Slashdot Mirror


User: Rich0

Rich0's activity in the archive.

Stories
0
Comments
11,574
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,574

  1. Re:Performance on Thin Client, Or Fat Client? That Is the Question · · Score: 1

    I agree that thick-client can be done inexpensively if you:

    1. Standardize.
    2. Tell employees not to store data locally.
    3. When employees deviate from the standard or store data locally just accept the loss when you deploy the new unit and just give them a blank standardized unit. If necessary, terminate the employee for not following the rules and creating a loss.

    The problem is that almost nobody does #3, which means they don't get #1-2, which means they don't benefit from the approach you suggest.

    Thin-clients are basically just enforced standardization - they lack the ability to not be standardized, or to store data locally, so you get automatic #1-2 without having to worry about #3.

  2. Re:Performance on Thin Client, Or Fat Client? That Is the Question · · Score: 1

    Funny - we deployed Citrix to SOLVE remote access problems with client-server apps with high latency networks.

    A Citrix-based app should perform nearly identically anywhere in the world. If it doesn't then your network is SEVERELY congested. Now, it might very well be slow in Europe, but if it is then it should be slow down the hall from the data center - the problem is insufficient server capacity.

    The problem is that IT management is told that thin-client is a great way to save SOME money, and they hear that as meaning that thin-client is a great way to save MOST of the money year after year. So often I've seen things done on a $1M budget, and then there are process improvements and you end up with a better-quality product on an $800k budget. Then the next year somebody gets greedy and says that if they were able to save $200k last year they should be able to save $100k more this year, and now you go from a great product on a lean budget to a lousy product on a leaner budget.

    It is way too easy in IT to make cost the primary metric with no measurement of quality. When you don't make quality a constraint it is REALLY easy to shot yourself in the foot...

  3. Re:Inspire them with science. on Can Movies Inspire Kids To Be Future Scientists? · · Score: 1

    Yup. It also seems like what we want is more people to spend money majoring in science and drive down the salaries. Most people who would be swayed into science "because it is cool" probably would not end up with meaningful well-paid careers.

    Reminds me of a friend with a son who went to college to learn how to create video games. I though, gee, that sounds like something that could pay at least reasonably well. I figured I'd talk to him and see if I could offer him career advice (being fairly knowledgeable about IT in general, if not game design in particular). From a brief conversation it was apparent that the kid enjoyed PLAYING video games but had no interest whatsoever in anything I could construe as designing them (from coding to graphics to sound to design to storytelling to whatever).

    I remember another friend who after seeing The Net decided that it sounded like fun to become a professional beta tester just like Bullock. I think he eventually figured out that there really aren't companies lining up to send random people with no particular technical qualifications fancy expensive gadgets and pay them serious wages to play with them all day.

    If you want to show kids that a job is important and essential to the economy and worth doing, start out by paying them well. Kids don't need to be encouraged to become cutthroat businessmen or lawyers - it just comes naturally. The problem is that our society does not efficiently allocate resources towards things that benefit society the most. Don't get upset when kids figure that out and learn how to become leaches like most of the previous generation.

  4. Re:The problem in the US... on Can Movies Inspire Kids To Be Future Scientists? · · Score: 1

    First, from everything I've seen intelligence is almost entirely fixed at birth. Sure, it does need to be cultivated, and as somebody else pointed out you can influence your output a little, but an average-intelligence kid is not going to consistently outperform a brilliant kid in their area of talent no matter how much effort he puts in, or how much the brilliant kid goofs off. In the subjects I was good at I'd be at least 1-2 standard deviations above the rest of the class on difficult tests with almost no time spent studying at all (and trust me - the others studied). In subjects I struggled in I'd work really hard but have trouble getting more than a B.

    As others have pointed out, raw intelligence does not really translate into economic success, which I'd wholeheartedly agree with. However, those who are economically successfully probably have figured out that when you're a great football player you play football, not chess.

    As far as the top percentile goes, that is pretty-much my observation. I work in a science-based company, and scientists at the company fall into one of two categories - those who are WAY at the top of their game, and those who are constantly worried about the next round of layoffs. The ones worried about layoffs are probably still up in the top few percentiles of the population in scientific ability. It just is a dog-eat-dog world out there unless you get lucky enough to land a low-pay government job. Employers pay for results, and they have a HUGE pool of talent to draw from - worldwide. Why would they pay serious wages to anybody who wasn't top-notch? If they just need bodies to follow directions they can get those for 1/4th the wage overseas.

