Maybe the rest of the company is still running XP, so to keep the administration standardized they want the new boxes to also have XP until they're ready to upgrade the whole network to Windows 7 or 8.
... based the content or who is the sender, they should also be held criminally responsible for illegal content that travels over their wires, just as a newspaper would be liable if they published child pr0n.
Either you're a dumb data carrier who isn't responsible for the data being carried, or you're an active participant liable for what you transmit. Can't have it both ways, fools.
Maybe they did send a C & D to Housingmaps.com, but Housingmaps lawyer's told Craigslist to STFU. I don't think Craigslist has legal standing to stop others from doing similar things.
Does that job posting also list C#, Access, PHP, Apache web server administration, and a bunch of other stuff in addition to experience as an MS SQL DBA?
I believe the GP was talking about the opposite -- an H1B worker with Sr-level skills placed into a (nominally) Jr-level position so the company can justify the low salary to the government. But in reality, they have Sr-level skills and do the work of a Sr-level person.
They hack the server and get the password file, which has hashed versions of the passwords. For example, the word "password" when run through the SHA-1 hash routine becomes the hash "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8".
There is no reverse formula to get back the original string from the hash. But they can attempt millions of passwords per second on their own computers, running each guess through SHA-1 to see if the result matches any of the hashes in the password file.
In addition, the hackers also have precomputed "rainbow tables" which will tell them the original string if the hash is in a database of billions of known hashes.
Unsalted SHA-1 hashing is still a lot better than plaintext. Unsalted passwords won't be found by a rainbow table or dictionary attack if they're long enough and complex enough. Even 12 characters with a mix of letters and numbers and symbols, and without any dictionary words, will defeat just about any rainbow table or dictionary attack on SHA-1 hashes.
Extended brute force attacks may reveal some of the longer passwords, but that's a much bigger and time-consuming task than rainbow table and dictionary attacks. They won't have the time and computing resources to successfully attack even 1% of the longer passwords in that manner.
The judge's mention of how easy it is to write rangeCheck seemed to be directed at Oracle's claims that copying that piece of code allowed Google to move to market faster and save millions of dollars, and not whether it was copyrightable. In other words, he's saying that because it's so trivial, anything Google gained and Oracle lost as a result of that copying doesn't justify a large damages award.
"I'm actually very impressed that these detectors are widely deployed and sensitive enough to pick this up."
I'm actually very disturbed that the detectors are configured to alert officers to levels of radiation that are far too low to be a threat to anybody.
The detectors should either ignore radiation below a dangerous threshold, or display a number that allows the officer to adjust for distance (e.g. a reading of X should be ignored for a car 15 feet away, but X could signify something dangerous in a dumpster that is 200 feet away).
"It is clear that the documentation for an API makes a massive difference to the usability of the API. I have yet to be convinced that documentation of the code enhances that maintainability of it."
Rather than enhancing the maintainability per se, the documentation helps with letting you know what needs to be maintained. In particular, a block of code may look perfectly error-free without looking at the documentation, but you only realize something is wrong when the documentation doesn't match what the code is actually doing. That then triggers further investigation to determine whether the documentation or the code is wrong or both, whereas without the documentation you might have glossed over that block of code because it looked logically correct by itself.
You forgot about that guy (who was mentioned in a recent article on Slashdot) whose hard drive crashed shortly before the government seized MegaUpload's servers.
To avoid being in a similar situation you have to keep a local backup in addition to the cloud.
That's correct. But when management outsources the software development to Dirtcheapistan, the programmers there often don't know or care about that. Sure, the in-house programmers should do code reviews and catch that -- but sometimes the management decides to save money by stopping the in-house programmers from doing reviews of the outsourced code, or not allocating sufficient time for proper reviews.
2) Glitches in the system (data corruption, software bugs, hacking, erroneous data entry, downtime) that occasionally prevent legitimately registered and insured drivers from refueling
3) People carrying around jugs of gasoline in their trunk so they can refuel if (2) happens
4) People with uninsured/unregistered cars also doing (3), after collecting gas via (5)
5) Stealing gas by siphoning from parked cars
6) Legitimate motorists who get robbed or assaulted as a result of being stranded due to (2) or (5)
7) Fires and explosions as a result of (3) and (4)
I oppose software patents in general, but if this patent covers their specific algorithm I don't really have a problem with that.
The trouble is that regardless of whatever algorithm they describe in the patent, the patent can be used to sue others who use a different algorithm to implement the same concept.
So they can get a patent on an ineffective algorithm for image search, wait for somebody else to create a better algorithm that is actually effective, then sue the implementor of the better algorithm. The patent effectively covers the concept, not the algorithm, hindering innovation by preventing others from implementing their own different algorithms for the same concept.
Slashdot Mirror
For the 200m and 400m, they have staggered starts along the curve so the distance between sprinters is much greater.
And they are the king of cost-cutting. They outsource many other things, but still insist on keeping their IT in-house.
Investment banks were a big part of the problem, as they were buying the mortgages that were being packaged up and sold by regular banks.
Maybe the rest of the company is still running XP, so to keep the administration standardized they want the new boxes to also have XP until they're ready to upgrade the whole network to Windows 7 or 8.
... based the content or who is the sender, they should also be held criminally responsible for illegal content that travels over their wires, just as a newspaper would be liable if they published child pr0n.
Either you're a dumb data carrier who isn't responsible for the data being carried, or you're an active participant liable for what you transmit. Can't have it both ways, fools.
