I think the fundamental justification for a test is that many people in IT (programmers especially) are more artists/craftspeople than professionals. Sure, thinking is a large part of the job, but mental product isn't the sole output (as it is in law, HR, and other professions you mention that don't get tested). Just as you would expect to see work from a carpenter, plumber, or film maker before you hired them, an employer can very reasonably ask you to demonstrate your skills. Just because someone has degrees, certifications, and experience doesn't necessarily mean they have elegance, finesse, or artistry when it comes to writing code or debugging systems. A lot of what the industry values in its employees can't be taught, but it can certainly be tested. Giving a potential hire a code sample with a subtle bug you can judge their process in ways you can't with mere questions. Similarly, asking an interviewee to answer questions on the spot allows them to demonstrate how they code in an ad-hoc environment. This is especially useful for identifying people who don't have enough experience to develop independently.
Also, many professions, such as the law, have certifying authorities (such as the bar) where practitioners must pass a minimum standard in order to join the profession (and can be kicked out of). Because IT has no such standards body, and because so many people in IT are self taught or taught on the job, it's very difficult to know how much someone knows. There is no 'cannon' of IT training, no standard practice, nor even much agreement over what constitutes an adequate body of knowledge. The fact that people with no formal training regularly conceive and develop systems far superior to those with certifications, training and experience continues to speak to this fact.
Chrome does have some pretty good security features but their eula, especially section 10.2 seems to directly contradict their "open source" stance, saying: "You may not (and you may not permit anyone else to) copy, modify, create a derivative work of, reverse engineer, decompile or otherwise attempt to extract the source code of the Software or any part thereof, unless this is expressly permitted or required by law, or unless you have been specifically told that you may do so by Google, in writing"
Section 10.2 raises severe doubts about the open source nature of Chrome:
"You may not (and you may not permit anyone else to) copy, modify, create a derivative work of, reverse engineer, decompile or otherwise attempt to extract the source code of the Software or any part thereof, unless this is expressly permitted or required by law, or unless you have been specifically told that you may do so by Google, in writing."
Actually policies are quite good at proactively preventing problems. As a reactive tool, you're exactly right, they're useful for discipline but little else. However, if you company has a policy that all customer contact information must be stored in an encrypted form at rest then application designers will follow the policy when building new applications. You can use policy to shape the development of your company and to ensure that new initiatives comply with a baseline of security. Of course, it's good to make sure that everyone knows the policy, or at the very least knows to talk to a policy officer before beginning a new project. When used properly a good policy can prevent headaches (and lawsuits) down the line!
This is *exactly* why the average consumer should utilize encryption. Encryption isn't about hiding your information, it's about protecting your privacy. If you don't want the government to search your laptop all you have to do is encrypt your data. Granted, if you encrypt the whole disk you could be asked to provide the password. That's why you should use an encrypted volume. You can keep a few dummy files on your machine to throw off investigators and keep your private data on your encrypted volume. It staggers me that more people don't use encryption to keep their privacy intact.
A wiki has worked wonderfully where I work. The problem with a wiki is typically momentum. Usually it helps if technical staff, who tend to be more comfortable with the technology, lead the charge. We began by documenting our internal processes. Next we started documenting projects that involved other people. Then when we came to meetings with non-technical staff we would explain things then remark "we've also documented this in our wiki". After a while people get used to the idea of documentation being in the wiki. The final step was to start documentation on non-technical processes and let people know it was there, encouraging the stake holders to fill in gaps and "correct mistakes". By approaching the end users as 'experts' and seeking their input the contribution seems more worthwhile to them, and less like documentation.
Putting things in a wiki has enormous advantage over a binder-full-of-stuff. The largest being the ability to quickly search the wiki. The wiki's collaborative editing features also help to make the wiki more evolutionary, reducing the chance that your documentation will be out of date. Not to mention the wiki saves a lot of paper and is available to anyone sitting anywhere at a computer.
The main problem I've seen with the wiki is quality control. Many people in an organization are extremely knowledgeable about their own business process but aren't necessarily the best writers. This can be problematic, especially if authors come to feel a sense of ownership over their own parts of the wiki.
