I've been writing code nearly every day professionally for the past 25 years, and have a graduate degree in Computer Science and an undergrad degree in math. I've also taught computer science, on and off, for a local community college evening program.
Back in my day, we programmed on punch cards. If you didn't get it right the first time, you had to re-submit your deck. They only ran the compiler twice a day--once in the morning and once in the afternoon, so you had two chances/day to get your program correct.
You don't debug with a compiler, not in the days of punchcards, and not now. You debug by looking at your code and finding the bugs.
I think a written test is fair--what's the alternative. But most rigorous "Computer Science" programs don't spoon-feed programming language courses to students. Classes are on more abstract subjects. You are (or should be) expected to learn the syntax of a particular language on your own.
I hand people a white board marker and expect them to write code on the white board during job interviews. This really separates the men from the boys. You'd be surprised how many complete frauds are out there with "C++ expert" on their resumes! I have to reject outright about 80% of the people whose resumes have passed muster by our HR dep't. If I didn't give that written test, I may have made a bad mistake and hired an incompotent programmer who can talk and wear a suit well.
Now, if you know much about computing, you may be a little suspicious of this. JPEGs are compressed image files that only contain data representing an image to be displayed, not code to be executed.
You don't know much about computing. Let an expert explain it to you
Take a look at the GIF or JPEG file format standards. You'll notice that these data formats contain fixed length data blocks, or variable length data blocks where the length of the block is specified in the header.
It would be possible to specify a bad format that would cause a faulty JPEG or GIF decoder to overrun one of its internal buffers, perhaps corrupting the call stack, and causing it to start executing malicious "data" as code.
This danger is no different from finding buffer overrun problems in Microsoft IIS.
Since most folks aren't afraid to open GIF or JPEG files, if a virus writer manages to find a way to overrun a buffer in Microsoft's GIF or JPEG decoder he may have himself a vector.
I do know it's possible to crash Microsoft's "fax and image" viewer--the default viewer for JPEG on XP--with a badly formed JPEG file. And the thought has occurred to me that I can spread a virus this way if I can control the ovverrun.
It's certainly not as easy as using and IIS data ovverrun--many people have installed different default GIF/JPEG viewers, and the code changes from one version of the OS to another, but it's not impossible.
Think of it this way: An HTTP request contains NO EXECUTABLE CODE, yet a simple HTTP request was spreading CodeRed because it exploited a buffer overrun. The same technique can easily spread a virus in a GIF and JPEG.
Let me go out on a limb: I think you'll see the next GIF/JPEG virus within the next 60 days. There are too many people right now thinking about it.
Your credibility is already low because you came from a dot-com. (I work for a prestigious R&D group and we get between 100 and 1000 resumes for every open position. We throw "dot-com" ones in the trash. Our feeling is that folks who had the poor judgement to be part of that "Ponzi" scheme aren't worth considering.)
Your most precious asset is your reputation and your credibility. Once lost, you can *never* get them back. Your peers will remember you--and you will see them again.
Also don't try to go back to your employer and say you had a better offer elsewhere in an attempt to negotiate more money! When someone on my staff tries it, I tell them "Congratulations! It was nice working with you, but I understand you want to take this offer," and show them the door.
XP Fixed that "DLL" problem. Applications run with the version of the "DLL" they installed with. No longer will your COMMCTRL32.dll or whatever get stompted on because some software written by H-1B hacks didn't check versions before installing.
And, as you pointed out, even when they do check, you never know for sure if a newer version is really backward compat. Use the version it was QA'd with. Disk space is cheap.
Obviously Linux does not have the same problems as windows, and it is designed in a way that it should always be more secure.
I disagree.
I don't think Linux (or Mac "OS" especially) are any less vulnerable in a technical sense to viruses than Windows is.
It's just that the overwhelming majority of users run Windows and if you want a virus to spread rapidly, Windows is the platform of choice. Believe me, if everyone read their email with Emacs on Linux, there would be email viruses for that platform, too.
Slashdot Mirror
In fact, Country Music superstart Garth "Baldie" Brooks has been bitching about his lost revenue to used CD sales for years.
He even tried to strong arm reatailers that sold used CDs by not letting them have any orders for new CDs
Back in my day, we programmed on punch cards. If you didn't get it right the first time, you had to re-submit your deck. They only ran the compiler twice a day--once in the morning and once in the afternoon, so you had two chances/day to get your program correct.
You don't debug with a compiler, not in the days of punchcards, and not now. You debug by looking at your code and finding the bugs.
I think a written test is fair--what's the alternative. But most rigorous "Computer Science" programs don't spoon-feed programming language courses to students. Classes are on more abstract subjects. You are (or should be) expected to learn the syntax of a particular language on your own.
