Women are obtaining 61% of the Masters degrees in the US, the majority of which are NOT STEM RELATED! A PoliSci degree does no good for IT, let alone a specialty like IT Security.
Actually, there is probably a lot of useful sociological training a PoliSci degree would give you for infosec. And as others have said, degrees are a great way to get past HR, but experience trumps all in anything but government work.
A watch doesn't need tons of apps slurping up CPU. Instead, they should design with a philosophy similar to the original PalmOS. Black/white, do something simple, do it well.
TFS: "Davis explained that his wife had late-stage cancer. He would work his full work day in the office, but if he was needed nights or weekends, he'd want to work from home. His supervisor was fine with it, but the human resources department fired him on the spot after four hours of employment."
What part of that leads you to believe that his work couldn't be performed from home? HR departments in large corporations are typically not intimately familiar with the detailed requirements of a particular position, while the employee's supervisor certainly is.
All that matter is what was in he contract, and when he told them he could not stay late at work. Did he tell them before the job offer, or after he started work?
That might be. However, the most important thing here is in my opinion that employers have a terrible amount of control over their employees' lives.
Sigh. That is something very important. But as was just pointed out, we have zero evidence other than the fired employee's account, so try not to assume that is an important factor here just yet. If somehow he made it through all his hiring interviews and his unwillingness to stay late never came up, either he or the company was being very dishonest.
This is physical tracking the randomization is supposed to prevent, not web tracking. It is supposed to prevent law enforcement, or Disneyland, or whoever, from placing a bunch of wifi sniffing devices around the area they wish to track, listening for probes, and tracking your location without you knowing it.
I worked for a company recently where I had well over a dozen separate systems, each with their own password requirements. There was no keeping track of your passwords and in some cases your user IDs on their systems. The end result was that a lot of people just kept their passwords in text files somewhere, and often just requested password resets every time they logged into that system they only logged into a couple of times a year. About half the systems I had to interact with were not connected to the internet, making it impossible to use a password manager for them.
Just to add insult to injury, those fuckers started adding third party web sites for services like project planning and some employee incentives. And those third party web sites also had their unique password requirements. I eventually arrived at the conclusion that most of their employees were so busy maintaining their passwords that no other work was getting done inside the company.
So your conclusion is that the problem was having password requirements, and that everyone should be able to use whatever password he or she wanted, and not have to change them?
Because my take is that company needed either single-sign-on or a massive consolidation of services, and the password requirements sound like a symptom and not the problem.
I've always thought password rules probably made it easier to crack passwords. Password has to be between 6 and 10 characters? Great, that cuts out a huge range of potential passwords.
Yes, because you're imposing a 10-character upper limit, which nobody in their right mind would suggest. The 6-character minimum will have a negligible impact on the password space and time to crack versus, say, a 4-character minimum. For instance, if you do not know the password length, and it ends up being 8 characters, you will spend far less than 1% of the total calculations on the space below 6 characters.
Password has to have a symbol? That pretty much guarantees 'a' will be '@' and 'i' will be '!'.
It does not pretty much guarantee the same, but even if that were true and for some bizarre reason those were the ONLY substitutions people ever made... It's still the same password space as all letters.
In all cases, most of the time the attacker is not picking an account and putting all his resources into cracking the password, he is spraying common passwords at a list of accounts, looking for the weak ones. Password policies are designed to raise the floor for the weakest passwords. I am a fan of password policies that are flexible, i.e., they have less stringent requirements for 20+ character passwords.
This.
As a percentage, not many IT folks actually live & work on the Left coast. Might be more interesting if surveyed nationally and reported state-by-state.
True, we even had an article some months back about how Silicon Valley only accounts for 10% of the programmers and IT types in the entire country.
And San Francisco is not Silicon Valley. That said, 10% of all of the people filling a role that exists at most medium-large businesses (and a fair number of small businesses) is pretty staggering, coming from an area with approximately 1% of the population of the country.
Still lots of other ways it is bloated, and one can find some pretty minimalistic Linux installs that Windows Server could never come close to in small footprint.
Well, there is always Windows Server Nano. It's approximately 410 MB installed, I believe.
Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.
In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.
Who thought having this capability was a good idea?
If you believe Windows 10 is going to spy on you via wireless after you disable it, then you likely don't really understand how to practice good security under any OS.
This is literally what a lot of former-Uber female engineers tend to comment on happening. If it were one or two, okay sure, but it's the vast majority of them.
You're all over the place.
literally a lot tend to comment the vast majority
Please make up your mind and then tell us exactly what your allegations are and cite your source(s). I see a few genuinely alarming stories about Uber and a lot of rehashed hearsay being pushed to the front page--mostly by msmash.
Slashdot Mirror
Women are obtaining 61% of the Masters degrees in the US, the majority of which are NOT STEM RELATED! A PoliSci degree does no good for IT, let alone a specialty like IT Security.
Actually, there is probably a lot of useful sociological training a PoliSci degree would give you for infosec. And as others have said, degrees are a great way to get past HR, but experience trumps all in anything but government work.
A watch doesn't need tons of apps slurping up CPU. Instead, they should design with a philosophy similar to the original PalmOS. Black/white, do something simple, do it well.
You just described every non-smart watch.
and when movies try to go beyond that, like Star Trek The Motion Picture, people complain endlessly.
Well, many would say that was just the 2001: A Space Odyssey idea.
TFS: "Davis explained that his wife had late-stage cancer. He would work his full work day in the office, but if he was needed nights or weekends, he'd want to work from home. His supervisor was fine with it, but the human resources department fired him on the spot after four hours of employment."
