Absolutely, the very idea of USB drives being used to cart around sensitive data in government agencies scares the hell out of me. How about they do away with windows and office and introduce some encryption for a start, suddenly workstations would become less vulnerable to the user's incompetence (and that's heavy duty incompetence in government). If a stolen laptop is running a locked down installation of linux then the thief in question is far more likely to reformat, install windows and flog the laptop than attempt to recover the data from it.
I think you're trolling, and I'm far from an MS fanboi, but you're throwing the baby out with the bathwater there.
Truecrypt (or for that matter PGP if you want a supported commercial solution with centralised key management - probably a wise idea if you're a government department) both allow you to encrypt the whole damn disk and leave nothing clear apart from a rather small bootloader.
Further, Windows domain policy can easily block the use of removeable drives.
Just doing that (which, assuming you already have a fairly entrenched set of things on the desktop which require Windows - a reasonable assumption in a large organisation) would be a lot quicker and rather less hassle than setting up a suitable Linux desktop.
Blame is required here, and in fact, the lack of blame here would be as bad the problem itself.
You really don't want to know about a certain NHS trust.
An enshrined policy stating "no blame". Ostensibly this is to prevent scapegoating - which would otherwise be a real problem because senior management are generally very good at finding some sort of a policy breach which would result in it being perfectly reasonable to sack someone lower down the pecking order for causing the problem.
Of course, such a policy has an unfortunate side effect - if the consequences of a mistake are unlikely to lead to a problem which someone might actually care about (eg. they're unlikely to result in someone dying) then there's precious little disincentive to make such mistakes.
apparently has a policy of deciding who to promote based purely on how well they present themselves at the interview - little or no attention is paid to references, line manager's opinion or past performance.
I think you're not allowed to discriminate based on experience these days. In case people without much experience find it hard to get a job. Which is a problem, because experience is all I have. No degrees, no college, no nothing. Didn't waste time with all that.
I think that's wrong. You're not allowed to discriminate based on age but that's not quite the same thing. (ICBW, IANAL etc etc)
Sounds like you're trying to blame this on pet issues. Is it really senior civil servant positions which are leaking all the data? Might the use of ID cards actually help decrease these data leaks by making the data more centralized, so they don't need to be carried on thumb-drives?
Just a couple of thoughts.
No, mainly because they've more or less dropped the idea of a central database; now they're focusing on the idea of just having existing databases talk to each other.
What could possibly go wrong? You thought the no-fly list was bad, just think how much fun it would be when sharing the same date of birth and name as someone could give you a criminal record, a medical history which neglects to mention your violent allergy to penicillin, inform the taxman that you are paid three times as much as you really are and tells social security that you're claiming benefits for five children that don't exist and that your driving license was taken off you six months ago.
Once you're a permanent employee it's near impossible to get fired for incompetence, but if you're actually good at your job they will let you quit and train up someone else rather than give you a pay rise or promotion.
I can testify to this. My local NHS trust advertises jobs internally but apparently has a policy of deciding who to promote based purely on how well they present themselves at the interview - little or no attention is paid to references, line manager's opinion or past performance. A confident person who's relatively inexperienced and crap at their job is more likely to be promoted than a less confident person who's really very good.
Follow this to its logical conclusion, and you realise that the people at the top can be absolute idiots but the one thing you can be sure of is that they're supremely confident that the sun shines out of their own arse.
Now, I appreciate that this is not far from how things work in the real world for new people coming in from outside, but to make a formal policy of it for internal promotions?
An indian software engineer can earn about 400,000 rupees ($10k)at the moment. In 10 years that will match the west, but long before then the difference will be too marginal to make it worth offshoring.
Then they'll start offshoring to some other country.
Pretty much the case where I work. Alot of stuff written in perl including a 200 line script to rename a file and to make sure its not over writing a file with the same name and massive birds nests of code that with the zero documentation and none of the original authors still in the organisation leaving me with little choice but to start from scratch.
Particularly as anyone with half a brain could do that in 4 lines of bash:
if ! [ -e ${DESTFILE} ] then
mv ${SOURCEFILE} ${DESTFILE} fi
There's a similar register in the UK, which I registered my number on. However, there's an even more annoying loop hole over here. If the call centre is based outside the UK then their cold calls are not exempt - which seems more than a little rediculous to me. In the end I had to resort to only anwswering calls with listed numbers.
Yep, I've had that. UK companies outsourcing telemarketing to another country to get around it.
The really confusing thing is the instructions these telemarketing drones have. Last time I received such a call I asked who was offering the product they wanted to sell me, and they categorically refused to tell me. They were pretty reluctant to tell me what the product was in any detail. So for all I know I would have been giving my card details to a scammer.
