In all honesty, I've had to deal with very few of them, and only indirectly. Most notably the heartbleed thing recently. And you know what? It was senior management and IT managers who made that call and accepted the risks. (I'm primarily inside the firewall, so usually not my issue.)
There are times when you have to weigh risks and make choices.
But generally speaking, I don't apply a patch which is fresh and steaming immediately, and then I deploy to a lab and do some testing first.
Assume the worst, and do your best to plan against it. I learned this at the knee of an old neckbeard who'd seen it all, and I think it's served me quite well.
Occasionally, someone accuses me of being a worrier and overly paranoid -- and infrequently someone will override me. On a few of those occasions when it blew up in our faces, I was the one saying this is why I don't do it that way.
There's probably a larger number of times where it would have probably worked just fine.
But I don't get paid to take risks with someone else's stuff, and I work on stuff with a pretty low risk threshold.
So, for me, I will always err on the side of caution of it's an important system.
Like Herd-immunity that only works if most people don't do it.
Sure, and there will always be those who do it right away.
But I have no intention of being the first lemming off the cliff. I've been in IT way too long to trust a fresh patch for any vendor.
There was a time when release cycles were much longer, nowadays, you're just as likely to end up in the situation of a busted environment.
At the very least you have non-prod systems which you use as guinea pigs. But I've met people who apply new patches to Production machines right away -- and almost invariably end up getting burned by it.
I'll stick with my old school, overly paranoid approach to release engineering/configuration management. What others do with systems they're in charge of is their own problem.
As a customer, how would you feel with a very simple product (much simpler than the competition but still a bit complex) that has no documentation?
So, I guess first off if your product is open source, do you have customers or do you have users?
Second, say I'm evaluating a new product, and I stumble on yours. After looking around I conclude there is no documentation at all.
Now, do you think I'm going to download and install your software so I can play with it and see if it might possibly be useful for me? Or am I going to look at the absence of documentation as a sign that I should look elsewhere?
My honest answer, is I'm going to assume you're like every other open source project with no documentation and keep looking. Because it smacks of either amateur hour, or the bad old days of open source where all you got for help was "RTFM" (which in this case there wouldn't be), or "figure it out for yourself".
If you've got 250 apps with no documentation, what you have is a sea of unintelligible stuff which nobody is going to want to get anywhere near.
And if this is supposed to be a business suite, how are people going to pitch it to decision makers when you say "um, well, there's no actual documentation". If any business lets their IT folks roll out a project based on software with no documentation, they'd be complete idiots.
If you're not documenting it, people who aren't already users of it will never use it.
And, really, 250 frickin' apps without documentation?? Yeah, no.
Gartner is useless. However you can pay them money and they'll increase your company's rating and this will fool people who trust Gartner's opinions.
Agreed, they make their money evaluating how well people are doing in the overhyped buzzword sector, and making predictions which are of dubious value.
So if they have a section on overhyped buzzwords, it's pressy astounding.
To me, if Gartner is saying this, it's kind of like Bernie Madoff saying an investment is a little sketchy.
I look at 90% of what comes out of Gartner and think "what overhyped drivel", so them saying the same thing boggles the mind.
Know what else is a cliche? People whining about the relative meaning of a phrase which originated in the 16th century (and was apparently a bad translation from Latin), and a more modern phrase which uses some of the same words.
Unless you are specifically in a context where you're doing formal logic or debating, the former is rarely used. And, if you're in that context, everybody knows the difference between those two things. If you're not, people probably mean the more modern version of it.
So, dealeth with it, lest thee gets presumed for man of excessive pedantry and retentiveness of the sphincter.
Dost thou propose that thine language shall never evolve and change in any manner unless it be so approveth by thee and thine ilk of the Nazis of Grammar? Shall thine language become static and fixed as the firmament and the heavens? Or hath the pinnacle of grammarian excellence been such obtained as to negate further change, owing to it's divine revelation and celestial perfection?
Would such change undo the works that man has wrought under heaven? Would thine countenance still continue as blessed and calm as days of yore? I beseech you, good sir, to ponder the myriad ways in which ones speech no longer resembles that of our forefathers, even as thou pines for a return to the olden ways.
