Actually, a number of things you mention are precisely because we don't actually have a "free trade" system. The number one driver for offshoring, for example, is the completely anti-free-trade minimum wage laws.
Minimum wage laws being the driver of off-shoring? Really? Minimum wage jobs for the most part don't have enough cost differential to be good candidates for outsourcing, and many of them are service industry jobs that can't be effectively offshored.
The people earning $50/hr+ are where the demand for offshoring is very high, and I don't think you can blame those wages on minimum wage.
I've maintained for several years now that the above point is the main reason that Windows, Office and Server are pretty much the only thing keeping Microsoft solvent, as those three divisions' continuing success mainly hinges on the applied wisdom of decision making by the heads of educational, corporate and government institutions regarding technical matters (or rather the complete lack thereof) rather than Microsoft making any discernable effort regarding the quality of the products and services they provide...
Those 3 divisions the only things keeping MS solvent? From what I can tell by looking at earnings reports, those 3 divisions are about 90% of the company. I think most companies would be happy that 90% of the business lines are solidly profitable.
Even "Linux" is not a single OS. The device might work with Ubuntu, but not with RedHat or Slackware or Mandriva and I don't think that the manufacturer will test all of the more popular distributions. Testing for multiple versions of multiple distributions would be too much, especially since only a few percent of end users use Linux.
Careful there sonny - by failing to refer to it as "GNU/Linux" you are no longer eligible for the endorsement.
The CPI may be off (and I have read articles suggesting that it overstates inflation, not understates it), but 20% a year is absurd. Let's think about this:
1. My mortgage amount is fixed, and even were that not the case, the cost of housing is dropping, not rising. 2. Gas is roughly equal to what it was 2 years ago. 3. Electric, water, heat, trash - no utilities price changes anywhere close to 20% annually. 4. Appliances and electronics continue to get cheaper. 5. Telecom maybe up slightly, or it could just be the fact I have bought a smartphone with a data plan.
I think food prices have risen, but that is a tiny slice of my budget. Last year my employer held the line on health care price increases, though they have warned us our contributions are going up this year.
So what significant category is experiencing 20% inflation?
I've done it both ways, and never had an issue. I've wondered how good the fraud algorithms are - so if my Amex shows up in another country, do they look to see if you had recent transactions with an airline or an airport merchant? I would think that from a fraud perspective there is a big difference between my card showing up at a hotel in a tourist destination like Cancun, vs a grocery store in Roatan. It would be an interesting problem to work on.
And my point is that businesses always operate in their own interests, and businesses always have an interest in keeping their customers happy.
It is fashionable on/. to believe that big business and MS in particular have sinister ulterior motives that involve their doing something that will cost them sales, but I simply don't buy it.
I'm not saying MS has never done anything wrong, or that they don't wish open source never came along, but your comment about alienating customers is crucial - they are doing this because their customers demand it, and they fear they will lose money if they don't.
I don't feel a need for an explanation more complicated/sinister than that.
So let's see. Microsoft will do anything that it thinks will boost sales.
Those bastards! Next thing you know they will have the audacity to start fixing bugs that people complain about, or implement features that are requested, or even make products that they think people will buy! Oh Noes! The horror. The horror!
The tool makers are balking because they feel the customers will be put off by the pricetag....$69 every time the saw brake engages, and $110 a blade (+ 3% increase in the wholesale cost of the saw).
Having had close calls with woodworking equipment, and knowing a few guys that are short fingers, the notion of paying $180 if the brake engages bothers me not at all.
But it is true that an extra $150 at time of purchase is going to cause pain for the first manufacturer to go with it. And given that blade selection is something of a religious issue with woodworkers, the notion that you have to use the SawStop blade to get the benefit of the technology is going to cause consumer resistance as well.
Owner : IT Guy IT Guy, my data is gone! Save me IT Guy : Well here we have this release I made you sign last month that clearly said that if you lost any data it was your own damn fault.
Owner : He's a post it with the words "you're fired on it". Now take your arrogant self-righteous ass out of my office.
You know what? If it goes down that way, leaving is really your only option. The company is clearly too dysfunctional for you to be happy/successful, so why torture yourself? Move on, and call it a learning experience.
Life is too short to work in a job that sucks. Yes, being unemployed sucks too, so better to go on terms of your own choosing. But if your boss is determined to be an asshat there is very little you can do to change that.
No argument whatsoever on that score. And for the record, I've usually felt that the complexity requirements and short password lifespans do lead to formulaic passwords and passive resistance from the user population.
