I'm not sure that validating output (escaping it) will be any easier than validating the input. Really, you just need to write a function that does generic parsing of the input in the same way you have a special function that escapes it. get_safe_input($string) could be a function that reads in from the user, fixes it up, and returns the safe string. Bam, done, use that every time instead of your read_string or whatever the php function is.
Unfortunately, it's not that easy. You can (and most everyone does) block those ports at the firewall level. However, people that VPN in or connect via dialup, people who previously connected via the wireless at the local Panera, and either disabled their software firewall or just kept using their machine after that particular piece of software crashed.... they're infected, and when they VPN in, they go right through that precious firewall.
This is a general point beyond just your comment, but America is not a true democracy. We are a representative democracy, and for good reason - mob rule is no better than facism!
The damage an IT guy can cause pales in comparision to what the CEO and the board can cause.
But there's also a lot more IT guys than there are execs, and quantity x severity may be greater for IT, I don't know. Don't think that just because a problem exists in the upper echelons that a problem at lower levels can be ignored.
Another important point, in response to some other posts, is that a vast majority of IT security incidents (vandalism, data theft, etc.) are caused by employees. Unfortunately, management *has* to take precautions in this day and age.
Well, this sounds a bit overboard, to be sure... but always consider the source. In looking at the articles posted on their home page, I think that this may not be the kind of publication you can trust. Articles covering the social lives of Mel Gibson, Tony Blair, and the Duchess of York, with others about who's sunbathing with who, and using inflammatory wording in the headlines to increase the shock value of an otherwise trivial story... take this story with a grain of salt.
Of course, DNA testing for such a crime does seem excessive... but I've got no problem with cops kicking kids out of a tree, and if they were being disruptive (if! I don't know, and I don't trust this paper, so I'm just tossing out possibilities!) hauling them downtown to give them a bit of a scare. 12 isn't all that young - I sure could have used an authority figure correcting me around that age, might have saved me a lot of headaches later on in life.
Actually, pharma companies repeatedly invest in things that won't pay off for decades. I've worked there, I know. It would be more accurate to say that they would prefer to invest in methodologies that have a known success/failure likelihood than in something altogether new of which they're unsure. However, there is always someone out there wililng to take a big risk to make a big buck, and maybe that's what it'll take for stem cell research to advance.
Quite honestly, as a taxpayer who almost never takes drugs of any kind... I don't see why my money should be funding stem cell (or most other kinds) of researh. Let capitalism work itself out. If people want it enough to pay for it, it'll happen, and since the Bush ban doesn't affect private investments at all, there's nothing holding it back.
Ah, but the Slashdot editors reside in Michigan, no? And... correct me if I'm wrong... but that's in the US?;-)
Besides, news for nerds, we all ought to be capable of doing that conversion... I can tell you how many liters per gallon, why can't you tell me how many gallons per liter?
Airline safety isn't about lives, it's about consumer confidence to keep an industry that affects our entire economy afloat. I agree, a lot of the measures taken seem like a waste of money... but the average Joe Sixpack is easily scared about flying, despite statistical safety numbers, if Americans stop flying, many other industries starting having serious financial problems. That's why programs like this go ahead.
Security is an intuitive thing. I'm not saying this could be avoided, but you can bet that I've always turned off my wireless card when I'm not using it. I never heard of anyone doing this before, but I've always figured it was possible.
Unfortunately, any bit of code that runs on your computer is a potential vulnerability. The best possible solution is to minimize what's running, and update quickly if possible... but even that isn't necessarily protection. I seriously believe that the bad guys will always be one step ahead. Makes my career in security a bitch, but at least guarantees a paycheck.;-)
This isn't how a Communist country is supposed to be run
If at this point you still needed another example that Communism doesn't work in the real world... maybe I'll cough up the money for you to attend one of those institutions of higher learning.;-)
Of course if you were in the field you'd also know that there are many more forcings than just CO2 that affect the global mean temp. You'd also know that a chaotic systems don't respond linearly. You'd probably also know that although there have been cool years and hot years since the beginning of the 20th century, the overall delta to now is clearly positive. And presumably you'd understand that global trends are not local trends, therefore local anecdotes like the 1969 hurricane season do not prove or disprove global mean phenomena.
Well, I don't trust my mechanic either, if that makes you feel any better. He's in "the field" of cars, and I take my car to him whenever it's broken, but you can be sure I ask as many intelligent questions as I can before I pay that bill!
