One of the coolest things I ever got to do during my stint at HP was dinner and drinks at the Smithsonian Museum of Natural History as a private event. Various buffets and bars scattered around the museum. Had no idea you could rent the Smithsonian like that.
Martini bar at the Hope Diamond? How freakin' cool is that?!
Good point. Corporations would be free to start incorporating more open-source code into their products since GPL code would start going into public domain.
I mean, why should software developers be allowed to rent-seek with their creations? It belongs to the public!
I bet if you take a look outside of social media, phone apps and web startups, you'll find the situation is a lot different. Granted, that excludes a lot of the hot companies that everyone hears about constantly...
My company is an early-stage high-tech startup in Austin and the only developer on my team under 40 is our front-end guy. It's not older because we are using ancient technology either... High-speed network processing in C, control plane and management code in Python, and a modern web-based management interface (HTML5, CSS, JavaScript, etc.)
Could just be a quirk, but it was similar in the last company I was in (network security product company). I suspect it is because it is embedded systems development, but maybe it is because the types of products we were/are building. Inline network appliances where you performance is critical and you can't bring the network down.
Kind of hard to pause something the said they wanted to do. Which means they didn't even start it. Maybe notes on the back of a napkin. But that would be giving them to much credit.
Really? The 900 Mbps+ up and down I enjoy at my house from AT&T Gigapower is imaginary?
AT&T pausing their gigabit rollout when the President announces that he wants to make broadband a utility is completely reasonable. They have no idea what is going to happen, so it is hard to justify continuing to spend $$$ with the network upgrades.
Now, that's COMPLETELY different than not rate-shaping different types of traffic or trying to double-dip by charging both the sender and the receiver for traffic. Pretty much all of the ISPs are being butt-nuggets on that one.
Sounds like the real problem is that you are unwilling to relocate. Putting your company somewhere where the cost of living is high and there's a shortage of talent seems to be very popular, but difficult to understand.
One of the main things that drives this is how funding works. It's amazing how difficult it is to get funding if it requires the VCs to travel. Certainly a significant hurdle even for places like Austin where you have a decent-sized high-tech community.
Since there are already WAY more companies than they'll ever fund just down the street, it's hard to blame the VCs for not wanting to get on a plane constantly. Founders know this, so guess where they tend to start their companies?
Of course, while they are more likely to get funding, they also have major issues attracting and keeping talent. Catch-22
Just like we don't spank kids anymore because it's pointless and counterproductive, we should also stop "spanking" non-violent offenders but put them to good use instead.
Not sure which "we" you mean, but there are plenty of parents that spank kids. It isn't pointless or counterproductive.
Is security policy management effective from the CLI on PAN firewalls?
For the relatively simple network settings (port config, user admin, etc.), CLI is fast and easy. Hard to imagine trying to deal with complex policy configuration from the CLI. Do you end up switching to the GUI for that?
For all the folks writing up the HTML code that goes into these things: use relative URLS!
Do not put the hostname (or IP address) of the device in any of the HTML. Us IT folks sometimes need to go through proxies (and SSH tunnels) to get to these devices (which are often on isolated "management" VLANs/networks). Simply put "/network/settings" instead of "http://mydevice/network/settings" in any [a href] links (or [img] or CSS references).
If the link in the HTML has "10.10.20.45" or "netdev01.mgt.example.com" in it, but my browser is actually connecting to "localhost" (because I have to do a SSH double-hop with forwarding), I'm going to think really evil thoughts about whomever wrote the HTML generator. I do not have to want to start editing my/etc/hosts or adding aliases to lo0 loopback interface.
Great point and something easy to miss during the mayhem of implementation of a new product.
Not at every entry point, security should be a serious consideration on every device. Work on the assumption that everything is directly exposed to the internet and start from there.
Trying to only monitor the entry points is the problem, if anything makes it past your entry points then it could have free reign over everything inside.
When I said "entry point", I didn't mean the perimeter. I meant at every single connection to the network... the RJ45 you plug into in your cube, the wireless AP you connect to with your laptop or smartphone, the vNIC in your virtual server, etc.
Personally I think BYOD is a disaster waiting to happen, but whatever.
If you don't trust any device connecting to the network and IF you are able to apply appropriate security inspection to all of the traffic, does BYOD actually matter? From the security perspective, I'm not sure it does. That said, I tend to agree with you from multiple other concerns: IP protection, compliance, backups, support, etc.
My thinking on this is a bit different, and boils down to this principle: There's still a perimeter, but most of the office is outside of the perimeter.
So what do you include in your version of a perimeter?
From a security perspective, Google is right about the notion that your internal corporate network being "safe" is dead. Between all the laptops, tablets, smartphones and very portable USB devices, there really isn't a secure perimeter on your network. Security needs to be applied at each entry point to the network, whether that is wired (internal or external doesn't matter), wireless or virtual.