It's possible to write rubbish in any language
on
Why Corporates Hate Perl
·
· Score: 4, Interesting
Or, to put it another way, correlation is not causation.
Perl has been around long enough (and, more to the point, was pretty much the only choice if you wanted a half-decent scripting language 10 years ago) that there's a strong chance in any business that badly-designed hard to maintain systems that have been around for 10 years or more include a fair chunk of Perl.
That's not because of Perl, that's because they were badly done in the first place. I'm willing to bet that there's just as much code which is written in Perl and does a perfectly good job but nobody really knows about it because it's been sitting in the background doing a perfectly good job for so long.
That's why he's proposing a voluntary scheme, not a mandatory one.
There are plenty of ways "technically voluntary" becomes "effectively compulsory". I can think of several off the top of my head, but the most obvious is: Record company offers some sort of incentive for ISP to sign up more customers to the scheme. ISP adds £1 to every customer's bill and sends an email explaining that you'll be paying the "voluntary RIAA Charge" unless you opt out. The opt-out process will be about as straightforward as cancelling AOL.
Either that or it'll be "voluntary" in the sense of "If you don't like it, you're free to take your business elsewhere".
It will also require registering and logging what music is downloaded, which will be a hard task in itself... unless music on the internet is centralized.
Bingo. Which immediately puts control back in the hands of the record company.
Somehow I suspect this might not be legal, since the warranty is ostensibly to cover the hardware. Wasn't there a/. article some months back about exactly this kind of issue, and how voiding the warranty on computer hardware for changing the software wasn't legal?
Re:Groklaw is an example of the power of open sour
on
Grokking SCO's Demise
·
· Score: 1
Finally, most corps know nowadays that getting into bed with MSFT is a sure recipe for disaster. PlaysForSure, HD-DVD, Windows Defender, OS/2, and numerous other smaller examples are proof-positive of just how badly you get burned in any partnership with MSFT... unless of course you're Microsoft.
Yep. That's why nobody partners with Microsoft any more and existing partners are doing everything they can to jump ship.
Over here we have "10 Items or Less" (or the even better "About 10 Items") checkout lanes next to the cigs, and they all have scales. Unfortunately, they also take checks, which kind of defeats the purpose of an "express" lane, but oh well.
I guess that makes sense, but it still seems easier to me to just install a scale for the checker.
TBH, I think it's an excuse so the companies that manufacture the scales can extract more money from the supermarket. The cashiers still have scales and I don't really think the expense of installing them is justified by any convenience to the customer. Most of the supermarkets seem to be of a similar mind; few have invested in the scales I described earlier.
Hum. I've never heard of that. It sounds goofy as hell to make 500 customers all go through this annoying process instead of training 10 checkers to just type in the product code, but whatever.
Well, you generally don't have to weigh your own fruit & veg. But it might get you through the checkout slightly quicker and if you're only buying one or two items means that you can generally pay at the cigarette kiosk (which you otherwise wouldn't be able to do because they seldom have scales).
The price tag is sitting right next to the thing you're weighing, which is right next to the scale. I still don't get the point.
I imagine that these scales are the type which print barcoded labels so you can get through the checkouts quicker - they won't be the cheap and cheerful spring-balance type you use to get an idea for how much you'll be spending.
These have existed in the UK for several years but are typically fairly unsophisticated devices with just a bunch of buttons and a photo on each button of the item you're weighing. They generally take up too much space for them to be placed so regularly as to always be right next to the thing you're weighing.
Sounds like they got ripped off in the first place. It shouldn't cost that much to develop something like that unless you have no clue about what you're doing.
Chances are the sale cost was based on "what the manufacturer thinks customers would be willing to pay" rather than "what they cost to develop".
The annoying thing is you could see how it could be really great - better scanners, faster recognition: swipe, bag, insert card and you're done.
Even more annoying: if you've ever worked in a supermarket, you'll know that the scanners on the "normal" checkouts are very reliable and very fast. How they messed up the implementation on the self-service units I don't know.
I tried the self scan in a Delhaize in Belgium... when you go to pay the girl takes everything out of the bag and scans it again. I don't quite see how doing something twice works out faster.
They used those over here for a while - you walked around with a little scanner and you were "randomly" chosen for rescanning.
The machines I'm talking about are intended to replace the "10 items or less" checkout with a machine.
Absolutely, the very idea of USB drives being used to cart around sensitive data in government agencies scares the hell out of me. How about they do away with windows and office and introduce some encryption for a start, suddenly workstations would become less vulnerable to the user's incompetence (and that's heavy duty incompetence in government).
If a stolen laptop is running a locked down installation of linux then the thief in question is far more likely to reformat, install windows and flog the laptop than attempt to recover the data from it.