(it's an analogy - try applying it to the debate over mucking up our economy to prevent future global warming and you'll see what I mean:)
But in the end, whether they work hard or not (I personally have known teachers that do not fit the workaholic description you give above), the market determines their pay. Demand for teachers in the area, supplier bargaining power (in their case, unions), etc. I'm sorry, but if you need money that badly (say, to finance your gas-guzzling SUV as mentioned above) then you should enter a field that society values more.
Teaching is not considered difficult by a lot of people (I'm not saying it's not hard, I'm saying that it's not perceived that way - think back to your college days and the liberal arts majors you knew). Teachers are available at the wages that are being paid. What motivation does the district have to raise pay? Until the perception of teachers can be changed (which is, IMHO, what she's trying to accomplish by complaining in this article, whether she realizes it or not), or until the supply of teachers is decreased (either through effective use of -/shudder - unions, or through decreasing the number of people enrolled in elementary ed at college), pay will continue to be low.
The parent mentioned that the teachers he/she knows are in it because they love what they do. Unfortunately, that's not reason enough to raise the pay - I love playing video games and drinking Starbucks, but I don't get paid a dime for either one.
While I can understand the difficulty they're in, I don't necessarily sympathize.
I highly recommend LISA, although if you're truly novice it may be a bit above your level. It wasn't the most advanced training, but it did assume an intermediate knowledge of Unix when I attended in '04. There's a variety of seminars you can attend, learning about topics that interest you or discussing up and coming technologies that your company could/does make use of. I focused on the security track and got to learn some very interesting things that I later applied in my environment (about 150 systems at one point).
It's a by-Unix-people for-Unix-people sort of thing, so not really formal training, but still very educational.
Of course, when I attended it was in Atlanta (Hotlanta?) which may have made it more enjoyable than this year's Washington DC location.:)
I fail to see how the grandparent, which simply said "Good thing he's white" can be modded +5 insightful while this AC post, which actually provides a little bit of information (an anecdote, at least) can be modded 0. Looks to me like Slash has a little racism going on (or reverse racism, if you like - it's all the same shit to me).
If you read this, have mod points, and agree, please mod the parent up a bit instead of me.;-)
Maybe I'm crazy, but that OS is, what, 8 years old? How many OSes from that time would be safe to run on today's 'net? Mac OS... what? 8, maybe 9? Solaris 7/8? HP-UX 10?
Ok, Sol8 I could see I guess, but for all that I'm a Mac bigot these days, I can't really blame MS for being unable to support software that old. Sure, it was broken as hell when it came out, but at this point, I'd really rather they try to keep XP or (/sigh) maybe Vista reasonably up-to-date.
You can quit making fun of the American way of describing your "football" as "soccer" now, thanks.
Every region has different words for the same thing, even if it's ostensibly the same language. Bangers? Sausages, but we wouldn't call them that in America. Go to the UK and they'll know what you mean, though. Mates? Friends in Australia, someone you have sex with in the Midwest, and who knows, maybe an officer of a ship in the navy (not having been in it, I don't know:). English and most other major languages have differences across regions (compare High German with Swiss German once!), and whatever historical reasons there are, they hardly matter - it is what it is, and you all understand when we say soccer. Life goes on!
There's actually a larger issue behind this involving all intellectual property (which, yes, I realize, most of the unemployed geeks on Slashdot don't believe in, and some of the more intelligent ones as well).
The idea behind the WTO is that everyone plays on the same ground, and that everyone respects western ideas on what's sacrosanct. It is, after all, a western creation - all major players in economics (at the moment) are. It's entire purpose is to ensure free competition between businesses worldwide, which can't happen if a business in the US relying on coypright protection is up against a business in another country that ignores it. So the US consistently blocks entry into the WTO until countries "clean up their act." Note that we're not kicking anyone out, which takes a consensus - we're simply telling them that they can't join this country club until they're up to our standards.