Email certainly has a place. It's an unobtrusive asynchronous communication medium. Respondents can acknowledge your email when/if they have time. I know the Blackberry encourages a lot of people to feel like they have to answer every email right away but that's not the case, it's just the self trained behavior of some users.
More importantly email is a wonderful CYA tool. It has come to replace the 'memo' in corporate environments. It's nice to call people or IM, but when something goes wrong it's also *very* nice to have the audit trail of email. Especially if you can point to an email where you communicated an idea and the adverse party acknowledges your point. This comes in particularly handy when do contract work or something for a client where there are negotiations. I even send emails when I have important phone conversations or meetings. I'll write down the contents of the meeting or conversation and send them to everyone involved. This helps to clear up any misunderstandings and also serves as an acknowledgment of what was agreed upon verbally. In this respect email is certainly far from dead.
I also feel perfectly comfortable emailing someone at all hours. I know they'll get to the email in due time whereas a phone call can be annoying and people aren't always available via IM.
I do have to say though that my pet peeve is emails from Blackberry users. Just because you have a tiny interface is no excuse to send an email full of abbreviations and sentence fragments!
I've heard people use this argument before, and I think it is one that students make while they're in school or shortly after they graduate. What this train of thought fails to realize is that "applied" skills can be self taught, and what separates the CS grads from the other employees who have just picked up computers on their own is their fundamental understanding of the logic and layers that actually make up the basis of the "applied" skills. The self taught hacker will only know 'how' to make stuff work, not necessarily the 'why' behind the application. Don't knock the theory and abstract math until you get out in the field and you're designing a complex, distributed system. Then all that stuff that "doesn't help" will come in very handy and will allow you the understanding to actually solve problems rather than just hacking at them until you come up with something that works.
One thing the article fails to point out, which I feel has a rather large impact on the cost savings analysis of DST, is the price that companies have had to pay in terms of IT costs. The cost to develop patches for software and services, the time staff have had to spend devoted to deploying patches, testing systems and insuring that they all function properly. I'm sitting at my desk at a major university and my Cisco 'iPhone' is displaying the wrong time right now. How many IT workers are spending hours, days, or even weeks dealing with this shift? What's the overall loss in productivity due to this redeployment of resources? How much are companies paying in terms of IT budget to ensure that their systems don't foul up executives' schedules when they sync their smartphones this morning when they come into the office? I'm sure there are other hidden costs, but I'm too groggy this morning to think of them...
Given the veracity of a lot of legal prosecutions of computer users possessing child porn, yeah, probably the guy could face trouble if he were in the US. I'm aware of several convictions where the porn was found only in cache files, meaning it was viewed but not actively stored by the user. However, I'm not sure of his legal standing in Canada. What's more interesting to me, however, is that this kid admitted to accessing a remote computer without authorization, then stealing evidence. While it isn't clear if the stolen imagery was actually used in the trial or merely used as a pretense to search the judge's other computers, the method of obtaining this evidence, for whatever purpose, should be reprehensible. It does seem like this 'hacker' isn't facing any legal troubles. Breaking the law to catch a criminal isn't supposed to exempt you from punishment. I don't understand why anyone would condone this sort of behavior. This will only lead to people defending their 'hacking' as vigilante search for evidence - "Your honor, I wasn't building a botnet to spam people, I was looking for pedophiles!"
I think given the statistics on how grossly under-reported computer crime is today this report might be somewhat suspect. You can conclude that the people who report these incidents are also keeping tabs on bad workers. Perhaps they suspect the workers of wrongdoing all along and are collecting information on them? However, I don't think you can draw conclusions to 'cyber crime' in general, these findings only relate to reported computer crime, which is only a small percentage of the total. Not only that, but these statistics only apply to the perpetrators who were *caught* so you've got an even smaller sample.
I think this sort of scenario might involve circumstances where law enforcement know that a certain (dynamic) IP has been used over time to commit a crime, but by the time they get to the ISP any logs are lost or unusable (say the criminal is using wireless connections with other users). I can see the police having a tough time figuring out who the 'customer' is in these cases.
This is the sort of misguided logic that eats away at people's privacy rights every day. The logic basically goes like this:
The police must monitor ALL communication in order to be able to monitor ONE communication. Due to the restrictions of a subpoena, even if they find evidence of other wrongdoing they are not allowed to pursue it. In any case, you shouldn't care if the government monitors your communication if you aren't doing anything illegal.
