Try getting a visa to work in China or Brazil. Those countries do not readily allow foreigners to work "their" jobs.
Hell, that's true of Canada. A few months back I had to be in Alberta to provide on-site support for a new software deployment. The border guard was very intent on ensuring that I wasn't entering the country to displace Canadian workers and explicitly said so.
I have zero problems with this kind of protectionism - a country's government exists for the benefit of the citizens of that country. Unfortunately the United States government has no such concern for its own people.
That's an urban legend. When I worked there, I didn't hear of any effort at all made for backwards compatibility, except for a few tools we used internally. We just didn't give a damn about it, and that's why Windows is so horrific at it.
I guess the former co-worker that previously wrote shims at MS all the way up until she left there in 2012 was all in my imagination, then.
Both supercaps and batteries will slowly self-discharge - supercaps loose charge even faster than batteries.
Hence why I said "they don't hold a charge forever either". Supercaps do have an advantage in that they can be charged *really* quickly. Neither addresses the fundamental problem, which is that any kind of circuit incorporated into a weapon is just one more thing that can fail, and tends to fail at a higher rate than a simple mechanical design.
There are two types of smart gun technology out there.
And both use batteries, which can die at the most inopportune time. Supercaps could perhaps mitigate this to a degree, but they don't hold a charge forever either.
What kind of messed up world where sourceforge is shady?? Most projects still are only hosted by them. How do I know if it is a compromised version or not?
It's been like that for a couple of years. GIMP and FileZilla are probably the two highest-profile packages associated with SF shenanigans. As far as how you'd know it's compromised, I don't really have a good answer. The issues are with the installer Sourceforge uses (and SF's handling of abandoned projects), so the best bet may be to download the source and compile it yourself for those packages that aren't available elsewhere.
Guitars,cars, tools,toys...but nowadays quality is associated with other countries....
I'd put Alembic, Fodera, Sadowsky, and Lull up against *anything* made anywhere else. Fender's USA instruments are usually pretty nice, although Gibson and Rickenbacker can be all over the place at times.
If all you're really interested in is a sheet of paper so you can get a contract, what you want is the auditor that tells you everything in your company is in a great security shape. Not that pesky one that would actually find something wrong with your security.
This is why SSAE 16 certification doesn't mean a lot to me. Having been through the certification process personally, I've seen firsthand a lot of crap signed off that shouldn't have been. Our "data center" was located in a suite in the office building next door, connected to us via directional WiFi, with no cameras, no facility access logs, and only a glass front door between the sidewalk outside and the servers in the rack. Keys were freely available to whoever wanted them in our office, plus the DC's owner gave keys to his other customers, and all of the racks were exposed to whoever might have wanted to start swapping cables around - no locking cabinets whatsoever. Despite all of that, and other questionable practices that I'd constantly been bugging the boss about fixing (especially since we were handling financial data for a number of banks), we got our Type II certification with no problems at all. Going into the process, I was sure we were screwed, but the auditor didn't even ask for the 6-month historical documentation. I didn't get to see the final report, so I'm guessing a lot of it was sheer fiction. "Write a check, get your certification", it seems with at least some vendors.
I don't think it's an Agile thing, I think it's more that CS programs are focusing on the hotness of the day instead of solid CS fundamentals and basic digital electronics, and that it seems a lot of today's coders just don't have a lot of interest in how things really work. Last year I had to explain what a daemon was to a 23 year old web dev a couple of months away from his MSCS because he'd never heard the term before. That shouldn't happen - either he should have been exposed to it in school, or he should have come across the term in the course of being a geek that likes computers, IMO.
Perhaps, but remember that Google and Apple are publicly-owned corporations. It's nice to think that they'd tell New York to kiss off, but if they did that you can pretty much guarantee *big* shareholder lawsuits as a result.
It was run as an air burst (to maximize blast damage), and if you look, fallout was considered in the simulation run. Fallout would be minimal, and the political/financial aftermath isn't going to "destroy one country per bomb".