I disagree with the idea that we're burning political capital for several reasons. For the first, it's relatively easy to block someone - it only takes a single member state to say no - and look at how long we blocked China. Second, for all we know, the WTO may not exist in 2 or 3 years. It's only been around for a decade, and it's currently facing it's toughest decision yet (a subsidy suit from the US against certain EU states regarding Airbus and a countersuit concerning Boeing). This issue is the toughest that they've ever faced (hence the extension beyond the usual 15 month time frame), and if forced to come to a decision, could very well show the impotence of the organisation (since they have no authority beyond authorizing the plaintiff to levy tariffs, it's pretty weak). If the world sees that the big players (US, France, Germany) disregard its decisions such as Canada and Brazil did in a similar situation, the WTO will quickly fall apart.
So in short, messing around at the WTO is unlikely to cost us anything in the long run. Really, enough countries dislike us for enough other reasons (some fair, some not) that it really wouldn't matter anyway.
Actually, in good programs, those skills are taught. In my undergrad degree at Purdue almost every one of my Telecom & Networking classes had team projects, and we were forced to take Organisational Leadership and Supervision classes as well, which further enhanced those skills.
Also, most tech people suffer from far more than simply being introverts. Even so, being shy/quiet does affect people in negative ways, preventing them from reaching out and establishing the neccesary communication with their clients/managers/coworkers or from piping up with better ideas in group meetings. The real world sucks - you need to have more than just tech skills to make it.
Hear, hear. I'm living in Europe at the moment where the entitlement attitude seems to be even stronger than in the US, and it's really kind of annoying.
Morals are great, and I wouldn't want to hire someone who doesn't have them, but people need to know how to react to them. I'd say they key lesson from the g/f refrenced above is that "giving up" because your industry does something you don't like is not the way to succeed in life. If it bothers you that much, work for change. Be a political activist and push for national healthcare (not that I'm in favor of that crap, but...:). Change your company from the inside by progressing through the ranks. Whatever.
A piece of advice to the poster of this anecdote, though - tell your g/f not to mention her reasons for quitting in any job interview / cover letter / whatever. That will only make her look bad to the new company.
Slashdot Mirror
I'm not sure that validating output (escaping it) will be any easier than validating the input. Really, you just need to write a function that does generic parsing of the input in the same way you have a special function that escapes it. get_safe_input($string) could be a function that reads in from the user, fixes it up, and returns the safe string. Bam, done, use that every time instead of your read_string or whatever the php function is.
Unfortunately, it's not that easy. You can (and most everyone does) block those ports at the firewall level. However, people that VPN in or connect via dialup, people who previously connected via the wireless at the local Panera, and either disabled their software firewall or just kept using their machine after that particular piece of software crashed.... they're infected, and when they VPN in, they go right through that precious firewall.
r ed.and.patched.
Every.layer.Every.step.Every.machine.Must.be.secu
It is, unfortunately, the only way.
This is a general point beyond just your comment, but America is not a true democracy. We are a representative democracy, and for good reason - mob rule is no better than facism!
The damage an IT guy can cause pales in comparision to what the CEO and the board can cause.
But there's also a lot more IT guys than there are execs, and quantity x severity may be greater for IT, I don't know. Don't think that just because a problem exists in the upper echelons that a problem at lower levels can be ignored.
Another important point, in response to some other posts, is that a vast majority of IT security incidents (vandalism, data theft, etc.) are caused by employees. Unfortunately, management *has* to take precautions in this day and age.
Well, this sounds a bit overboard, to be sure... but always consider the source. In looking at the articles posted on their home page, I think that this may not be the kind of publication you can trust. Articles covering the social lives of Mel Gibson, Tony Blair, and the Duchess of York, with others about who's sunbathing with who, and using inflammatory wording in the headlines to increase the shock value of an otherwise trivial story... take this story with a grain of salt.
Of course, DNA testing for such a crime does seem excessive... but I've got no problem with cops kicking kids out of a tree, and if they were being disruptive (if! I don't know, and I don't trust this paper, so I'm just tossing out possibilities!) hauling them downtown to give them a bit of a scare. 12 isn't all that young - I sure could have used an authority figure correcting me around that age, might have saved me a lot of headaches later on in life.
Actually, pharma companies repeatedly invest in things that won't pay off for decades. I've worked there, I know. It would be more accurate to say that they would prefer to invest in methodologies that have a known success/failure likelihood than in something altogether new of which they're unsure. However, there is always someone out there wililng to take a big risk to make a big buck, and maybe that's what it'll take for stem cell research to advance.
Quite honestly, as a taxpayer who almost never takes drugs of any kind... I don't see why my money should be funding stem cell (or most other kinds) of researh. Let capitalism work itself out. If people want it enough to pay for it, it'll happen, and since the Bush ban doesn't affect private investments at all, there's nothing holding it back.