The problem with this logic is that the people reviewing your communications are real people. If you wouldn't mind taking a private email from you to your wife and just leaving it on the street for someone to read then you shouldn't have a problem with some government bureaucrat reading it. However, if you have some communications that you consider private - things that you don't want other people to know, then you should have a big problem with this.
The problem with the logic that it inconvenient for law enforcement to respect privacy rights of citizens in pursuit of criminals justifies law enforcement oversight regardless of privacy rights. You're authorizing the government to surveil all of us in the interest of catching a minority of us doing something wrong. Personally that isn't a right I've resigned or a responsibility I've assigned to our government. Government is supposed to serve the people, not monitor them.
Even though law enforcement isn't supposed to act on information they gain outside of the scope of a subpoena, they shouldn't have any right to listen in on conversations they have no right to. If a law enforcement agency can't locate a specific IP why should that burden be passed to all the users on a block of IP's? Why shouldn't the ISP be responsible for more careful monitoring or logging? Why shouldn't the agency be required to deploy reliable means of locating that IP? Why shouldn't the government pay to install more sophisticated monitoring? Basically, why should the price of pursuit be the privacy of an uninvolved third party without their consent?
I have to say I've witnessed this problem/challenge from multiple standpoints - as someone looking to hire a programmer, and as a self taught programmer looking at going to get a formal degree. As someone responsible for hiring programmers to assist me with my work I was somewhat surprised that the vast majority of CS graduates (engineers) knew the technicalities of the programming languages, but with no real world experience still had to be spoon fed exactly how to use those skills to solve a problem. As a self taught programmer looking to go back to school to get a degree in engineering I quickly realized that the advantage of such a degree would be the mathematics and theory I would learn. At some point programmers run into systems that are too large or complex to be hacked. And that's where I see the self taught programmers glass ceiling - the hack. Self taught programmers learn to make languages work for them, but they rarely understand the vast complexities behind the language (down to the binary). Getting a formal education may not make you the best suited person to actually write a specific application, but it will make you the kind of developer that can see beyond the immediate challenges of an application. Also, in terms of larger applications, without the theory and mathematics it simply isn't feasible. There's no way to hack a distributed program operating over multiple machines, networks and clients. While a self trained programmer might be able to pull it off, without the mathematical and theoretical background the product just won't be very efficient. This is where the formal training comes in, where it separates the trained engineers from the self taught hackers. Schools should realize that the hackers may be able to out pace their grads in simple or fairly straightforward programming tasks, but when it comes to something like systems design, their grads should stand well above the hackers.
I don't think it's so much a problem of the legal system being behind the times technologically as it is a 'problem' with our legal system's greatest strength also being its greatest weakness. Trial by a jury of your peers means that you will often have lay people deciding highly technical cases. This is a situation where a better voir dire would have resulted in a better informed jury. The problem is that you have to explain highly technical language to people that may have no clue. I'm not sure how this case will turn, but you also have to remember that the judge (who supposedly is a highly educated person) is the final arbiter in the case. The judge may decide to toss out the verdict in the end. Also, there is the possibility of appeal in this case. Unfortunately good expert testimony (the kind that is more likely to convince a jury) is often expensive - and it is this caveat that often leads to these sorts of verdicts.
"To be frank. This is one reason why I have no pity for %90 of AIDS patients. Sure, there are some ligit cases, like getting stabbed with somthing that has AIDS on it. But still, the best way to protect yourself from AIDS is to stop sleeping around. Find your mate, and stay with that one mate for the rest of your life. And never worry about AIDS"
That's so Christian it's the reason that I hate 90% of Christians.
I find it unfathomable to see how pictures of mating is destructive? Nobody complains about nature documentaries. The only thing 'bad' about depictions of reproduction or intimacy is what society dictates. That we find pictures of people reproducing offensive completely baffles me.
Now if people have a problem with regulating their own behavior that is a problem, but I fail to see how anyone else is responsible for that.