    If kids want to be economically successful they need to find something they can be good at, and do it. They also need to figure out how to make work, not wait for somebody to come along and tell them what to do. They don't need to be self-employed, but they do need to be self-starters. I think that is the biggest problem with institutional education - it creates passive students who just take whatever courses the guidance counselor recommends and they don't know what to do when nobody is telling them what to do.

  5. Re:The problem in the US... on Can Movies Inspire Kids To Be Future Scientists? · · Score: 1

    Yup, just like getting the military ready to fight the last war, the teaching institutions are getting kids ready for the job markets of 1990.

    A friend of mine encouraged her daughter to pursue cosmetology, since she had a great deal of talent and interest. She was average in intelligence, and there is no question she could have handled college. However, she would have ended up with a mediocre grade from a mediocre school and probably would end up struggling to get some clerical job that pays $35k/yr with $100k in loans and hate every day of it.

    Instead, she'll be done school with about $5k in loans, doing something she is actually talented at and which she could potentially compete at a regional to national level in, in a line of work that is transferable anywhere where you can be your own boss or work in a cozy small business with a nice clientele in any city in the USA. For three years while her friends are spending $25k/yr and still at a high-school level of maturity she'll be out getting real-world experience with almost no difficulty finding work. While her friends are bussing tables or working high-school summer jobs for $8/hr she'll be at entry-level career pay, and by the time her friends are back living with their parents she'll probably be able to live completely independently with a stable career, and if she is frugal perhaps own a home. Her friends' parents will end up spending most of their retirement savings preparing their kids to live meaningless clerical careers constantly fearing the next wave of outsourcing and wondering when they'll be able to move out of the house.

    The key is to find a career that you can enjoy, make a decent living at, and actually EXCEL at. A college diploma on its own won't guarantee any of that. Sure, lots of people SHOULD go to college, because it is necessary for a career that are likely to excel at.

    Finally, the US doesn't seem to need more scientists. Most businesses are laying them off left and right to send the work overseas. Colleges pay them moderately well, but only because the tuition bubble hasn't burst yet. If you want to encourage kids to be scientists, start paying them like the aforementioned businessmen and celebrities...

  6. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 1

    My understanding is that HTML5 supports local storage. Chrome OS also supports local storage, and of course there is dropbox/etc.

    Lastpass actually supports Chrome OS just fine. The problem is that it doesn't support Android unless you pay for it. Keepass supports Android, but doesn't support Chrome OS.

    Relax - just because an OS doesn't run your favorite piece of software or whatever doesn't mean that it is useless. I've found that I'm able to do 95%+ of everything productive I do on a PC from Chrome OS already, and I understand that they're working on an NX/Citrix-like solution for some of the niche apps that don't fit.

    In any case, a secure standard for authentication sounds like exactly what the web needs - whether it be dictated by HTML6, or HTTP, or whatever. SSL is already 80% of the way there - we just need to make it universal and support more secure key-storage such as in smartcards that are user-controlled, not issuer-controlled.

    I'm sure that when Andy came out with yet another platform (Android) that others were saying the same thing... :) Whatever...

  7. Re:Performance on Thin Client, Or Fat Client? That Is the Question · · Score: 2

    Read carefully. According to the most recent news I could find Red Hat was expected to earn 0.9 billion in revenues this year, which is zero when rounded down to the nearest integer.

    Red Hat's customers are more of the target for thin-client computing.

  8. Re:Security on Thin Client, Or Fat Client? That Is the Question · · Score: 1

    Fred, is that you? :) If not you'd fit in just fine where I work.

    Of course, the real solution is switch goes down, and monitoring system immediately spots the problem, and tech is immediately dispatched to replace it and in 20 minutes we're running again.

    The reality is that the IT manager would do a Six-Sigma analysis and during the 5 days spent collecting metrics the fancy monitoring software would detect no failures and thus had no benefit, but it has substantial licensing costs, so it will get optimized out. Sure, maybe there is a risk of downtime, but that doesn't impact the IT budget so that isn't factored into the analysis...

