DropMyRights is one of two tools you can get off Microsoft's site to remove administrative rights when launching applications.
However, the biggest problem with both is that they are command line tools and your average Windows user knows jack about the Windows command line. Yes, this is/. but think of your Aunt Alice, Uncle Joe, Cousin Bob - "command line" is a quick way to immediately lose an average user.
What's more, getting people to actually read the Washingtonpost article and implement what it is saying is like pulling teeth. My experience is, it just doesn't happen. Even with IT people.
Secondly, DropMyRights is linked to the Win32 console runtime which causes a momentary flash as an application is launched (Windows displays a console window momentarily). It's very minor given the gains (in the case of DropMyRights) but average people have creative imaginations and they might dismiss a tool for the most *trivial reason* if their experience changes.
For all these reasons I wrote a small utility RemoveAdmin that does the same thing:
EXCEPT my installer creates shortcuts for IE & FireFox - turnkey solution is critical here, you have to break down the typical resistances with average users. The installer labels the shortcuts "SecureIE" and "SecureFirefox".
In addition removeAdmin.exe isn't linked to the Win32 console runtime so you don't see a flash as an application is launched.
It's a combination of ignorant users and ignorant IT people. I've never seen a single IT person use "runas" (impersonation), ACLs on the Windows file system or registry or and this is the damning one, a command line utility that allows you to selectively strip administrative rights on applications as you use them thatâ(TM)s been on Microsoftâ(TM)s site for years (after I pointed it out to them).
There was a reason once upon a time Microsoft chose to release Windows XP in such a way as to have users running with administrative rights. A reason that is extremely weak now - many people were upgrading to Windows XP from Windows 9x/ME and Microsoft didn't want to incur the support cost (or their partners) of having lots of applications stop working. Among them is the popular WinAmp. It used ancient APIs for its configuration file, WINAMP.INI, that stored global preferential data (as opposed to per user) in C:\WINDOWS\WINAMP.INI. If you didn't have administrative rights, it would just hang when you fired it up. Google Desktop when first released would *NOT* work on a non-administrative desktop. The list of offending applications goes on and on, e.g., a friend of mine had oceanic navigation software that insisted running with admin rights.
However, it turns out there is a programmatic mechanism in place in every copy of Windows XP (and Windows 2000) that allows you to strip administrative rights when you launch a process. Microsoft never exposed users to this ability for reasons that to this day are unclear to me. The magic API in question is CreateRestrictedToken.
But what really was an eye opener to me is when I would point out a tool on Microsoft's site to strip out administrative rights when you run a program. Namely, years ago you could have made the situation tenable in the case of apps like WinAmp and Google Desktop by yes, logging onto your desktop as an administrator but launching most Internet facing application without administrative rights but hereâ(TM)s the clincher *AND NOT CHANGING USERS* . In fact, I've been doing this for years.
Nonetheless I observed an incredible amount of laziness on IT professionals when I pointed out these capabilities. Laziness, apathy and the usual suspect of insecurity ("Don't tell me what to do, I know what I'm doing"). Yes, that's right, you manage a CISCO PIX firewall, you must be a security guru all around and follow best practices.
So given my former life as a Windows software developer I took it upon myself to create a turn key installer that at least protects Jane & Joe Average called *RemoveAdmin*:
RemoveAdmin is a utility to strip administrative rights off apps as they're launched under Windows XP and Windows 2000 where unfortunately 99.9% of home users run with administrative rights.
The default RemoveAdmin installer creates shortcuts for IE and Firefox but if you analyze the shortcut, you see IE and Firefox are passed as an argument to the removeAdmin.exe program.
You can trivially setup another shortcut for Opera and/or any other Internet facing application... as you should since you can't trust foreign computer systems you connect to.
Itâ(TM)s version 0.1 since I havenâ(TM)t created a FAQ and thereâ(TM)s the situation that if you have multiple administrative SIDs it wonâ(TM)t work (not the case for most people). I need to fix that, create a FAQ and also offer to adjust the ACLs on the Startup folder to tighten security such that when combined with RemoveAdmin, breaching your system on account of your browsing becomes because crazy hard.
"However, I'm very unmotivated both because of the work that I do, which is boring, and because the organization I work for is highly political, disorganized, and lacks accountability."
Big reasons I no longer do it.
The other reason is maintenance. Most "software development" is dealing with crap laid down by others who moved on years prior. If not within the company, then mentally.