Methinks thine bloomers may have come become ill adjusted leading to your distemper. I prithee, settle thine dyspeptic mood and swallow your bile, lest ye strain thyself. These ill spirits do not become you, and place much strain upon your liver.
I do believe the gentleman doth protest too much over matters of trifling importance.
If you have ever said "let me google that", then you too are guilty of this. If you have ever used any expression which is newer than the dark ages, you're certainly guilty of this.
Language evolves, and the fact that a second entire expression which sounds similar to the first is not the fault of the expression or the people who use it.
Yes, there is the logical fallacy of "begging the question". But there is also the more modern "begs the question" implying "that causes us to ask this", and it has been in use for decades.
Whether the grammar nazis among us accept or not is a different issue.
So, yo dawg, chill and stop griefing, peeps be speaking differently than before. Deal with it.
At best English is a bastardization of a several languages, thrown together with a hodge podge of rules which require you to know which language gave us the word and why, and it is entirely possible to construct phrases which sound similar but which convey an entirely different meaning.
Piercing, tattoos and henna are part of the hacking culture these days though
looks down Hmmmm... I'm not wearing any henna now, and my hair is my natural color, and I no longer have an eyebrow ring... but really, this has been nerd chic since I was in junior high school, which is really only a subset of shabby punk from the 70s.
Or as I like to call it, clothing.
As far as wizards and elves
Mmmmm.... Skyrim...
ZOMG, I 4m teh hax0r!! Or, as my wife puts it... " hey dork".
Damn, suddenly I was a lot more interested in attending... who doesn't like disco-bondage headgear, leather, and steampunk?
Yes honey, I have to go to Vegas for work. No, I really do need my steampunk goggles and leather chaps, it's for, um, safety. Yes, for safety. Have you seen my cape?
I'm confused... I've never been to one, is this one of those 'it can be two things' deals?
Is everybody walking around in their disco-bondage headgear and steampunk outfits talking about security?
I'm just imagining a keynote speaker in leather chaps, and suddenly I'm very afraid. No wonder the rest of the world still thinks we're all running around playing D&D and shouting "my wizard impales your elf".
And based on your completely ignorant and idiotic posts, I assume you have nothing at all to refute any of this, other than your firmly held idiocy and conviction that they must be wrong?
Why don't you go visit the creation museum or something, you might find other people who care about what you say.
If they don't get the results they're looking for they'll "adjust" the data or "calibrate" the instruments until they show what they want NASA to show.
Cite your facts and your science, because otherwise we conclude you're doing nothing more than making an ad hominem attack on science.
Oh, wait, you don't have any facts, right?
Sorry, but if you want to be given any credibility, you need to show some science which refutes it.
Otherwise, it's the same as if I said "Pino Grigio will reject any science which doesn't fit in with his childish worldview, and nothing he says can be taken as more then the rantings of a deluded idiot".
If I had to choose between the integrity of the NASA scientists and the intelligence of your post, I'm going to have to go with NASA on this one.
I don't really understand why you have so much love for the 360, but so much hate for the X1
My XBox 360 hasn't been plugged into a network in several years, and the XBone isn't backwards compatible with my existing library of games.
Microsoft has sent so many mixed messages about this platform that I don't know what to believe about it any more.
I don't care about DLC, I don't care about on-line gaming, I don't care about multi-player, I don't care about pretty much anything they said was a "feature" of this new console. It brings zero value for me.
If CO2 were a leading cause of warming, why would the temperatures not be spiking along with CO2 levels?
You seem to be assuming it's linear and immediate, as opposed to being a complex system with built in lag and other factors -- which would boil down to "if I release X amount of CO2, tomorrow the temperature will go up by Y".
It doesn't work that way, and is much more complex.
Much like if you turn up your thermostat, your house isn't instantly warmer, because, thermodynamics.
when they dont get the results that they want the sat suddenly loses communications.....
More likely scenario... if it starts getting results confirming AGW, some congresscritter will vote to cut its funding on behalf of his 'constituents' (the oil companies).
There is a group interested in not seeing the truth here, and it isn't the climate scientists.
And terrorists would want either something REALLY hot for a dirty bomb
Is that true?
