I saw people extracting password-protected zip files to execute malware in the 90s. They've been doing it ever since. Sure, it might help a little, but still.
6. Do not allow anything to execute from local user writable locations (appdata, usb drives, optical drives, etc) 7. Run all workstations as standard users
For kiosks, or shared machines, sure, but otherwise that's a significant imposition on users for very little gain, as a rootkit just bypasses all of that, and there's always a new privilege escalation exploit making the rounds.
9. Stay on top of all updates every month (Flash, Java, Windows, etc)
See, now that solves real problems without getting in everyone's way.
Train users
Hahaha, good one!
sign off from management to discipline users who fail the test
Hahaha, man, you should do stand-up.
15. Scan logs and reports daily
What, manually? On how many servers? Log scanning is a job for software (which does it continuously, and can page you).
There are in fact laws about this: you can't generally serve on the board of companies in the same market.
The CEO reports to the board, and is chosen by the board, not the other way around. Sometimes the founder of the company (or someone who it's thought has or will rescue a failing company) will be both chairman and CEO, and that changes the dynamic, but that's not normal.
Sine when are the top paid people in any profession the best performers, BTW? More correlation with CEOs than with musicians or actors, if you ask me. At least overpaid athletes tend to be good at their jobs, but even then not always the best.
This is how major changes happen at big corporations. The fundamental principle that the board must represent the shareholders, and the CEO must keep the board happy, isn't some myth. "Activist shareholders" can only make noise, by themselves, but if they're making compelling arguments then they can win. They'll need the votes of the majority of shares, though.
I've worked at 3 companies in my career (thus far) that fired the CEO in an act of shareholder revolt - in 2 cases the board acted on their own initiative, and in 1 case it was shareholder activists (with majority backing) forcing the company to change the way it did business.
It's not usually a question of "the right person" but of "entirely the wrong focus for the business" (at least in the opinion of one side).
So who do I hate now? I'm not quite following. Actually, I'm not following the point of the argument you're making.
What I'm saying is that part of being a decent, compassionate human being is to avoid going out of your way to offend strangers, but it includes no burden to avoid offending people by accident though use of common words in normal way. If people chose to be offended by ordinary speech, or to confuse disagreement with offensive speech, that's their problem, not mine.
Separately, there's a group of people who think it matters in some non-trivial way that they were offended. That's a bit childish, and one is far better served in life by learning to ignore the minor slights and misfortunes we will inevitably encounter each day.
Computers writing their own software, without clear unambiguous instructions from a human, is "Singularity complete". Absent the Singularity, there will still be some formal language in which you give instructions to the computer, and thus computer programming will remain a job skill. In fact, it will become a job skill for many more jobs - the lower the bar for automating things, the more every job will require that.
Most people won't make it as a software developer without at least a few classes in certain fundamentals: pointers, recursion, functional programming, and some understanding of what code compiles into (assembler, call stacks, memory addresses, etc). Most people find some of that easy, and some of it they just won't really understand without help. Each of those may come up rarely on the job, depending on the job, but they do come up and you're pretty screwed if you've never crossed those bridges.
Learning the syntax of a programming language was never the hard part, after all.
Any action you do will, in some way, harm someone else, somewhere. Anything you say will, given a broad enough audience, offend some portion of it. There's a broad gap between being rude and caring about oversensitive people looking for any excuse to be offended (you malodorous pile of worm-infested weasel droppings).
So you can buy Chinese components and be hacked by the PRC.
Or go to any Five-Eyes nation, and get the same experience. Ditto Russia. Anywhere else, bribery is all the NSA needs.
Unless you're fabricating everything, and writing you're own microcode, there's always a chance someone is going to slip a backdoor in somewhere.
That won't help. One of your key employees works for the NSA. It's practical to introduce a change to a mask (after all reviews etc) that subverts the on-chip random number generator, which is all the NSA really needs. There's real worry this has already happened at Intel (I can't remember whether the Snowden revelations included this, or it just seemed logical to crypto geeks).