Fusion bombs aren't that strong. An average 1.2 Mt device set off in the air at the Magic Kingdom in Walt Disney World would likely leave most of Orlando unscathed beyond broken windows and a bad sunburn, and wouldn't even have any effects at KSC beyond hearing it. Running the plot for a much larger 5 Mt explosion shows that while there's significantly more damage, even the nearby cities of Sanford and Lakeland wouldn't be significantly affected.
Well there's the problem of police guns getting stolen and police guns being grabbed and used against the officers. Smart guns are a valid solution to that.
We'll see if it's a valid solution when a couple of cops get knived because their gun failed to fire. Guns already have enough potential failure modes without adding more.
I guess they should have spent some time looking at their own stuff rather than other people's code in this case.
Yeah, really. I would have thought that a product being advertised has having such comprehensive security would have each firmware release candidate thoroughly tested for such things under a variety of situations. Having missed an open port listening for traffic, even if it's only in the internal environment, doesn't give me a lot of confidence that there aren't other problems to be found.
For a non-technical person not in the know (or knowing someone that is), that can initially seem pretty expensive, if they even realize it is possible at all.
Of course, and it's not reasonable to expect everyone to have a degree of skill with electronic repair. However, given the value of the data in question, I'm a bit surprised that they didn't appear to find someone qualified to ask whether the machine could be fixed before going the data recovery route.
Slashdot Mirror
Try getting a visa to work in China or Brazil. Those countries do not readily allow foreigners to work "their" jobs.
Hell, that's true of Canada. A few months back I had to be in Alberta to provide on-site support for a new software deployment. The border guard was very intent on ensuring that I wasn't entering the country to displace Canadian workers and explicitly said so.
I have zero problems with this kind of protectionism - a country's government exists for the benefit of the citizens of that country. Unfortunately the United States government has no such concern for its own people.
and the technician did not necessarily know the age of people in the picture (Even if they look old, their legal age might be below the limit)
Or vice versa.
That's an urban legend. When I worked there, I didn't hear of any effort at all made for backwards compatibility, except for a few tools we used internally. We just didn't give a damn about it, and that's why Windows is so horrific at it.
I guess the former co-worker that previously wrote shims at MS all the way up until she left there in 2012 was all in my imagination, then.
Both supercaps and batteries will slowly self-discharge - supercaps loose charge even faster than batteries.
Hence why I said "they don't hold a charge forever either". Supercaps do have an advantage in that they can be charged *really* quickly. Neither addresses the fundamental problem, which is that any kind of circuit incorporated into a weapon is just one more thing that can fail, and tends to fail at a higher rate than a simple mechanical design.
There are two types of smart gun technology out there.
And both use batteries, which can die at the most inopportune time. Supercaps could perhaps mitigate this to a degree, but they don't hold a charge forever either.
"I must have put a decimal point in the wrong place or something. Shit! I always do that! I always mess up some mundane detail!"
What kind of messed up world where sourceforge is shady?? Most projects still are only hosted by them. How do I know if it is a compromised version or not?
It's been like that for a couple of years. GIMP and FileZilla are probably the two highest-profile packages associated with SF shenanigans. As far as how you'd know it's compromised, I don't really have a good answer. The issues are with the installer Sourceforge uses (and SF's handling of abandoned projects), so the best bet may be to download the source and compile it yourself for those packages that aren't available elsewhere.
Put $100 million in the bank and earn $20 million a year and you'll find that your worldview and focus changes... a lot...
In the interest of science, I'm willing to be a test subject for this experiment.
Guitars ,cars, tools,toys...but nowadays quality is associated with other countries....
I'd put Alembic, Fodera, Sadowsky, and Lull up against *anything* made anywhere else. Fender's USA instruments are usually pretty nice, although Gibson and Rickenbacker can be all over the place at times.
If all you're really interested in is a sheet of paper so you can get a contract, what you want is the auditor that tells you everything in your company is in a great security shape. Not that pesky one that would actually find something wrong with your security.
