Feel free to disagree. I am billed to the Government at between $150 - $200 per hour depending upon the contract. Take my word for the fact that I don't get anywhere near that amount in my paycheck, even before taxes.
My experience in the Government was not Civil Service. It was in what is known as Excepted Service. That agency is not covered by Civil Service rules. They do not have all the fluff training you mention, nor does it take years to get rid of someone.
Cost plus fixed-fee contracts are no longer the norm. Many of them are Time and Materials based where the Government is buying bodies at a given rate.
You are exactly right on this. If I was moderating right now, I'd mod your post up.
Taxpayers across the country have clamored for smaller government. So, Congress slashes the personnel budgets of almost every Federal Agency, but increases the contracting budget. The theory is that "outsourcing" is cheaper than hiring. As one who has been both a Federal Government employee and now a DoD contractor (yes I have a clearance), I fail to see how it is cheaper for the Government to higher me through my company at a rate of about 3.5 times my salary, which itself is at least 35% higher than when I worked for the Government. However, that is what has been happening for quite some time, and will continue to happen for the foreseeable future. I don't see any push to hire lots of new scientists and engineers by the the Federal Government, and even if there was, the Government pay scale is low enough that why would the experienced folks want to work for that rate?
As a graduate of Georgia Tech's Computer Science program (BSICS 1981), I can tell you this has been done before now. I was an assistant for the Survey of Programming Languages class and as such graded programs for the course. I found several duplicate LISP, PASCAL, and SNOBOL programs, down to the placement of which columns that parens or semi-colons were in, that also had duplicate comments. Those I found simply because of recollection of what they looked like in the prinouts. After that, some simple "diff" runs on the submitted files turned up others that I might have missed had I looked only at the printouts.
It amazes me that people are dumb enough to think they won't get caught. Some of the folks that submitted copies even forgot to take out the comments that included the name of the person they copied from!
How about laws to punish the vendors if they
sell products that simply are full of bugs,
crash all the time, but don't provide adequate
support or fixes to their products (free of
upgrade fees)? Security is just one problem. Let's
get working software first.
The best way to get accuracy would be the same way my wife does with my estimates of home repair projects. First, double the numerical part of the estimate. Second, increment the units. Thus, if I estimate it will take 2 hours, she knows it will probably take 4 days. This takes account of all the problems that Murphy guy throws in.
I'm sure than asking the programmers how long they think it will take and following the rule above will work for software too!
Only if they also nationalize all the traffic laws so that they are the same from state to state. On the other hand, even if they did that, the new state would probably still want you to pay the exam fee just to get a little more money out of you.
What about Voice of America and the old Radio Free (insert favorite communist nation here)? The whole point was to set up transmitters in neighboring countries so that we could pump the "truth" to the citizens of the communist countries that had their news censored by the government.
I like to save the SPAM that I get from the people that want to tell me how to make millions, and then forward it to the SPAMmers that are supposedly representing charities and are asking for money. I figure I should cut out the middle-man and just let these "charities" make the millions for themselves!
We were not at war with Vietnam, North Korea, Greneda, Iraq or other places either. You'll note that Congress has not declared war since World War II. However, there are other laws that give President Bush the right to persue the course of action he has taken.
There are many causes which the ACLU has represented that I have disagreed with their stance. On the other hand, there are many that I have agreed with. The one thing I have always agreed with is their right to exist. While I may have not always believed that organizations such as the ACLU, EFF, and EPIC were necessary, with the passage of the Patriot Act, I certainly believe that not. Please support them generously.
Using IE it shows up as separate paragraphs. Blame searchsecurity.com for the lousy HTML. I only write articles and answer questions for their Ask the Experts section. I don't do their website maintenance. Send me an email and I'll forward you a text copy that has paragraphs.
I find it interesting that the first mention in the article is about the Patriot Act. This Act is a major attack on our rights. For more information on how it affects the FBI's use of Carnivore, please see The Patriot Act and Carnivore: Reasons for concern? an editorial I wrote for the SearchSecurity.com website.
