About 70% of the time, when people quit my company without notice, they are leaving with business. A client talked them into contracting with them directly at a higher rate, or another company made them an offer based on walking with a project.
It's a free market and people are supposed to do what makes them happy and all, but shady is shady. I check people's references before making them an offer and never hire people who have left a job without notice. I don't take on projects people bring with them unless they have been away from their former employer for a long, long time. I am not making assumptions about someone's reasons for quitting without notice - in fact, I usually give people a chance to explain themselves, and I would be open to hearing reasonable explanations.
The thing is they never do. I hear a lot of grousing about how work was part of their last job, he / she "just couldn't take" some aspect about it any more, or how there was this bull and it had horns and those horns needed to be seized. But no one has ever pointed to legitimate factors such as an abusive workplace, not being paid on time, not receiving fair / just compensation, or the like.
(Well, to be honest, that's not true. There was one time that someone left a job in protest after management refused to put in assistive devices to help with his handicap. I could understand this. But he was not being honest about his experience and lost out on that factor.)
I don't know if I am the only employer who is like this, but I suspect there are more people who do things this way than you might expect. Seriously, I just want to know when I invest in training people up, having them travel the world with me, setting them up as a thought leader, listen endlessly to their stories about kids and dogs and things they want to buy and their colds and everything else, they are going to at least have the courtesy not to vanish on their way out.
I think I know the origin of this tax bill and what it is intended for.
Acquia - http://www.acquia.com/ - is a large firm that specializes in Drupal. A lot of the work they do is around setting up, configuring and maintaining Drupal websites.
While they don't produce the majority of the code that is in Drupal, they do provide a lot of services around it to consumers and other businesses. This is really a tax on VARs and other people who implement Drupal using their services.
I am sure there are a lot of other companies that operate in a similar space. While I don't like it, I can see the potential revenues to be drawn in through such a tax.
I think Jeff is a sincere fellow who seeks to have a nice conference and avoid issues that could be tough on either the Fed side or the Hacker community side.
I don't take his request as retaliation over government policies, and mroe as recognition that the community coming out to DefCon is very different from the one that will be attending BlackHat.
The point of the conference, regardless of anything anyone wants to say, is to have fun. My take is that he is trying to preserve that spirit for the conference.
It just occurred to me, one of the researchers pulling out was slated to give a presentation on how to hack sharepoint.
While it would be an enormous loss for the community not to have the opportunity to learn more about the specific ways this guy attacks M$'s premium CMS...... how much effort would it really take for a bunch of Defcon attendees to put together a session with equally useful information about hacking sharepoint to replace it?
Were it not for the fact I don't believe there is any anonymity in the world anymore, I would agree with you and say something even more cavalier. But I don't, and like to be thought of as a nice person.
I can't speak for the people who have chosen not to participate or their reasons for doing so.
I am sure it will be a loss for the event, but not as much as the one that comes from the lack of a public dialogue about the government's actions and activities tracking internet traffic.
Saying that Defcon fosters an open community where there are no sides is a little misleading. The government has it's own reasons for showing up and they are not all related to sharing ideas, learning and having a good time. It's just the other people who really lack an agenda.
I know people who are not going to Blackhat because the NSA is giving the keynote. What kind of strange alternate future is it we live in where this even happens?
I have never really been comfortable with having the Feds in there in the first place. Anyone in government can potentially serve in a prosecutorial role, and the government has demonstrated over the years they are perfectly willing to demonize hackers if it serves a need. Thinking about Mitnick, Gonzales, and a bunch of other guys who got railroaded here, along with 2600 meetings where we would get interrogated just for showing up to have coffee.
It's a little like inviting the fox into the henhouse to have these guys around. Pretending that they care about the hacker community is a little hard for me to do.
The question is what you can do to prevent it, not whether or not Snowden is a hero.
It's an interesting problem on it's own. Imagine the situation in reverse - someone working in IT for an aid organization, beset by government hackers looking for information about political opponents who would kill them. How do you prevent someone from leaking information of a completely non-criminal nature to forces who mean to do them harm?
One of the problems with disclosures, and why they are so divisive, is that they expose people's relative values. For everyone who thinks Snowden is a hero, there is someone who things he broke an oath and the government is being completely reasonable.
It's not worthwhile to judge situations the same way you judge individuals. I work with a lot of NGO where people would get killed if information about their operations is exposed, and one of the big threats is someone handing over documents under duress.
I agree with this point. It's not impossible to stop leaks, but organizations can change to mitigate the impact one individual can have.
The thing that is most interesting to me about the Snowden case, as well as the Manning case, is the level of access intelligence communities give to these people. I mean, Manning was able to dump years of diplomatic cables, and Snowden has been able to detail a worldwide architecture of network ops.