The summary implied that the need for security devices goes away once you give up the idea of a perimeter, but that isn't the case at all. The form that security comes in may change, but you still need it. Authenticated users connecting via secure tunnels doesn't eliminate the risk of malware, so you still need IPS and anti-malware devices (Fidelis, FireEye, etc.) to keep your protect company assets from valid authenticated users.
If you can't trust any of the devices on your network, then you need to inspect 100% of the traffic entering the network.
I don't know about thousands of times, but Kenneth Allen McDuff's case certainly shows that there are people where anything short of execution isn't safe for society.
The usual arguments against the death penalty are something along the lines of:
1) The justice system is imperfect, so we shouldn't take the slightest risk of executing an innocent person.
This is the argument that I'm most sympathetic towards. I agree that extraordinary punishment should require extraordinary proof. Of course, that doesn't address the issues around biased judges, juries or prosecutors.
Because I do believe that there are heinous crimes that death is an appropriate punishment for, I tend to look to fix issues with the justice system in other ways. In particular, you throw the book at corrupt prosecutors, judges, etc. Punish what they did wrong rather than just saying "well, the system can't be perfect so we won't punish anyone".
And yes, I believe that prison is for punishment, not as a time-out from society. Does that mean I think prisoners should be abused? Nope, not at all. But it also doesn't mean that I think we need to be providing cable TV or other luxuries while they are serving their time.
2) The method of execution is cruel.
I don't buy this argument vs. lethal injection
3) Even if the method isn't painful, it is cruel/barbaric to execute someone "regardless" (no matter what they did).
I can respect this argument even if I don't agree with it. I don't share that view, but I can understand it. Unfortunately, most folks I've talked to that make this argument don't seem to apply it as a fundamental value or principle.
4) Execution as a form of punishment is no different than murder
Sorry, but this argument is fundamentally flawed and childish.
5) Life w/o parole is cheaper than execution.
I don't doubt that it is given the processes and appeals involved with the death penalty. I'm ok with that. It's a practical financial argument, but doesn't really address whether the death penalty is morally right or wrong.
I'm willing to spend more to ensure someone that commits heinous crimes doesn't have a chance to do it again. "Life without parole" isn't a guarantee of that. "Life" doesn't really mean the accused will die in prison. "without parole" doesn't mean that the rules don't change down the road.
If you want to reduce money spent in the penal system, get rid of the war on drugs and you'll flush out an awful lot of the prison population.
How do I tie this back to stances on abortion? If you really believe that "no matter what, the death penalty is wrong" or "can't take the slightest risk that an innocent person might be executed", then by those same principles, you should be vehemently against abortion.
The only way to try to get around it is to play the "not really a human until it is born" game. That's about as intellectually dishonest as it gets, IMO.
Are you really trying to protect the innocent in all cases? Or are your principles "flexible" and convenient?
If you aren't interested in being a contractor, flitting around between jobs constantly is a big warning sign for hiring managers. Why weren't they able to stay in one place very long? Personality issues? Inability to produce? Bored quickly? Jumping at first higher bid?
It's expensive for the business to get someone ramped up only to have them leave after 12-18 months. It doesn't mean I wouldn't hire them, but it would be one more non-trivial hurdle to clear before I'd make an offer.
Probably worth pointing out that I'm coming at this from product development. YMMV for IT jobs or web apps or other types of jobs.
And, if what you want to do is contracting, then this doesn't really matter in the least.
So you spent money you didn't have and somehow it is the fault of the credit card? Or is that just a statement about how you deal with your lack of self-control?
Another favorite in embedded systems: lock the 4K page at address 0x00000000 so the processor halts execution when someone ends up dereferencing a NULL pointer.
Frequently have to move the IVT around to make this work, but well worth it.
As a slightly off thread, I always wondered why Intel bought windriver. One of the issues we have is that finding someone who knows the OS well is difficuilt because there is no way of getting exposure to it unless you have a lot money.
Intel has loads of cash and a near monopoly on processors in most major market segments. They need somewhere to grow and PCs and servers isn't it. The big segments they are weak in are mobile (or more generally, low power) and networking.
VxWorks is very common in networking equipment and in embedded (low power / low processing capability) systems.
I can see where WindRiver looked attractive to Intel. Of course, the risk is that they scare traditional VxWorks customers off by focusing WindRiver too heavily on x86 processors.
Slashdot Mirror
One of the coolest things I ever got to do during my stint at HP was dinner and drinks at the Smithsonian Museum of Natural History as a private event. Various buffets and bars scattered around the museum. Had no idea you could rent the Smithsonian like that.
Martini bar at the Hope Diamond? How freakin' cool is that?!