I received an advance copy of this book from Simson. I agree that it is a very good book. However there is one topic that was not discussed. I've emailed Simson about this and if another revision is done, they will include more info on it.
The topic left out is the issue of third-party servers. Many companies, particularly small business, use third party hosting. As such, the SSL provided for their form submission process only protects the information from the client computer (the consumer) to the web server (at the third party location). It does nothing to protect how that information gets from that third-party server back to the company. You would be surprised how many companies simply take that sensitive information (credit card numbers, etc.) and package it into an email message and send it to the company via plaintext email. Not very secure.
I wrote a paper on this subject in 1999 which is still posted at http://jsweb.net/paper.htm entitled "Are Secure Internet Transactions Really Secure?" I encourage you to take a look at it to learn more about how many companies are only providing a false sense of security, and not really protecting your information as it transits the Internet.
I do security consulting for a living. Many of my clients are Federal Government agencies. Most of them will not allow the use of Open Source software to be used for their systems. Now, their definition of Open Source is really the definition for Freeware. They want to pay someone for all their software so they have someone to support it, or someone to sue if it doesn't work. I have tried, unsuccessfully, to convince many of them that proprietary code does not equal better code, or even less bugs. Microsoft is the perfect example of proprietary code that is full of bugs. One of their arguements is that Open Source code is more likely to have security flaws than proprietary code. I claim that there is no real difference for initial releases, and that Open Source code tends to get stronger over time. In addition, if an Agency is buying code, someone in that company could try to implant a flaw specific to that agency's systems. If the agency simply downloads the Open Source code, nobody has to even know they are using it, and thus cannot be specifically targeted.
Perhaps someday I will be able to convince them.
Slashdot Mirror
No SBA perks here. I work for a Fortune 500 company, and this is a typical contract.
Feel free to disagree. I am billed to the Government at between $150 - $200 per hour depending upon the contract. Take my word for the fact that I don't get anywhere near that amount in my paycheck, even before taxes.
My experience in the Government was not Civil Service. It was in what is known as Excepted Service. That agency is not covered by Civil Service rules. They do not have all the fluff training you mention, nor does it take years to get rid of someone.
Cost plus fixed-fee contracts are no longer the norm. Many of them are Time and Materials based where the Government is buying bodies at a given rate.
You are exactly right on this. If I was moderating right now, I'd mod your post up.
Taxpayers across the country have clamored for smaller government. So, Congress slashes the personnel budgets of almost every Federal Agency, but increases the contracting budget. The theory is that "outsourcing" is cheaper than hiring. As one who has been both a Federal Government employee and now a DoD contractor (yes I have a clearance), I fail to see how it is cheaper for the Government to higher me through my company at a rate of about 3.5 times my salary, which itself is at least 35% higher than when I worked for the Government. However, that is what has been happening for quite some time, and will continue to happen for the foreseeable future. I don't see any push to hire lots of new scientists and engineers by the the Federal Government, and even if there was, the Government pay scale is low enough that why would the experienced folks want to work for that rate?
As a graduate of Georgia Tech's Computer Science program (BSICS 1981), I can tell you this has been done before now. I was an assistant for the Survey of Programming Languages class and as such graded programs for the course. I found several duplicate LISP, PASCAL, and SNOBOL programs, down to the placement of which columns that parens or semi-colons were in, that also had duplicate comments. Those I found simply because of recollection of what they looked like in the prinouts. After that, some simple "diff" runs on the submitted files turned up others that I might have missed had I looked only at the printouts.
It amazes me that people are dumb enough to think they won't get caught. Some of the folks that submitted copies even forgot to take out the comments that included the name of the person they copied from!
How about laws to punish the vendors if they sell products that simply are full of bugs, crash all the time, but don't provide adequate support or fixes to their products (free of upgrade fees)? Security is just one problem. Let's get working software first.
