satellites have so little computing power is the length of time it takes to build and launch one. Remember, these are all custom electronics; so you take the best chip available, and build around that. Five years to design, build, and launch a bird is fairly reasonable. (Space qualification and integration into the launch vehicles can easily take a year of that!) Then they may stay up there for another 5-15 years.
Keep in mind that most commercial processors might last a week or two, so you have to qualify or harden what you put up there. IIRC, there are hardening programs now for the PowerPC chips (650 and 670s) and a Pentium; seems Intel doesn't want to sell its intellectual property until its wrung what it can out of the commercial market.
I've heard Iridium was powered by 68000s, probably because of the hardening lag. If the Hubble has a 486, it was almost certainly an upgrade! Hubble's launch schedule was delayed because of the Challenger explosion. Fifteen years ago, I wanted a 80286 and had heard Intel might release a new 80386 in another year or two. So it probably went into orbit with something like a Z80.
As you move along in your career a degree matters less and less however. If you are 30 and have proven yourself with a bunch of good years of experience behind you, 95% of 'professionals' will actually respect you, whether or not you got that piece of paper 10 years ago.
You're correct that as you prove yourself the degree becomes less important. Until you've done that, however, you may live through some unpleasant times. If I were 20 years old and in his place, I'd try to go to school. It's much more pleasant than going against the stablished order and gives you better odds.
I agree, to some extent. A college degree, especially for someone less than 30-40, is a job ticket. You may be able to do the job, but without a degree you may never get the chance. Likewise, you may move up in one company but not have job mobility to move to another (although networking may help here). Age and demonstrated experience (with demonstrated results) can overcome this. But you need to show results, in terms of "saved my company $X" or "completed project Y ahead of schedule and under budget" at some point.
Perhaps you can do this while job-hopping, but I know lots of folks in hiring positions who look at anything less than 4-5 years in a company with suspicion. They suspect anyone who leaves in 6-18 months got out before the s*** hit the fan, and may have gotten a raise by job-hopping, not by job performance.
But I don't work as a computer geek, exactly. Anyone have similar experience from inside "IT?"
Oh, what the heck. Here goes anyhow.
./ asking for advice.) Eat some humble pie, learn how you can improve, and you may get there in another 19 years.
Five years experience and you're 19? Like several others have said, no way. Unless, of course, you dropped out of junior high and started working full time, which I doubt. Ask your boss and HR people how they count years of experience, and restate yours to match their standards.
Sue them? Well, count on paying a lawyer a few hundred bucks to ask him a few questions. You could save it to pay for your baby, but you're pissed, right? Then drop it. You're unlikely to make out like a bandit, and you're very likely to taint yourself (for suing your employer) so badly nobody will ever hire you except as a temp or consultant again.
Confront the bastard. Well, you can. Most 19-year-olds don't have the maturity and self-control to pull this one off, but you may be the exception. If you do, figure out what your goal is and how you're going to get there ahead of time. Two more hints: First, you won't win if you threaten him, and probably won't if you try to convert the IT guy on the spot by jawing at him.
Second, if you want to win a confrontation, you should ask him (and your immediate boss, too) how you can improve your performance. Tell him you have a kid on the way, and you're serious about trying to be the best employee he has, and has him how to do that. Ask him why he wants to get rid of you, and what you can do to improve so that he wants to keep you. If you don't get any response there, try the IT director's boss, one level up, with the same approach. Then listen, write down what he says, and get to work on those suggestions.
You may want to become a "Master of the Universe," but you obviously are not in a position to get there by acting like one. (For one thing, masters of the universe don't bring their problems to
Are your grammar and dress in line with the rest of your company? The dot.bust has come, and you may be trying to get away with last year's mannerisms. Don't push it too hard. Khakis and no ties you can justify if you routinely crawl around behind machines or lug monitors around. Torn t-shirts and holes in your jeans may chafe a raw spot somewhere up the hierarchy. Keep that up only if you want to remind them you're a special case. The special case they may want to get rid of.
Or quit. Just make sure you have another job lined up before you go. Be sure that if you take this route, you are going to leave. You can look for other work, and test the waters, on your lunch hour or before/after work. But you're not trying to get a raise, you want a job. If you get an offer, you're out of there.
Right, but the point is that this bug (may) already have it set up. All the spammer would have to do is scan for a machine with a valid header response on port 25, and relay away.
Wonder what my logs will show in the next week or so...
Gag, I hope I didn't understand that correctly...
Which they don't get from Microsoft. Except for the phone number.
Ergo the original conclusion, college kids don't have much real world experience. I think it's similar to a political campaign. Doesn't matter what "true" is; whoever hollers longest and loudest wins.
Damian has a nice description of things he wants to work on at the yetanother.org link above (terrible color scheme, btw - only suitable for very late-night browsing).
And who are they going to "buy" if they can only raise half the necessary funds?
And wait, it gets better. If Ashcroft and his DoJ pursue the case and win, courtesy of judges carefully bought and paid for, nobody gets hurt (except the civil liberties of Americans). Elcomsoft goes to a Russian court, which throws out any penalty because what they did wasn't against Russian law. Elcomsoft chooses its banks carefully and wisely, and the government can't collect. Asscroft looks like a fool.