ICANN't believe the USA has done this!!!
;-)
That's good, because, as others have pointed out, TFA would make it seem that we haven't.
Ah, but the Slashdot editors reside in Michigan, no? And... correct me if I'm wrong... but that's in the US? ;-)
Besides, news for nerds, we all ought to be capable of doing that conversion... I can tell you how many liters per gallon, why can't you tell me how many gallons per liter?
Airline safety isn't about lives, it's about consumer confidence to keep an industry that affects our entire economy afloat. I agree, a lot of the measures taken seem like a waste of money... but the average Joe Sixpack is easily scared about flying, despite statistical safety numbers, if Americans stop flying, many other industries starting having serious financial problems. That's why programs like this go ahead.
Security is an intuitive thing. I'm not saying this could be avoided, but you can bet that I've always turned off my wireless card when I'm not using it. I never heard of anyone doing this before, but I've always figured it was possible.
;-)
Unfortunately, any bit of code that runs on your computer is a potential vulnerability. The best possible solution is to minimize what's running, and update quickly if possible... but even that isn't necessarily protection. I seriously believe that the bad guys will always be one step ahead. Makes my career in security a bitch, but at least guarantees a paycheck.
This isn't how a Communist country is supposed to be run
;-)
If at this point you still needed another example that Communism doesn't work in the real world... maybe I'll cough up the money for you to attend one of those institutions of higher learning.
Yes, you're a nerd, but so am I for recognizing that episode. ;-)
Of course if you were in the field you'd also know that there are many more forcings than just CO2 that affect the global mean temp. You'd also know that a chaotic systems don't respond linearly. You'd probably also know that although there have been cool years and hot years since the beginning of the 20th century, the overall delta to now is clearly positive. And presumably you'd understand that global trends are not local trends, therefore local anecdotes like the 1969 hurricane season do not prove or disprove global mean phenomena.
:)
Well, I don't trust my mechanic either, if that makes you feel any better. He's in "the field" of cars, and I take my car to him whenever it's broken, but you can be sure I ask as many intelligent questions as I can before I pay that bill!
(it's an analogy - try applying it to the debate over mucking up our economy to prevent future global warming and you'll see what I mean
He's making a point, and it seems like a lot of people are missing it.
Then he didn't make the point very well, did he?
But in the end, whether they work hard or not (I personally have known teachers that do not fit the workaholic description you give above), the market determines their pay. Demand for teachers in the area, supplier bargaining power (in their case, unions), etc. I'm sorry, but if you need money that badly (say, to finance your gas-guzzling SUV as mentioned above) then you should enter a field that society values more.
/shudder - unions, or through decreasing the number of people enrolled in elementary ed at college), pay will continue to be low.
Teaching is not considered difficult by a lot of people (I'm not saying it's not hard, I'm saying that it's not perceived that way - think back to your college days and the liberal arts majors you knew). Teachers are available at the wages that are being paid. What motivation does the district have to raise pay? Until the perception of teachers can be changed (which is, IMHO, what she's trying to accomplish by complaining in this article, whether she realizes it or not), or until the supply of teachers is decreased (either through effective use of -
The parent mentioned that the teachers he/she knows are in it because they love what they do. Unfortunately, that's not reason enough to raise the pay - I love playing video games and drinking Starbucks, but I don't get paid a dime for either one.
While I can understand the difficulty they're in, I don't necessarily sympathize.
I highly recommend LISA, although if you're truly novice it may be a bit above your level. It wasn't the most advanced training, but it did assume an intermediate knowledge of Unix when I attended in '04. There's a variety of seminars you can attend, learning about topics that interest you or discussing up and coming technologies that your company could/does make use of. I focused on the security track and got to learn some very interesting things that I later applied in my environment (about 150 systems at one point).
:)
It's a by-Unix-people for-Unix-people sort of thing, so not really formal training, but still very educational.
Of course, when I attended it was in Atlanta (Hotlanta?) which may have made it more enjoyable than this year's Washington DC location.
I fail to see how the grandparent, which simply said "Good thing he's white" can be modded +5 insightful while this AC post, which actually provides a little bit of information (an anecdote, at least) can be modded 0. Looks to me like Slash has a little racism going on (or reverse racism, if you like - it's all the same shit to me).