I think you're trolling, and I'm far from an MS fanboi, but you're throwing the baby out with the bathwater there.
Truecrypt (or for that matter PGP if you want a supported commercial solution with centralised key management - probably a wise idea if you're a government department) both allow you to encrypt the whole damn disk and leave nothing clear apart from a rather small bootloader.
Further, Windows domain policy can easily block the use of removeable drives.
Just doing that (which, assuming you already have a fairly entrenched set of things on the desktop which require Windows - a reasonable assumption in a large organisation) would be a lot quicker and rather less hassle than setting up a suitable Linux desktop.
Blame is required here, and in fact, the lack of blame here would be as bad the problem itself.
You really don't want to know about a certain NHS trust.
An enshrined policy stating "no blame". Ostensibly this is to prevent scapegoating - which would otherwise be a real problem because senior management are generally very good at finding some sort of a policy breach which would result in it being perfectly reasonable to sack someone lower down the pecking order for causing the problem.
Of course, such a policy has an unfortunate side effect - if the consequences of a mistake are unlikely to lead to a problem which someone might actually care about (eg. they're unlikely to result in someone dying) then there's precious little disincentive to make such mistakes.
apparently has a policy of deciding who to promote based purely on how well they present themselves at the interview - little or no attention is paid to references, line manager's opinion or past performance.
I think you're not allowed to discriminate based on experience these days. In case people without much experience find it hard to get a job. Which is a problem, because experience is all I have. No degrees, no college, no nothing. Didn't waste time with all that.
I think that's wrong. You're not allowed to discriminate based on age but that's not quite the same thing. (ICBW, IANAL etc etc)
Steve Jobs has been wearing that same black turtleneck since 1986.
Not true. He has a huge wardrobe full of identical black turtlenecks.
Sounds like you're trying to blame this on pet issues. Is it really senior civil servant positions which are leaking all the data? Might the use of ID cards actually help decrease these data leaks by making the data more centralized, so they don't need to be carried on thumb-drives?
Just a couple of thoughts.
No, mainly because they've more or less dropped the idea of a central database; now they're focusing on the idea of just having existing databases talk to each other.
What could possibly go wrong? You thought the no-fly list was bad, just think how much fun it would be when sharing the same date of birth and name as someone could give you a criminal record, a medical history which neglects to mention your violent allergy to penicillin, inform the taxman that you are paid three times as much as you really are and tells social security that you're claiming benefits for five children that don't exist and that your driving license was taken off you six months ago.
Once you're a permanent employee it's near impossible to get fired for incompetence, but if you're actually good at your job they will let you quit and train up someone else rather than give you a pay rise or promotion.
I can testify to this. My local NHS trust advertises jobs internally but apparently has a policy of deciding who to promote based purely on how well they present themselves at the interview - little or no attention is paid to references, line manager's opinion or past performance. A confident person who's relatively inexperienced and crap at their job is more likely to be promoted than a less confident person who's really very good.
Follow this to its logical conclusion, and you realise that the people at the top can be absolute idiots but the one thing you can be sure of is that they're supremely confident that the sun shines out of their own arse.
Now, I appreciate that this is not far from how things work in the real world for new people coming in from outside, but to make a formal policy of it for internal promotions?
Give that baby some arms, put a laser on top and hit it with lightning. I'll buy one.
You'll need a fair bit of money. Johnny 5 was worth over $11 million, and that was 20 years ago.
12%
An indian software engineer can earn about 400,000 rupees ($10k)at the moment. In 10 years that will match the west, but long before then the difference will be too marginal to make it worth offshoring.
Then they'll start offshoring to some other country.
Pretty much the case where I work. Alot of stuff written in perl including a 200 line script to rename a file and to make sure its not over writing a file with the same name and massive birds nests of code that with the zero documentation and none of the original authors still in the organisation leaving me with little choice but to start from scratch.
Particularly as anyone with half a brain could do that in 4 lines of bash:
There's a similar register in the UK, which I registered my number on. However, there's an even more annoying loop hole over here.
If the call centre is based outside the UK then their cold calls are not exempt - which seems more than a little rediculous to me. In the end I had to resort to only anwswering calls with listed numbers.
Yep, I've had that. UK companies outsourcing telemarketing to another country to get around it.
The really confusing thing is the instructions these telemarketing drones have. Last time I received such a call I asked who was offering the product they wanted to sell me, and they categorically refused to tell me. They were pretty reluctant to tell me what the product was in any detail. So for all I know I would have been giving my card details to a scammer.
Or, to put it another way, correlation is not causation.
Perl has been around long enough (and, more to the point, was pretty much the only choice if you wanted a half-decent scripting language 10 years ago) that there's a strong chance in any business that badly-designed hard to maintain systems that have been around for 10 years or more include a fair chunk of Perl.