I hand people a white board marker and expect them to write code on the white board during job interviews. This really separates the men from the boys. You'd be surprised how many complete frauds are out there with "C++ expert" on their resumes! I have to reject outright about 80% of the people whose resumes have passed muster by our HR dep't. If I didn't give that written test, I may have made a bad mistake and hired an incompotent programmer who can talk and wear a suit well.
Then it would be a CRANE-LEV, not a MAG-LEV, wouldn't it? And it only defers the problem. Now you have to move a crane very fast...
I thought it would be a few centimeters, at best.
Microsoft's agent that put the virus in is the culprit here, and the risk, as news.com pointed out, is low.
Well, then Code-Red wasn't a virus either, because it just was an HTTP request that exploited a hole in IIS.
You don't know much about computing. Let an expert explain it to you
Take a look at the GIF or JPEG file format standards. You'll notice that these data formats contain fixed length data blocks, or variable length data blocks where the length of the block is specified in the header.
It would be possible to specify a bad format that would cause a faulty JPEG or GIF decoder to overrun one of its internal buffers, perhaps corrupting the call stack, and causing it to start executing malicious "data" as code.
This danger is no different from finding buffer overrun problems in Microsoft IIS.
Since most folks aren't afraid to open GIF or JPEG files, if a virus writer manages to find a way to overrun a buffer in Microsoft's GIF or JPEG decoder he may have himself a vector.
I do know it's possible to crash Microsoft's "fax and image" viewer--the default viewer for JPEG on XP--with a badly formed JPEG file. And the thought has occurred to me that I can spread a virus this way if I can control the ovverrun.
It's certainly not as easy as using and IIS data ovverrun--many people have installed different default GIF/JPEG viewers, and the code changes from one version of the OS to another, but it's not impossible.
Think of it this way: An HTTP request contains NO EXECUTABLE CODE, yet a simple HTTP request was spreading CodeRed because it exploited a buffer overrun. The same technique can easily spread a virus in a GIF and JPEG.
Let me go out on a limb: I think you'll see the next GIF/JPEG virus within the next 60 days. There are too many people right now thinking about it.
Hey! *I* shop at Wal*Mart and I'm a Silicon Valley multi-millionaire (with no dirty dotcom dollars)!
I'm no red-neck, I just don't like to get ripped off paying too much.
What ever happened to the Metamoderator. The /. l337 h4kr faggots who modded this up should be slapped silly.
Anyway, Here's how Macrovision works, and here is a link for a Macrovision remover that will actually work (I built one!).
HA HA HA HA! We laugh at those pieces of paper? How about a Ph.D. (or at least a Master's degree)? Then you're getting somewhere.
There's a lot of totem pole above you, chief!
Well, you can speak to the Oracle, a true superior being! See my sig.
You are a perfect example of what I meant. You're useless
Your most precious asset is your reputation and your credibility. Once lost, you can *never* get them back. Your peers will remember you--and you will see them again.
Also don't try to go back to your employer and say you had a better offer elsewhere in an attempt to negotiate more money! When someone on my staff tries it, I tell them "Congratulations! It was nice working with you, but I understand you want to take this offer," and show them the door.
"it's" means it is
and
"its" is the possessive.
Slashdot's editors make this mistake often. That may have been fine in 1999 where dumb kids had huge valuations, but it doesn't fly in this decade.
It stands for "HAPLOID", just like the H. in Jesus H. Christ.
And, as you pointed out, even when they do check, you never know for sure if a newer version is really backward compat. Use the version it was QA'd with. Disk space is cheap.
All this has been fixed (finally) in XP!
I run Windows XP because it's handy, and there's a lot of good commericial s/w for that platform, including Microsoft Office.
For servers, I run FreeBSD. Much better designed that Linux and there's a Standard Distribution by definition.
What ever happened to meta-moderation?
It's was obvious to me that Linux users are a bunch of stupid zealots even before you made fun of this guy's spelling!
That'll teach 'em! Posting a rant on a web log that nobody reads.
I think you put this on /. just to really teach them a lesson---by bringing their servers do a grinding halt for a few hours!
Yes! The Mac "OS" Stinks! The reason why most Mac users don't know that is because they're all suffering from AIDS-related dementia.
I disagree.
I don't think Linux (or Mac "OS" especially) are any less vulnerable in a technical sense to viruses than Windows is.
It's just that the overwhelming majority of users run Windows and if you want a virus to spread rapidly, Windows is the platform of choice. Believe me, if everyone read their email with Emacs on Linux, there would be email viruses for that platform, too.
Well, I was expecting it to be the University of Southern North Dakota at Hoople, but it was in fact Cornell!
The show has already aired in some timezones, and the winners were announced in a press release.
It must be a very slow news day.
Whoever marked this intelligent post as a troll is obviously suffering from AIDS RELATED DEMENTIA.
You are in my prayers.