According to TFA, a tiny transceiver can be built into the plastic plug base of a USB cord. Of course, one has not been spotted in the wild, but it sounds theoretically possible.
Have you looked at some of the USB WiFi and Bluetooth dongles lately? They are a LOT smaller than most thumb drives. Since most of what they are is enough packaging to extend the antenna out and give you something to actually grip on when removing the device, I am fully confident that you could slap one in alongside the regular wiring of a mouse or memory stick and no one the wiser.
In fact, the only place where it might show up is if it reguired a driver installation on the PC.
I am all in favor of energy efficient bulbs..IF THEY ARE DIMMABLE!..I mean really dimmable, with a smooth, linear transition from off to full
I think that this situation will eventually resolve itself. Right now, we're using dimmers designed for incandescent operation on devices whose behavior isn't the same.
If LEDs become the norm, then expect to see LED-optimized dimmers become widespread.
Incandescent bulbs suck because of the vacuum required to keep the filament from roasting.
Otherwise, they're a mature, well optimized technology with a huge infrastructure built around them - cheap as hell to make and extremely versatile.
Personally, I think we should be hammering heat pumps instead of worrying about light bulbs.
You can say that something that emits more heat than light is "optimized" within the range of devices that produce light by thermal action, but that doesn't make them "optimized" within the range of devices that convert electricity to light.
I'm all for heat pumps, too. You can save a lot more electricity on heating/cooling than on lighting. But heat pumps have certain optimal operating conditions. When temperatures go outside that range, you have to fall back onto other means.
If you're making a film about cars, get someone who knows about cars to help produce/edit it, at least for glaring inaccuracies. If you're making a film about guns, the same. If you're making a film about computers, the same.
You mean, like where the first thing that happens when a car wrecks is that it catches fires and explodes?
I think you'll find that 99% of the populace see work as the only way they have to get the stuff they need to live (and the stuff they want to make life enjoyable).
At the moment. One of the primary topics of this discussion is what happens when that's no longer strictly necessary.
More than half the population didn't work not too long ago. Between housewives and children less than 50% of people were employed, but a single person could provide for their family on an average wage. Wages have been depressed heavily since then so that a couple with children both need to work.
Let the flaming begin!
Back then, respectable housewives were expected to keep a spotless house, do all the laundry/ironing, prepare gourmet meals for their "hard working" husbands - and unexpected visits from the boss, and a lot of other stuff. Generally without the benefit of modern conveniences such as automatic dishwashers and microwave ovens. And taking care of a lot more kids than most modern households contain.
Go further back to farm days, and you can not only add making cheese and butter, canning and other such agrarian domestic activities, but you can also keep the kids busy slopping the hogs, milking the cows and taking care of the chickens.
But apparently since they didn't receive a salary for that, they didn't really "work".
Why don't we have 95% of the population exploring one branch of science or another?
Because 95% of the population thinks watching "Duck Dynasty" is an intellectual exercise. Or at least a depressingly large number.
Why can't more books be written? More movies be done?
Who needs more bad books? Or movies that are nothing more than un-creative mashups? Extra time would help a few, but some of the greatest writers got their start while working as chicken-pluckers.
More people help those who need help?
Fine, except that so many don't bother to help anyway. And that's not even counting the crowd whose religion is strictly "help yourself, you lazy bum!"
Would it be so bad to live in a world where there is 0% NEED to work and everyone just decides whether they want to be a medic, or an astrophysicist, or a script writer, or...
You don't "just decide" to be one of those. You need training, aptitude, and/or talent. Extra time would make training more possible, but the ones who are really serious find a way anyway.
Only amazingly lazy people believe everyone would stop "working" if it was voluntary. Even if the only payment was respect by the society, joy, or simply to fight boredom, most people would do something.
It isn't lazy people who think that. It's people who belong to the mindset that no one would ever work unless forced to. Lazy people exist, sure. Some don't do anything productive at all - including some who have jobs with rather impressive-sounding titles. Most people, however, can't stand being idle for too long. What they really want isn't so much a "job" as something to do that makes them feel valued. Money has just been one of the more widely-adopted ways of expressing perceived value.
Place thin wall plastic conduit, as big a diameter as you can fit, within the walls between rooms in anticipation of whatever future technology you might have to route through there.
I didn't really know what I needed until the house was completed. If I'd had it to do over again, I'd have paid more attention to what runs down the external walls.