Frankly, software development is severely overrated. Getting a CS degree and going off to do it is sort of like watching some episode of Nova dealing with some science topic lending some interest to whatever scientific branch that is involved but then when you get that chemistry degree you realize a monkey could work at a lab eventually (think Darwin).
Likewise, creating some "neato" web page isn't exactly indicative of what software development is like in the real world. Sure web development is not the only kind of software development but it sure is the majority nowadays.
But tell me FreakinSyco... how many people, think Joe and Jane Sixpack run with non-administrative accounts at home under Windows XP?
Even worse, 99% of IT people will do the same, i.e. rely on anti-virus vs. the principle of least privilege which they'll call out in a heartbeat on *NIX ("Don't run as root!!!") but fail to do the same when at home under Windows XP. It's largely a user education issue. Few people know about the tools Windows does offer and assume it's completely insecure (that's not true).
Further lots of Windows software has assumed the user DOES have administrative privileges. At one point in time Google Desktop would simply not run in a non-admin desktop. Other software dating back to Windows 9x was also guilty of this. Until a couple of years ago Winamp failed to run if you were not an administrator. Why? Because it stored its configuration (Winamp.ini) in C:\Windows and it maintained global settings for the entire machine via the depracted GetPrivateProfileString and WritePrivateProfileSring APIs dating back to Windows 3.x.
Do you think your average user would likely have such information? Or even care? They just want software to work!
This tool is a compromise. 1) People don't like passwords. 2) Most Windows XP users run as administrators with nary an understanding of the dangers getting them to change to a non-admin account has many, MANY barriers 3) This tool is a compromise.
If you run as "god"/root/administrator then by proxy as your browser pulls in crap off the Net, guess what's going to happen? Yes, security issues will persist, such as cross site scripting, but which would you rather have, a browser flaw that at most might steal some file on your system or getting your machine instrumented with a root kit? No system is 100% secure but the key is to minimize exposure.
RemoveAdmin leverages a security API that's actually part of Windows Vista as well. If you have an end user that has foolishly turned off UAC. This tool will work there. It will also work with Windows 2000.
Exploits for specific document types make compromising people's machines an issue. However, what 99.9% of people that revel in schadenfreude with IE's woes miss or fail to understand (yeah including many people on Slashdot) is that most Windows XP users (which are most Windows users, Vista is only 20%) run as as "root"!!! ("administrator" in the Windows vernacular)
I wrote a utility called RemoveAdmin available on Download.com that leverages an API in Windows (CreateRestrictedToken) that strips administrative rights:
The installer will create shortcuts for IE and Fifrefox but if you look carefully it's really a program with the browser.EXE passed as an argument.
Which means you can strip administrative rights on anything you run... in fact that's exactly what I do. I don't run *anything* that talks on the Net without this.
This means if you stumble across rigged.PDFs, Word documents, etc., etc., you won't suddenly have a keyboard logger installed because ignorant you is running with admin rights.
(Some caveats)
This is version 0.1. What would 1.0 have? A FAQ and user guide for starters. Also, I've seen this version not work in some cases, largely situations where AD is in play (probably because a user has multiple admin credentials).
If you need to run ActiveX controls on a site (poor you if you use IE), just quit IE, go to the site, have the controls installed. Quit IE and re-run IE with the secure link. Likewise this is what you would do before going to WindowsUpate.
And finally, to convince yourself the utility does something useful. Go to any site, "View Source" after you run your browser with the secure link and try to save the resultant.HTML/JavaScript to C:\Windows. You'll find you can't.... since your browser process doesn't have administrative rights (root) and thus any process it launches doesn't either (think of this as a plug-in scenario).
Since they only match acronyms and can't discriminate from a person capable of easily assimilating new technologies vs. someone can't can't and/or is very inexperienced.
Yeah so you might learn about designing a Turing complete language... good luck in paying the mortgage with that.
Then again there's a few select individuals who love that stuff and have academic careers. If you see yourself as a professor, go for it.
Trust me, I've heard both sides of the argument including "getting an education" (for studying theory). But if you want an education, generally speaking, pick something like finance not something that 0.01% of the world population dwells on.
If I had to do it all over again knowing what I know now I would not have bothered with the CS program I went through.
Programming may be a lot wider now but that doesn't excuse anyone from not knowing pointers if such a person claims to know C. It would be like me saying I can play music without ever having played any instrument. It makes no sense.
I'm with Joel Spolsky... most software developers are mediocre... except they don't know it. But then mediocre is contextual. If your only motivation is to collect a paycheck on account of filling in event handlers with business logic, hey, more power to you. But that's not what shall we say drew me to CS.