That's not because of Perl, that's because they were badly done in the first place. I'm willing to bet that there's just as much code which is written in Perl and does a perfectly good job but nobody really knows about it because it's been sitting in the background doing a perfectly good job for so long.
That's why he's proposing a voluntary scheme, not a mandatory one.
There are plenty of ways "technically voluntary" becomes "effectively compulsory". I can think of several off the top of my head, but the most obvious is: Record company offers some sort of incentive for ISP to sign up more customers to the scheme. ISP adds £1 to every customer's bill and sends an email explaining that you'll be paying the "voluntary RIAA Charge" unless you opt out. The opt-out process will be about as straightforward as cancelling AOL.
Either that or it'll be "voluntary" in the sense of "If you don't like it, you're free to take your business elsewhere".
It will also require registering and logging what music is downloaded, which will be a hard task in itself... unless music on the internet is centralized.
Bingo. Which immediately puts control back in the hands of the record company.
If the RIAA don't like you is there anything to stop them pulling you into court out of spite?
For me going to court is a sentence before trial, because I can't pay the mortgage by taking time off work.
And so you know why so many people would rather settle regardless of guilt.
Wow, imagine.. maybe someday we could put an entire operating system into the BIOS...
This has already been kind of done: coreboot(LinuxBIOS), with a Kdrive(TinyX) X server.
Ahem:
http://en.wikipedia.org/wiki/RISC_OS
Somehow I suspect this might not be legal, since the warranty is ostensibly to cover the hardware. Wasn't there a /. article some months back about exactly this kind of issue, and how voiding the warranty on computer hardware for changing the software wasn't legal?
Cheers,
Depends on the country you're in, I imagine.
Here in the UK it would certainly not be legal, but that hasn't stopped companies from trying to pull stunts like that in the past.
Finally, most corps know nowadays that getting into bed with MSFT is a sure recipe for disaster. PlaysForSure, HD-DVD, Windows Defender, OS/2, and numerous other smaller examples are proof-positive of just how badly you get burned in any partnership with MSFT... unless of course you're Microsoft.
Yep. That's why nobody partners with Microsoft any more and existing partners are doing everything they can to jump ship.
whoosh.
Over here we have "10 Items or Less" (or the even better "About 10 Items") checkout lanes next to the cigs, and they all have scales. Unfortunately, they also take checks, which kind of defeats the purpose of an "express" lane, but oh well.
I guess that makes sense, but it still seems easier to me to just install a scale for the checker.
TBH, I think it's an excuse so the companies that manufacture the scales can extract more money from the supermarket. The cashiers still have scales and I don't really think the expense of installing them is justified by any convenience to the customer. Most of the supermarkets seem to be of a similar mind; few have invested in the scales I described earlier.
Hum. I've never heard of that. It sounds goofy as hell to make 500 customers all go through this annoying process instead of training 10 checkers to just type in the product code, but whatever.
Well, you generally don't have to weigh your own fruit & veg. But it might get you through the checkout slightly quicker and if you're only buying one or two items means that you can generally pay at the cigarette kiosk (which you otherwise wouldn't be able to do because they seldom have scales).
The price tag is sitting right next to the thing you're weighing, which is right next to the scale. I still don't get the point.
I imagine that these scales are the type which print barcoded labels so you can get through the checkouts quicker - they won't be the cheap and cheerful spring-balance type you use to get an idea for how much you'll be spending.
These have existed in the UK for several years but are typically fairly unsophisticated devices with just a bunch of buttons and a photo on each button of the item you're weighing. They generally take up too much space for them to be placed so regularly as to always be right next to the thing you're weighing.
How is it a great idea? What's the point at all?
Why does it matter if the scale "knows" what's being weighed? Is a pound of grapes heavier than a pound of potatoes?
No, but it costs more ;)
Sounds like they got ripped off in the first place. It shouldn't cost that much to develop something like that unless you have no clue about what you're doing.
Chances are the sale cost was based on "what the manufacturer thinks customers would be willing to pay" rather than "what they cost to develop".
The annoying thing is you could see how it could be really great - better scanners, faster recognition: swipe, bag, insert card and you're done.
Even more annoying: if you've ever worked in a supermarket, you'll know that the scanners on the "normal" checkouts are very reliable and very fast. How they messed up the implementation on the self-service units I don't know.
I tried the self scan in a Delhaize in Belgium ... when you go to pay the girl takes everything out of the bag and scans it again. I don't quite see how doing something twice works out faster.
They used those over here for a while - you walked around with a little scanner and you were "randomly" chosen for rescanning.
The machines I'm talking about are intended to replace the "10 items or less" checkout with a machine.