But I still say that the corporation is trying to keep all the passwords secure, even if that means that the policies actually decrease security in some cases - usually the people who would have secure passwords without ever having to be told to do so.
It may narrow the nominal keyspace, but it almost certainly increases the average keyspace that needs to be searched. Without the complexity requirements most people will use a dictionary word or something like that. And the company wants to keep all the accounts secure, so it has to care about the average password.
And think of it this way - in a keyspace that requires 10 numeric digits, what percentage of the total keyspace is consumed by anything containing less than 10 digits? seems to me you have only given up 10% of the space, and an even smaller percentage if you consider the full printable range of characters instead of just numerics.
How convenient that the $670 edition should be the one that remains available.
I can only think of three explanations for this:
1. MS are quite happy to put some of the revenue from Office to paying damages, provided the revenue is from the most expensive version. 2. They're holding back on making the cheaper versions compliant intentionally to see if only having the expensive version available dramatically affects sales. 3. They're not as well organised as I'd like to believe - packaging every different edition of Office is a major undertaking which requires a lot of work.
How about: 4. Each SKU has to be built and tested by the same group, and each SKU takes a certain amount of time. MS decided to concentrate on some combination of the biggest volume/biggest revenue SKUs and leave the lesser used ones to the end.
A few years ago, a 1ghz P3 with 512mb and a 17" CRT was considered high end, and people would be very happy to have one... People developed software back then too you know... The mere fact you consider such a system inadequate highlights just how bloated software has become.
Getting a developer a high end box makes perfect sense. Most of the good developers are enthusiasts, and want to have nice tools to work with. Spending a few hundred dollars extra on a dev box, and replacing it every few years, may well be the difference between a developer feeling appreciated and having them walk out the door. Spending the same amount of money on salary would hardly be noticed. Any enhanced productivity because compile/link cycles are shorter is just gravy to me.
We already have a tag for "mathishard". What we really need is a "cryptoishard" tag. As you point out, the actual crypto algorithms are incredibly robust. What most developers don't pay any attention to is that fact that all the other pieces of the system have to be equally as robust, or you get a trivial crack.
Most of these systems are brought down by some very humble flaw. A locked bank vault with the combination hidden under the mat.
Cities have been using the LED lights for several years now, so it is not as if this is a new issue. I've seen LED lights in the Minneapolis area for a long time. And as many people have pointed out, in the right conditions snow covers just about everything - street signs, mile markers, reflectors in the median, lane markings, etc.
Having signal lights get obscured a few days a year, when everything else is getting obscured as well, hardly seems to warrant this level of reaction. It is not as if the failure mode results in all red or all green lights. Instead drivers struggle to see which light is lit. The proper solution to that is to slow down until you can tell if it is safe to cross. And you know what? In those conditions you should have slowed down anyways.
No doubt whatsoever that the time has to be productively spent. In my admittedly contrived example I assumed the uber coder was given the histogrammer because it really was performance critical and a high risk component in the system.
Another factor is that the manager likely recognizes the uber coders, and any piece that is particularly difficult or important gets assigned to the uber coder. So their productivity may appear to be no better than others because the lead has compensated by giving them the pieces that nobody else can be trusted to do.
One guy has great productivity creating a frequency distribution report. It works, looks good, and everyone is happy. It took him a week to do. The uber coder could have batted that out in an afternoon, but instead spent a week ensuring that histogrammer behind the report was multi-core aware and could scale to billions of data points without dragging the system to its knees. The fact that the report programmer would have floundered at that task for weeks is not going to be apparent to most people - even many other people on the team. So the uber-ness of the uber programmer is hidden by the work they are assigned.
I'd suggest converting every book you own really fucking quick. No telling how long it will take Amazon to make a similar format that will take another year or so to break. You can bet that once they do, they'll remotely switch everyone's ebooks over to that new format and then push a firmware upgrade to ensure compliance.
Or, I could say that my Kindle works just fine as is, and that the presence of the DRM has been a non-event for me. In the event Amazon goes under I could be out of luck (though the most likely thing that would happen is that everything on my Kindle would continue to work for as long as the device lived). But what are the odds that Amazon will disappear in the next few years?
I'd rather we lived in a world where nobody felt the need for DRM, but that is not the world we have. Amazon and Apple seem to have about the most benign forms of DRM around, and I have been happy with the value I have received for my money.
The point is that I have already gotten you to execute a malicious executable. What more have I gained with a hidden payload? The damage is already done.
I will grant that this does open up one new vulnerability - I can write new malware that can be used to help the user execute old malware that is already known to the AV scanners.
But I still say that once I have gotten you to execute malware I don't worry about getting a second payload in place.