I have enough attic clearance to run whatever new cabling I need to interior walls, but the pitch of the roof is such that dropping anything new down an outside wall would probably require opening up the roof in that area. Not enough clearance inside the attic.
The NSA is an intelligence gathering agency; they are not law enforcement. They have no jurisdictional boundaries to their operations. As a U.S. government agency they are supposed to have to observe some niceties insofar as operating in the U.S. and targeting U.S. citizens what with the Constitution and all. Their failure to always do that is where they've gone wrong. And, as you've indicated, they've probably collected so much information that its getting in the way of useful intelligence analysis. Too much can be worse than not enough. The other fun fact is that they and their allied agencies in other countries seemed to get around some restrictions by letting the "foreigners" do the spying on the domestics for them and then exchanging what they collected.
Some of us don't consider the 4th Amendment to be a "nicety". That's what warrants are for.
It's the only answer to limit exposure to mass fraud.
Yeah, because there were no fraud before electronic transactions.. Last report I saw (admittedly around a year ago), old style "manual" money fraud (counterfeit, impersonating, etc.) was still estimated to exceed electronic fraud by order of magnitude.
The difference is in Efficiency. A counterfeiter can only attack a limited number of victims due to the physical requirement to pass the actual cash. A one-off identity thief is likewise limited.
But when you can harvest millions of identities in one operation, it can potentially impact the entire economy and at a minimum put a major hurt on the invaded business.
But dealing with cash can get you on government watchlists.
It's much, much more likely that hackers penetrated the network by other means, and then, once inside the network, compromised the POS systems -- which could then report back to the intermediary system, which could report out (or be repeatedly accessed from outside).
It's unlikely that the POS systems themselves reached out to the internet. That would have been noticed far, far too easily.
I'm not so sure. I happen to know of a certain well-known vendor of POS systems that is A) sloppy about a lot of things. B) pushing more and more of people's business onto their servers in their cloud. If their customer is also getting Lower Prices Everyday on their IT, so much the easier.
And I do suspect the Cloud. Because infecting store-local systems in enough physical locations to capture 70 million or more accounts would be very labor-intensive. It's far easier to infect the Mothership and let it corrupt the local systems.
These Russian hackers know their shit.. almost as good as the NSA.
There's a good case to be made for the NSA to go after them at this point.
Who's against the NSA now??
Ah, er, if it were actually the NSA that engaged in protecting against/pursuing/prosecuting these types of things, then yes not as many people would be "Against" them. Alas, they don't (and make no promises to) do anything of the sort. Continuing to snoop on unsuspecting people around the world? That IS in their wheelhouse.
I certainly hope they're snooping on unsuspecting people. Otherwise they're not likely to get much useful data.
Say, rather, that they're snooping on far more people than they can reasonably justift as suspects. And on people who are supposed to be completely beyond their jurisdiction.
This particular "ignorant fool" was one of the first commercial vendors of C++.
Just because some people may use certain features that make C++ safer doesn't mean that it is safer. Plenty of people think they're so clever that they can invent their own "more efficient/better" systems. And use scanf, for that matter.
I'm not generally of that ilk myself, but STL did make me itch. The worst features of programming and mathematics combined into one.
Programs written in Java or any other modern managed language are still much more secure than code written in C++. There are no stack or heap overflows to worry about, no double frees.
You're thinking of C, not C++.
(Trouble is, so are many people who put "C++" on their resumes...)
The problem with Java is that the exploits are in Oracle's hands, not ours. We can't fix them even if we know what they are...
The other problem with Java is that if I install the runtime on my machine to run a little corporate desktop app it also ends up in the web browser, exposed to every single web page I visit. In what universe was that a good idea?
WHERE did you get the idea that C++ is more immune to memory leaks or buffer overflows than C? C++ adds to the basic C memory management services and memory organization, but it still retains the original C ones. And adds an additional way to leak memory - undisposed objects.
I think that the stock JVM's ability to auto-activate itself in browsers in something that varies by machine and by browser, but if it is enabled, there are ways to switch it off.
If it's scheduled for demolition, then it probably wasn't a very good bridge to begin with. The Brooklyn Bridge has been in use for 131 years, handles car and truck traffic that it was never designed for, and is still in good shape.
Ok, we're probably stretching the metaphor a bit now.
"If builders built building the way that programmers program programs, the first woodpecker to come along would destroy civiliization."