I interviewed many people who said they knew C, some of these people had had jobs and were not fresh out of college, I was pretty shocked to find few could write "strcpy". It was an eye opening experience for me - all I ever wanted to know was if a person understood pointers. To heck with the prototype and boundary checking, show me pointers.
I don't buy many people's arguments against C++. Many arguments were made for Java when it came along but then the language expanded to make up for the fact that, well, people did utilize some of the things C++ offered.
It's easy to bash C++ now that there really isn't a strong business case for it, computers have grown so powerful the need to work at that level has been greatly diminished. If I'm a hiring manager I have to weigh in the fact that the code has to be maintained and as attrition happens, I have to replace people and C++ doesn't exactly have the mindshare it once did. Not to mention that few CS graduates have any experience with it.
The only bastions left for C++ are commercial products and trading applications, like I told Bjarne - niche.
I spent 2-1/2 years at MS and if it is one thing that disappointed me it is how indifferent most developers were about learning C++... which prevented them from writing great code. Afterwards, I worked with some *NIX snobs in a dotBomb and all they ever did was trash C++ (somehow Java was "great" though).
Few could tell you why you necessarily want to make your destructors virtual, why not doing "delete [] array" is not necessarily a memory leak, where must references be initialized, why it's good practice to use (at the time) the new cast notation... the list went on.
It's been a decade, I've started to forget all that material. I followed the ANSI committee, read most issues of "C++ Report" and wrote some of my best code during my days at MS. Unfortunately I can't say I found many people who could relate with verve for putting out great code. (All you trolls, this is about a programming language, not about any specific product or company, go outside, run 'til your heart feels like it's going to give out so your thoughts gravitate elsewhere... better yet, let it give out)
A simple principle that holds up when the bull (real one) is charging at you as well as metaphorically.
The road is littered with technology panaceas spanning the gamut from programming languages that are the "greatest" and "will make developers far more productive" to operating systems that never went anywhere, e.g., BeOS.
Call me jaded, who cares about the others you mentioned. LINUX still sucks on the desktop for average users, largely because the software ecosystem that surrounds Windows is so massive and is quite hard to ignore. Just let me listen to music and play games (and no, I don't mean "checkers"). I want to install and run iTunes without thinking about downloading emulation software. I want to play cutting edge games.
I like LINUX on the back end but that is about it (as far as its proximity to my desktop). My strategy has been to leverage open source technologies on Windows, Cygwin, PERL, etc., etc. Besides I can always fire up the X window server and view graphical applications on Windows. Kudos to MIT for such prescience two decades ago, i.e., "the network s the computer."
Here's my view, based on my own life experiences as a one time software developer. Software development is partially an art form. No matter how well studied people are, writing awesome software requires passion and having some qualities that are like being an artisan. Just an artisan with great vision can turn a piece of stone into "David" it takes analagously speaking, similar qualities in creating a system of code that are resilient to change but at the same time extensible yet with maintainable.
The reality is, for many people, software development becomes a means to pay bills, nothing more. Which is fine, many people do this. However unlike the task of perhaps excavating a 10 foot by 100 trench for construction purposes, software is littered with intangibles including bad specs, unmotivated software developers, new paradigms (AJAX), etc., etc.
At least if you're working a construction crew, things are much clearer and you as a foreman can insist on people "stepping up" if needed. These measurements are simply not possible with software. Despite all the panaceas that has been given labels over the years, hard numbers just are not possible. And if you at least concoct a metric system that seems to work, you might have staff that quits and at that point, all those metrics are gone. All developers are *not* created equal. Fact.
There was a day when I used to follow the ANSI committee on C++ and knew the language incredibly well. I wrote some of my best code ten years ago including C++ frameworks that others had occasions to rely on. Sadly, I did *not* observe this attention to detail with my peers save for a couple of them. I had occasion to observe a couple of developers once wanting to rewrite my code since they had never used the Standard Template Library (STL) and had never encountered keywords such as "mutable" or my use of the "new" C++ (at the time) cast notation. Never mind that the code worked and did what it was supposed to and a peer review of this code (two seasoned and driven C++ developers) did not recommend changes.
The greatest "sin" I observed during my years of software development were individuals who programmed by rote, i.e. cut and past programming and simply did not have the motivation, inclination or passion(?) to learn the very programming language that constituted their "bread and butter." Expecting a largely unread person to suddenly write like Shakespeare (or columinist at a major newspaper) doesn't just magically happen. The most articulate people of the English language are always well read. They've at some level "paid their dues" engaging your mental faculties that many people never bother with. And just like with many things in life, practice, practice, practice.