Did they really need to have this much access to information? If their roles were more compartmentalized, these situations would be different.
I feel the problem with these leaks is a management issue moreso than the acts of individuals. Taking young, principled, intelligent guys and giving them the keys to a trove of information about questionable activities is just not the way to run an organization. The people he reported to should be the ones being indicted over this.
A solution (without knowing the particulars) would be to spread out access across a range of individuals with specific skill sets in their area and that's it. If you want to train people to be hackers, focus their development on one level of infrastructure and make it impossible for one guy to do this all on his own.
As someone who makes hiring and firing decisions, I have never seen a better qualification than someone having been a fighter pilot. Several of my friends are former pilots for the Navy who have done well in various entrepreneurial pursuits involving technology. I would hire them immediately if they ever needed a job.
The basic qualities I pick up on, and that seem to be the most appealing as an employer, are the level of preparation that goes into being a pilot and the practical math behind operating an aircraft. In my business, we need to have a lot of planned out from the beginning for things to go well. It's clear to me that structure and process, and the ability to compensate effectively when something does go off track, are in a pilot's DNA.
Not sure what jobs you have been applying for, or why this is not coming across with other employers, but feel free to reach out to me via PM if you want to discuss directly.
At this point, this is not an issue of a lawbreaker. Until he's charged with something in a free and open court, Snowden is not a criminal.
An Australian general, addressing issues with sexual harassment in the military, had this to say about the values of an organization in a recent video:
"The standard you walk past is the standard you accept."
This is a little more apropos for the situation. Someone saw something he felt was unconscionable and acted to try and correct it. This is in keeping with the highest values of ethical conduct, and most ethical scholars would agree people have an obligation to act in this way.
We will see what Snowden is ultimately charged with. But casting him as a criminal before he is charged with anything, and rushing to judgement about his guilt or innocence, shows a lot less respect for the legal process and rule of law than anything he has done.
It's not so much a question of who to believe, but a statement about how much blind faith you are willing to put in government.
We know who Snowden is, he would not merit this level of attention if he did not have something to say. It could be argued we know more about him than what we know about the CIA and NSA.
We do not know much about the programs he described in the documents he had released. For someone to be saying they contain lies, when there are so few details contained, it makes me wonder why they need to deny it at all.
There's nothing random or stranger about this all though. The reactions of public officials are what are so revealing.
Or outlaw guns. They are much more lethal annually than all the terrorists who have attacked America to date.
For that matter. amazing we can keep a tab on everyone in the *world* with a smartphone or email address, but we can't keep track of all the guns out there.
There's a reason people don't want their guns to be tracked, and it's the same reason we don't want all our phones tapped. Does not matter if someone is actively or passively eavesdropping, we don't like the government to know too much about our business.
National Disclosure Centers are only as good as the organizations that take their disclosures.
I worked pretty closely with the DOC CIRT when it was first formed. It did not matter how many CIOs were involved in the process of forming it, or what they agreed to do, or what channels of communications were established. There were always groups that would not / could not work to address issues when they happened.
I don't think passing more laws has much affect on the issue either. Laws are regulatory and fall very much into the camp of attorneys, who rarely understand their implications in terms of infrastructure. Have spent many days on the phone with people for OIG seeking clarification on regulatory guidelines for handling systems, without getting the impression they understood much more than how to work the on / off switch.
This is a supply and demand problem, but a very special one. There is not enough demand for patches and security solutions prior to an incident, and there is not enough supply of secure code available to combat the threat. If anything, a solution lies with manufacturers, but there has to be a serious market for secure solutions for it to happen (and a willingness of buyers to invest in products that go down this route).
In other words, organizations needs to stop buying windows and start buying hardened Linux platforms. I honestly don't believe there is another way.
I just mean it was a nice site that served it's purpose, and maybe that purpose is now fulfilled. I don't know how important it is for the site to be re-opened for submissions or if there is a lot to accomplish.
Think of it this way: could the Zen Garden ever become better than it once was? Could it be more influential? I don't think it could, and believe it would be hard to trump it's earlier successes.
I do most of the hiring in my company, and can share some thoughts about what hiring managers are thinking when confronted with an older applicant for a developer position.
My entire company is virtual, we have about 20 people who work together remotely. I usually have no clue about how old someone is before I speak with them.
I have a list of 3 things I look for from any applicant for a developer role. It's the 3 C's - character, courage and collaboration. I want people who have a personality and aren't afraid to show it, I want people who will speak up when there's a problem, and I want people who are good at collaborating with others.