- Gerald Weinberg
Win7 was not different at all from WinXP; to the casual user, Win7 just looks like a re-skin of XP, except now the task bar shows tasks differently (using big icons instead of small icons with text), and there's a little area on the right with indicators/controls for things like WiFi, battery, etc. Overall, the usage is almost the same.
I wouldn't go that far.
The funny bottom-of-screen icons and bouncing/disappearing windows drive me up the wall.
But it's still better than Win8.
"The little area on the right" is the System Tooltray, unless I've forgotten something. And the tooltray dates back to somewhere in the vicinity of Windows NT 4.0. The main difference in later releases is that it has gotten very good at not displaying tool icons of critical immediate interest. You have to dig for them instead of seeing them push themselves into view.
... but we want to prioritize our 60-70 hour work week appropriately.
Ah. Management brags about how they get so much productivity with so few people for so little cost.
I do hope you've got your résumé current for when the dam finally breaks. If management was really as smart as they thought they are, a couple of junior people would be working on trying to migrate. But then they'd also have heard that the longer you work, the more things start breaking.
Incidentally, although I still prefer Perl for regex-based quick-and-dirty, a lot of my lightweight utilities that used to be in Perl are now in Python.
They were pulling in CPAN modules, and as often as not, the modules wouldn't build at some point. CPAN modules typically include C code that is extremely sensitive to changes in the C compiler environment and the OS.
Is that the DOS Microsoft C (not Visual C++)? From what version to what version was the migration?
It happened several times in the mid-to-late 1990s. For a while I was using make to do builds. Command-line tools are less volatile. Then they diddled with the IDE and make stopped working for me. I'm not sure that the rot ever backed up to the point where I needed to install an obsolete version of Windows to install an obsolete IDE so that I could make a change on code that wasn't even Windows-dependent (much less runtime dependent), but it certainly came close enough. Between that and the database-interface-of-the-week stuff that they were doing back then (the other extreme of "it if ain't broke"), it was just too much.
Most of what I did was computationally-intensive code deployed on a few machines under my direct control and could care less about what runtime libraries it ran with. Since my work typically includes a system install package, a new version of the runtimes wouldn't have been an issue anyway. But thanks to the way they mucked around with the compiler, even changing a plus to a minus on a single computation could result in a major adventure just to get the altered code to compile and build. All while people were screaming and panicking.
It is largely as a result of this sort of chaos that I abandoned MS and switched to Java. And have a firm policy that all projects be buildable on a non-gui box using Maven or Ant. Life is a lot more placid now. Plus my apps aren't tied exclusively to Windows. Or any particular brand or version of IDE, for that matter.
What do you mean, "most?" All the other commonly used languages -- C, C++, the various.NET languages, Java, etc. -- most certainly do not mutate like that! New versions come out, sure, but they're not so broken in design that programs written in different versions have trouble coexisting on the same system!
I take it that you've never been called in at 2 AM to fix a Microsoft C app that had been developed on an earlier version and required re-installing an antique version of the development system just to do a 1-line code fix.
no system is so isolated that some external hardware, OS, language or other upgrade cannot break otherwise healthy unchanged software
True, but there's a difference between accepting that problems will always occur, and unnecessarily changing things in a way that means problems will occur more often. I may get killed on the way home from work tonight, but I'm not going to drive in a way that makes it much more likely.
Too many people I know drive the same way home from work every day even when they know the bridge they take is scheduled for demolition, though. Figuratively speaking.
I worked at a company that used CentOS and they wouldn't upgrade Python for production environments because newer versions weren't certified to be stable.
Even though common sense says they are.
When core OS services are written in Python (and they are in CentOS/Red Hat), it doesn't matter how stable the newer releases are.
If they don't perform exactly identically, there's a real risk that the OS itself may malfunction.
I wish people in IT would stop saying "If it ain't broke". That's almost as bad as "All You Have To Do Is..."
Computer systems don't decay in the literal sense. So in theory, once done, done forever.
Reality, however, is different. Virtually no system is so isolated that some external hardware, OS, language or other upgrade cannot break otherwise healthy unchanged software.
It will break. And according to Murphy, it's going to break at a time when the inconvenience, expense, and damage to your professional reputation can be maximized.
Slashdot Mirror
According to TFA, a tiny transceiver can be built into the plastic plug base of a USB cord. Of course, one has not been spotted in the wild, but it sounds theoretically possible.
Have you looked at some of the USB WiFi and Bluetooth dongles lately? They are a LOT smaller than most thumb drives. Since most of what they are is enough packaging to extend the antenna out and give you something to actually grip on when removing the device, I am fully confident that you could slap one in alongside the regular wiring of a mouse or memory stick and no one the wiser.