This is the silliest complaint I've heard since "someone is framing in my site!" Once again the open nature of the internet has befuddled those trying to turn a profit. So someone else is feeding into your RSS, so what? This wouldn't be any problem at all if you were producing content freely and openly. Just as http traffic is open, so is RSS. I think the fundamental problem here is one of design. The internet is designed for open sharing of information. Once you post something online you're bound to lose a great degree of control. You can always put up copyright notices, but the truth of the matter is that once you post the information to be FREELY requested by any machine connected to the internet you're pretty much giving it away.
I think the biggest flaw with this argument has to be with the idea that you can shift gears and take care of small tasks quickly without interrupting a larger task. This article on the tyranny of email pretty much sums it up. If you're in a zone, coding away, and you get a phone call, all those variables and processes, and whatever else you're holding onto and manipulating in your mind get crowded out and it takes you a lot of time to get back up to speed. Taking care of small tasks as they come up can actually take up more time than writing them down and taking care of them after you emerge from your creative cycle.
I totally disagree. The phish emails were actually very easy to spot (just view the source) and the test points out very clearly how dangerous HTML enabled mail user agents are, especially when you can't view the HTML source code easily. Many of the phish emails *appeared* to contain legitimate links, but looking at the anchor tags revealed they were not. The test even pointed out that some of the plainest emails were in fact legit and many of the complex ones which even pulled images from a company's legitimate site or included peripheral links to the offical site were frauds. I was a little disappointed that the test results didn't really explain exactly why certain emails were legit and others weren't. I got 100% but don't see how anyone who got less than a perfect score could really guess why. If you knew what to look for the test was very simple, but if you didn't it was extremely cryptic, especially since the test disable mouseover status bar indications of a links target.
I was actually a little disappointed in the test, every single phish was easily spotted because the links in hrefs contained in the HTML source didn't match up with either the sender's domain or the displayed link. Its pretty clear from the results that HTML email is a dangerous thing. I'm really shocked that anyone who was familiar with this sort of con would get less than 100% correct. You can't spot a phish by content, you have to scan the source.
Slashdot Mirror
I think the fundamental justification for a test is that many people in IT (programmers especially) are more artists/craftspeople than professionals. Sure, thinking is a large part of the job, but mental product isn't the sole output (as it is in law, HR, and other professions you mention that don't get tested). Just as you would expect to see work from a carpenter, plumber, or film maker before you hired them, an employer can very reasonably ask you to demonstrate your skills. Just because someone has degrees, certifications, and experience doesn't necessarily mean they have elegance, finesse, or artistry when it comes to writing code or debugging systems. A lot of what the industry values in its employees can't be taught, but it can certainly be tested. Giving a potential hire a code sample with a subtle bug you can judge their process in ways you can't with mere questions. Similarly, asking an interviewee to answer questions on the spot allows them to demonstrate how they code in an ad-hoc environment. This is especially useful for identifying people who don't have enough experience to develop independently.
Also, many professions, such as the law, have certifying authorities (such as the bar) where practitioners must pass a minimum standard in order to join the profession (and can be kicked out of). Because IT has no such standards body, and because so many people in IT are self taught or taught on the job, it's very difficult to know how much someone knows. There is no 'cannon' of IT training, no standard practice, nor even much agreement over what constitutes an adequate body of knowledge. The fact that people with no formal training regularly conceive and develop systems far superior to those with certifications, training and experience continues to speak to this fact.
"How in the world do you have this much phone sex, period, but especially at work, and not have anyone notice?"
Lol! You work at a phone company if you don't want to get noticed spending too much time on the phone!
Customer: "What are you doing?"
Phone Tech: "Uh, checking the line."
Customer: "No! With your other hand!"
Chrome does have some pretty good security features but their eula, especially section 10.2 seems to directly contradict their "open source" stance, saying: "You may not (and you may not permit anyone else to) copy, modify, create a derivative work of, reverse engineer, decompile or otherwise attempt to extract the source code of the Software or any part thereof, unless this is expressly permitted or required by law, or unless you have been specifically told that you may do so by Google, in writing"
Section 10.2 raises severe doubts about the open source nature of Chrome:
"You may not (and you may not permit anyone else to) copy, modify, create a derivative work of, reverse engineer, decompile or otherwise attempt to extract the source code of the Software or any part thereof, unless this is expressly permitted or required by law, or unless you have been specifically told that you may do so by Google, in writing."