Say your goal was purely to scare the crap out of people and cause panic -- the low hanging fruit of terrorism. You don't actually need to do anything with lasting effects. If you suddenly make a high visibility target read with a trivial amount of radioactivity, you'll pretty much accomplish your goals, wouldn't you? One can only assume this kind of this is actively monitored.
By the time people figure out it's not life threatening, you've already achieved your goal. Do it a few more times, and people will be so scared that when the microwave goes bing they'll run screaming.
Sure, you can cause more actual damage with something else, but the psychological damage is going to be vast and widespread.
Do you really think this wouldn't mobilize a lot of people and generally wreak havoc? I'm picturing FEMA and a whole ton of agencies going nuts over this.
Like most people, I know pretty much nothing about dirty bombs. But even if you couldn't do any real damage, you can still create a hell of a response.
Now, of course, it's entirely possible these 'lesser' things can't actually do that. As I said, I know nothing about it. But, it seems like you could cause a lot of panic, and that seems like it's as valuable as doing the real thing.
it's about making sure people can't just copy downloaded games onto a USB drive and make multiple copies and pirate games that trivially whilst making sure they can use USB storage for games
Right, so it's not a technology issue, and never was.
I'm so tired of technology being crippled in the name of copyright and DRM it's not funny -- the copyright lobby has more or less decided we can't do anything without their permission.
worse, the 360 even had it's own bespoke memory cards originally
I'm aware of that, and again, I've always assumed it was because of corporate greed.
At the end of the day, the Xbone is a very anti-consumer piece of technology, and I simply will not buy one.
I will buy a spare for my beloved 360 before that ever happens.
Microsoft can shove their DRM, copyright protection, and POS system up their collective asses.
Will they care even a little that I'm doing this? Absolutely not. Do I expect others likely are making the same choice? Definitely.
I worked on a government contract once. Getting anything done required extensive amounts of fighting the process, and sometimes fighting the people -- they had their process, there was nothing in the world which could streamline it, and everybody was so incredibly territorial about their own stuff it was absurd. To the point that an Oracle DBA went in and removed permissions from an Oracle product -- the Oracle product explicitly said "need these permissions", the departmental policies said "no you can't" -- and then we spent 3 days understanding why something broke until the DBA said "oh, I removed those".
And then as the pilot project was coming on line (and it was purely a pilot project), the government employees started demanding the training course, the manuals, the support callflow, and a dozen other things which didn't exist yet.
It was maddening, the Director (or whatever he was called) would say "this must be done today", and we'd start doing our part... and then the government people would throw up dozens of roadblocks to make it impossible. Even when directly told by him to do it this way, they just simply didn't.
There were some smart people, but everybody had been so beaten down by the bureaucracy that it was impossible to get anything done.
I sure as heck wouldn't want to be doing tech in the government, because getting anything done was nigh on impossible, and there were usually 3-4 layers of CYA going on as everyone tried to ensure that if anything ever went wrong they could say "well, I followed all appropriate processes".
The tie, I could live with since I don't find them to be that bad. I actually like the tie.
The processes and pointless procedures... that was just crazy.
for streaming media both from attached USB devices, such as flash drives
Are you telling me that Microsoft shipped the XBone without the ability to read USB drives?
That they're announcing support for 10+ year old media and we're supposed to be impressed? Something you can buy next to bubble gum in the express checkout at the Wal Mart? Wow, that's some innovating there.
The XBox 360 had memory cards, and it's not like Microsoft doesn't have access to the technology to do this trivially. As in so blindingly trivial they'd have had to take steps to not support it.
I view this announcement with the same incredulity as if Ford had just announced they were adding a horn to this year's car -- because I find it unbelievable that they didn't build this in right away.
Yeah, I'm sure glad I've got my XBox 360, the XBone continues to look like a turd. I'm really gonna have to buy a spare 360, my wife likes some of the Kinect games, and every single time Microsoft tells me about this thing, I want it less than before.
Way to go Microsoft, you implemented accessing an FAT file system over USB.
Except for the USB part, using Microsoft's own documentation I wrote code to directly read from a FAT filesystem 20 years ago.
Un-frickin-believable. What idiots were in charge of this product again?