There were long discussions on Bruce Schneier's blog about how building a hardware RNG from discrete components you soldered together yourself was the only way to be sure (resistor thermal noise is a pretty good hardware entropy source).
Neither side requires burden of proof at the beginning.
The "conversation" goes like this:
Content owner: "this looks like ours, service please take it down"/takes it down Uploader: "no, this is mine. YouTube , please put it back up"/restores content.
Sadly, the conversation actually goes like this: Content owner's bot: "this looks like ours, YouTube please take it down" YouTube bot: takes it down YouTube bot: all revenue from your channel now goes to Content owner YouTube bot: copyright strike against you, you can't upload a video over 15 minutes Uploader: "no, this is mine. YouTube, please put it back up" Uploader, a week later: "Heloooo! YouTube?! Is there anyone there?! I filled out all your forms, but nothing happened" Uploader, a month later: "Do any actual humans work at Google? " Uploader eventually dies of old age
Effectively all processors have a test-if-0. Almost all processors (anything modern code is likely to touch) have a test-against-value instruction. The former was a little bit faster on some CPUs. None of that matters at all on modern instruction pipelining, out-of-order execution CPUs.
This was an important thing 20-30 years ago. These days, the optimizer will figure out what's better (or in some cases the microcode will), and hand-optimization of this kind is pointless, since the optimizer will do what it wants whichever way you type it.
Many older C programmers still code exactly the same way they did 20-30 years ago, oblivious to how the world has changed. I'm sure that will be true of Java programmers soon enough (once people have been doing it for 20-30 years).
False copyright claims against movie and video game reviewers get made all the time - it's becoming a crisis for the guys who make a living as critics. These guys know the rules (well, most of them), and it doesn't matter. The fingerprinting system that detects prated movies also detects very short clips used appropriately for movie reviews, and they get flagged. They win every time, but lose weeks of income as a result. My favorite movie reviewer goes to the extreme of never showing any clip or even still photo from the movies he reviews - talk about a chilling effect!
You can sort-of make a movie review work without showing even a scene from the trailer, since your audience can find the trailer somewhere on YouTube if they need to, but trying to review a video game without showing any gameplay footage doesn't really work.
The big guys get the claims revoked eventually, but still lose the revenue. The little guys are just ignored by Google.
Freenet was designed to be just that. No one used it, because it was so slow, because no one used it. P2P with good encryption, no servers anywhere to take down, and very strong protection for uploaders (Government-level resources could de-anonymize individual downloaders, but the MPAA couldn't). But since it's slow, none of that matters.
Angola is not so poor. It is one of the most prosperous countries in Africa. Unfortunately, it has a repressive government and high levels of inequality. There is plenty of money to be made advertising to the poor.
I can't find a good recent source for median income, but Angola hasn't been doing that much better than the average for sub-Saharan Africa, and the average income for the region is ~$1600/year, while the average upper middle class income (lets say that's the target market) is a whopping $7000-ish.
The free-fall of oil prices won't make life better there, and other commodities haven't been doing much better.
Kids these days don't even remember the arguments over UUencode vs yenc, RARs and PARs, the lengthy toolchain needed just to get a binary file out in the same shape it went in, or the other joys of the early years. Damn kids on my lawn!
Facebook and wikimedia are disgusting to exploit the poor in this way
Giving free service to the poor is exploiting the poor? Or do you imagine Facebook is making millions from that lucrative advertizing market for poor Angolans? And wikimedia's going to clean up from all the donations?
I think both companies are a bit shady in general, but I don't see any problem here.
I'm sorry, are you suggesting that there is an infinite amount of oil,
We didn't leave the stone age because we ran out of rocks. We won't stop using oil for fuel because we ran out of oil.
