No, it's not. Passwords are the key to open the door. If you get the key, then your security is functioning as intended, when someone can use it to open the lock.
Security through obscurity hides how the lock works. After all, you can't pick a lock, if you don't understand how it's tumblers are arranged.
The weakness of this approach, is that you prevent legitimate review of the mechanism - a 'good' algorithm can be mathematically proven as 'strong' (e.g. PGP).
Now, that's not to say that it's _not_ worth 'hiding' stuff - hacking a network is significantly harder if information on it is 'obscured' however if your security won't stand alone against someone who _does_ know everything about how it works, then it's fundamentally flawed.
Of course, DRM is all about giving someone a locked box. And then giving them the key to that locked box, so they can use the content. And at the same time, trying to control how/where/when they open the box.
It's not all that hard, to encrypt something such that it's 'computationally infeasible' to brute force crack. It's significantly harder to do so, whilst at the same time giving away a decryption key.
I'm not so sure they are actually. I mean, systems operations and the hurly burly of 'support' IT is a reactive workload. OK, so you can be proactive about it, but at the end of the day, you're responding to 'customer' need. (Be they internal or external customers).
A programmer on the other hand, is probably more project oriented, and actually more of an engineer than 'IT staff'.
That's not a justification, per-se, but the point remains that almost every bit of anti-piracy propaganda I've seen equates it to stealing. Now, whatever your stance on the 'is copyright infringement morally wrong', emotionally loading the issue by playing on misconceptions, is just not constructive.
The definition of 'theft' includes '... with intent to permenantly deprive...'. Copyright infringment, by definition, doesn't.
It is illegal to 'keep' a recording of a TV program. (ISTR a 2 week timeout)
It's illegal to give it to a friend to watch.
It might actually be illegal to watch your recording of yesterday's simpsons more than once as well.
Not that any of these are actually enforced or anything. But from a legal stance, VCRs exist to allow the 'owner' of a reciever (and if relevant, the person paying for the service) to record something, to watch later. Nothing more.
Different country, different culture. In the UK, driving age is somewhat higher (you get to start learning at 17, and are restricted for your first year after passing your test). As such, most students aren't drivers when they start university - they may have passed their test, but chances are they haven't bought a car. Cars, insurance (mandatory, and expensive when you're young) and fuel are also notably more expensive.
These factors combine, to mean that 'university' the guy with a car is in a definite minority. High school age, people probably haven't even started learning to drive. They're unlikely to actually own their own vehicle though
In the UK, the 'proceeds of crime' act allows the government to sieze anything gained from illegal activity. Of course, then they have to demonstrate it's illegality first, rather than just pretend it might be legal, and tax normally:).
Students, who mostly don't have cars, going shopping at the supermarket just far enough away to be a pain to carry stuff. So the trollies came too. Of course, it was also far enough away that it was a pain to take 'em back, which got to be a real big problem until a few bright sparks realised that a few of 'em is worth the effort, for the pound coins in 'em.
Of course, given these were students, a lot of the trollies had also been vandalised to get the pound coins out.
How dare they lock up shopping carts. Don't they know, that they just like to go for a swim once in a while, before being brutally dragged back to work by those thugs.
Pfft. Those won't re-invent anything. However I could pick out emergent techs that _will_ re-invent computing.
I'd start with SAN and host virtualisation, and 8Gb fiber connectivity. I mean, I don't think it's all that far off, before our 'datacentre' is a dynamic object, where you move instances packaged applications around physical hardware, whilst dynamically migrating the back end storage according to need.
Actually, you _can_ already do this, but it's still in it's early days yet. When get get as far as seamless support for geographic virtualisation, then we _will_ have revolutionised computing - we're getting there now, but it's still not quite there yet. Cluster each of the objects for failover reasons, and you have a system that at least in potential, has 100% uptime. You can even migrate 'stuff' off sufficiently resilient hardware, replace the failing component, and migrate back seamlessly.
Extend this into remote sessions, such as citrix environments, but with the extra cool that you actually can move the OS instance to be 'close' to the user in terms of network topology and bandwidth.
Of course, the irony is that this isn't so very different from what mainframes were doing, back in the day. I guess things really do come full circle.
The things this guy lists? Meh. They're gimmicks, not revolutions.
Speaking from someone involved in deployment planning, I can speak for at least one rather large UK financial company, and their supporting IT outsourcers, when I say we see no need for vista. I mean, what does it really give to the business user? DX10 might be why I end up upgrading at home, but... well, even XP isn't so much better than 2000 that there's any real drive to ugprade.