Actually policies are quite good at proactively preventing problems. As a reactive tool, you're exactly right, they're useful for discipline but little else. However, if you company has a policy that all customer contact information must be stored in an encrypted form at rest then application designers will follow the policy when building new applications. You can use policy to shape the development of your company and to ensure that new initiatives comply with a baseline of security. Of course, it's good to make sure that everyone knows the policy, or at the very least knows to talk to a policy officer before beginning a new project. When used properly a good policy can prevent headaches (and lawsuits) down the line!
I'll just install the open source alternative to Flash on my Windows desktop...
Guess this is the moment for Gnash (http://www.gnu.org/software/gnash/) to shine!
This is *exactly* why the average consumer should utilize encryption. Encryption isn't about hiding your information, it's about protecting your privacy. If you don't want the government to search your laptop all you have to do is encrypt your data. Granted, if you encrypt the whole disk you could be asked to provide the password. That's why you should use an encrypted volume. You can keep a few dummy files on your machine to throw off investigators and keep your private data on your encrypted volume. It staggers me that more people don't use encryption to keep their privacy intact.
A wiki has worked wonderfully where I work. The problem with a wiki is typically momentum. Usually it helps if technical staff, who tend to be more comfortable with the technology, lead the charge. We began by documenting our internal processes. Next we started documenting projects that involved other people. Then when we came to meetings with non-technical staff we would explain things then remark "we've also documented this in our wiki". After a while people get used to the idea of documentation being in the wiki. The final step was to start documentation on non-technical processes and let people know it was there, encouraging the stake holders to fill in gaps and "correct mistakes". By approaching the end users as 'experts' and seeking their input the contribution seems more worthwhile to them, and less like documentation.
Putting things in a wiki has enormous advantage over a binder-full-of-stuff. The largest being the ability to quickly search the wiki. The wiki's collaborative editing features also help to make the wiki more evolutionary, reducing the chance that your documentation will be out of date. Not to mention the wiki saves a lot of paper and is available to anyone sitting anywhere at a computer.
The main problem I've seen with the wiki is quality control. Many people in an organization are extremely knowledgeable about their own business process but aren't necessarily the best writers. This can be problematic, especially if authors come to feel a sense of ownership over their own parts of the wiki.
I think there's a typeo in the tagging on this article :)
Email certainly has a place. It's an unobtrusive asynchronous communication medium. Respondents can acknowledge your email when/if they have time. I know the Blackberry encourages a lot of people to feel like they have to answer every email right away but that's not the case, it's just the self trained behavior of some users.
More importantly email is a wonderful CYA tool. It has come to replace the 'memo' in corporate environments. It's nice to call people or IM, but when something goes wrong it's also *very* nice to have the audit trail of email. Especially if you can point to an email where you communicated an idea and the adverse party acknowledges your point. This comes in particularly handy when do contract work or something for a client where there are negotiations. I even send emails when I have important phone conversations or meetings. I'll write down the contents of the meeting or conversation and send them to everyone involved. This helps to clear up any misunderstandings and also serves as an acknowledgment of what was agreed upon verbally. In this respect email is certainly far from dead.
I also feel perfectly comfortable emailing someone at all hours. I know they'll get to the email in due time whereas a phone call can be annoying and people aren't always available via IM.
I do have to say though that my pet peeve is emails from Blackberry users. Just because you have a tiny interface is no excuse to send an email full of abbreviations and sentence fragments!
I've heard people use this argument before, and I think it is one that students make while they're in school or shortly after they graduate. What this train of thought fails to realize is that "applied" skills can be self taught, and what separates the CS grads from the other employees who have just picked up computers on their own is their fundamental understanding of the logic and layers that actually make up the basis of the "applied" skills. The self taught hacker will only know 'how' to make stuff work, not necessarily the 'why' behind the application. Don't knock the theory and abstract math until you get out in the field and you're designing a complex, distributed system. Then all that stuff that "doesn't help" will come in very handy and will allow you the understanding to actually solve problems rather than just hacking at them until you come up with something that works.