In all honesty, I've had to deal with very few of them, and only indirectly. Most notably the heartbleed thing recently. And you know what? It was senior management and IT managers who made that call and accepted the risks. (I'm primarily inside the firewall, so usually not my issue.)
There are times when you have to weigh risks and make choices.
But generally speaking, I don't apply a patch which is fresh and steaming immediately, and then I deploy to a lab and do some testing first.
Assume the worst, and do your best to plan against it. I learned this at the knee of an old neckbeard who'd seen it all, and I think it's served me quite well.
Occasionally, someone accuses me of being a worrier and overly paranoid -- and infrequently someone will override me. On a few of those occasions when it blew up in our faces, I was the one saying this is why I don't do it that way.
There's probably a larger number of times where it would have probably worked just fine.
But I don't get paid to take risks with someone else's stuff, and I work on stuff with a pretty low risk threshold.
So, for me, I will always err on the side of caution of it's an important system.
Sure, and there will always be those who do it right away.
But I have no intention of being the first lemming off the cliff. I've been in IT way too long to trust a fresh patch for any vendor.
There was a time when release cycles were much longer, nowadays, you're just as likely to end up in the situation of a busted environment.
At the very least you have non-prod systems which you use as guinea pigs. But I've met people who apply new patches to Production machines right away -- and almost invariably end up getting burned by it.
I'll stick with my old school, overly paranoid approach to release engineering/configuration management. What others do with systems they're in charge of is their own problem.
So, I guess first off if your product is open source, do you have customers or do you have users?
Second, say I'm evaluating a new product, and I stumble on yours. After looking around I conclude there is no documentation at all.
Now, do you think I'm going to download and install your software so I can play with it and see if it might possibly be useful for me? Or am I going to look at the absence of documentation as a sign that I should look elsewhere?
My honest answer, is I'm going to assume you're like every other open source project with no documentation and keep looking. Because it smacks of either amateur hour, or the bad old days of open source where all you got for help was "RTFM" (which in this case there wouldn't be), or "figure it out for yourself".
If you've got 250 apps with no documentation, what you have is a sea of unintelligible stuff which nobody is going to want to get anywhere near.
And if this is supposed to be a business suite, how are people going to pitch it to decision makers when you say "um, well, there's no actual documentation". If any business lets their IT folks roll out a project based on software with no documentation, they'd be complete idiots.
If you're not documenting it, people who aren't already users of it will never use it.
And, really, 250 frickin' apps without documentation?? Yeah, no.
I've never understood that mentality ... usually I give patches from any vendor a few weeks or more to have a shakedown period.
Let someone else do the beta testing.
I've seen more problems caused by applying fresh steaming patches than I have seen problems solved by it.
Agreed, they make their money evaluating how well people are doing in the overhyped buzzword sector, and making predictions which are of dubious value.
So if they have a section on overhyped buzzwords, it's pressy astounding.
To me, if Gartner is saying this, it's kind of like Bernie Madoff saying an investment is a little sketchy.
I look at 90% of what comes out of Gartner and think "what overhyped drivel", so them saying the same thing boggles the mind.
They essentially are making biological weapons in violation of international treaties, but they're saying it's all OK because it's for research?
Sorry, but what? If someone in Iran was doing this people would be calling for airstrikes.
The hubris of thinking "it's OK, I'm a trained professional, nothing bad can happen" is mind boggling.
How is it even legal to be making deadlier strains of viruses?
Ironic, isn't it? ;-)
And, cliche isn't a phrase, it's a word.
Know what else is a cliche? People whining about the relative meaning of a phrase which originated in the 16th century (and was apparently a bad translation from Latin), and a more modern phrase which uses some of the same words.
Unless you are specifically in a context where you're doing formal logic or debating, the former is rarely used. And, if you're in that context, everybody knows the difference between those two things. If you're not, people probably mean the more modern version of it.
So, dealeth with it, lest thee gets presumed for man of excessive pedantry and retentiveness of the sphincter.
Dost thou propose that thine language shall never evolve and change in any manner unless it be so approveth by thee and thine ilk of the Nazis of Grammar? Shall thine language become static and fixed as the firmament and the heavens? Or hath the pinnacle of grammarian excellence been such obtained as to negate further change, owing to it's divine revelation and celestial perfection?