Oh, sure, some historian looking back a century from now will be able to point to a "peak", but no one will care. The Peak Oil Nutters are predicting the collapse of civilization as we know it, not "usage naturally went down at some point because no one wanted any".
PE is a simple cert, easy to get for any working engineer. It carries no prestige. The only thing important about a PE cert is that it can be revoked if you sign off on something you shouldn't, and some engineering designs require a PE to sign off. This system acts as a roadblock to the worst and most blatant management overriding of engineering decisions (just like the Morton Thiokill manager overrode the engineer who refused to sign off on the O-rings being good for that launch).
It's an important and valuable system, but the cert by itself is nearly meaningless.
Mating the segments of the SRBs was a difficult task
It was a needlessly difficult task. The fundamental problem was that the SRB sections would deform while being shipped long distance by train, making both the O-rings and the alignment of the sections critical. They were shipped long distance by train so that they could be manufactured in the district of someone important to funding. Earmarking was the root cause. Make the SRBs on-site and avoid the need for O-rings entirely.
The alignment problem was aggravated by really poor markings on the sections, because the "usability" of the alignment process was ignored, leaving the techs stuck trying to line up these small and cryptic markings.
the SCADA system has to be an appliance, like a Blu-Ray player, only able to run the system programs and no others
Did you know BluRay players will execute arbitrary Java code off of BluRay discs, as part of normal operation? I'm hoping you didn't. BluRay is specifically designed to allow a disc to damage the function of the device (by invalidating keys needed to play other discs).
I'm guessing from your UID that you weren't a kid in the 80s, or weren't watching US TV programs (even those that went abroad). TV Guide called it "TV's biggest hit in the 80s".
1. Use L7 firewall rules to block executables
I saw people extracting password-protected zip files to execute malware in the 90s. They've been doing it ever since. Sure, it might help a little, but still.
6. Do not allow anything to execute from local user writable locations (appdata, usb drives, optical drives, etc)
7. Run all workstations as standard users
For kiosks, or shared machines, sure, but otherwise that's a significant imposition on users for very little gain, as a rootkit just bypasses all of that, and there's always a new privilege escalation exploit making the rounds.
9. Stay on top of all updates every month (Flash, Java, Windows, etc)
See, now that solves real problems without getting in everyone's way.
Train users
Hahaha, good one!
sign off from management to discipline users who fail the test
Hahaha, man, you should do stand-up.
15. Scan logs and reports daily
What, manually? On how many servers? Log scanning is a job for software (which does it continuously, and can page you).
There are in fact laws about this: you can't generally serve on the board of companies in the same market.
The CEO reports to the board, and is chosen by the board, not the other way around. Sometimes the founder of the company (or someone who it's thought has or will rescue a failing company) will be both chairman and CEO, and that changes the dynamic, but that's not normal.
Sine when are the top paid people in any profession the best performers, BTW? More correlation with CEOs than with musicians or actors, if you ask me. At least overpaid athletes tend to be good at their jobs, but even then not always the best.
This is how major changes happen at big corporations. The fundamental principle that the board must represent the shareholders, and the CEO must keep the board happy, isn't some myth. "Activist shareholders" can only make noise, by themselves, but if they're making compelling arguments then they can win. They'll need the votes of the majority of shares, though.
I've worked at 3 companies in my career (thus far) that fired the CEO in an act of shareholder revolt - in 2 cases the board acted on their own initiative, and in 1 case it was shareholder activists (with majority backing) forcing the company to change the way it did business.
It's not usually a question of "the right person" but of "entirely the wrong focus for the business" (at least in the opinion of one side).
So who do I hate now? I'm not quite following. Actually, I'm not following the point of the argument you're making.
What I'm saying is that part of being a decent, compassionate human being is to avoid going out of your way to offend strangers, but it includes no burden to avoid offending people by accident though use of common words in normal way. If people chose to be offended by ordinary speech, or to confuse disagreement with offensive speech, that's their problem, not mine.