Things perhaps have gotten better in the software development realm if only because there are less platforms to worry about now. By and large everyone is creating web applications and if you are not, then you are probably serving some vertical market (I doubt you are creating a WinAmp competitor) or work at large companies - Microsoft, Apple, IBM, Cisco, etc. Writing a Cocoa application (Mac OS X) means coding in Objective C but how many of you can make the claim you code in it regularly? Point made.
As my career advanced and I worked with web developers I saw many people not at all inclined to pick up new material. The one thing that web developers were incredibly bad at is induction - taking two principles or abstractions and creating a third. Most of them seemed to learn one way of doing things and applying this by rote over and over - cut and paste programming at its worst.
And since web apps are par for the course at many institutions now... well you can imagine the results.
The legacy of x86 software cannot be underestimated. Frankly I don't care anymore what the performance characteristics of a CPU are as long as it runs the software I want. Which in the past has meant me being able to readily download free software such as WinAmp (among lots of others) without hassle. I really do not care if it is PowerPC, MIPS, Alpha, etc. However the inability of these platforms to readily execute the x86 instruction set is precisely why people never purchased these systems when Windows NT used to be offered on them. No shock various vendors pulled out and ultimately Microsoft withdrew OS support of these processor architectures.
There used to be a day I had interest in this subject matter, not anymore. Just let me do the things I want to do, browse, listen to music, play games. I want to do these things without being encumbered or giving a rat's a** about instruction pipelines, branch prediction or how ueber a processor is because it has X more registers than the legacy x86 architecture.
AMD understood this all too well when they spearheaded the x86 platform to the 64 bit front... much to the chagrin of Intel with its "Itanic" architecture... with Intel ultimately following suite transitioning their x86 product line to 64 bit.
-M
PS: "Just because it's difficult doesn't mean it has value." --Yours truly
Government spooks collaborating with industry titan to subterfuge... sounds like a plot from the X-Files... conspiracy theories are a dime a dozen.
Human psychology likes gossip, which is why this site even exists...
Our government is largely incompetent when it comes to tech savviness. Furthermore, I don't buy that any US agency involved with national (in)security is covertly leveraging a US tech company like Google. Overtly is another matter. If it was an old DoD contractor that's another story, but Google, doubt it.
With the dot com implosion and the offshoring of IT work, why would someone care to bother? I personally would not advise anyone to pursue a CS curriculum. If you love tech so much, go to a tech school and become a "tradesman" (digital mechanic) so that the kinds of things you are likely to touch, e.g., a data center, can't be easily offshored.
Otherwise, you better be pretty darn passionate to stay employable... that or lucky...
"Apple is refusing to give its users choice. With Windows Media Player you can play the music you buy on the device of your choosing."
That's a paraphrase but essentially Ballmer delivered that message. Then sometime later MS decides to release its Zune player and to say to its former music partners. I guess I could fill in the blanks here, "Sorry that you didn't realize MS+'Anyone' = MS." Namely that your interests are not ever really a consideration.
MS actually started its down video site. So if Mr. Ballmer feels so strongly, the question is, why? I know the answer by and large.
Ballmer simply has no tact whatsoever. He gets all emotional and contradicts himself later making him look like a capricious idiot.
Slashdot Mirror
DropMyRights is one of two tools you can get off Microsoft's site to remove administrative rights when launching applications.
However, the biggest problem with both is that they are command line tools and your average Windows user knows jack about the Windows command line. Yes, this is /. but think of your Aunt Alice, Uncle Joe, Cousin Bob - "command line" is a quick way to immediately lose an average user.
What's more, getting people to actually read the Washingtonpost article and implement what it is saying is like pulling teeth. My experience is, it just doesn't happen. Even with IT people.
Secondly, DropMyRights is linked to the Win32 console runtime which causes a momentary flash as an application is launched (Windows displays a console window momentarily). It's very minor given the gains (in the case of DropMyRights) but average people have creative imaginations and they might dismiss a tool for the most *trivial reason* if their experience changes.
For all these reasons I wrote a small utility RemoveAdmin that does the same thing:
http://www.download.com/RemoveAdmin/3000-2381_4-10824971.html?tag=lst-1&cdlPid=10835515
EXCEPT my installer creates shortcuts for IE & FireFox - turnkey solution is critical here, you have to break down the typical resistances with average users. The installer labels the shortcuts "SecureIE" and "SecureFirefox".