Would such change undo the works that man has wrought under heaven? Would thine countenance still continue as blessed and calm as days of yore? I beseech you, good sir, to ponder the myriad ways in which ones speech no longer resembles that of our forefathers, even as thou pines for a return to the olden ways.
Methinks thine bloomers may have come become ill adjusted leading to your distemper. I prithee, settle thine dyspeptic mood and swallow your bile, lest ye strain thyself. These ill spirits do not become you, and place much strain upon your liver.
I do believe the gentleman doth protest too much over matters of trifling importance.
If you have ever said "let me google that", then you too are guilty of this. If you have ever used any expression which is newer than the dark ages, you're certainly guilty of this.
Language evolves, and the fact that a second entire expression which sounds similar to the first is not the fault of the expression or the people who use it.
Yes, there is the logical fallacy of "begging the question". But there is also the more modern "begs the question" implying "that causes us to ask this", and it has been in use for decades.
Whether the grammar nazis among us accept or not is a different issue.
So, yo dawg, chill and stop griefing, peeps be speaking differently than before. Deal with it.
At best English is a bastardization of a several languages, thrown together with a hodge podge of rules which require you to know which language gave us the word and why, and it is entirely possible to construct phrases which sound similar but which convey an entirely different meaning.
My advice to you, get over it.
looks down Hmmmm ... I'm not wearing any henna now, and my hair is my natural color, and I no longer have an eyebrow ring ... but really, this has been nerd chic since I was in junior high school, which is really only a subset of shabby punk from the 70s.
Or as I like to call it, clothing.
Mmmmm .... Skyrim ...
ZOMG, I 4m teh hax0r!! Or, as my wife puts it ... " hey dork".
Let's be honest here, this isn't exactly new.
Damn, suddenly I was a lot more interested in attending ... who doesn't like disco-bondage headgear, leather, and steampunk?
Yes honey, I have to go to Vegas for work. No, I really do need my steampunk goggles and leather chaps, it's for, um, safety. Yes, for safety. Have you seen my cape?
Yeah, like I'm supposed to believe he had a heart.
That's just where they topped up the evil. ;-)
Nerds in t-shirts and glasses, now that's what I expected ... the whole leather thing threw me a little.
Why, thank you.
Is this a security convention, or an S&M one?
I'm confused ... I've never been to one, is this one of those 'it can be two things' deals?
Is everybody walking around in their disco-bondage headgear and steampunk outfits talking about security?
I'm just imagining a keynote speaker in leather chaps, and suddenly I'm very afraid. No wonder the rest of the world still thinks we're all running around playing D&D and shouting "my wizard impales your elf".
And based on your completely ignorant and idiotic posts, I assume you have nothing at all to refute any of this, other than your firmly held idiocy and conviction that they must be wrong?
Why don't you go visit the creation museum or something, you might find other people who care about what you say.
Cite your facts and your science, because otherwise we conclude you're doing nothing more than making an ad hominem attack on science.
Oh, wait, you don't have any facts, right?
Sorry, but if you want to be given any credibility, you need to show some science which refutes it.
Otherwise, it's the same as if I said "Pino Grigio will reject any science which doesn't fit in with his childish worldview, and nothing he says can be taken as more then the rantings of a deluded idiot".
If I had to choose between the integrity of the NASA scientists and the intelligence of your post, I'm going to have to go with NASA on this one.
My XBox 360 hasn't been plugged into a network in several years, and the XBone isn't backwards compatible with my existing library of games.
Microsoft has sent so many mixed messages about this platform that I don't know what to believe about it any more.
I don't care about DLC, I don't care about on-line gaming, I don't care about multi-player, I don't care about pretty much anything they said was a "feature" of this new console. It brings zero value for me.
You seem to be assuming it's linear and immediate, as opposed to being a complex system with built in lag and other factors -- which would boil down to "if I release X amount of CO2, tomorrow the temperature will go up by Y".
It doesn't work that way, and is much more complex.
Much like if you turn up your thermostat, your house isn't instantly warmer, because, thermodynamics.
More likely scenario ... if it starts getting results confirming AGW, some congresscritter will vote to cut its funding on behalf of his 'constituents' (the oil companies).
There is a group interested in not seeing the truth here, and it isn't the climate scientists.