The best way to get accuracy would be the same way my wife does with my estimates of home repair projects. First, double the numerical part of the estimate. Second, increment the units. Thus, if I estimate it will take 2 hours, she knows it will probably take 4 days. This takes account of all the problems that Murphy guy throws in.
I'm sure than asking the programmers how long they think it will take and following the rule above will work for software too!
Only if they also nationalize all the traffic laws so that they are the same from state to state. On the other hand, even if they did that, the new state would probably still want you to pay the exam fee just to get a little more money out of you.
What about Voice of America and the old Radio Free (insert favorite communist nation here)? The whole point was to set up transmitters in neighboring countries so that we could pump the "truth" to the citizens of the communist countries that had their news censored by the government.
I like to save the SPAM that I get from the people that want to tell me how to make millions, and then forward it to the SPAMmers that are supposedly representing charities and are asking for money. I figure I should cut out the middle-man and just let these "charities" make the millions for themselves!
We were not at war with Vietnam, North Korea, Greneda, Iraq or other places either. You'll note that Congress has not declared war since World War II. However, there are other laws that give President Bush the right to persue the course of action he has taken.
There are many causes which the ACLU has represented that I have disagreed with their stance. On the other hand, there are many that I have agreed with. The one thing I have always agreed with is their right to exist. While I may have not always believed that organizations such as the ACLU, EFF, and EPIC were necessary, with the passage of the Patriot Act, I certainly believe that not. Please support them generously.
Using IE it shows up as separate paragraphs. Blame searchsecurity.com for the lousy HTML. I only write articles and answer questions for their Ask the Experts section. I don't do their website maintenance. Send me an email and I'll forward you a text copy that has paragraphs.
Funny, when I click through the link to the article, there are 7 paragraphs. Perhaps your browser isn't working properly.
I find it interesting that the first mention in the article is about the Patriot Act. This Act is a major attack on our rights. For more information on how it affects the FBI's use of Carnivore, please see The Patriot Act and Carnivore: Reasons for concern? an editorial I wrote for the SearchSecurity.com website.
There are some ways to take a bill and track where it's been and how far already. See the Where's George? website.
I received an advance copy of this book from Simson. I agree that it is a very good book. However there is one topic that was not discussed. I've emailed Simson about this and if another revision is done, they will include more info on it.
The topic left out is the issue of third-party servers. Many companies, particularly small business, use third party hosting. As such, the SSL provided for their form submission process only protects the information from the client computer (the consumer) to the web server (at the third party location). It does nothing to protect how that information gets from that third-party server back to the company. You would be surprised how many companies simply take that sensitive information (credit card numbers, etc.) and package it into an email message and send it to the company via plaintext email. Not very secure.
I wrote a paper on this subject in 1999 which is still posted at http://jsweb.net/paper.htm entitled "Are Secure Internet Transactions Really Secure?" I encourage you to take a look at it to learn more about how many companies are only providing a false sense of security, and not really protecting your information as it transits the Internet.
I do security consulting for a living. Many of my clients are Federal Government agencies. Most of them will not allow the use of Open Source software to be used for their systems. Now, their definition of Open Source is really the definition for Freeware. They want to pay someone for all their software so they have someone to support it, or someone to sue if it doesn't work. I have tried, unsuccessfully, to convince many of them that proprietary code does not equal better code, or even less bugs. Microsoft is the perfect example of proprietary code that is full of bugs.
One of their arguements is that Open Source code is more likely to have security flaws than proprietary code. I claim that there is no real difference for initial releases, and that Open Source code tends to get stronger over time. In addition, if an Agency is buying code, someone in that company could try to implant a flaw specific to that agency's systems. If the agency simply downloads the Open Source code, nobody has to even know they are using it, and thus cannot be specifically targeted.
Perhaps someday I will be able to convince them.
Note the mother's maiden name on the picture of his ID card. Does that mean he is a bastard?