In addition removeAdmin.exe isn't linked to the Win32 console runtime so you don't see a flash as an application is launched.
-M
So, right click on your shortcut, click "Properties", click on the "Advanced" button, pick "Run with different credentials".
Now when you double click on your shortcut, you can change your credentials (to the Administrator).
-M
Yes, because Download.com doesn't screen anything.
In fact, don't use Download.com at all since God forbid you might find something useful on there.
-M
It's a combination of ignorant users and ignorant IT people. I've never seen a single IT person use "runas" (impersonation), ACLs on the Windows file system or registry or and this is the damning one, a command line utility that allows you to selectively strip administrative rights on applications as you use them thatâ(TM)s been on Microsoftâ(TM)s site for years (after I pointed it out to them).
There was a reason once upon a time Microsoft chose to release Windows XP in such a way as to have users running with administrative rights. A reason that is extremely weak now - many people were upgrading to Windows XP from Windows 9x/ME and Microsoft didn't want to incur the support cost (or their partners) of having lots of applications stop working. Among them is the popular WinAmp. It used ancient APIs for its configuration file, WINAMP.INI, that stored global preferential data (as opposed to per user) in C:\WINDOWS\WINAMP.INI. If you didn't have administrative rights, it would just hang when you fired it up. Google Desktop when first released would *NOT* work on a non-administrative desktop. The list of offending applications goes on and on, e.g., a friend of mine had oceanic navigation software that insisted running with admin rights.
However, it turns out there is a programmatic mechanism in place in every copy of Windows XP (and Windows 2000) that allows you to strip administrative rights when you launch a process. Microsoft never exposed users to this ability for reasons that to this day are unclear to me. The magic API in question is CreateRestrictedToken.
But what really was an eye opener to me is when I would point out a tool on Microsoft's site to strip out administrative rights when you run a program. Namely, years ago you could have made the situation tenable in the case of apps like WinAmp and Google Desktop by yes, logging onto your desktop as an administrator but launching most Internet facing application without administrative rights but hereâ(TM)s the clincher *AND NOT CHANGING USERS* . In fact, I've been doing this for years.
Nonetheless I observed an incredible amount of laziness on IT professionals when I pointed out these capabilities. Laziness, apathy and the usual suspect of insecurity ("Don't tell me what to do, I know what I'm doing"). Yes, that's right, you manage a CISCO PIX firewall, you must be a security guru all around and follow best practices.
So given my former life as a Windows software developer I took it upon myself to create a turn key installer that at least protects Jane & Joe Average called *RemoveAdmin*:
http://www.download.com/RemoveAdmin/3000-2381_4-10824971.html?tag=lst-1&cdlPid=10835515
RemoveAdmin is a utility to strip administrative rights off apps as they're launched under Windows XP and Windows 2000 where unfortunately 99.9% of home users run with administrative rights.
The default RemoveAdmin installer creates shortcuts for IE and Firefox but if you analyze the shortcut, you see IE and Firefox are passed as an argument to the removeAdmin.exe program.
You can trivially setup another shortcut for Opera and/or any other Internet facing application... as you should since you can't trust foreign computer systems you connect to.
Itâ(TM)s version 0.1 since I havenâ(TM)t created a FAQ and thereâ(TM)s the situation that if you have multiple administrative SIDs it wonâ(TM)t work (not the case for most people). I need to fix that, create a FAQ and also offer to adjust the ACLs on the Startup folder to tighten security such that when combined with RemoveAdmin, breaching your system on account of your browsing becomes because crazy hard.
"However, I'm very unmotivated both because of the work that I do, which is boring, and because the organization I work for is highly political, disorganized, and lacks accountability."
Big reasons I no longer do it.
The other reason is maintenance. Most "software development" is dealing with crap laid down by others who moved on years prior. If not within the company, then mentally.
Frankly, software development is severely overrated. Getting a CS degree and going off to do it is sort of like watching some episode of Nova dealing with some science topic lending some interest to whatever scientific branch that is involved but then when you get that chemistry degree you realize a monkey could work at a lab eventually (think Darwin).
Likewise, creating some "neato" web page isn't exactly indicative of what software development is like in the real world. Sure web development is not the only kind of software development but it sure is the majority nowadays.
-M
But tell me FreakinSyco... how many people, think Joe and Jane Sixpack run with non-administrative accounts at home under Windows XP?