In fact, the only place where it might show up is if it reguired a driver installation on the PC.
I am all in favor of energy efficient bulbs..IF THEY ARE DIMMABLE!..I mean really dimmable, with a smooth, linear transition from off to full
I think that this situation will eventually resolve itself. Right now, we're using dimmers designed for incandescent operation on devices whose behavior isn't the same.
If LEDs become the norm, then expect to see LED-optimized dimmers become widespread.
Incandescent bulbs suck because of the vacuum required to keep the filament from roasting.
Otherwise, they're a mature, well optimized technology with a huge infrastructure built around them - cheap as hell to make and extremely versatile.
Personally, I think we should be hammering heat pumps instead of worrying about light bulbs.
You can say that something that emits more heat than light is "optimized" within the range of devices that produce light by thermal action, but that doesn't make them "optimized" within the range of devices that convert electricity to light.
I'm all for heat pumps, too. You can save a lot more electricity on heating/cooling than on lighting. But heat pumps have certain optimal operating conditions. When temperatures go outside that range, you have to fall back onto other means.
If you're making a film about cars, get someone who knows about cars to help produce/edit it, at least for glaring inaccuracies. If you're making a film about guns, the same. If you're making a film about computers, the same.
You mean, like where the first thing that happens when a car wrecks is that it catches fires and explodes?
I think you'll find that 99% of the populace see work as the only way they have to get the stuff they need to live (and the stuff they want to make life enjoyable).
At the moment. One of the primary topics of this discussion is what happens when that's no longer strictly necessary.
More than half the population didn't work not too long ago. Between housewives and children less than 50% of people were employed, but a single person could provide for their family on an average wage. Wages have been depressed heavily since then so that a couple with children both need to work.
Let the flaming begin!
Back then, respectable housewives were expected to keep a spotless house, do all the laundry/ironing, prepare gourmet meals for their "hard working" husbands - and unexpected visits from the boss, and a lot of other stuff. Generally without the benefit of modern conveniences such as automatic dishwashers and microwave ovens. And taking care of a lot more kids than most modern households contain.
Go further back to farm days, and you can not only add making cheese and butter, canning and other such agrarian domestic activities, but you can also keep the kids busy slopping the hogs, milking the cows and taking care of the chickens.
But apparently since they didn't receive a salary for that, they didn't really "work".
Why don't we have 95% of the population exploring one branch of science or another?
Because 95% of the population thinks watching "Duck Dynasty" is an intellectual exercise. Or at least a depressingly large number.
Why can't more books be written? More movies be done?
Who needs more bad books? Or movies that are nothing more than un-creative mashups? Extra time would help a few, but some of the greatest writers got their start while working as chicken-pluckers.
More people help those who need help?
Fine, except that so many don't bother to help anyway. And that's not even counting the crowd whose religion is strictly "help yourself, you lazy bum!"
Would it be so bad to live in a world where there is 0% NEED to work and everyone just decides whether they want to be a medic, or an astrophysicist, or a script writer, or...
You don't "just decide" to be one of those. You need training, aptitude, and/or talent. Extra time would make training more possible, but the ones who are really serious find a way anyway.
Only amazingly lazy people believe everyone would stop "working" if it was voluntary. Even if the only payment was respect by the society, joy, or simply to fight boredom, most people would do something.
It isn't lazy people who think that. It's people who belong to the mindset that no one would ever work unless forced to. Lazy people exist, sure. Some don't do anything productive at all - including some who have jobs with rather impressive-sounding titles. Most people, however, can't stand being idle for too long. What they really want isn't so much a "job" as something to do that makes them feel valued. Money has just been one of the more widely-adopted ways of expressing perceived value.
Place thin wall plastic conduit, as big a diameter as you can fit, within the walls between rooms in anticipation of whatever future technology you might have to route through there.
I didn't really know what I needed until the house was completed. If I'd had it to do over again, I'd have paid more attention to what runs down the external walls.
I have enough attic clearance to run whatever new cabling I need to interior walls, but the pitch of the roof is such that dropping anything new down an outside wall would probably require opening up the roof in that area. Not enough clearance inside the attic.