Maybe they did send a C & D to Housingmaps.com, but Housingmaps lawyer's told Craigslist to STFU. I don't think Craigslist has legal standing to stop others from doing similar things.
Does that job posting also list C#, Access, PHP, Apache web server administration, and a bunch of other stuff in addition to experience as an MS SQL DBA?
I believe the GP was talking about the opposite -- an H1B worker with Sr-level skills placed into a (nominally) Jr-level position so the company can justify the low salary to the government. But in reality, they have Sr-level skills and do the work of a Sr-level person.
They hack the server and get the password file, which has hashed versions of the passwords. For example, the word "password" when run through the SHA-1 hash routine becomes the hash "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8".
There is no reverse formula to get back the original string from the hash. But they can attempt millions of passwords per second on their own computers, running each guess through SHA-1 to see if the result matches any of the hashes in the password file.
In addition, the hackers also have precomputed "rainbow tables" which will tell them the original string if the hash is in a database of billions of known hashes.
He is fully aware of high-speed attacks against the hashes. That's why he listed the "Offline Fast Attack" and "Massive Array Cracking" scenarios.
But that is only for generating collisions, not pre-image attacks where they find a plaintext that hashes into a specified result.
Unsalted SHA-1 hashing is still a lot better than plaintext. Unsalted passwords won't be found by a rainbow table or dictionary attack if they're long enough and complex enough. Even 12 characters with a mix of letters and numbers and symbols, and without any dictionary words, will defeat just about any rainbow table or dictionary attack on SHA-1 hashes.
Extended brute force attacks may reveal some of the longer passwords, but that's a much bigger and time-consuming task than rainbow table and dictionary attacks. They won't have the time and computing resources to successfully attack even 1% of the longer passwords in that manner.
My post was a sarcastic one, although the laundry list of technologies was lifted from an actual job posting.
Must have at least 5 years experience in each of:
Java Swing, JavaFX, JavaScript, EJB 2.0 and 3.0, Oracle 9i and 10g, MS SQL server, SOAP, XML, CSS, XSLT, Struts, JAX-WS, RUP methodology, UML tools, Eclipse plug-in development, Unix shell scripting, Ruby on Rails.
Help! Why can't I find any qualified applicants?
The judge's mention of how easy it is to write rangeCheck seemed to be directed at Oracle's claims that copying that piece of code allowed Google to move to market faster and save millions of dollars, and not whether it was copyrightable. In other words, he's saying that because it's so trivial, anything Google gained and Oracle lost as a result of that copying doesn't justify a large damages award.
... "for anybody who can just go faster than the next person" would be a good thing for software.
"1. There is no threshold below which radiation becomes 'safe'."
Driving 5 mph below the speed limit is legal, but that isn't "safe" either.
Similarly, they should set a more reasonable threshold below which police should ignore the radiation.
"I'm actually very impressed that these detectors are widely deployed and sensitive enough to pick this up."
I'm actually very disturbed that the detectors are configured to alert officers to levels of radiation that are far too low to be a threat to anybody.
The detectors should either ignore radiation below a dangerous threshold, or display a number that allows the officer to adjust for distance (e.g. a reading of X should be ignored for a car 15 feet away, but X could signify something dangerous in a dumpster that is 200 feet away).
Video or didn't happen.
"It is clear that the documentation for an API makes a massive difference to the usability of the API. I have yet to be convinced that documentation of the code enhances that maintainability of it."
Rather than enhancing the maintainability per se, the documentation helps with letting you know what needs to be maintained. In particular, a block of code may look perfectly error-free without looking at the documentation, but you only realize something is wrong when the documentation doesn't match what the code is actually doing. That then triggers further investigation to determine whether the documentation or the code is wrong or both, whereas without the documentation you might have glossed over that block of code because it looked logically correct by itself.
You forgot about that guy (who was mentioned in a recent article on Slashdot) whose hard drive crashed shortly before the government seized MegaUpload's servers.
To avoid being in a similar situation you have to keep a local backup in addition to the cloud.
That's correct. But when management outsources the software development to Dirtcheapistan, the programmers there often don't know or care about that. Sure, the in-house programmers should do code reviews and catch that -- but sometimes the management decides to save money by stopping the in-house programmers from doing reviews of the outsourced code, or not allocating sufficient time for proper reviews.
1) Stealing license plates
2) Glitches in the system (data corruption, software bugs, hacking, erroneous data entry, downtime) that occasionally prevent legitimately registered and insured drivers from refueling
3) People carrying around jugs of gasoline in their trunk so they can refuel if (2) happens
4) People with uninsured/unregistered cars also doing (3), after collecting gas via (5)
5) Stealing gas by siphoning from parked cars
6) Legitimate motorists who get robbed or assaulted as a result of being stranded due to (2) or (5)
7) Fires and explosions as a result of (3) and (4)
Plus more that I can't think of right now.
That's fine in theory, but the reality is that many do get sued and lose for implementing a similar concept using a different algorithm.
I oppose software patents in general, but if this patent covers their specific algorithm I don't really have a problem with that.
The trouble is that regardless of whatever algorithm they describe in the patent, the patent can be used to sue others who use a different algorithm to implement the same concept.
So they can get a patent on an ineffective algorithm for image search, wait for somebody else to create a better algorithm that is actually effective, then sue the implementor of the better algorithm. The patent effectively covers the concept, not the algorithm, hindering innovation by preventing others from implementing their own different algorithms for the same concept.