Even worse, 99% of IT people will do the same, i.e. rely on anti-virus vs. the principle of least privilege which they'll call out in a heartbeat on *NIX ("Don't run as root!!!") but fail to do the same when at home under Windows XP. It's largely a user education issue. Few people know about the tools Windows does offer and assume it's completely insecure (that's not true).
Further lots of Windows software has assumed the user DOES have administrative privileges. At one point in time Google Desktop would simply not run in a non-admin desktop. Other software dating back to Windows 9x was also guilty of this. Until a couple of years ago Winamp failed to run if you were not an administrator. Why? Because it stored its configuration (Winamp.ini) in C:\Windows and it maintained global settings for the entire machine via the depracted GetPrivateProfileString and WritePrivateProfileSring APIs dating back to Windows 3.x.
Do you think your average user would likely have such information? Or even care? They just want software to work!
This tool is a compromise. 1) People don't like passwords. 2) Most Windows XP users run as administrators with nary an understanding of the dangers getting them to change to a non-admin account has many, MANY barriers 3) This tool is a compromise.
If you run as "god"/root/administrator then by proxy as your browser pulls in crap off the Net, guess what's going to happen? Yes, security issues will persist, such as cross site scripting, but which would you rather have, a browser flaw that at most might steal some file on your system or getting your machine instrumented with a root kit? No system is 100% secure but the key is to minimize exposure.
RemoveAdmin leverages a security API that's actually part of Windows Vista as well. If you have an end user that has foolishly turned off UAC. This tool will work there. It will also work with Windows 2000.
-M
Exploits for specific document types make compromising people's machines an issue. However, what 99.9% of people that revel in schadenfreude with IE's woes miss or fail to understand (yeah including many people on Slashdot) is that most Windows XP users (which are most Windows users, Vista is only 20%) run as as "root"!!! ("administrator" in the Windows vernacular)
I wrote a utility called RemoveAdmin available on Download.com that leverages an API in Windows (CreateRestrictedToken) that strips administrative rights:
http://www.download.com/RemoveAdmin/3000-2381_4-10824971.html?tag=mncol&cdlPid=10835515
The installer will create shortcuts for IE and Fifrefox but if you look carefully it's really a program with the browser .EXE passed as an argument.
Which means you can strip administrative rights on anything you run... in fact that's exactly what I do. I don't run *anything* that talks on the Net without this.
This means if you stumble across rigged .PDFs, Word documents, etc., etc., you won't suddenly have a keyboard logger installed because ignorant you is running with admin rights.
(Some caveats)
This is version 0.1. What would 1.0 have? A FAQ and user guide for starters. Also, I've seen this version not work in some cases, largely situations where AD is in play (probably because a user has multiple admin credentials).
If you need to run ActiveX controls on a site (poor you if you use IE), just quit IE, go to the site, have the controls installed. Quit IE and re-run IE with the secure link. Likewise this is what you would do before going to WindowsUpate.
And finally, to convince yourself the utility does something useful. Go to any site, "View Source" after you run your browser with the secure link and try to save the resultant .HTML/JavaScript to C:\Windows. You'll find you can't.... since your browser process doesn't have administrative rights (root) and thus any process it launches doesn't either (think of this as a plug-in scenario).
Maybe I'll educate some % of the IT world yet...
Respectfully,
-M
Use Outlook and connect to GMAIL through IMAP, then save off your email to a .PST file via the Import/Export tool.
-M
Since they only match acronyms and can't discriminate from a person capable of easily assimilating new technologies vs. someone can't can't and/or is very inexperienced.
More acronyms = more HR inefficiency.
-M
The church of flying spaghetti monster:
http://www.venganza.org/
That and make everyone on earth speak Latin... I'm sure it will all work out somehow.
-M
1) He/she gets paid more (stupid)
2) He/she gets paid more (a**)
3) He/she gets paid more (repetition)
4) He/she gets paid more (filter)
5) He/she gets paid more (you)
6) He/she gets paid more (guys)
7) He/she gets paid more (are so)
8) He/she gets paid more (clever)
And
9) He/she gets paid more
You want princples, the Open-Closed Principle would be a big one:
http://www.objectmentor.com/resources/articles/ocp.pdf
Too bad 95% of the code bases out there suck a**. Which is why I don't do software development anymore. I'll stop there.
Sytems Admin/Integrator,
-M
Yeah so you might learn about designing a Turing complete language... good luck in paying the mortgage with that.
Then again there's a few select individuals who love that stuff and have academic careers. If you see yourself as a professor, go for it.
Trust me, I've heard both sides of the argument including "getting an education" (for studying theory). But if you want an education, generally speaking, pick something like finance not something that 0.01% of the world population dwells on.