The NSA is an intelligence gathering agency; they are not law enforcement. They have no jurisdictional boundaries to their operations. As a U.S. government agency they are supposed to have to observe some niceties insofar as operating in the U.S. and targeting U.S. citizens what with the Constitution and all. Their failure to always do that is where they've gone wrong. And, as you've indicated, they've probably collected so much information that its getting in the way of useful intelligence analysis. Too much can be worse than not enough. The other fun fact is that they and their allied agencies in other countries seemed to get around some restrictions by letting the "foreigners" do the spying on the domestics for them and then exchanging what they collected.
Some of us don't consider the 4th Amendment to be a "nicety". That's what warrants are for.
It's the only answer to limit exposure to mass fraud.
Yeah, because there were no fraud before electronic transactions.. Last report I saw (admittedly around a year ago), old style "manual" money fraud (counterfeit, impersonating, etc.) was still estimated to exceed electronic fraud by order of magnitude.
The difference is in Efficiency. A counterfeiter can only attack a limited number of victims due to the physical requirement to pass the actual cash. A one-off identity thief is likewise limited.
But when you can harvest millions of identities in one operation, it can potentially impact the entire economy and at a minimum put a major hurt on the invaded business.
But dealing with cash can get you on government watchlists.
It's much, much more likely that hackers penetrated the network by other means, and then, once inside the network, compromised the POS systems -- which could then report back to the intermediary system, which could report out (or be repeatedly accessed from outside).
It's unlikely that the POS systems themselves reached out to the internet. That would have been noticed far, far too easily.
I'm not so sure. I happen to know of a certain well-known vendor of POS systems that is A) sloppy about a lot of things. B) pushing more and more of people's business onto their servers in their cloud. If their customer is also getting Lower Prices Everyday on their IT, so much the easier.
And I do suspect the Cloud. Because infecting store-local systems in enough physical locations to capture 70 million or more accounts would be very labor-intensive. It's far easier to infect the Mothership and let it corrupt the local systems.
These Russian hackers know their shit.. almost as good as the NSA.
There's a good case to be made for the NSA to go after them at this point.
Who's against the NSA now??
Ah, er, if it were actually the NSA that engaged in protecting against/pursuing/prosecuting these types of things, then yes not as many people would be "Against" them. Alas, they don't (and make no promises to) do anything of the sort. Continuing to snoop on unsuspecting people around the world? That IS in their wheelhouse.
I certainly hope they're snooping on unsuspecting people. Otherwise they're not likely to get much useful data.
Say, rather, that they're snooping on far more people than they can reasonably justift as suspects. And on people who are supposed to be completely beyond their jurisdiction.
As someone who does research in this topic and has an IQ of 9001, I think the paper was just fine. You can believe me, I'm on the internets.
Yes, but you're a dog!
This particular "ignorant fool" was one of the first commercial vendors of C++.
Just because some people may use certain features that make C++ safer doesn't mean that it is safer. Plenty of people think they're so clever that they can invent their own "more efficient/better" systems. And use scanf, for that matter.
I'm not generally of that ilk myself, but STL did make me itch. The worst features of programming and mathematics combined into one.
Programs written in Java or any other modern managed language are still much more secure than code written in C++. There are no stack or heap overflows to worry about, no double frees.
You're thinking of C, not C++.
(Trouble is, so are many people who put "C++" on their resumes...)
The problem with Java is that the exploits are in Oracle's hands, not ours. We can't fix them even if we know what they are...
The other problem with Java is that if I install the runtime on my machine to run a little corporate desktop app it also ends up in the web browser, exposed to every single web page I visit. In what universe was that a good idea?
WHERE did you get the idea that C++ is more immune to memory leaks or buffer overflows than C? C++ adds to the basic C memory management services and memory organization, but it still retains the original C ones. And adds an additional way to leak memory - undisposed objects.
I think that the stock JVM's ability to auto-activate itself in browsers in something that varies by machine and by browser, but if it is enabled, there are ways to switch it off.
If it's scheduled for demolition, then it probably wasn't a very good bridge to begin with. The Brooklyn Bridge has been in use for 131 years, handles car and truck traffic that it was never designed for, and is still in good shape.
Ok, we're probably stretching the metaphor a bit now.
"If builders built building the way that programmers program programs, the first woodpecker to come along would destroy civiliization."
- Gerald Weinberg
Win7 was not different at all from WinXP; to the casual user, Win7 just looks like a re-skin of XP, except now the task bar shows tasks differently (using big icons instead of small icons with text), and there's a little area on the right with indicators/controls for things like WiFi, battery, etc. Overall, the usage is almost the same.