    Too often corporate IT is about saving IT dollars, and it misses the whole reason we have IT in the first place. I have a simple solution for saving support costs in a company - sell off all the computers and phones in the company - boom, zero cost overnight. The problem is that computers and phones are handy for getting work done. It is really easy to lose sight of that.

  9. Re:Performance on Thin Client, Or Fat Client? That Is the Question · · Score: 1

    The other potential savings is in provisioning. When every unit is identical, and all the data is on the servers, then when an employee busts a unit you can just hand them another one, and problem-solved. Zero data loss, etc. Also, when an employee loses one in theory it won't contain any data/etc. All your data is always safe and secure all the time.

    At work half of our apps are all running via Citrix/etc anyway - it just simplifies deployment significantly and gets rid of all kinds of compatibility issues. We also have human-safety aspects to our applications so keeping the app contained to a server gives us the ability to legally document fitness for purpose and all that.

  10. Re:Performance on Thin Client, Or Fat Client? That Is the Question · · Score: 2

    I see. And how many billions of dollars per year does your employer make, rounded down to the nearest integer?

    If the answer is zero, you're not really the target of VDI...

  11. Re:What if they just don't? on NASA To Continue Funding Canceled Ares Project Until March · · Score: 1

    Keep in mind the executive branch runs the police and the jails, so the ability of the courts and congress to punish anybody is basically at their discretion.

    I don't see how impeachment would be subject to judicial review. As long as Congress can come up with something resembling a charge I don't see any constitutional reason that they can't impeach and convict a president for blowing his nose the wrong way. It just isn't something that is very likely to happen.

    In general while Congress is being fiscally irresponsible it isn't appropriate to just disregard them. On the other hand, we really need to reform the practice of adding riders to bills/etc that allows this stuff to happen...

  12. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 1

    Well, the spammer is going to go for path of least resistance - he needs accounts and 500 is as good as 800 most likely.

    However, if by some miracle the advocates of stronger passwords get everybody to rotate passwords with numbers at the end, 5 lines of python on the attack scripts will be sure to try incrementing numbers at the end of each password when they get a failure.

  13. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 1

    Looked into it, seems pretty good. The only issue is that I have to pay $12/yr to use it from all the platforms I use, which is about $12/yr too much. The other option I see is Keepass, which is open source, but it doesn't seem to support Chrome OS.

    These are really all just band-aid solutions to the real problem. The real problem is that HTML does not mandate any strong authentication mechanism, so everybody just picks the path of least resistance, which is a password.

  14. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 1

    Looked into it - doesn't seem like it supports android unless you pay for it. Keepass seems to be another popular option, but that doesn't support Chrome OS.

    It seems like these are all bandaids - SSL or something like that is probably a better option, with the key being kept in a smartcard. We just need to have the browser standards updated so that future browsers refuse non-SSL connections in the future so that everybody gets on-board. I don't see that happening anytime soon, but that is what it would probably take to have security. If security isn't built into the standard then it will never really get proper attention.

  15. Re:Keepass on Mozilla Posts File Containing Registered User Data · · Score: 1

    I like the concept behind keepass since it is open-source, but they seem to be missing a Chrome OS client.

    Wouldn't it be better to just use SSL or something like that, and get rid of passwords altogether? Granted, that requires every site on the internet to get more serious about security. I guess if we get enough worms it will eventually happen...

  16. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 3, Insightful

    I think you're stretching "easily computable" - when I want to log into a website I don't want to spend 10 minutes with a calculator and an ascii table, or require access to the md5sum application.

    Plus, this only works if it remains an uncommon way of generating passwords. If it becomes commonplace, then if a hacker can run through a bazillion md5 sums do you think that it will take them long to include variants of site names represented as ascii in their attacks? Once they figure out your algorithm through brute-force then it can be trivially applied to any other sites you have accounts on.

  17. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 1

    How do I use that on a work computer that I do not have admin rights to, and on which I'm forbidden by policy to install software on?

    Also - the website is hazy on how it manages synchronization - I'd prefer not to have to give some random service provider cleartext passwords to all of my accounts.