Good point. Corporations would be free to start incorporating more open-source code into their products since GPL code would start going into public domain. I mean, why should software developers be allowed to rent-seek with their creations? It belongs to the public!
I bet if you take a look outside of social media, phone apps and web startups, you'll find the situation is a lot different. Granted, that excludes a lot of the hot companies that everyone hears about constantly...
My company is an early-stage high-tech startup in Austin and the only developer on my team under 40 is our front-end guy. It's not older because we are using ancient technology either... High-speed network processing in C, control plane and management code in Python, and a modern web-based management interface (HTML5, CSS, JavaScript, etc.)
Could just be a quirk, but it was similar in the last company I was in (network security product company). I suspect it is because it is embedded systems development, but maybe it is because the types of products we were/are building. Inline network appliances where you performance is critical and you can't bring the network down.
CS is overrated anyway. 10% should be CS, 30% should be Software Engineers, and 50% grunt work Programmers. All very different education.
I take it the other 10% should be in math?
Kind of hard to pause something the said they wanted to do. Which means they didn't even start it. Maybe notes on the back of a napkin. But that would be giving them to much credit.
Really? The 900 Mbps+ up and down I enjoy at my house from AT&T Gigapower is imaginary?
AT&T pausing their gigabit rollout when the President announces that he wants to make broadband a utility is completely reasonable. They have no idea what is going to happen, so it is hard to justify continuing to spend $$$ with the network upgrades.
Now, that's COMPLETELY different than not rate-shaping different types of traffic or trying to double-dip by charging both the sender and the receiver for traffic. Pretty much all of the ISPs are being butt-nuggets on that one.
Sounds like the real problem is that you are unwilling to relocate. Putting your company somewhere where the cost of living is high and there's a shortage of talent seems to be very popular, but difficult to understand.
One of the main things that drives this is how funding works. It's amazing how difficult it is to get funding if it requires the VCs to travel. Certainly a significant hurdle even for places like Austin where you have a decent-sized high-tech community.
Since there are already WAY more companies than they'll ever fund just down the street, it's hard to blame the VCs for not wanting to get on a plane constantly. Founders know this, so guess where they tend to start their companies?
Of course, while they are more likely to get funding, they also have major issues attracting and keeping talent. Catch-22
Just like we don't spank kids anymore because it's pointless and counterproductive, we should also stop "spanking" non-violent offenders but put them to good use instead.
Not sure which "we" you mean, but there are plenty of parents that spank kids. It isn't pointless or counterproductive.
For the relatively simple network settings (port config, user admin, etc.), CLI is fast and easy. Hard to imagine trying to deal with complex policy configuration from the CLI. Do you end up switching to the GUI for that?
Good UX design applies equally to CLI as well as GUI, which I'm guessing you actually do give a flying flip about.
Yes, which is why I asked about UX design instead of "best GUI"
For all the folks writing up the HTML code that goes into these things: use relative URLS!
Do not put the hostname (or IP address) of the device in any of the HTML. Us IT folks sometimes need to go through proxies (and SSH tunnels) to get to these devices (which are often on isolated "management" VLANs/networks). Simply put "/network/settings" instead of "http://mydevice/network/settings" in any [a href] links (or [img] or CSS references).
If the link in the HTML has "10.10.20.45" or "netdev01.mgt.example.com" in it, but my browser is actually connecting to "localhost" (because I have to do a SSH double-hop with forwarding), I'm going to think really evil thoughts about whomever wrote the HTML generator. I do not have to want to start editing my /etc/hosts or adding aliases to lo0 loopback interface.
Great point and something easy to miss during the mayhem of implementation of a new product.
Surely I'm not the only one that did a double take when I read that as "pervo-skite"...
Not at every entry point, security should be a serious consideration on every device. Work on the assumption that everything is directly exposed to the internet and start from there. Trying to only monitor the entry points is the problem, if anything makes it past your entry points then it could have free reign over everything inside.
When I said "entry point", I didn't mean the perimeter. I meant at every single connection to the network... the RJ45 you plug into in your cube, the wireless AP you connect to with your laptop or smartphone, the vNIC in your virtual server, etc.
Personally I think BYOD is a disaster waiting to happen, but whatever.
If you don't trust any device connecting to the network and IF you are able to apply appropriate security inspection to all of the traffic, does BYOD actually matter? From the security perspective, I'm not sure it does. That said, I tend to agree with you from multiple other concerns: IP protection, compliance, backups, support, etc.
My thinking on this is a bit different, and boils down to this principle: There's still a perimeter, but most of the office is outside of the perimeter.
So what do you include in your version of a perimeter?
