hen we had this discussion once at work, I said "We're just not that interesting for the world class guys. You guys *watched* me log in and you don't recall my password. It's fine."
Passwords aren't everything. Anyway, you don't have to be interesting, just convenient, and crap security means that one of those vulnerability scanning bots will find your network, exploit it, and install something nasty. I'm sure none of the millions of botnet members on cable modems are all that interesting either.
If you have an application that accepts connections from perhaps a dozen internal applications without authentication, and allows them to engage in a transaction that involves real money, how do you handle a security audit? You tell the auditor exactly what's going on, and explain that to fix it you would have to figure out who's connecting, why they connect, what addresses they might connect from, maintain a list of users and modify the protocol to require the authentication data, and then force a dozen different application groups to modify their code to present authentication. The auditor has to really be the one to force those groups to make the changes.
If you're doing SOX auditing and you can't simply lock down the IP source, then they'll probably require that you get as far as a new protocol, then show progress towards abandoning the old one. Doesn't matter that it's hard - the idea is to determine whether you have proper controls, and for that app, you don't.
Well, the problem is that the product isn't different no matter who they get it from. And that's going to be true for any mass-produced, mass-marked item.
Except for Walmart. Which is why you shouldn't buy electronics from them.
the prices one can get a WalMart are very competitive with online retailers these days.
Sure, if you want the lower quality widget. Walmart electronics are garbage - the same part number, but cheaper guts so they can sell it cheap. No thank you.
Does this modulo extend to multiple partners? Animals? Why or why not?
Don't be a moron. I said any 2 adults. Why is it every time someone advocates gay marriage, you get some wingnut talking about marrying a goat? Consanguinity is a reasonable restriction - you don't want a high chance of the kids being inbred. Requiring man + woman is not - the relationships are just as stable, and they're only going to have kids by adoption anyway.
well they're the ones flipping out over guns based on how scary they look while ignoring traditional firearms that do the same thing. Meanwhile, an illegal in SF can gat a family in a shelter and all that happens to them is they get a plane ride home.
States don't marry people, churches do. When a couple goes before a justice of the peace and get married, they're really just entering a civil-union.
No, they're getting married; states have a concept of marriage and churches do too - they're called the same thing, they're just separate because the institutions are.
I don't like the prop 8 BS, but part of the reason I'm not in cali now is their bizarre obsession with guns. I can't own scary looking firearms? Morons.
It affects lots of things, such as adoption, hospital visits, and survivorship. how'd you like to live with someone for 40 years and lose your house when he dies because you can't automatically inherit the place of residence? There are lots of benefits to marriage that gays are being denied.
Just change the wording in all the laws from marriage to civil union and be done with it.
Too complicated. Just let any two adults get married (modulo consanguinity or whatever). Marriage is something that most be recognized across state lines, while civil union is not. How'd you like for some california couple to go to utah and, when one of them ends up in the hospital, be told that he has to leave because he isn't legally a spouse? That's like blacks on the 60s who couldn't stay at a motel for fear of being murdered.
First, we have a court decision allowing gay marriage. Then, we get a proposition that the voters decide that it should be illegal. Here, we have a very classic case of the voters' wishes versus the concept of legal rights which should not be subject to democratic vote. One side claims that marriage is an inalienable right regardless of gender, and the other side which says this isn't the case. Very deep stuff.
Keep in mind that the proposition was put forward as one type of amendment (needing 50% to pass) but acts like the other kind (needing 66%), so prop 8 may be invalid on its face.
So regardless of my feelings on Google's position, my thought is they should shut up. If individuals in Google want to take a stand, fine. But when it becomes Google versus the voters, I become uneasy.
Why should corps be silent on issues that affect them? The problem with corps is undue influence, not them speaking in the first place.
Not that I recall - the major theme that I recall is that millionaires tend to be the winners of a high risk bet - entrepreneurism. They're also people of normal taste and lifestyle, with a large difference between what they bring in and what they spend.
My original point was that, on average, people don't value what they're given, just what they have to work for.
Yeah, well adversity does help things along - reading the millionaire next door, people who had to work for their success did much better than those who didn't. Of course, Bill Gates and Paul Allen went to the Lakeside School, so there you go.
I'd be willing to bet that within the next year they are looking to thin the local IT staff to a skeleton crew and then migrate the servers over to India where they can do your job for a third of the cost.
Usually, they keep the servers here and hire indians for a bit over half the cost. Of course, even talented indian staff is hard to work with due to the distance and time difference. That's for software development - outsourcing IT to india would be a disaster: if anything breaks during the day, you have to wait for the IT guys to get in.
He says hello to her as we walk past and she starts getting in his face and saying things like "your penis is the oppressor" (I wish I was making that part up. It's just far too bizarre). All the while, I just try to keep a straight face since I know where this is going.
Not being gay myself, I'd probably ask how she knew what I called it.
Honestly, I found her complete ruthlessness more attractive than her, um, assets. I really think my dream woman is Linda Hamilton's character from T2. Keeps me on my toes or something.
Slashdot Mirror
Yeah, because being a triggerhappy thug is a good paying career.
hen we had this discussion once at work, I said "We're just not that interesting for the world class guys. You guys *watched* me log in and you don't recall my password. It's fine."
Passwords aren't everything. Anyway, you don't have to be interesting, just convenient, and crap security means that one of those vulnerability scanning bots will find your network, exploit it, and install something nasty. I'm sure none of the millions of botnet members on cable modems are all that interesting either.