I don't always care as much about someone's development background, we can always train people up to a certain standard and then it's just getting experience doing the thing you were ask. What I do care about is whether or not someone is a cultural fit, which gets into the 3 Cs.
Just be confident in what you say, express genuine interest, and make it clear you are going to add to the efforts of their team. Take the time to learn what an employer actually does before you speak with them, and ask a lot of questions. When confronted with a technology question, be honest if you don't know how to deal with it. People don't want to hear you waffling and will usually know if you are out of your area of expertise.
They have been saying this since the 60s, yet people still seem to be writing code. What seems to happen is, byt the time a computer catches up with a major development pattern, developers are already off to the next pattern of development.
I mean, an operating system basically does what we would have called programming 40 years ago, writing instructions to the processor, calculations, etc. The nature of programming has changed since then, as it will over the next 40 years. I could see there being an application that models relevant data, builds interfaces, and maybe even makes them look nice. But I doubt that will be the way we interact with computers by the time they can do it.
This book is one of the first, best discussions about the major challenges that AIs face. The articles about ambiguity tolerance really tell you all you need to know to understand this point. While AIs are pretty awesome at this point, they really do rely on clustering algorithms and normative pattern analysis to construct the facts they operate on. It's useful as a means of understanding the world, but it's not really the same as what most people would call 'judgement' and it's certainly not the way people work in the world.
I have a theory about why AI will never replace coders. Once a machine gets to the point where it can handle the tasks of a coder, it becomes commonplace. People strive for more, technology is necessarily an innovation market. Eventually something new comes along, it takes decades to come to grips with it. During that time, people are the ones working out what's useful and interesting.
In other words, it's all a cycle, and machines are constantly catching up by automating what we did before. They never lead, which is why we have coders.
Slashdot Mirror
It will go well with my HD TV windshield and the Beats by Dre headphones I wear whenever I drive.
I employ about 20 people.
About 70% of the time, when people quit my company without notice, they are leaving with business. A client talked them into contracting with them directly at a higher rate, or another company made them an offer based on walking with a project.
It's a free market and people are supposed to do what makes them happy and all, but shady is shady. I check people's references before making them an offer and never hire people who have left a job without notice. I don't take on projects people bring with them unless they have been away from their former employer for a long, long time. I am not making assumptions about someone's reasons for quitting without notice - in fact, I usually give people a chance to explain themselves, and I would be open to hearing reasonable explanations.
The thing is they never do. I hear a lot of grousing about how work was part of their last job, he / she "just couldn't take" some aspect about it any more, or how there was this bull and it had horns and those horns needed to be seized. But no one has ever pointed to legitimate factors such as an abusive workplace, not being paid on time, not receiving fair / just compensation, or the like.
(Well, to be honest, that's not true. There was one time that someone left a job in protest after management refused to put in assistive devices to help with his handicap. I could understand this. But he was not being honest about his experience and lost out on that factor.)
I don't know if I am the only employer who is like this, but I suspect there are more people who do things this way than you might expect. Seriously, I just want to know when I invest in training people up, having them travel the world with me, setting them up as a thought leader, listen endlessly to their stories about kids and dogs and things they want to buy and their colds and everything else, they are going to at least have the courtesy not to vanish on their way out.
OMG that's so funny. Porn filters blocking great literature.
What would the bard say?
"With this bit I damn thee..."
"She censored well but not wisely"
"O, reason not the need!"
"Art made tongue-tied by authority." (had to look this one up)
I think I know the origin of this tax bill and what it is intended for.
Acquia - http://www.acquia.com/ - is a large firm that specializes in Drupal. A lot of the work they do is around setting up, configuring and maintaining Drupal websites.
While they don't produce the majority of the code that is in Drupal, they do provide a lot of services around it to consumers and other businesses. This is really a tax on VARs and other people who implement Drupal using their services.
I am sure there are a lot of other companies that operate in a similar space. While I don't like it, I can see the potential revenues to be drawn in through such a tax.
I think Jeff is a sincere fellow who seeks to have a nice conference and avoid issues that could be tough on either the Fed side or the Hacker community side.
I don't take his request as retaliation over government policies, and mroe as recognition that the community coming out to DefCon is very different from the one that will be attending BlackHat.
The point of the conference, regardless of anything anyone wants to say, is to have fun. My take is that he is trying to preserve that spirit for the conference.
It just occurred to me, one of the researchers pulling out was slated to give a presentation on how to hack sharepoint.
While it would be an enormous loss for the community not to have the opportunity to learn more about the specific ways this guy attacks M$'s premium CMS ... ... how much effort would it really take for a bunch of Defcon attendees to put together a session with equally useful information about hacking sharepoint to replace it?
