Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:Misleading summary, as usual on TSA Finishes Removing "Virtual Nude" X-Ray Devices From US Airports · · Score: 1

    As a UKian, I would like to play devils advocate: if it stops one single delusional nutter from murdering upwards of 200 people

    Is it worse to have no scanners and risk that 200 people might be killed by a delusion nutter; OR to have the scanners, and with high probability, shave several years off the life of 1 million+ people?

  2. Re:Analog hole on TSA Finishes Removing "Virtual Nude" X-Ray Devices From US Airports · · Score: 1

    . They probably have to shut down the scanner, remove the disk then attach it to a regular PC.

    They probably upload the images to the cloud.

    So if a technician needs to review the image; they have to login to a certain Dropbox account.....

  3. Re:Analog hole on TSA Finishes Removing "Virtual Nude" X-Ray Devices From US Airports · · Score: 1

    While I agree with you in concept. I would point out in 4 years no random photos of celebrities, hot women, etc found their way onto the internet.

    Just because it wasn't on Twitter or the front page of Slashdot doesn't mean that it has not happened.

    Maybe it happened in a manner that neither we nor the celebrity found out about it... because we're not Facebook friends with the guy or whatever.

  4. Re:I work in groups so it happens faster on When Smart Developers Generate Crappy Code · · Score: 1

    You get a group of 10 together because you have a 400 man-hour project due in a week, not to make your code better.

    If you think 10 developers can complete a "400 man-hour project" in a normal work week, then you need to read up on Amdahl's law with inherent overheads of parallel processing, and realize... that humans are a lot less efficient, and a lot more overhead is required managing the parallelism

    A particular coding task doesn't have an intrinsic amount of time that it can be done in, that you can know in advance.

    And few development projects have nice ways to divide them that would allow developers to work independently without taking up plenty of each others time in one way or another.

    These are also non-deterministic, so you cannot know in advance the exact period a project could be expected to take when coded properly.

    You can never say in advance "This is exactly a 400 man-hour project"; you could say after the fact, that we finished it in 400 man-hours, and the result was within acceptance (although maybe not ideal... maybe suffering performance or bug issues)

  5. Re:A block that interferes with the mission on Why Everyone Gets It Wrong About BYOD · · Score: 1

    When an engineer performs a Bing or Google search for information "essential to the carrying out of the organization's mission", but most of the results are blocked because they happen to redirect all HTTP traffic to HTTPS as an anti-Firesheep measure

    With the proper paperwork, the engineering group can switch from HTTPS traffic blocked for them to being one of the teams that the Mandatory SSL decryption applies to.

    Instead of SSL traffic being blocked; it will be transparently decrypted at the firewall/proxy device, then re-encrypted before going to the user's browser.

    Security monitoring, pattern matching, protocol analysis, data leak protection, and policy enforcement mechanisms, then analyze the decrypted SSL stream.

    The disadvantage is that records may kept related to the content of any portion of any SSL stream.

    For those in the Engineering department; this is suitable. For those in accounting or finance, the blocking of non-approved SSL sites may be the required method, due to security tradeoffs involved to the organization.

  6. Re:BYOD means IT imagines less control over it on Why Everyone Gets It Wrong About BYOD · · Score: 1

    Don't you see, it's doing boneheaded stuff like this that leads to people installing Linux on locked-down Windows machines, and plugging their laptops into their phone for EDGE access.

    Windows itself is an existential security threat; therefore, people putting Linux there is not inherently a bad thing; so long as Linux is implemented on the workstation in a manner compliant with IT and IS policies, including the ones about privileged user access being strictly controlled by the organization.

  7. Re:BYOD means IT imagines less control over it on Why Everyone Gets It Wrong About BYOD · · Score: 1

    Engineering and R & D would be trying to find coding examples and the sites they would end up trying to reach were flagged by the web filters as hacking sites or game sites

    See... I don't recommend that Enterprises use their web filters to block 'game sites' or 'hacking' sites.

    I recommend that they used to block web traffic to pornography, overseas IP address space, Known VPN providers, and Cable/DSL/Dialup provider IP address ranges -- such as attempted connections to any IP address listed in the Spamhaus PBL or SORBS DUHL.

    As well as attempts to access sites on foreign ccTLDs such as ".RU" or ".PW"; which are essentially guaranteed to be related to malware distribution

  8. Re:BYOD means IT imagines less control over it on Why Everyone Gets It Wrong About BYOD · · Score: 1

    Congratulations – you've now set up your IT department to be a universally hated roadblock.

    It's not IT department that makes the decision about web filtering; it's information assurance/security department, that ultimately falls to an org's chief security officer: who should thoughtfully have some file folders full of of case studies showing where companies got hacked or sued as a result of employee surfing activity would be on hand to show anyone questioning the wisdom.