Separately, there's a group of people who think it matters in some non-trivial way that they were offended. That's a bit childish, and one is far better served in life by learning to ignore the minor slights and misfortunes we will inevitably encounter each day.
Computers writing their own software, without clear unambiguous instructions from a human, is "Singularity complete". Absent the Singularity, there will still be some formal language in which you give instructions to the computer, and thus computer programming will remain a job skill. In fact, it will become a job skill for many more jobs - the lower the bar for automating things, the more every job will require that.
Most people won't make it as a software developer without at least a few classes in certain fundamentals: pointers, recursion, functional programming, and some understanding of what code compiles into (assembler, call stacks, memory addresses, etc). Most people find some of that easy, and some of it they just won't really understand without help. Each of those may come up rarely on the job, depending on the job, but they do come up and you're pretty screwed if you've never crossed those bridges.
Learning the syntax of a programming language was never the hard part, after all.
Any action you do will, in some way, harm someone else, somewhere. Anything you say will, given a broad enough audience, offend some portion of it. There's a broad gap between being rude and caring about oversensitive people looking for any excuse to be offended (you malodorous pile of worm-infested weasel droppings).
This whole mess only exists because of the DMCA. Civilization would get along just fine without it.
If you spend that much time worrying about who you might offend, you've already lost (you shit-eating goat fucker).
So you can buy Chinese components and be hacked by the PRC.
Or go to any Five-Eyes nation, and get the same experience. Ditto Russia. Anywhere else, bribery is all the NSA needs.
Unless you're fabricating everything, and writing you're own microcode, there's always a chance someone is going to slip a backdoor in somewhere.
That won't help. One of your key employees works for the NSA. It's practical to introduce a change to a mask (after all reviews etc) that subverts the on-chip random number generator, which is all the NSA really needs. There's real worry this has already happened at Intel (I can't remember whether the Snowden revelations included this, or it just seemed logical to crypto geeks).
There were long discussions on Bruce Schneier's blog about how building a hardware RNG from discrete components you soldered together yourself was the only way to be sure (resistor thermal noise is a pretty good hardware entropy source).
Neither side requires burden of proof at the beginning.
The "conversation" goes like this:
Content owner: "this looks like ours, service please take it down" /takes it down /restores content.
Uploader: "no, this is mine. YouTube , please put it back up"
Sadly, the conversation actually goes like this:
Content owner's bot: "this looks like ours, YouTube please take it down"
YouTube bot: takes it down
YouTube bot: all revenue from your channel now goes to Content owner
YouTube bot: copyright strike against you, you can't upload a video over 15 minutes
Uploader: "no, this is mine. YouTube, please put it back up"
Uploader, a week later: "Heloooo! YouTube?! Is there anyone there?! I filled out all your forms, but nothing happened"
Uploader, a month later: "Do any actual humans work at Google? "
Uploader eventually dies of old age
Effectively all processors have a test-if-0. Almost all processors (anything modern code is likely to touch) have a test-against-value instruction. The former was a little bit faster on some CPUs. None of that matters at all on modern instruction pipelining, out-of-order execution CPUs.
This was an important thing 20-30 years ago. These days, the optimizer will figure out what's better (or in some cases the microcode will), and hand-optimization of this kind is pointless, since the optimizer will do what it wants whichever way you type it.
Many older C programmers still code exactly the same way they did 20-30 years ago, oblivious to how the world has changed. I'm sure that will be true of Java programmers soon enough (once people have been doing it for 20-30 years).
False copyright claims against movie and video game reviewers get made all the time - it's becoming a crisis for the guys who make a living as critics. These guys know the rules (well, most of them), and it doesn't matter. The fingerprinting system that detects prated movies also detects very short clips used appropriately for movie reviews, and they get flagged. They win every time, but lose weeks of income as a result. My favorite movie reviewer goes to the extreme of never showing any clip or even still photo from the movies he reviews - talk about a chilling effect!