If I had to do it all over again knowing what I know now I would not have bothered with the CS program I went through.
-M
What AnonCoward said. Writing strcpy is basic.
Programming may be a lot wider now but that doesn't excuse anyone from not knowing pointers if such a person claims to know C. It would be like me saying I can play music without ever having played any instrument. It makes no sense.
-M
I'm with Joel Spolsky... most software developers are mediocre... except they don't know it. But then mediocre is contextual. If your only motivation is to collect a paycheck on account of filling in event handlers with business logic, hey, more power to you. But that's not what shall we say drew me to CS.
I interviewed many people who said they knew C, some of these people had had jobs and were not fresh out of college, I was pretty shocked to find few could write "strcpy". It was an eye opening experience for me - all I ever wanted to know was if a person understood pointers. To heck with the prototype and boundary checking, show me pointers.
I don't buy many people's arguments against C++. Many arguments were made for Java when it came along but then the language expanded to make up for the fact that, well, people did utilize some of the things C++ offered.
It's easy to bash C++ now that there really isn't a strong business case for it, computers have grown so powerful the need to work at that level has been greatly diminished. If I'm a hiring manager I have to weigh in the fact that the code has to be maintained and as attrition happens, I have to replace people and C++ doesn't exactly have the mindshare it once did. Not to mention that few CS graduates have any experience with it.
The only bastions left for C++ are commercial products and trading applications, like I told Bjarne - niche.
-M
PS:
while( *dst++ == *src++ );
I spent 2-1/2 years at MS and if it is one thing that disappointed me it is how indifferent most developers were about learning C++... which prevented them from writing great code. Afterwards, I worked with some *NIX snobs in a dotBomb and all they ever did was trash C++ (somehow Java was "great" though).
Few could tell you why you necessarily want to make your destructors virtual, why not doing "delete [] array" is not necessarily a memory leak, where must references be initialized, why it's good practice to use (at the time) the new cast notation... the list went on.
It's been a decade, I've started to forget all that material. I followed the ANSI committee, read most issues of "C++ Report" and wrote some of my best code during my days at MS. Unfortunately I can't say I found many people who could relate with verve for putting out great code. (All you trolls, this is about a programming language, not about any specific product or company, go outside, run 'til your heart feels like it's going to give out so your thoughts gravitate elsewhere... better yet, let it give out)
Sayonara C++,
-M
PS: C++ has become niche Bjarne.
Who cares... when the the old generation(s) die off, problem solved. A significant portion of generation is included here.
Not a whippersnapper,
-M
But competition is good... since Lord knows, MS needs it.
-M
The Amiga is dead... get over it.
-M
A simple principle that holds up when the bull (real one) is charging at you as well as metaphorically.
The road is littered with technology panaceas spanning the gamut from programming languages that are the "greatest" and "will make developers far more productive" to operating systems that never went anywhere, e.g., BeOS.
Call me jaded, who cares about the others you mentioned. LINUX still sucks on the desktop for average users, largely because the software ecosystem that surrounds Windows is so massive and is quite hard to ignore. Just let me listen to music and play games (and no, I don't mean "checkers"). I want to install and run iTunes without thinking about downloading emulation software. I want to play cutting edge games.
I like LINUX on the back end but that is about it (as far as its proximity to my desktop). My strategy has been to leverage open source technologies on Windows, Cygwin, PERL, etc., etc. Besides I can always fire up the X window server and view graphical applications on Windows. Kudos to MIT for such prescience two decades ago, i.e., "the network s the computer."
-M
One of the better reads on this topic:
t im.html
http://www.idiom.com/~zilla/Work/Softestim/softes
Here's my view, based on my own life experiences as a one time software developer. Software development is partially an art form. No matter how well studied people are, writing awesome software requires passion and having some qualities that are like being an artisan. Just an artisan with great vision can turn a piece of stone into "David" it takes analagously speaking, similar qualities in creating a system of code that are resilient to change but at the same time extensible yet with maintainable.
The reality is, for many people, software development becomes a means to pay bills, nothing more. Which is fine, many people do this. However unlike the task of perhaps excavating a 10 foot by 100 trench for construction purposes, software is littered with intangibles including bad specs, unmotivated software developers, new paradigms (AJAX), etc., etc.
At least if you're working a construction crew, things are much clearer and you as a foreman can insist on people "stepping up" if needed. These measurements are simply not possible with software. Despite all the panaceas that has been given labels over the years, hard numbers just are not possible. And if you at least concoct a metric system that seems to work, you might have staff that quits and at that point, all those metrics are gone. All developers are *not* created equal. Fact.