    The approval requirements just go there, to demonstrate that the employee is not wasting business resources requesting a web site be opened up for personal or reasons not essential to the carrying out of the organization's mission.

    It's just the outcome of deferring to the HR department for their guidance on ensuring that, which results in approval processes and requisite allocations of staff time.

    And everyone knows you don't outsource security to the cloud, unless you want to get pwn3d.

  9. Re:BYOD means IT imagines less control over it on Why Everyone Gets It Wrong About BYOD · · Score: 1

    Then watch requests to whitelist particular web sites take up half of everybody's time.

    Then IT will be allocated 15 minutes a day to review whitelisting requests, and department managers' requests get priority.

    Any requests that don't get handled within a week are rejected, and may be resubmitted in 15 days.

  10. Re:BYOD means IT imagines less control over it on Why Everyone Gets It Wrong About BYOD · · Score: 1

    Then watch requests to whitelist particular web sites take up half the IT department's time.

    Legitimate web sites would still generally get through, because they'd be categorized by a decent filter.

    For those that don't.... require sufficient paperwork, that the user is doing most of the work, before a whitelisting request can be made.

    Tier 1 tech: "You want us to allow you access to a site being blocked?" "OK; here, fill out this 3 page form, and sign here, here, and here, and have your supervisor sign here on page 2 and on page 3..."

  11. Re:BYOD means IT imagines less control over it on Why Everyone Gets It Wrong About BYOD · · Score: 2, Insightful

    many of the locked-down MSWindows systems that are deployed are wiped by the users to install Linux. Other systems may be mostly locked down, but users will run their own systems in virtual machines. The network may have a nice secure firewall, but lots of users set up backdoors through their home VPN connections to bypass the tight web filters.

    These are all things that can more or less be prevented or detected.

    For starters... the implementation of 802.1X authentication of Windows computers, Network Access Protection

    The other big one is a semi-deny by default webfilter policy; with a firewall device that validates the HTTP stream is actually HTTP (identification by protocol regardless of TCP/UDP port), allows access to only IP space on known web hosting providers, datacenters, and large Enterprises, but specifically doesn't allow connections to VPN services; and only allows HTTPS to specific known destinations.

    VPN attempts can then be screened for and detected based on traffic anomolies: HTTP session duration and Download to Upload ratio.

    Any session with a high Upload ratio sets off alarms, and gets blocked in a short period.

  12. Re:BYOD means I/T loses some control over it on Why Everyone Gets It Wrong About BYOD · · Score: 2

    afterall, who's going to tell the director off?

    I would... in private of course. The director must be coached, and warned, in a firm and positive way order to give them an opportunity to avoid misbehaving in the future.

    This is why it's important to have security policies and IT governance rules and the consequences in writing, and signed off on by multiple members of upper management, and the board.

    If you commit a violation, the disciplinary action procedure has to be initiated, no matter who you are in the organization -- even the CEO is not above scrutiny from the security department; just in the same way even the CEO is not exempt from fraud or financial embezzlement rules, as the violation of any of the important security rules is of similar severity, because it may have enabled the commission of fraud or other crimes against the shareholders.

    If everyone is not held to the same standard, then not everyone has to obey the policy, and it won't work.

  13. Re:If I refer myself on $30,000 For a Developer Referral? · · Score: 1

    Well, If they usually pay recruiters, I don't see anything wrong with this.

    There might be different tax implications for the employer; whether they pay it to a recruiter, or whether they pay a bonus to the employee.

    Taxes don't have to be witheld on a referral payment. For a Bonus to an employee (Supplemental wage, as it's called); social security and medicare taxes have to be withheld; which includes an employer match.

    That means, for them to be on "equal footing"; the bonus paid to the employee would have to be reduced in amount, to compensate for the employer match on taxes, then reduced further by required witholding.

  14. Re:If I refer myself on $30,000 For a Developer Referral? · · Score: 1

    I won't be referring you then. 95% of $30000 is $28500. If you can't do basic math you probably aren't a good developer.

    I think you missed the point; as in what i'm talking about flew way over your head. 95% zequals 96.66667%

    The time you spent composing your post + the time I spent reading it + the time to reply to your post, probably adds to a dollar amount in time value greater than the difference between 96.7% and 95%.

  15. Re:If I refer myself on $30,000 For a Developer Referral? · · Score: 1

    And, who pays the taxes on the $30k?

    In this kind of arrangement, where the developer got someone to sign your contract, to agree to take the referral bonus and pay 95%, in exchange for the details of the bonus and the opportunity to refer you; the person who signed the contract with the developer and made a referral has an inflow of $30k (from the referral business), and a matching expense of $28,500; if they are paid the referral, and pay out the portion agreed.