From a security perspective, Google is right about the notion that your internal corporate network being "safe" is dead. Between all the laptops, tablets, smartphones and very portable USB devices, there really isn't a secure perimeter on your network. Security needs to be applied at each entry point to the network, whether that is wired (internal or external doesn't matter), wireless or virtual.
The summary implied that the need for security devices goes away once you give up the idea of a perimeter, but that isn't the case at all. The form that security comes in may change, but you still need it. Authenticated users connecting via secure tunnels doesn't eliminate the risk of malware, so you still need IPS and anti-malware devices (Fidelis, FireEye, etc.) to keep your protect company assets from valid authenticated users.
If you can't trust any of the devices on your network, then you need to inspect 100% of the traffic entering the network.
Kenneth Allen McDuff
I don't know about thousands of times, but Kenneth Allen McDuff's case certainly shows that there are people where anything short of execution isn't safe for society.
1) The justice system is imperfect, so we shouldn't take the slightest risk of executing an innocent person.
This is the argument that I'm most sympathetic towards. I agree that extraordinary punishment should require extraordinary proof. Of course, that doesn't address the issues around biased judges, juries or prosecutors.
Because I do believe that there are heinous crimes that death is an appropriate punishment for, I tend to look to fix issues with the justice system in other ways. In particular, you throw the book at corrupt prosecutors, judges, etc. Punish what they did wrong rather than just saying "well, the system can't be perfect so we won't punish anyone".
And yes, I believe that prison is for punishment, not as a time-out from society. Does that mean I think prisoners should be abused? Nope, not at all. But it also doesn't mean that I think we need to be providing cable TV or other luxuries while they are serving their time.
2) The method of execution is cruel.
I don't buy this argument vs. lethal injection
3) Even if the method isn't painful, it is cruel/barbaric to execute someone "regardless" (no matter what they did).
I can respect this argument even if I don't agree with it. I don't share that view, but I can understand it. Unfortunately, most folks I've talked to that make this argument don't seem to apply it as a fundamental value or principle.
4) Execution as a form of punishment is no different than murder
Sorry, but this argument is fundamentally flawed and childish.
5) Life w/o parole is cheaper than execution.
I don't doubt that it is given the processes and appeals involved with the death penalty. I'm ok with that. It's a practical financial argument, but doesn't really address whether the death penalty is morally right or wrong.
I'm willing to spend more to ensure someone that commits heinous crimes doesn't have a chance to do it again. "Life without parole" isn't a guarantee of that. "Life" doesn't really mean the accused will die in prison. "without parole" doesn't mean that the rules don't change down the road.
If you want to reduce money spent in the penal system, get rid of the war on drugs and you'll flush out an awful lot of the prison population.
How do I tie this back to stances on abortion? If you really believe that "no matter what, the death penalty is wrong" or "can't take the slightest risk that an innocent person might be executed", then by those same principles, you should be vehemently against abortion.
The only way to try to get around it is to play the "not really a human until it is born" game. That's about as intellectually dishonest as it gets, IMO.
Are you really trying to protect the innocent in all cases? Or are your principles "flexible" and convenient?
Do those of you arguing so ardently against the death penalty apply the same logic to abortion?
Two frameworks enter, one framework leaves
Java is better in areas where you need high performance and scalability
Now I need a new keyboard! Just spit out my Diet Dr. Pepper when I read that... What's your definition of "high performance"???
If you aren't interested in being a contractor, flitting around between jobs constantly is a big warning sign for hiring managers. Why weren't they able to stay in one place very long? Personality issues? Inability to produce? Bored quickly? Jumping at first higher bid?
It's expensive for the business to get someone ramped up only to have them leave after 12-18 months. It doesn't mean I wouldn't hire them, but it would be one more non-trivial hurdle to clear before I'd make an offer.
Probably worth pointing out that I'm coming at this from product development. YMMV for IT jobs or web apps or other types of jobs.
And, if what you want to do is contracting, then this doesn't really matter in the least.
So you spent money you didn't have and somehow it is the fault of the credit card? Or is that just a statement about how you deal with your lack of self-control?
Another favorite in embedded systems: lock the 4K page at address 0x00000000 so the processor halts execution when someone ends up dereferencing a NULL pointer.
Frequently have to move the IVT around to make this work, but well worth it.
As a slightly off thread, I always wondered why Intel bought windriver. One of the issues we have is that finding someone who knows the OS well is difficuilt because there is no way of getting exposure to it unless you have a lot money.
Intel has loads of cash and a near monopoly on processors in most major market segments. They need somewhere to grow and PCs and servers isn't it. The big segments they are weak in are mobile (or more generally, low power) and networking.
VxWorks is very common in networking equipment and in embedded (low power / low processing capability) systems.
I can see where WindRiver looked attractive to Intel. Of course, the risk is that they scare traditional VxWorks customers off by focusing WindRiver too heavily on x86 processors.