There was a day when I used to follow the ANSI committee on C++ and knew the language incredibly well. I wrote some of my best code ten years ago including C++ frameworks that others had occasions to rely on. Sadly, I did *not* observe this attention to detail with my peers save for a couple of them. I had occasion to observe a couple of developers once wanting to rewrite my code since they had never used the Standard Template Library (STL) and had never encountered keywords such as "mutable" or my use of the "new" C++ (at the time) cast notation. Never mind that the code worked and did what it was supposed to and a peer review of this code (two seasoned and driven C++ developers) did not recommend changes.
The greatest "sin" I observed during my years of software development were individuals who programmed by rote, i.e. cut and past programming and simply did not have the motivation, inclination or passion(?) to learn the very programming language that constituted their "bread and butter." Expecting a largely unread person to suddenly write like Shakespeare (or columinist at a major newspaper) doesn't just magically happen. The most articulate people of the English language are always well read. They've at some level "paid their dues" engaging your mental faculties that many people never bother with. And just like with many things in life, practice, practice, practice.
Things perhaps have gotten better in the software development realm if only because there are less platforms to worry about now. By and large everyone is creating web applications and if you are not, then you are probably serving some vertical market (I doubt you are creating a WinAmp competitor) or work at large companies - Microsoft, Apple, IBM, Cisco, etc. Writing a Cocoa application (Mac OS X) means coding in Objective C but how many of you can make the claim you code in it regularly? Point made.
As my career advanced and I worked with web developers I saw many people not at all inclined to pick up new material. The one thing that web developers were incredibly bad at is induction - taking two principles or abstractions and creating a third. Most of them seemed to learn one way of doing things and applying this by rote over and over - cut and paste programming at its worst.
And since web apps are par for the course at many institutions now... well you can imagine the results.
-M
The legacy of x86 software cannot be underestimated. Frankly I don't care anymore what the performance characteristics of a CPU are as long as it runs the software I want. Which in the past has meant me being able to readily download free software such as WinAmp (among lots of others) without hassle. I really do not care if it is PowerPC, MIPS, Alpha, etc. However the inability of these platforms to readily execute the x86 instruction set is precisely why people never purchased these systems when Windows NT used to be offered on them. No shock various vendors pulled out and ultimately Microsoft withdrew OS support of these processor architectures.
There used to be a day I had interest in this subject matter, not anymore. Just let me do the things I want to do, browse, listen to music, play games. I want to do these things without being encumbered or giving a rat's a** about instruction pipelines, branch prediction or how ueber a processor is because it has X more registers than the legacy x86 architecture.
AMD understood this all too well when they spearheaded the x86 platform to the 64 bit front... much to the chagrin of Intel with its "Itanic" architecture... with Intel ultimately following suite transitioning their x86 product line to 64 bit.
-M
PS: "Just because it's difficult doesn't mean it has value." --Yours truly
Government spooks collaborating with industry titan to subterfuge... sounds like a plot from the X-Files... conspiracy theories are a dime a dozen.
Human psychology likes gossip, which is why this site even exists...
Our government is largely incompetent when it comes to tech savviness. Furthermore, I don't buy that any US agency involved with national (in)security is covertly leveraging a US tech company like Google. Overtly is another matter. If it was an old DoD contractor that's another story, but Google, doubt it.
Spare me the X-File,
-M
With the dot com implosion and the offshoring of IT work, why would someone care to bother? I personally would not advise anyone to pursue a CS curriculum. If you love tech so much, go to a tech school and become a "tradesman" (digital mechanic) so that the kinds of things you are likely to touch, e.g., a data center, can't be easily offshored.
Otherwise, you better be pretty darn passionate to stay employable... that or lucky...
-M
PS: Former Programmer. Thank God.
"Apple is refusing to give its users choice. With Windows Media Player you can play the music you buy on the device of your choosing."
That's a paraphrase but essentially Ballmer delivered that message. Then sometime later MS decides to release its Zune player and to say to its former music partners. I guess I could fill in the blanks here, "Sorry that you didn't realize MS+'Anyone' = MS." Namely that your interests are not ever really a consideration.
MS actually started its down video site. So if Mr. Ballmer feels so strongly, the question is, why? I know the answer by and large.
Ballmer simply has no tact whatsoever. He gets all emotional and contradicts himself later making him look like a capricious idiot.
-M