This is why SSAE 16 certification doesn't mean a lot to me. Having been through the certification process personally, I've seen firsthand a lot of crap signed off that shouldn't have been. Our "data center" was located in a suite in the office building next door, connected to us via directional WiFi, with no cameras, no facility access logs, and only a glass front door between the sidewalk outside and the servers in the rack. Keys were freely available to whoever wanted them in our office, plus the DC's owner gave keys to his other customers, and all of the racks were exposed to whoever might have wanted to start swapping cables around - no locking cabinets whatsoever. Despite all of that, and other questionable practices that I'd constantly been bugging the boss about fixing (especially since we were handling financial data for a number of banks), we got our Type II certification with no problems at all. Going into the process, I was sure we were screwed, but the auditor didn't even ask for the 6-month historical documentation. I didn't get to see the final report, so I'm guessing a lot of it was sheer fiction. "Write a check, get your certification", it seems with at least some vendors.
They haven't actually looked at anyone's contents; no file has actually been opened or read.
If the files haven't been read, how were the hashes generated?
I don't think it's an Agile thing, I think it's more that CS programs are focusing on the hotness of the day instead of solid CS fundamentals and basic digital electronics, and that it seems a lot of today's coders just don't have a lot of interest in how things really work. Last year I had to explain what a daemon was to a 23 year old web dev a couple of months away from his MSCS because he'd never heard the term before. That shouldn't happen - either he should have been exposed to it in school, or he should have come across the term in the course of being a geek that likes computers, IMO.
Perhaps, but remember that Google and Apple are publicly-owned corporations. It's nice to think that they'd tell New York to kiss off, but if they did that you can pretty much guarantee *big* shareholder lawsuits as a result.
Yup. UUNet is one of the few providers that was subjected to a UDP.
From the summary: "the approximately 50,500 comments" (about what the average Slashdot reader reviews in a day!)
No, the average Slashdot reader does not read that many comments per day. At the rate of one comment per second, that's almost 14 hours straight.
And a computer can easily triangulate its position via cell towers. Something that a human cannot do.
Assuming there are cell towers within sight. There are plenty of places in the U.S. with limited to no cell service on the highways.
It was run as an air burst (to maximize blast damage), and if you look, fallout was considered in the simulation run. Fallout would be minimal, and the political/financial aftermath isn't going to "destroy one country per bomb".
Fusion bombs aren't that strong. An average 1.2 Mt device set off in the air at the Magic Kingdom in Walt Disney World would likely leave most of Orlando unscathed beyond broken windows and a bad sunburn, and wouldn't even have any effects at KSC beyond hearing it. Running the plot for a much larger 5 Mt explosion shows that while there's significantly more damage, even the nearby cities of Sanford and Lakeland wouldn't be significantly affected.
Well there's the problem of police guns getting stolen and police guns being grabbed and used against the officers. Smart guns are a valid solution to that.
We'll see if it's a valid solution when a couple of cops get knived because their gun failed to fire. Guns already have enough potential failure modes without adding more.
C# has many problems and is a clumsy hybrid, and also never really caught on outside of the OSX/iOS/NeXT worlds.
I think you meant to say Objective-C there.
I guess they should have spent some time looking at their own stuff rather than other people's code in this case.
Yeah, really. I would have thought that a product being advertised has having such comprehensive security would have each firmware release candidate thoroughly tested for such things under a variety of situations. Having missed an open port listening for traffic, even if it's only in the internal environment, doesn't give me a lot of confidence that there aren't other problems to be found.
No, they don't mean anything. Compare them to Velocity Servers/ColoCrossing. Those guys have whole /16s and /20s listed.
I always find it amusing when a big spammy hosting provider gets pwned.
Linode isn't one of those. You want real spam? Go look at ColoCrossing and its subsidiaries/resellers.
For a non-technical person not in the know (or knowing someone that is), that can initially seem pretty expensive, if they even realize it is possible at all.
Of course, and it's not reasonable to expect everyone to have a degree of skill with electronic repair. However, given the value of the data in question, I'm a bit surprised that they didn't appear to find someone qualified to ask whether the machine could be fixed before going the data recovery route.
Oooh, that stung.