What part of that leads you to believe that his work couldn't be performed from home? HR departments in large corporations are typically not intimately familiar with the detailed requirements of a particular position, while the employee's supervisor certainly is.
All that matter is what was in he contract, and when he told them he could not stay late at work. Did he tell them before the job offer, or after he started work?
That might be. However, the most important thing here is in my opinion that employers have a terrible amount of control over their employees' lives.
Sigh. That is something very important. But as was just pointed out, we have zero evidence other than the fired employee's account, so try not to assume that is an important factor here just yet. If somehow he made it through all his hiring interviews and his unwillingness to stay late never came up, either he or the company was being very dishonest.
Are you really so naive as to think they're only using these tools against non-Americans?
Did the report detail who was being targeted? If not, then what is the shocking part?
I thought it was more of an arts/entertainment conference. The Wikipedia page says it focuses on "music, film, and interactive."
Or am I the only one that wouldn't call that a tech conference?
massive amounts of pressure from a vacuum.
It's not that much pressure.
Oh, and to follow up, the devices revert to their hardwired address once they join a network or bluetooth pairs.
This is physical tracking the randomization is supposed to prevent, not web tracking. It is supposed to prevent law enforcement, or Disneyland, or whoever, from placing a bunch of wifi sniffing devices around the area they wish to track, listening for probes, and tracking your location without you knowing it.
I worked for a company recently where I had well over a dozen separate systems, each with their own password requirements. There was no keeping track of your passwords and in some cases your user IDs on their systems. The end result was that a lot of people just kept their passwords in text files somewhere, and often just requested password resets every time they logged into that system they only logged into a couple of times a year. About half the systems I had to interact with were not connected to the internet, making it impossible to use a password manager for them.
Just to add insult to injury, those fuckers started adding third party web sites for services like project planning and some employee incentives. And those third party web sites also had their unique password requirements. I eventually arrived at the conclusion that most of their employees were so busy maintaining their passwords that no other work was getting done inside the company.
So your conclusion is that the problem was having password requirements, and that everyone should be able to use whatever password he or she wanted, and not have to change them?
Because my take is that company needed either single-sign-on or a massive consolidation of services, and the password requirements sound like a symptom and not the problem.
I've always thought password rules probably made it easier to crack passwords. Password has to be between 6 and 10 characters? Great, that cuts out a huge range of potential passwords.
Yes, because you're imposing a 10-character upper limit, which nobody in their right mind would suggest. The 6-character minimum will have a negligible impact on the password space and time to crack versus, say, a 4-character minimum. For instance, if you do not know the password length, and it ends up being 8 characters, you will spend far less than 1% of the total calculations on the space below 6 characters.
Password has to have a symbol? That pretty much guarantees 'a' will be '@' and 'i' will be '!'.
It does not pretty much guarantee the same, but even if that were true and for some bizarre reason those were the ONLY substitutions people ever made... It's still the same password space as all letters.
In all cases, most of the time the attacker is not picking an account and putting all his resources into cracking the password, he is spraying common passwords at a list of accounts, looking for the weak ones. Password policies are designed to raise the floor for the weakest passwords. I am a fan of password policies that are flexible, i.e., they have less stringent requirements for 20+ character passwords.
This. As a percentage, not many IT folks actually live & work on the Left coast. Might be more interesting if surveyed nationally and reported state-by-state.
True, we even had an article some months back about how Silicon Valley only accounts for 10% of the programmers and IT types in the entire country.
And San Francisco is not Silicon Valley. That said, 10% of all of the people filling a role that exists at most medium-large businesses (and a fair number of small businesses) is pretty staggering, coming from an area with approximately 1% of the population of the country.
The headline is kind of rough. I first parsed it out as "System upgrade claims that Pennsylvania sues IBM over jobless."
I suspect this says more about San Francisco than about Seattle. Throw some other cities in there.
Ian Betteridge's head just exploded.
I don't think he had advice columns in mind.
Still lots of other ways it is bloated, and one can find some pretty minimalistic Linux installs that Windows Server could never come close to in small footprint.
Well, there is always Windows Server Nano. It's approximately 410 MB installed, I believe.
TLDR: If they were not permitted to hold onto vulnerabilities, they would stop finding vulnerabilities.
Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.
In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.
Who thought having this capability was a good idea?
The same people who invented JavaScript?
Commonly pronounced "oh-day."
But my Samsung TV, I haven't the foggiest idea. I don't know how to type commands into it or even what kind of an OS it runs.
Then don't put it on the network if you're concerned.
1) The CIA has the ability to break into Android and iPhone handsets, and all kinds of computers.
That's part of the spying thing and has been for at least the last 2-3 decades.
2) Doing so would make apps like Signal, Telegram and WhatsApp entirely insecure.
Logically follows.
3) The CIA could use smart TVs to listen in on conversations that happened around them.
Smart device insecure; news at 11.
4) The agency explored hacking into cars and crashing them, allowing "nearly undetectable assassinations."
Explored and...? That's it? Okay.
5) The CIA hid vulnerabilities that could be used by hackers from other countries or governments.
Author doesn't know what an 0-day is good for.
If you believe Windows 10 is going to spy on you via wireless after you disable it, then you likely don't really understand how to practice good security under any OS.
If you have to ask, the changes probably don't matter to you.
Fantastic point. All news is dumb because if it were important to us, we would already know it.
This is literally what a lot of former-Uber female engineers tend to comment on happening. If it were one or two, okay sure, but it's the vast majority of them.
You're all over the place.
literally
a lot
tend to comment
the vast majority
Please make up your mind and then tell us exactly what your allegations are and cite your source(s). I see a few genuinely alarming stories about Uber and a lot of rehashed hearsay being pushed to the front page--mostly by msmash.