Apart from microsoft propaganda and support of course. And the 'bragging rights' effect, of people who always want the swankiest laptop with the newest stuff.
Remembering back to having to do Secure network accreditation (in the UK), there's actually a very short list of operating systems that have an EAL Evaluation Assurance Level certification. Because it's a bitch to go through the OS exhaustively, and check things, and therefore expensive. A few years back, the choices we had were Solaris 2.6, and NT 4 SP 3 I think it was.
No where near the most up to date at the time. (We were running Solaris 8 and 9 elsewhere on site, and NT had already been removed and being replaced with 2000). Now it seems, that Windows 2000, SP3 has been through the process, but that's with XP in the home, and Vista on the horizon.
Now, we _knew_ there was stuff that later patches had fixed, exploit/bug wise. However it was important to consider _proven_ EALs of software, before they could be used.
Now, sometimes it's actually more effective to assume a 0 EAL for the OS, and rely on other barriers to entry, to secure the information necessary. But with all such things, you need to think very hard in how you'll be constructing your network, based upon the sensitivity, impact and quantity of the protectively marked material you'll be handling.
Mostly though, you have to rely on user education and responsibilty - very simply, it's extremely difficult to 'secure' a system to the point where data export is impossible. It's significantly easier to make it _nearly_ impossible to do accidentally.
High security, value, and risk though, mean a lot of precautions _have_ to be taken. There's all kinds of nasty things that happen to a person, who feels they 'know better'.
There is a bit of an addition to 'non' multiplayer games, but it's notably worse with the MMOs. I mean, when you're making a 'commitment' to doing XYZ activity, then there's a bit of peer pressure re-inforcing it. This means you're less likely to be doing something productive at that time.
Working? Well, at what point does your 'gaming habit' affect your career prospects? I know a lot of people who fill their 'unemployed time' with gaming. I have no idea how much of an effect this has on their actualy employment record - I mean maybe they're unemployable, or maybe they're not actually looking hard enough. *shrug* hard to tell.
But clearly, you _should_ have been working 2 hours overtime! EVERYONE must work more time, and anyone who doesn't work an 18 hour day, 7 days a week is MISSING OUT.
I'd agree. Gaming _is_ addictive. Willpower is somewhat irrelevant though - I mean, how many gamers actually think they have a problem? I'd say I'm gaming for an average of 'a few' hours every day. I don't watch TV, so tell myself that this is the 'balance', and it's therefore acceptable. I, like so many others, don't consider this a 'problem'.
I wouldn't say I could 'stop any time' - I know there wouldn't be any physical effects, but I also can't think of anything at the moment that I'd rather do with my 'standard evening at home'. Same argument could be used for people who watch TV daily. I'd also regret 'leaving', because part of an online community is that it's... well, a community.
I also drink 'regularly' - I'm generally out with friends, on a friday night, and drink a beer or five. I do so at other times, occasionally.
Could I stop? Probably. But... well, why should I? I mean, where do you decide that 'habit' has become 'problem'?
So, willpower doesn't come into it. I've not really decided I want to 'break the habit' of gaming. I've not really decided I want to break the habit of going to the pub most weeks, either.
Gaming is addictive, as is stuff like IRC and MSN. They're ways to sink time, and exert a form of peer pressure on 'staying with it'. But like all 'addictions' there remains a line between 'it is a problem and I have to stop' and 'so what if I watch TV almost every night'.
I don't know. I could name a few people who 'underachieve' as a result of overdoing the gaming. You know, setting up whatever MMO, as more important than work, relationships etc.
Specific damage? None. Well, they could probably use some more exercise, but that could be said of a lot of people.
However in terms of 'net harm' to the economy, the 'loss' of a productive worker, who'd rather claim unemployment and play a MMO than work for a living, I think is at least as harmful as other forms of 'substance abuse'.
Especially in those job areas where you get lots of applicants. When you have a couple of hundreds CVs or Resumes, you 'filter' them, and throw away the ones you 'don't like the look of'. Grammar and spelling are one criteria that provides an easy rejection filter, for the reasons you list. It's a bit like showing up to the interview, in anything other than a suit. Or show up late to the interview. The job _might_ be grungy and laid back, and it might be that you'll never ever have to dress formal, ever. However the fact that you didn't, implies 'couldn't be bothered'. This is NEVER a good start with a potential employer:)
I finished University (admittedly, in.uk) earlier than expected, due to doing badly. Still graduated, but... well not well enough to continue to the 4th year, in Computer Systems Engineering.
So, I think I can say I was in a fairly similar situation.
Here's what I found out. There's a small list of employers who at every stage in the career 'screen' candidates based on degrees. Not many, but some.