One thing the article fails to point out, which I feel has a rather large impact on the cost savings analysis of DST, is the price that companies have had to pay in terms of IT costs. The cost to develop patches for software and services, the time staff have had to spend devoted to deploying patches, testing systems and insuring that they all function properly. I'm sitting at my desk at a major university and my Cisco 'iPhone' is displaying the wrong time right now. How many IT workers are spending hours, days, or even weeks dealing with this shift? What's the overall loss in productivity due to this redeployment of resources? How much are companies paying in terms of IT budget to ensure that their systems don't foul up executives' schedules when they sync their smartphones this morning when they come into the office? I'm sure there are other hidden costs, but I'm too groggy this morning to think of them...
Given the veracity of a lot of legal prosecutions of computer users possessing child porn, yeah, probably the guy could face trouble if he were in the US. I'm aware of several convictions where the porn was found only in cache files, meaning it was viewed but not actively stored by the user. However, I'm not sure of his legal standing in Canada. What's more interesting to me, however, is that this kid admitted to accessing a remote computer without authorization, then stealing evidence. While it isn't clear if the stolen imagery was actually used in the trial or merely used as a pretense to search the judge's other computers, the method of obtaining this evidence, for whatever purpose, should be reprehensible. It does seem like this 'hacker' isn't facing any legal troubles. Breaking the law to catch a criminal isn't supposed to exempt you from punishment. I don't understand why anyone would condone this sort of behavior. This will only lead to people defending their 'hacking' as vigilante search for evidence - "Your honor, I wasn't building a botnet to spam people, I was looking for pedophiles!"
I think given the statistics on how grossly under-reported computer crime is today this report might be somewhat suspect. You can conclude that the people who report these incidents are also keeping tabs on bad workers. Perhaps they suspect the workers of wrongdoing all along and are collecting information on them? However, I don't think you can draw conclusions to 'cyber crime' in general, these findings only relate to reported computer crime, which is only a small percentage of the total. Not only that, but these statistics only apply to the perpetrators who were *caught* so you've got an even smaller sample.
I think this sort of scenario might involve circumstances where law enforcement know that a certain (dynamic) IP has been used over time to commit a crime, but by the time they get to the ISP any logs are lost or unusable (say the criminal is using wireless connections with other users). I can see the police having a tough time figuring out who the 'customer' is in these cases.
This is the sort of misguided logic that eats away at people's privacy rights every day. The logic basically goes like this:
The police must monitor ALL communication in order to be able to monitor ONE communication. Due to the restrictions of a subpoena, even if they find evidence of other wrongdoing they are not allowed to pursue it. In any case, you shouldn't care if the government monitors your communication if you aren't doing anything illegal.
The problem with this logic is that the people reviewing your communications are real people. If you wouldn't mind taking a private email from you to your wife and just leaving it on the street for someone to read then you shouldn't have a problem with some government bureaucrat reading it. However, if you have some communications that you consider private - things that you don't want other people to know, then you should have a big problem with this.
The problem with the logic that it inconvenient for law enforcement to respect privacy rights of citizens in pursuit of criminals justifies law enforcement oversight regardless of privacy rights. You're authorizing the government to surveil all of us in the interest of catching a minority of us doing something wrong. Personally that isn't a right I've resigned or a responsibility I've assigned to our government. Government is supposed to serve the people, not monitor them.
Even though law enforcement isn't supposed to act on information they gain outside of the scope of a subpoena, they shouldn't have any right to listen in on conversations they have no right to. If a law enforcement agency can't locate a specific IP why should that burden be passed to all the users on a block of IP's? Why shouldn't the ISP be responsible for more careful monitoring or logging? Why shouldn't the agency be required to deploy reliable means of locating that IP? Why shouldn't the government pay to install more sophisticated monitoring? Basically, why should the price of pursuit be the privacy of an uninvolved third party without their consent?
I have to say I've witnessed this problem/challenge from multiple standpoints - as someone looking to hire a programmer, and as a self taught programmer looking at going to get a formal degree. As someone responsible for hiring programmers to assist me with my work I was somewhat surprised that the vast majority of CS graduates (engineers) knew the technicalities of the programming languages, but with no real world experience still had to be spoon fed exactly how to use those skills to solve a problem. As a self taught programmer looking to go back to school to get a degree in engineering I quickly realized that the advantage of such a degree would be the mathematics and theory I would learn. At some point programmers run into systems that are too large or complex to be hacked. And that's where I see the self taught programmers glass ceiling - the hack. Self taught programmers learn to make languages work for them, but they rarely understand the vast complexities behind the language (down to the binary). Getting a formal education may not make you the best suited person to actually write a specific application, but it will make you the kind of developer that can see beyond the immediate challenges of an application. Also, in terms of larger applications, without the theory and mathematics it simply isn't feasible. There's no way to hack a distributed program operating over multiple machines, networks and clients. While a self trained programmer might be able to pull it off, without the mathematical and theoretical background the product just won't be very efficient. This is where the formal training comes in, where it separates the trained engineers from the self taught hackers. Schools should realize that the hackers may be able to out pace their grads in simple or fairly straightforward programming tasks, but when it comes to something like systems design, their grads should stand well above the hackers.