    Some portion of the $1500 profit from this transaction may become taxable income for them.

    For the developer, they have simply an outflow in fees to their lawyer, then an inflow of $28,500 related to this venture.

    Some portion of the $28.5k in profit after subtracting the lawyers' fees may be part of the developer's taxable income.

    In either case... both developer and person referring them, may be able to find other deductions to subtract from the amount which will be taxed.

    For example; to collect this referral bonus, the developer had to travel to the interview... there might be other permissible business or other expenses which match this revenue, because the expenses were required in order to generate it.

    There might also be other items such as charitable donations made in the same year, that are allowed to subtract from income by way of deductions.

    For example... if the developer then donated the $28,000 to a non-profit charity, the bulk of the proceeds would be wiped out for tax purposes.

  16. Re:Virtualisation on Ask slashdot: Which 100+ User Virtualization Solution Should I Use? · · Score: 1

    There's a lot more to vSphere than vMotion.

    I'm aware of this... vMotion is cheap anyways; you just need ESS+ or vSphere standard licenses, and a vCenter foundation for vMotion on 3 hosts.

    Even if you did go Ent Plus...

    Have you people seen the cost of Windows CALs lately? :)

  17. Re:If I refer myself on $30,000 For a Developer Referral? · · Score: 1

    Can I get $30k *and* the job?

    What you need to do is find someone else to refer you.

    Have your lawyer write up a contract that they will pay you 95% of the referral fee; and/or any amounts paid to them by the company or as a result of you being hired, and that also prohibits them from disclosing the details of the deal, or that there was a deal, or that there was any reason for referring you other than they had evaluated your work in the past.

    In exchange, you will allow them to refer you, and you will provide them the details.

    So they get $1000 bucks, you get $29000; the employer gets a great developer, who's really happy to work, especially with the extra cash, and boosted ego

    Now, this only works if you get hired and stay on for the 120 days.

  18. Re:Virtualisation on Ask slashdot: Which 100+ User Virtualization Solution Should I Use? · · Score: 1

    You can write custom scripts for ESXi to "accomplish what vCenter would do for VMware" as well, but by the time you did, you would have spent more on person time than you would have on just buying vSphere.

    Very true, but there are people in organizations that fail to acknowledge this, and they feel that "writing the custom scripts" instead of buying the overpriced management tool is a better decision, because maintaining their own scripts lets them avoid showing a tangible cost for the management capability.

  19. Re:About to change on Console Manufacturers Want the Impossible? · · Score: 1

    The "casual gamer" is fickle, cheap, and has a truckload of options. They're not a "niche" market.

    Well; on that point I agree. Consoles are not for casual gamers. Consoles are for very frequent gamers who spend many hours a week playing, and to throw those away could be a disaster for a console maker.

    There are thousands of $0.99 games in the app store to satisfy any casual gamer's appetite.

    The casual gamers are always gonna pick Android, iPad, iPhone, PC, or some other hardware that is cheap, that they already bought, or that they get more utility out of than just playing games.

    The Playstation 2's ability to play DVDs, and PS3's Blueray and OtherOS capabilities were a good example of console makers adding extra utility to their hardware besides gaming.

    Right now I think the only real reason for a casual gamer to go out and fork over for a console may be Kinect. Due to the unique input method.

    There will be some who want joystick input -- but a used PS2 from some flea store is just as good as a 4th gen console for the purposes of the casual gamer.

    Consoles will either get more useful features besides playing games; or casual gamers simply won't buy them.

  20. Re:About to change on Console Manufacturers Want the Impossible? · · Score: 1

    If the gaming industry's goal is to maximize profit, doesn't it make sense to include the widest possible player base?

    Yes... console oligopolys benefit the device manufacturers though. They enable them to extort per-unit licensing fees out of developers for the capability to develop for their platform; which funds the development of the platform in the first place.

    I'm sure the publishers would like their games on as many platforms as possible; but it costs money to develop for multiple platforms -- console licensing fees are part of that cost - so is adapting the code to run on every system, and the SDKs are different.

    I'm not so sure that similar underlying hardware will translate into much less heavy lifting for publishers wishing to support multi platforms.

  21. Re:About to change on Console Manufacturers Want the Impossible? · · Score: 1

    golden age of gaming where your platform of choice won't massively impact the games you can play.

    There will still likely be developers that exclusively release for one console; mainly the console makers themselves -- i'm thinking Nintendo

  22. Re:Virtualisation on Ask slashdot: Which 100+ User Virtualization Solution Should I Use? · · Score: 1

    Hyper-V is not free because you have to pay for all the management bits and pieces that go along with it.