For the other 95% or so, your degree grade matters for your first job. They have no prior career history to refer to, so they have to take the degree as an indicator. After that, the important thing is experience, and relevant skills. My employers since, have been vaguely interested in the fact that I had a degree, but I'm very sure that if I had no degree at all, and the same experience, I'd have got the job anyway.
My first job, was started whilst at university. I carried on when I finished, and that experience was the bootstrap to my second job, where I stayed for 5 years.
However, I do also know a fair few people who have not been able to get that 'initial' offer, who also didn't graduate all that well.
My advice would be this. Check the job market. If you can find something 'career building', that are prepared to interview you, then don't bother repeating a year. Degree grades get you into the interview, actually getting the job depends on your skills, presentation, manner, and general competence. All else being equal, if you have trouble finding that career building job, then go and repeat, rather than working at 'time filler' dead end jobs.
That's actually a pretty good analogy IMO. I use that a fair bit. I mean, _most_ drivers have certain expectations regarding cars. That they'll need a service every now and then. If something goes wrong, it'll take some time to investigate and fix.
All too often, we're getting situations where 'computer broke, fix now' is the way to go. Sometimes 'it isn't that easy' benefits from reference to things they follow.
Slashdot Mirror
Security through obscurity hides how the lock works. After all, you can't pick a lock, if you don't understand how it's tumblers are arranged.
The weakness of this approach, is that you prevent legitimate review of the mechanism - a 'good' algorithm can be mathematically proven as 'strong' (e.g. PGP).
Now, that's not to say that it's _not_ worth 'hiding' stuff - hacking a network is significantly harder if information on it is 'obscured' however if your security won't stand alone against someone who _does_ know everything about how it works, then it's fundamentally flawed.
Of course, DRM is all about giving someone a locked box. And then giving them the key to that locked box, so they can use the content. And at the same time, trying to control how/where/when they open the box.
It's not all that hard, to encrypt something such that it's 'computationally infeasible' to brute force crack. It's significantly harder to do so, whilst at the same time giving away a decryption key.
Sadly, the sourceforge page appears to have been taken down. I'm some what disappointed that there wasn't enough interest to sustain this project.
A programmer on the other hand, is probably more project oriented, and actually more of an engineer than 'IT staff'.
The definition of 'theft' includes '... with intent to permenantly deprive...'. Copyright infringment, by definition, doesn't.
It is illegal to 'keep' a recording of a TV program. (ISTR a 2 week timeout)
It's illegal to give it to a friend to watch.
It might actually be illegal to watch your recording of yesterday's simpsons more than once as well.
Not that any of these are actually enforced or anything. But from a legal stance, VCRs exist to allow the 'owner' of a reciever (and if relevant, the person paying for the service) to record something, to watch later. Nothing more.
Of course, if it isn't then I think I have an idea for a new business model...
These factors combine, to mean that 'university' the guy with a car is in a definite minority. High school age, people probably haven't even started learning to drive. They're unlikely to actually own their own vehicle though
In the UK, the 'proceeds of crime' act allows the government to sieze anything gained from illegal activity. Of course, then they have to demonstrate it's illegality first, rather than just pretend it might be legal, and tax normally :).
Students, who mostly don't have cars, going shopping at the supermarket just far enough away to be a pain to carry stuff. So the trollies came too. Of course, it was also far enough away that it was a pain to take 'em back, which got to be a real big problem until a few bright sparks realised that a few of 'em is worth the effort, for the pound coins in 'em.
Of course, given these were students, a lot of the trollies had also been vandalised to get the pound coins out.
I was actually quite shocked the first time I found out how much those things -actually- cost. It's actually rather frightening.
How dare they lock up shopping carts. Don't they know, that they just like to go for a swim once in a while, before being brutally dragged back to work by those thugs.
Actually, you _can_ already do this, but it's still in it's early days yet. When get get as far as seamless support for geographic virtualisation, then we _will_ have revolutionised computing - we're getting there now, but it's still not quite there yet. Cluster each of the objects for failover reasons, and you have a system that at least in potential, has 100% uptime. You can even migrate 'stuff' off sufficiently resilient hardware, replace the failing component, and migrate back seamlessly.
Extend this into remote sessions, such as citrix environments, but with the extra cool that you actually can move the OS instance to be 'close' to the user in terms of network topology and bandwidth.
Of course, the irony is that this isn't so very different from what mainframes were doing, back in the day. I guess things really do come full circle.
The things this guy lists? Meh. They're gimmicks, not revolutions.
Apart from microsoft propaganda and support of course. And the 'bragging rights' effect, of people who always want the swankiest laptop with the newest stuff.