    Sure, password vault programs are a band-aid to a fundamental problem, but they are not a good solution.

  18. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 2

    What would be the point?

    Suppose the gizmodo password hashes are leaked, and somebody figures out that my username is rich0 and my password is gizmodo875.

    Does it do me any good that my slashdot password is slashdot875?

    This is why password aging is useless - if somebody finds the password of useless12 no longer works on a site that enforces aging they just have to log in using useless13 and that will work for 99% of accounts.

  19. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 2

    That's great, and how do you propose keeping all those passwords secure and synchronized across multiple devices and operating systems, some of which I'm not permitted to install software on?

    It isn't like I only access the web from one terminal...

  20. Re:Mozilla's public disclosure on Mozilla Posts File Containing Registered User Data · · Score: 5, Interesting

    if they have the bad habit of using the same password everywhere

    What alternative do you propose? I must have accounts on 100 different websites by now, including this one. I can't create and remember 100 distinct strong username/password combinations on all of those websites. Unless you're an autistic savant you can't either.

    Passwords are false security - they are a way to CYA and blame the victim for causing the problem, while giving them no realistic solution. Sites that depend on their users choosing unique passwords for security are simply insecure, period.

  21. Re:cvs blame or git-blame? on NASA To Continue Funding Canceled Ares Project Until March · · Score: 1

    Yup, it would waste less money to just send every worker a year's salary beyond their regular severance and send them home. At least then we don't have to pay to keep the lights on and churn through materials to build things we intend to throw away.

    The magnitude of government waste amazes me sometimes...

  22. Re:Nothing new here - and they don't 'work' on Placebos Work -- Even Without Deception · · Score: 1

    Thinking that you're taking something that is going to help you has all sorts of psychological effects which may improve your quality of life and make you feel better, but it's not going to lower your cholesterol or get your cancer into remission.

    Do you have any clinical evidence to back that statement up?

    Sure, it just makes sense, I'll agree with that. However, that doesn't make it true. Perhaps positive thinking actually has an impact on blood cholesterol levels, or immune system activity, or whatever. Until you do a controlled experiment, you don't know.

  23. Re:Nothing new here - and they don't 'work' on Placebos Work -- Even Without Deception · · Score: 4, Informative

    I'd need to see a cite for your claim.

    Just look up the results for any drug clinical trial, and you'll see objective clinical results in the placebo arm of the trial. Give somebody a statin and it will lower their LDL by 30%, but give them a placebo and it will probably drop it around 5-10%. No need to ask the patient how they're feeling, just take a blood sample and send it to a lab, all in a blinded trial where nobody doing the testing knows how it will turn out.

    Placebos achieve all kinds of documented clinical outcomes. You could probably improve the lives of poor people tremendously while not raising healthcare costs a dime if we just gave them all placebos for their ails. The question is which is more unethical - letting poor people die because we're unwilling to spend money on their care, or letting fewer poor people die by lying about the fact that we're unwilling to spend money on their care... If you look at it objectively, that's a pretty potent question. Of course, people will point to the third option - simply spending more money on their care, but if we were willing to do that we wouldn't be talking about the topic in the first place, and there will always be a limit beyond which we could still gain marginal improvements by using placebos (give somebody a statin, and a "Super Statin" placebo).

  24. Re:Bad Passwords Are the Weakest Link. on Passwords Are the Weakest Link In Online Security · · Score: 2

    Actually, OpenID still solves a big problem - people using one password for all sites so that if you compromise one of them you compromise all of them.

    With OpenID you use your password for ONE site, and then you use strong crypto for all the other authentications. Sure, if you crack that one site you still get it all, but that one site is more readily secured, and as soon as you resecure the OpenID site all the others become secure again.

    Coming up with one good password isn't nearly as hard as remembering 48 of them.

  25. Re:Take a guess... on Labor Lockout Lingers At Honeywell Nuclear Plant · · Score: 1

    Yes, but what if you don't WANT them to perform those services for you? Oh, wait, you don't have a choice. The pay your employer gives you is dictated by the union's agreement with the employer, and you are not permitted to reach your own agreement with them.

    Suppose I walk up to your car and wash your windows and demand $5? Hey, I performed a service for you, right? And you chose to drive on MY street!