You can sort-of make a movie review work without showing even a scene from the trailer, since your audience can find the trailer somewhere on YouTube if they need to, but trying to review a video game without showing any gameplay footage doesn't really work.
The big guys get the claims revoked eventually, but still lose the revenue. The little guys are just ignored by Google.
Freenet was designed to be just that. No one used it, because it was so slow, because no one used it. P2P with good encryption, no servers anywhere to take down, and very strong protection for uploaders (Government-level resources could de-anonymize individual downloaders, but the MPAA couldn't). But since it's slow, none of that matters.
Angola is not so poor. It is one of the most prosperous countries in Africa. Unfortunately, it has a repressive government and high levels of inequality. There is plenty of money to be made advertising to the poor.
I can't find a good recent source for median income, but Angola hasn't been doing that much better than the average for sub-Saharan Africa, and the average income for the region is ~$1600 /year, while the average upper middle class income (lets say that's the target market) is a whopping $7000-ish.
The free-fall of oil prices won't make life better there, and other commodities haven't been doing much better.
Kids these days don't even remember the arguments over UUencode vs yenc, RARs and PARs, the lengthy toolchain needed just to get a binary file out in the same shape it went in, or the other joys of the early years. Damn kids on my lawn!
Facebook and wikimedia are disgusting to exploit the poor in this way
Giving free service to the poor is exploiting the poor? Or do you imagine Facebook is making millions from that lucrative advertizing market for poor Angolans? And wikimedia's going to clean up from all the donations?
I think both companies are a bit shady in general, but I don't see any problem here.
[In order to have a the desirable gaming experience] gamers who need real video cards ...
Most people understood the implied context.
I'm sorry, are you suggesting that there is an infinite amount of oil,
We didn't leave the stone age because we ran out of rocks. We won't stop using oil for fuel because we ran out of oil.
Oh, sure, some historian looking back a century from now will be able to point to a "peak", but no one will care. The Peak Oil Nutters are predicting the collapse of civilization as we know it, not "usage naturally went down at some point because no one wanted any".
PE is a simple cert, easy to get for any working engineer. It carries no prestige. The only thing important about a PE cert is that it can be revoked if you sign off on something you shouldn't, and some engineering designs require a PE to sign off. This system acts as a roadblock to the worst and most blatant management overriding of engineering decisions (just like the Morton Thiokill manager overrode the engineer who refused to sign off on the O-rings being good for that launch).
It's an important and valuable system, but the cert by itself is nearly meaningless.
Mating the segments of the SRBs was a difficult task
It was a needlessly difficult task. The fundamental problem was that the SRB sections would deform while being shipped long distance by train, making both the O-rings and the alignment of the sections critical. They were shipped long distance by train so that they could be manufactured in the district of someone important to funding. Earmarking was the root cause. Make the SRBs on-site and avoid the need for O-rings entirely.
The alignment problem was aggravated by really poor markings on the sections, because the "usability" of the alignment process was ignored, leaving the techs stuck trying to line up these small and cryptic markings.
Feynman's book on all of this was a great read.
the SCADA system has to be an appliance, like a Blu-Ray player, only able to run the system programs and no others
Did you know BluRay players will execute arbitrary Java code off of BluRay discs, as part of normal operation? I'm hoping you didn't. BluRay is specifically designed to allow a disc to damage the function of the device (by invalidating keys needed to play other discs).
Slashdot is a US-centric site. Expect US-centric cultural references. Also, it's called "soccer", football is the US sport. :p
I'm guessing from your UID that you weren't a kid in the 80s, or weren't watching US TV programs (even those that went abroad). TV Guide called it "TV's biggest hit in the 80s".
Here you go: a physics prof demonstrates and explains the antenna effect. https://www.youtube.com/watch?...
Sixty Symbols is a great channel for debunking commonly held physics misconceptions (whether they're right here or not).