I wouldn't go that far.
The funny bottom-of-screen icons and bouncing/disappearing windows drive me up the wall.
But it's still better than Win8.
"The little area on the right" is the System Tooltray, unless I've forgotten something. And the tooltray dates back to somewhere in the vicinity of Windows NT 4.0. The main difference in later releases is that it has gotten very good at not displaying tool icons of critical immediate interest. You have to dig for them instead of seeing them push themselves into view.
For a programmer earning $80,000/year if you can shave off 1.5 seconds 50 times per day you'll recoup the investment in 5 years.
Except that frequently, the project development team will have been terminated after 3.
I've had some very good monitors, but 5 years is about the maximum life I've been able to get out of them.
... but we want to prioritize our 60-70 hour work week appropriately.
Ah. Management brags about how they get so much productivity with so few people for so little cost.
I do hope you've got your résumé current for when the dam finally breaks. If management was really as smart as they thought they are, a couple of junior people would be working on trying to migrate. But then they'd also have heard that the longer you work, the more things start breaking.
Incidentally, although I still prefer Perl for regex-based quick-and-dirty, a lot of my lightweight utilities that used to be in Perl are now in Python.
They were pulling in CPAN modules, and as often as not, the modules wouldn't build at some point. CPAN modules typically include C code that is extremely sensitive to changes in the C compiler environment and the OS.
I have a lot less grief from the python modules.
> Microsoft C
Is that the DOS Microsoft C (not Visual C++)? From what version to what version was the migration?
It happened several times in the mid-to-late 1990s. For a while I was using make to do builds. Command-line tools are less volatile. Then they diddled with the IDE and make stopped working for me. I'm not sure that the rot ever backed up to the point where I needed to install an obsolete version of Windows to install an obsolete IDE so that I could make a change on code that wasn't even Windows-dependent (much less runtime dependent), but it certainly came close enough. Between that and the database-interface-of-the-week stuff that they were doing back then (the other extreme of "it if ain't broke"), it was just too much.
Most of what I did was computationally-intensive code deployed on a few machines under my direct control and could care less about what runtime libraries it ran with. Since my work typically includes a system install package, a new version of the runtimes wouldn't have been an issue anyway. But thanks to the way they mucked around with the compiler, even changing a plus to a minus on a single computation could result in a major adventure just to get the altered code to compile and build. All while people were screaming and panicking.
It is largely as a result of this sort of chaos that I abandoned MS and switched to Java. And have a firm policy that all projects be buildable on a non-gui box using Maven or Ant. Life is a lot more placid now. Plus my apps aren't tied exclusively to Windows. Or any particular brand or version of IDE, for that matter.
What do you mean, "most?" All the other commonly used languages -- C, C++, the various .NET languages, Java, etc. -- most certainly do not mutate like that! New versions come out, sure, but they're not so broken in design that programs written in different versions have trouble coexisting on the same system!
I take it that you've never been called in at 2 AM to fix a Microsoft C app that had been developed on an earlier version and required re-installing an antique version of the development system just to do a 1-line code fix.
no system is so isolated that some external hardware, OS, language or other upgrade cannot break otherwise healthy unchanged software
True, but there's a difference between accepting that problems will always occur, and unnecessarily changing things in a way that means problems will occur more often. I may get killed on the way home from work tonight, but I'm not going to drive in a way that makes it much more likely.
Too many people I know drive the same way home from work every day even when they know the bridge they take is scheduled for demolition, though. Figuratively speaking.
Lamia story -- I think Tim Powers wrote one. Set in Venice, maybe? and excellent.
Partially. Had Vampires, too. In the unique way that only Tim Powers can do such things.
I worked at a company that used CentOS and they wouldn't upgrade Python for production environments because newer versions weren't certified to be stable.
Even though common sense says they are.
When core OS services are written in Python (and they are in CentOS/Red Hat), it doesn't matter how stable the newer releases are.
If they don't perform exactly identically, there's a real risk that the OS itself may malfunction.
I wish people in IT would stop saying "If it ain't broke". That's almost as bad as "All You Have To Do Is..."
Computer systems don't decay in the literal sense. So in theory, once done, done forever.
Reality, however, is different. Virtually no system is so isolated that some external hardware, OS, language or other upgrade cannot break otherwise healthy unchanged software.
It will break. And according to Murphy, it's going to break at a time when the inconvenience, expense, and damage to your professional reputation can be maximized.
Don't wait for it to break.