I don't think it's so much a problem of the legal system being behind the times technologically as it is a 'problem' with our legal system's greatest strength also being its greatest weakness. Trial by a jury of your peers means that you will often have lay people deciding highly technical cases. This is a situation where a better voir dire would have resulted in a better informed jury. The problem is that you have to explain highly technical language to people that may have no clue. I'm not sure how this case will turn, but you also have to remember that the judge (who supposedly is a highly educated person) is the final arbiter in the case. The judge may decide to toss out the verdict in the end. Also, there is the possibility of appeal in this case. Unfortunately good expert testimony (the kind that is more likely to convince a jury) is often expensive - and it is this caveat that often leads to these sorts of verdicts.
Guess what job Money magazine ranked #1 in the US right now?
http://money.cnn.com/magazines/moneymag/bestjobs/
"To be frank. This is one reason why I have no pity for %90 of AIDS patients. Sure, there are some ligit cases, like getting stabbed with somthing that has AIDS on it. But still, the best way to protect yourself from AIDS is to stop sleeping around. Find your mate, and stay with that one mate for the rest of your life. And never worry about AIDS"
That's so Christian it's the reason that I hate 90% of Christians.
I find it unfathomable to see how pictures of mating is destructive? Nobody complains about nature documentaries. The only thing 'bad' about depictions of reproduction or intimacy is what society dictates. That we find pictures of people reproducing offensive completely baffles me.
Now if people have a problem with regulating their own behavior that is a problem, but I fail to see how anyone else is responsible for that.
This is the silliest complaint I've heard since "someone is framing in my site!" Once again the open nature of the internet has befuddled those trying to turn a profit. So someone else is feeding into your RSS, so what? This wouldn't be any problem at all if you were producing content freely and openly. Just as http traffic is open, so is RSS. I think the fundamental problem here is one of design. The internet is designed for open sharing of information. Once you post something online you're bound to lose a great degree of control. You can always put up copyright notices, but the truth of the matter is that once you post the information to be FREELY requested by any machine connected to the internet you're pretty much giving it away.
I think the biggest flaw with this argument has to be with the idea that you can shift gears and take care of small tasks quickly without interrupting a larger task. This article on the tyranny of email pretty much sums it up. If you're in a zone, coding away, and you get a phone call, all those variables and processes, and whatever else you're holding onto and manipulating in your mind get crowded out and it takes you a lot of time to get back up to speed. Taking care of small tasks as they come up can actually take up more time than writing them down and taking care of them after you emerge from your creative cycle.
I totally disagree. The phish emails were actually very easy to spot (just view the source) and the test points out very clearly how dangerous HTML enabled mail user agents are, especially when you can't view the HTML source code easily. Many of the phish emails *appeared* to contain legitimate links, but looking at the anchor tags revealed they were not. The test even pointed out that some of the plainest emails were in fact legit and many of the complex ones which even pulled images from a company's legitimate site or included peripheral links to the offical site were frauds. I was a little disappointed that the test results didn't really explain exactly why certain emails were legit and others weren't. I got 100% but don't see how anyone who got less than a perfect score could really guess why. If you knew what to look for the test was very simple, but if you didn't it was extremely cryptic, especially since the test disable mouseover status bar indications of a links target.
I was actually a little disappointed in the test, every single phish was easily spotted because the links in hrefs contained in the HTML source didn't match up with either the sender's domain or the displayed link. Its pretty clear from the results that HTML email is a dangerous thing. I'm really shocked that anyone who was familiar with this sort of con would get less than 100% correct. You can't spot a phish by content, you have to scan the source.