;-)
If you read this, have mod points, and agree, please mod the parent up a bit instead of me.
Maybe I'm crazy, but that OS is, what, 8 years old? How many OSes from that time would be safe to run on today's 'net? Mac OS... what? 8, maybe 9? Solaris 7/8? HP-UX 10?
Ok, Sol8 I could see I guess, but for all that I'm a Mac bigot these days, I can't really blame MS for being unable to support software that old. Sure, it was broken as hell when it came out, but at this point, I'd really rather they try to keep XP or (/sigh) maybe Vista reasonably up-to-date.
You can quit making fun of the American way of describing your "football" as "soccer" now, thanks.
:). English and most other major languages have differences across regions (compare High German with Swiss German once!), and whatever historical reasons there are, they hardly matter - it is what it is, and you all understand when we say soccer. Life goes on!
Every region has different words for the same thing, even if it's ostensibly the same language. Bangers? Sausages, but we wouldn't call them that in America. Go to the UK and they'll know what you mean, though. Mates? Friends in Australia, someone you have sex with in the Midwest, and who knows, maybe an officer of a ship in the navy (not having been in it, I don't know
Google and Amazon have deep pockets as well, you know. ;-)
Come on, with Ventura at the helm, what did you expect? :)
You know, as much as I enjoy whacking skanks, there's something to be said for "if you're too ashamed of something to talk about it...."
:)
Really, I hope your post was modded incorrectly - +5 funny I could see. Interesting? Bleh.
Then again, this one will be -1 troll, so... grain of salt.
There's actually a larger issue behind this involving all intellectual property (which, yes, I realize, most of the unemployed geeks on Slashdot don't believe in, and some of the more intelligent ones as well).
The idea behind the WTO is that everyone plays on the same ground, and that everyone respects western ideas on what's sacrosanct. It is, after all, a western creation - all major players in economics (at the moment) are. It's entire purpose is to ensure free competition between businesses worldwide, which can't happen if a business in the US relying on coypright protection is up against a business in another country that ignores it. So the US consistently blocks entry into the WTO until countries "clean up their act." Note that we're not kicking anyone out, which takes a consensus - we're simply telling them that they can't join this country club until they're up to our standards.
I disagree with the idea that we're burning political capital for several reasons. For the first, it's relatively easy to block someone - it only takes a single member state to say no - and look at how long we blocked China. Second, for all we know, the WTO may not exist in 2 or 3 years. It's only been around for a decade, and it's currently facing it's toughest decision yet (a subsidy suit from the US against certain EU states regarding Airbus and a countersuit concerning Boeing). This issue is the toughest that they've ever faced (hence the extension beyond the usual 15 month time frame), and if forced to come to a decision, could very well show the impotence of the organisation (since they have no authority beyond authorizing the plaintiff to levy tariffs, it's pretty weak). If the world sees that the big players (US, France, Germany) disregard its decisions such as Canada and Brazil did in a similar situation, the WTO will quickly fall apart.
So in short, messing around at the WTO is unlikely to cost us anything in the long run. Really, enough countries dislike us for enough other reasons (some fair, some not) that it really wouldn't matter anyway.
Actually, in good programs, those skills are taught. In my undergrad degree at Purdue almost every one of my Telecom & Networking classes had team projects, and we were forced to take Organisational Leadership and Supervision classes as well, which further enhanced those skills.
Also, most tech people suffer from far more than simply being introverts. Even so, being shy/quiet does affect people in negative ways, preventing them from reaching out and establishing the neccesary communication with their clients/managers/coworkers or from piping up with better ideas in group meetings. The real world sucks - you need to have more than just tech skills to make it.
Hear, hear. I'm living in Europe at the moment where the entitlement attitude seems to be even stronger than in the US, and it's really kind of annoying.
:). Change your company from the inside by progressing through the ranks. Whatever.
Morals are great, and I wouldn't want to hire someone who doesn't have them, but people need to know how to react to them. I'd say they key lesson from the g/f refrenced above is that "giving up" because your industry does something you don't like is not the way to succeed in life. If it bothers you that much, work for change. Be a political activist and push for national healthcare (not that I'm in favor of that crap, but...
A piece of advice to the poster of this anecdote, though - tell your g/f not to mention her reasons for quitting in any job interview / cover letter / whatever. That will only make her look bad to the new company.