Whose to say that the malware doesn't have an executable renamed to a have a log extension, and the antiviruse skips over it. How trivial would it be to have a loader that does nothing except load "safe" files and do its bad things under the cloak of "but its a log file.... it should be safe".
Excluding any files on the computer is a bad thing, and needs to be discouraged.
So if you manage to get an executable onto the system, you can then use it to execute a malicious payload hidden in a seemingly innocuous file?
If I can get an executable on the system, I have already compromised your security. Why bother with a hidden payload at that point?
It is perfectly OK for free software to cost money, but since the requirement is to allow redistribution of the source, anything even remotely popular will become a race to the bottom.
If I pay $X for a chunk of software that includes source, I can immediately resell the same software for $X/2. Even if I only find one person who wants to buy it, that is a good deal for me.
That is why open source apps usually try to charge for support, customization or maintenance, rather than just licensing the core code.
So sure, go ahead and sell free software, just don't expect to make any money doing so.
I can understand replacing IE with Firefox, but unless you are planning on using IMAP instead of MAPI I think Outlook is a far more capable product than Thunderbird. Free as in beer I understand, but if your parents already have a valid Outlook license why would you take it away?
Your salary accounts for ~1/3 of the cost to the employer for having you around, if you count facilities and energy costs and taxes. This is only going to get worse as taxes go up to cover the costs of government spending on things like the war in Afghanistan and on universal healthcare. So it's a lot easier to increase responsibility at the cost of a small increase in salary and some title inflation than it is to hire more people.
I don't know where you come up with the 1/3 figure, but where I work the fully burdened cost per employee is 1.28 * salary. Most of that is benefits and employer paid taxes. Facilities charges are only a few thousand per person.
Yes, let's hope for the employer's sake that they don't ever trash him to future employers, because that would be a very easy lawsuit for slander. Any smart company has a strict policy that they refuse to discuss such things, and will only verify dates of employment.
The place where I work now has such a policy - we verify dates of employment, and whether someone is eligible for rehire. Yet when we call for references we try to get the real story, and HR says they have very little difficulty getting an honest answer on candidates, even from places that have a policy just like ours. Eventually you reach the point where refusal to say anything about a candidate is itself a negative. You want to be helpful to people who left on good terms, and of course nobody sues you for giving a positive reference. So if the company will only verify dates of employment you wonder what they are afraid to tell you.
And do you really think that suing an employer for slander will not be viewed as a big red flag by other employers?
Slashdot Mirror
Actually, a number of things you mention are precisely because we don't actually have a "free trade" system. The number one driver for offshoring, for example, is the completely anti-free-trade minimum wage laws.
Minimum wage laws being the driver of off-shoring? Really? Minimum wage jobs for the most part don't have enough cost differential to be good candidates for outsourcing, and many of them are service industry jobs that can't be effectively offshored.
The people earning $50/hr+ are where the demand for offshoring is very high, and I don't think you can blame those wages on minimum wage.
I've maintained for several years now that the above point is the main reason that Windows, Office and Server are pretty much the only thing keeping Microsoft solvent, as those three divisions' continuing success mainly hinges on the applied wisdom of decision making by the heads of educational, corporate and government institutions regarding technical matters (or rather the complete lack thereof) rather than Microsoft making any discernable effort regarding the quality of the products and services they provide...
Those 3 divisions the only things keeping MS solvent? From what I can tell by looking at earnings reports, those 3 divisions are about 90% of the company. I think most companies would be happy that 90% of the business lines are solidly profitable.
Even "Linux" is not a single OS. The device might work with Ubuntu, but not with RedHat or Slackware or Mandriva and I don't think that the manufacturer will test all of the more popular distributions. Testing for multiple versions of multiple distributions would be too much, especially since only a few percent of end users use Linux.
Careful there sonny - by failing to refer to it as "GNU/Linux" you are no longer eligible for the endorsement.
20% a year? I beg to differ
The CPI may be off (and I have read articles suggesting that it overstates inflation, not understates it), but 20% a year is absurd. Let's think about this:
1. My mortgage amount is fixed, and even were that not the case, the cost of housing is dropping, not rising.
2. Gas is roughly equal to what it was 2 years ago.
3. Electric, water, heat, trash - no utilities price changes anywhere close to 20% annually.
4. Appliances and electronics continue to get cheaper.
5. Telecom maybe up slightly, or it could just be the fact I have bought a smartphone with a data plan.
I think food prices have risen, but that is a tiny slice of my budget. Last year my employer held the line on health care price increases, though they have warned us our contributions are going up this year.