Were it not for the fact I don't believe there is any anonymity in the world anymore, I would agree with you and say something even more cavalier. But I don't, and like to be thought of as a nice person.
I can't speak for the people who have chosen not to participate or their reasons for doing so.
I am sure it will be a loss for the event, but not as much as the one that comes from the lack of a public dialogue about the government's actions and activities tracking internet traffic.
Saying that Defcon fosters an open community where there are no sides is a little misleading. The government has it's own reasons for showing up and they are not all related to sharing ideas, learning and having a good time. It's just the other people who really lack an agenda.
I know people who are not going to Blackhat because the NSA is giving the keynote. What kind of strange alternate future is it we live in where this even happens?
I have never really been comfortable with having the Feds in there in the first place. Anyone in government can potentially serve in a prosecutorial role, and the government has demonstrated over the years they are perfectly willing to demonize hackers if it serves a need. Thinking about Mitnick, Gonzales, and a bunch of other guys who got railroaded here, along with 2600 meetings where we would get interrogated just for showing up to have coffee.
It's a little like inviting the fox into the henhouse to have these guys around. Pretending that they care about the hacker community is a little hard for me to do.
I don't replace HDs with services that provide the government with access to my files. I eliminate those services like the bugs they are.
The question is what you can do to prevent it, not whether or not Snowden is a hero.
It's an interesting problem on it's own. Imagine the situation in reverse - someone working in IT for an aid organization, beset by government hackers looking for information about political opponents who would kill them. How do you prevent someone from leaking information of a completely non-criminal nature to forces who mean to do them harm?
One of the problems with disclosures, and why they are so divisive, is that they expose people's relative values. For everyone who thinks Snowden is a hero, there is someone who things he broke an oath and the government is being completely reasonable.
It's not worthwhile to judge situations the same way you judge individuals. I work with a lot of NGO where people would get killed if information about their operations is exposed, and one of the big threats is someone handing over documents under duress.
I agree with this point. It's not impossible to stop leaks, but organizations can change to mitigate the impact one individual can have.
The thing that is most interesting to me about the Snowden case, as well as the Manning case, is the level of access intelligence communities give to these people. I mean, Manning was able to dump years of diplomatic cables, and Snowden has been able to detail a worldwide architecture of network ops.
Did they really need to have this much access to information? If their roles were more compartmentalized, these situations would be different.
I feel the problem with these leaks is a management issue moreso than the acts of individuals. Taking young, principled, intelligent guys and giving them the keys to a trove of information about questionable activities is just not the way to run an organization. The people he reported to should be the ones being indicted over this.
A solution (without knowing the particulars) would be to spread out access across a range of individuals with specific skill sets in their area and that's it. If you want to train people to be hackers, focus their development on one level of infrastructure and make it impossible for one guy to do this all on his own.
Chip sysadmins with GPS and use drones as your last line of defense.
Someone could be selling insider information about farm subsidies, which is not illegal but can affect markets.
'Leakers' are only one category of people who disclose information. It doesn't have to be illegal to be private and worth protecting.
Mod up this comment it's absolutely correct!
Oh wait, it as authored by an AC.
They don't count.
Logging snails makes me think about something altogether different from NSA spying.
It makes me think of someone bashing snails with a log.
Which might be too different from the truth.
They could be bringing him on in order to introduce a new brand of perfume.
iSmell.
As someone who makes hiring and firing decisions, I have never seen a better qualification than someone having been a fighter pilot. Several of my friends are former pilots for the Navy who have done well in various entrepreneurial pursuits involving technology. I would hire them immediately if they ever needed a job.
The basic qualities I pick up on, and that seem to be the most appealing as an employer, are the level of preparation that goes into being a pilot and the practical math behind operating an aircraft. In my business, we need to have a lot of planned out from the beginning for things to go well. It's clear to me that structure and process, and the ability to compensate effectively when something does go off track, are in a pilot's DNA.
Not sure what jobs you have been applying for, or why this is not coming across with other employers, but feel free to reach out to me via PM if you want to discuss directly.
At this point, this is not an issue of a lawbreaker. Until he's charged with something in a free and open court, Snowden is not a criminal.
An Australian general, addressing issues with sexual harassment in the military, had this to say about the values of an organization in a recent video:
"The standard you walk past is the standard you accept."
http://www.youtube.com/watch?feature=player_embedded&v=QaqpoeVgr8U
This is a little more apropos for the situation. Someone saw something he felt was unconscionable and acted to try and correct it. This is in keeping with the highest values of ethical conduct, and most ethical scholars would agree people have an obligation to act in this way.