No where near the most up to date at the time. (We were running Solaris 8 and 9 elsewhere on site, and NT had already been removed and being replaced with 2000). Now it seems, that Windows 2000, SP3 has been through the process, but that's with XP in the home, and Vista on the horizon.
Now, we _knew_ there was stuff that later patches had fixed, exploit/bug wise. However it was important to consider _proven_ EALs of software, before they could be used.
Now, sometimes it's actually more effective to assume a 0 EAL for the OS, and rely on other barriers to entry, to secure the information necessary. But with all such things, you need to think very hard in how you'll be constructing your network, based upon the sensitivity, impact and quantity of the protectively marked material you'll be handling.
Mostly though, you have to rely on user education and responsibilty - very simply, it's extremely difficult to 'secure' a system to the point where data export is impossible. It's significantly easier to make it _nearly_ impossible to do accidentally.
High security, value, and risk though, mean a lot of precautions _have_ to be taken. There's all kinds of nasty things that happen to a person, who feels they 'know better'.
There is a bit of an addition to 'non' multiplayer games, but it's notably worse with the MMOs. I mean, when you're making a 'commitment' to doing XYZ activity, then there's a bit of peer pressure re-inforcing it. This means you're less likely to be doing something productive at that time.
Working? Well, at what point does your 'gaming habit' affect your career prospects? I know a lot of people who fill their 'unemployed time' with gaming. I have no idea how much of an effect this has on their actualy employment record - I mean maybe they're unemployable, or maybe they're not actually looking hard enough. *shrug* hard to tell.
ITYM "moot". "Mute" is something different.
I wouldn't say I could 'stop any time' - I know there wouldn't be any physical effects, but I also can't think of anything at the moment that I'd rather do with my 'standard evening at home'. Same argument could be used for people who watch TV daily. I'd also regret 'leaving', because part of an online community is that it's ... well, a community.
I also drink 'regularly' - I'm generally out with friends, on a friday night, and drink a beer or five. I do so at other times, occasionally.
Could I stop? Probably. But ... well, why should I? I mean, where do you decide that 'habit' has become 'problem'?
So, willpower doesn't come into it. I've not really decided I want to 'break the habit' of gaming. I've not really decided I want to break the habit of going to the pub most weeks, either.
Gaming is addictive, as is stuff like IRC and MSN. They're ways to sink time, and exert a form of peer pressure on 'staying with it'. But like all 'addictions' there remains a line between 'it is a problem and I have to stop' and 'so what if I watch TV almost every night'.
Specific damage? None. Well, they could probably use some more exercise, but that could be said of a lot of people.
However in terms of 'net harm' to the economy, the 'loss' of a productive worker, who'd rather claim unemployment and play a MMO than work for a living, I think is at least as harmful as other forms of 'substance abuse'.
Especially in those job areas where you get lots of applicants. When you have a couple of hundreds CVs or Resumes, you 'filter' them, and throw away the ones you 'don't like the look of'. Grammar and spelling are one criteria that provides an easy rejection filter, for the reasons you list. It's a bit like showing up to the interview, in anything other than a suit. Or show up late to the interview. The job _might_ be grungy and laid back, and it might be that you'll never ever have to dress formal, ever. However the fact that you didn't, implies 'couldn't be bothered'. This is NEVER a good start with a potential employer :)
So, I think I can say I was in a fairly similar situation.
Here's what I found out. There's a small list of employers who at every stage in the career 'screen' candidates based on degrees. Not many, but some.
For the other 95% or so, your degree grade matters for your first job. They have no prior career history to refer to, so they have to take the degree as an indicator. After that, the important thing is experience, and relevant skills. My employers since, have been vaguely interested in the fact that I had a degree, but I'm very sure that if I had no degree at all, and the same experience, I'd have got the job anyway.
My first job, was started whilst at university. I carried on when I finished, and that experience was the bootstrap to my second job, where I stayed for 5 years.
However, I do also know a fair few people who have not been able to get that 'initial' offer, who also didn't graduate all that well.
My advice would be this. Check the job market. If you can find something 'career building', that are prepared to interview you, then don't bother repeating a year. Degree grades get you into the interview, actually getting the job depends on your skills, presentation, manner, and general competence. All else being equal, if you have trouble finding that career building job, then go and repeat, rather than working at 'time filler' dead end jobs.
No 'maybe'. I only lurk on Slashdot because I am out to get you all.
All too often, we're getting situations where 'computer broke, fix now' is the way to go. Sometimes 'it isn't that easy' benefits from reference to things they follow.
Hours? Unfair, you got the priority line!