If you have an application that accepts connections from perhaps a dozen internal applications without authentication, and allows them to engage in a transaction that involves real money, how do you handle a security audit? You tell the auditor exactly what's going on, and explain that to fix it you would have to figure out who's connecting, why they connect, what addresses they might connect from, maintain a list of users and modify the protocol to require the authentication data, and then force a dozen different application groups to modify their code to present authentication. The auditor has to really be the one to force those groups to make the changes.
If you're doing SOX auditing and you can't simply lock down the IP source, then they'll probably require that you get as far as a new protocol, then show progress towards abandoning the old one. Doesn't matter that it's hard - the idea is to determine whether you have proper controls, and for that app, you don't.
They don't - marriage transfers across state lines, while civil unions don't.
No, Walmart has the same part number with inferior innards. That's why the only thing I buy there are bullets for the range.
Well, the problem is that the product isn't different no matter who they get it from. And that's going to be true for any mass-produced, mass-marked item.
Except for Walmart. Which is why you shouldn't buy electronics from them.
the prices one can get a WalMart are very competitive with online retailers these days.
Sure, if you want the lower quality widget. Walmart electronics are garbage - the same part number, but cheaper guts so they can sell it cheap. No thank you.
Does this modulo extend to multiple partners? Animals? Why or why not?
Don't be a moron. I said any 2 adults. Why is it every time someone advocates gay marriage, you get some wingnut talking about marrying a goat? Consanguinity is a reasonable restriction - you don't want a high chance of the kids being inbred. Requiring man + woman is not - the relationships are just as stable, and they're only going to have kids by adoption anyway.
well they're the ones flipping out over guns based on how scary they look while ignoring traditional firearms that do the same thing. Meanwhile, an illegal in SF can gat a family in a shelter and all that happens to them is they get a plane ride home.
States don't marry people, churches do. When a couple goes before a justice of the peace and get married, they're really just entering a civil-union.
No, they're getting married; states have a concept of marriage and churches do too - they're called the same thing, they're just separate because the institutions are.
Should all companies get to repeal laws that might make their life harder or just the companys you like or laws you hate?
They should certainly get to try. Geez, pull the stick out.
I don't like the prop 8 BS, but part of the reason I'm not in cali now is their bizarre obsession with guns. I can't own scary looking firearms? Morons.
It affects lots of things, such as adoption, hospital visits, and survivorship. how'd you like to live with someone for 40 years and lose your house when he dies because you can't automatically inherit the place of residence? There are lots of benefits to marriage that gays are being denied.
Just change the wording in all the laws from marriage to civil union and be done with it.
Too complicated. Just let any two adults get married (modulo consanguinity or whatever). Marriage is something that most be recognized across state lines, while civil union is not. How'd you like for some california couple to go to utah and, when one of them ends up in the hospital, be told that he has to leave because he isn't legally a spouse? That's like blacks on the 60s who couldn't stay at a motel for fear of being murdered.
First, we have a court decision allowing gay marriage. Then, we get a proposition that the voters decide that it should be illegal. Here, we have a very classic case of the voters' wishes versus the concept of legal rights which should not be subject to democratic vote. One side claims that marriage is an inalienable right regardless of gender, and the other side which says this isn't the case. Very deep stuff.
Keep in mind that the proposition was put forward as one type of amendment (needing 50% to pass) but acts like the other kind (needing 66%), so prop 8 may be invalid on its face.
So regardless of my feelings on Google's position, my thought is they should shut up. If individuals in Google want to take a stand, fine. But when it becomes Google versus the voters, I become uneasy.
Why should corps be silent on issues that affect them? The problem with corps is undue influence, not them speaking in the first place.
Even OS X requires a reboot when you install system updates.
Maybe if you update the kernel; not using it much, I can only extrapolate from my linux experience, where updates almost never require a boot cycle.
Not that I recall - the major theme that I recall is that millionaires tend to be the winners of a high risk bet - entrepreneurism. They're also people of normal taste and lifestyle, with a large difference between what they bring in and what they spend.
My original point was that, on average, people don't value what they're given, just what they have to work for.
Yeah, well adversity does help things along - reading the millionaire next door, people who had to work for their success did much better than those who didn't. Of course, Bill Gates and Paul Allen went to the Lakeside School, so there you go.
I'd be willing to bet that within the next year they are looking to thin the local IT staff to a skeleton crew and then migrate the servers over to India where they can do your job for a third of the cost.
Usually, they keep the servers here and hire indians for a bit over half the cost. Of course, even talented indian staff is hard to work with due to the distance and time difference. That's for software development - outsourcing IT to india would be a disaster: if anything breaks during the day, you have to wait for the IT guys to get in.
That's sort of depressing - I'm in a major urban area and I thought pulling 100k meant I was doing ok.
90k is lower class? In what part of the country is that?
He says hello to her as we walk past and she starts getting in his face and saying things like "your penis is the oppressor" (I wish I was making that part up. It's just far too bizarre). All the while, I just try to keep a straight face since I know where this is going.
Not being gay myself, I'd probably ask how she knew what I called it.
they'll "learn how to write flirtatious text messages and emails"? Hm. Reeks of a sexual harrassment course to me :)
Not if you do it right :). That means don't flirt with someone at your work, or at least wait until you're dating them to do it over email.
Now that's a disturbing thing to find in an article about socialization.
Honestly, I found her complete ruthlessness more attractive than her, um, assets. I really think my dream woman is Linda Hamilton's character from T2. Keeps me on my toes or something.