We will see what Snowden is ultimately charged with. But casting him as a criminal before he is charged with anything, and rushing to judgement about his guilt or innocence, shows a lot less respect for the legal process and rule of law than anything he has done.
It's not so much a question of who to believe, but a statement about how much blind faith you are willing to put in government.
We know who Snowden is, he would not merit this level of attention if he did not have something to say. It could be argued we know more about him than what we know about the CIA and NSA.
We do not know much about the programs he described in the documents he had released. For someone to be saying they contain lies, when there are so few details contained, it makes me wonder why they need to deny it at all.
There's nothing random or stranger about this all though. The reactions of public officials are what are so revealing.
Or outlaw guns. They are much more lethal annually than all the terrorists who have attacked America to date.
For that matter. amazing we can keep a tab on everyone in the *world* with a smartphone or email address, but we can't keep track of all the guns out there.
There's a reason people don't want their guns to be tracked, and it's the same reason we don't want all our phones tapped. Does not matter if someone is actively or passively eavesdropping, we don't like the government to know too much about our business.
National Disclosure Centers are only as good as the organizations that take their disclosures.
I worked pretty closely with the DOC CIRT when it was first formed. It did not matter how many CIOs were involved in the process of forming it, or what they agreed to do, or what channels of communications were established. There were always groups that would not / could not work to address issues when they happened.
I don't think passing more laws has much affect on the issue either. Laws are regulatory and fall very much into the camp of attorneys, who rarely understand their implications in terms of infrastructure. Have spent many days on the phone with people for OIG seeking clarification on regulatory guidelines for handling systems, without getting the impression they understood much more than how to work the on / off switch.
This is a supply and demand problem, but a very special one. There is not enough demand for patches and security solutions prior to an incident, and there is not enough supply of secure code available to combat the threat. If anything, a solution lies with manufacturers, but there has to be a serious market for secure solutions for it to happen (and a willingness of buyers to invest in products that go down this route).
In other words, organizations needs to stop buying windows and start buying hardened Linux platforms. I honestly don't believe there is another way.
I just mean it was a nice site that served it's purpose, and maybe that purpose is now fulfilled. I don't know how important it is for the site to be re-opened for submissions or if there is a lot to accomplish.
Think of it this way: could the Zen Garden ever become better than it once was? Could it be more influential? I don't think it could, and believe it would be hard to trump it's earlier successes.
I do most of the hiring in my company, and can share some thoughts about what hiring managers are thinking when confronted with an older applicant for a developer position.
My entire company is virtual, we have about 20 people who work together remotely. I usually have no clue about how old someone is before I speak with them.
I have a list of 3 things I look for from any applicant for a developer role. It's the 3 C's - character, courage and collaboration. I want people who have a personality and aren't afraid to show it, I want people who will speak up when there's a problem, and I want people who are good at collaborating with others.
I don't always care as much about someone's development background, we can always train people up to a certain standard and then it's just getting experience doing the thing you were ask. What I do care about is whether or not someone is a cultural fit, which gets into the 3 Cs.
Just be confident in what you say, express genuine interest, and make it clear you are going to add to the efforts of their team. Take the time to learn what an employer actually does before you speak with them, and ask a lot of questions. When confronted with a technology question, be honest if you don't know how to deal with it. People don't want to hear you waffling and will usually know if you are out of your area of expertise.
They have been saying this since the 60s, yet people still seem to be writing code. What seems to happen is, byt the time a computer catches up with a major development pattern, developers are already off to the next pattern of development.
I mean, an operating system basically does what we would have called programming 40 years ago, writing instructions to the processor, calculations, etc. The nature of programming has changed since then, as it will over the next 40 years. I could see there being an application that models relevant data, builds interfaces, and maybe even makes them look nice. But I doubt that will be the way we interact with computers by the time they can do it.
http://www.amazon.com/What-Computers-Still-Cant-Artificial/dp/0262540673
This book is one of the first, best discussions about the major challenges that AIs face. The articles about ambiguity tolerance really tell you all you need to know to understand this point. While AIs are pretty awesome at this point, they really do rely on clustering algorithms and normative pattern analysis to construct the facts they operate on. It's useful as a means of understanding the world, but it's not really the same as what most people would call 'judgement' and it's certainly not the way people work in the world.
I have a theory about why AI will never replace coders. Once a machine gets to the point where it can handle the tasks of a coder, it becomes commonplace. People strive for more, technology is necessarily an innovation market. Eventually something new comes along, it takes decades to come to grips with it. During that time, people are the ones working out what's useful and interesting.
In other words, it's all a cycle, and machines are constantly catching up by automating what we did before. They never lead, which is why we have coders.