Is that true?
Say your goal was purely to scare the crap out of people and cause panic -- the low hanging fruit of terrorism. You don't actually need to do anything with lasting effects. If you suddenly make a high visibility target read with a trivial amount of radioactivity, you'll pretty much accomplish your goals, wouldn't you? One can only assume this kind of this is actively monitored.
By the time people figure out it's not life threatening, you've already achieved your goal. Do it a few more times, and people will be so scared that when the microwave goes bing they'll run screaming.
Sure, you can cause more actual damage with something else, but the psychological damage is going to be vast and widespread.
Do you really think this wouldn't mobilize a lot of people and generally wreak havoc? I'm picturing FEMA and a whole ton of agencies going nuts over this.
Like most people, I know pretty much nothing about dirty bombs. But even if you couldn't do any real damage, you can still create a hell of a response.
Now, of course, it's entirely possible these 'lesser' things can't actually do that. As I said, I know nothing about it. But, it seems like you could cause a lot of panic, and that seems like it's as valuable as doing the real thing.
Stupid is not a finite quantity in the universe, and it's not a zero sum game.
You can have an infinite amount of stupid.
Now, one might argue that telling the spammers how they've fallen for this and what to avoid ... well, that might be stupid.
Right, so it's not a technology issue, and never was.
I'm so tired of technology being crippled in the name of copyright and DRM it's not funny -- the copyright lobby has more or less decided we can't do anything without their permission.
I'm aware of that, and again, I've always assumed it was because of corporate greed.
At the end of the day, the Xbone is a very anti-consumer piece of technology, and I simply will not buy one.
I will buy a spare for my beloved 360 before that ever happens.
Microsoft can shove their DRM, copyright protection, and POS system up their collective asses.
Will they care even a little that I'm doing this? Absolutely not. Do I expect others likely are making the same choice? Definitely.
Yeah, no kidding.
I worked on a government contract once. Getting anything done required extensive amounts of fighting the process, and sometimes fighting the people -- they had their process, there was nothing in the world which could streamline it, and everybody was so incredibly territorial about their own stuff it was absurd. To the point that an Oracle DBA went in and removed permissions from an Oracle product -- the Oracle product explicitly said "need these permissions", the departmental policies said "no you can't" -- and then we spent 3 days understanding why something broke until the DBA said "oh, I removed those".
And then as the pilot project was coming on line (and it was purely a pilot project), the government employees started demanding the training course, the manuals, the support callflow, and a dozen other things which didn't exist yet.
It was maddening, the Director (or whatever he was called) would say "this must be done today", and we'd start doing our part ... and then the government people would throw up dozens of roadblocks to make it impossible. Even when directly told by him to do it this way, they just simply didn't.
There were some smart people, but everybody had been so beaten down by the bureaucracy that it was impossible to get anything done.
I sure as heck wouldn't want to be doing tech in the government, because getting anything done was nigh on impossible, and there were usually 3-4 layers of CYA going on as everyone tried to ensure that if anything ever went wrong they could say "well, I followed all appropriate processes".
The tie, I could live with since I don't find them to be that bad. I actually like the tie.
The processes and pointless procedures ... that was just crazy.
Are you telling me that Microsoft shipped the XBone without the ability to read USB drives?
That they're announcing support for 10+ year old media and we're supposed to be impressed? Something you can buy next to bubble gum in the express checkout at the Wal Mart? Wow, that's some innovating there.
The XBox 360 had memory cards, and it's not like Microsoft doesn't have access to the technology to do this trivially. As in so blindingly trivial they'd have had to take steps to not support it.
I view this announcement with the same incredulity as if Ford had just announced they were adding a horn to this year's car -- because I find it unbelievable that they didn't build this in right away.
Yeah, I'm sure glad I've got my XBox 360, the XBone continues to look like a turd. I'm really gonna have to buy a spare 360, my wife likes some of the Kinect games, and every single time Microsoft tells me about this thing, I want it less than before.
Way to go Microsoft, you implemented accessing an FAT file system over USB.
Except for the USB part, using Microsoft's own documentation I wrote code to directly read from a FAT filesystem 20 years ago.
Un-frickin-believable. What idiots were in charge of this product again?