    One of the supposed selling points of Hyper-V is you can perform live migrations directly between a pair of hosts without having to have a central management server, and you can write custom scripts to accomplish what vCenter would do for VMware.

  23. Re:Virtualisation on Ask slashdot: Which 100+ User Virtualization Solution Should I Use? · · Score: 1

    However, at some places where they pay in-house admins, they might have carte-blanche to hack together whatever solution they like in whatever timeframe they like, to get something that's functional

    In other words: "We'll make look X more expensive on paper by displacing costs for Y into other more discrete forms such as admin workload".

    If your sysads are so idle, they can use company time without additional cost, maybe you need to cut their hours and hire an outsourced IT firm --- incremental cost in the form of additional sysad workload is still money :)

    On the other hand... if they are doing this on "free time" or working longer with no extra labor pay, because that's their passion -- then you're taking unfair advantage of your sysads maybe, but indeed, that could make that option cheaper.

    vmware isn't negligible in the licensing department.

    This is true... But enterprises have lots of costs. SANS are more expensive, and so are servers; the SAN might not be required for other solutions, and might be a more significant VMware cost than the other costs. I guess in a sense... if your server room is full of mini towers and rackmount cases with individual computer parts your company purchased, and your admins mounted each part in every server, you are your server vendor - so you might as well be your software vendor too.... then purchasing VMware or Windows seems definitely out of place. Any operating system or OS distribution your admins didn't write; would look like an ugly duckling, unless it were "free" :)

    The danger of "free" products is that it is overly attractive to humans, so much so that we get biased, and risk losing sight of the costs.

    But when deciding; the right thing is not what's vmware's license price... but in what way is the entire world (your business) incrementally different if you go (A) With something else, and (B) With VMware. Assuming you manage everything else appropriately as well.

    Most business capital costs are high, and money can be borrowed from the bank, as long as the savings or additional revenue opportunity add up appropriately.

    But greater compatibility with business culture is definitely a reason to sometimes pick certain software as well -- if your admins are more comfortable with the situation, they will have a higher morale, and admin productivity improvements could well exceed the efficiency advantages of one solution or the other; in a world where increasingly 2 or 3 admins manage hundreds or thousands of VMs.

    So what you're saying is that if these admins weren't hacking together a solution, they would be still getting paid, but not working on something else? That seems wasteful (unless you are Google), but this situation creating an opportunity for them to displace some software license cost doesn't necessarily make it less wasteful -- if indeed, there is nothing more productive for the admins to be assigned, then consultants, and reducing the number of admins employed may have the higher ROI.

    In this case... there is an incremental financial impact due to (1) The added delay, and lost savings from consolidation for the period, or opportunity costs do to inability to enter the market, before the solution is ready -- this might be significant, since time is money, and there is a direct impact here on the value of the investment; investors can become very impatient and cross, if revenues are being suppressed for 6 to 12 months while a solution is being developed.

    (2) The incremental extra paid labor it takes the admins to put together the bespoke system.

    (3) The ongoing maintenance cost; there are bound to be bugs found later to be worked out, instead of just getting to call support....

    ...etc...

    I kind of equate this to having your sysadmins doing construction work on their "spare" time, while they are being paid for supposedly doing sysadmin work, to build your new office.

    In context... HyperV or roll your own may be the right solution, BUT at the very same time, it should raise other questions about if the business is being managed appropriately

  24. Re:How do you know? on Microsoft Files Dispute Against Current Owner of XboxOne.com · · Score: 1

    Two words: Cisco iOS. Not Linux, but far more capable and can make use of the massive built-in hardware assist.

    iOS is not more capable of performing a redirect. It is forwarding that is done in hardware; for a decent sized ISP, the equipment selection will be such that the "Management OS"' primary job is to populate FIB tables. This is not "hardware assist"; forwarding is a hardware activity assisted by software managing the lookup table status.

    Despite all that; ISP gear still can't handle address translation, or other activities requiring stateful operation on a per-flow basis.

    In most cases; the cost of even attempting far exceeds the prospects for ad revenues.

  25. Re:How do you know? on Microsoft Files Dispute Against Current Owner of XboxOne.com · · Score: 2

    P.S. Even if traffic redirection is successful it won't work. A query by an authoritative DNS server looks different from a query made by a DNS resolver; namely, Recursion Allowed (RA) is false, and bit5 AA (authoritative answer) must be set in the response.

    You really think the developers of NXDomain interceptors bothered to lookup the nuanced details of an Authoritative VS Recursive queryier?

    Redirecting traffic would just make all lookups fail.