So what significant category is experiencing 20% inflation?
I've done it both ways, and never had an issue. I've wondered how good the fraud algorithms are - so if my Amex shows up in another country, do they look to see if you had recent transactions with an airline or an airport merchant? I would think that from a fraud perspective there is a big difference between my card showing up at a hotel in a tourist destination like Cancun, vs a grocery store in Roatan. It would be an interesting problem to work on.
And my point is that businesses always operate in their own interests, and businesses always have an interest in keeping their customers happy.
It is fashionable on /. to believe that big business and MS in particular have sinister ulterior motives that involve their doing something that will cost them sales, but I simply don't buy it.
I'm not saying MS has never done anything wrong, or that they don't wish open source never came along, but your comment about alienating customers is crucial - they are doing this because their customers demand it, and they fear they will lose money if they don't.
I don't feel a need for an explanation more complicated/sinister than that.
So let's see. Microsoft will do anything that it thinks will boost sales.
Those bastards! Next thing you know they will have the audacity to start fixing bugs that people complain about, or implement features that are requested, or even make products that they think people will buy! Oh Noes! The horror. The horror!
TFA says the licensing is 3% of cost. Tools are a relatively low markup, but I haven't seen any documentation that support 50% gross profit.
The tool makers are balking because they feel the customers will be put off by the pricetag....$69 every time the saw brake engages, and $110 a blade (+ 3% increase in the wholesale cost of the saw).
Having had close calls with woodworking equipment, and knowing a few guys that are short fingers, the notion of paying $180 if the brake engages bothers me not at all.
But it is true that an extra $150 at time of purchase is going to cause pain for the first manufacturer to go with it. And given that blade selection is something of a religious issue with woodworkers, the notion that you have to use the SawStop blade to get the benefit of the technology is going to cause consumer resistance as well.
Meanwhile, back in the real world:
Owner : IT Guy IT Guy, my data is gone! Save me
IT Guy : Well here we have this release I made you sign last month that clearly said that if you lost any data it was your own damn fault.
Owner : He's a post it with the words "you're fired on it". Now take your arrogant self-righteous ass out of my office.
You know what? If it goes down that way, leaving is really your only option. The company is clearly too dysfunctional for you to be happy/successful, so why torture yourself? Move on, and call it a learning experience.
Life is too short to work in a job that sucks. Yes, being unemployed sucks too, so better to go on terms of your own choosing. But if your boss is determined to be an asshat there is very little you can do to change that.
No argument whatsoever on that score. And for the record, I've usually felt that the complexity requirements and short password lifespans do lead to formulaic passwords and passive resistance from the user population.
But I still say that the corporation is trying to keep all the passwords secure, even if that means that the policies actually decrease security in some cases - usually the people who would have secure passwords without ever having to be told to do so.
It may narrow the nominal keyspace, but it almost certainly increases the average keyspace that needs to be searched. Without the complexity requirements most people will use a dictionary word or something like that. And the company wants to keep all the accounts secure, so it has to care about the average password.
And think of it this way - in a keyspace that requires 10 numeric digits, what percentage of the total keyspace is consumed by anything containing less than 10 digits? seems to me you have only given up 10% of the space, and an even smaller percentage if you consider the full printable range of characters instead of just numerics.
How convenient that the $670 edition should be the one that remains available.
I can only think of three explanations for this:
1. MS are quite happy to put some of the revenue from Office to paying damages, provided the revenue is from the most expensive version.
2. They're holding back on making the cheaper versions compliant intentionally to see if only having the expensive version available dramatically affects sales.
3. They're not as well organised as I'd like to believe - packaging every different edition of Office is a major undertaking which requires a lot of work.
How about:
4. Each SKU has to be built and tested by the same group, and each SKU takes a certain amount of time. MS decided to concentrate on some combination of the biggest volume/biggest revenue SKUs and leave the lesser used ones to the end.
A few years ago, a 1ghz P3 with 512mb and a 17" CRT was considered high end, and people would be very happy to have one...
People developed software back then too you know...
The mere fact you consider such a system inadequate highlights just how bloated software has become.
Getting a developer a high end box makes perfect sense. Most of the good developers are enthusiasts, and want to have nice tools to work with. Spending a few hundred dollars extra on a dev box, and replacing it every few years, may well be the difference between a developer feeling appreciated and having them walk out the door. Spending the same amount of money on salary would hardly be noticed. Any enhanced productivity because compile/link cycles are shorter is just gravy to me.
We already have a tag for "mathishard". What we really need is a "cryptoishard" tag. As you point out, the actual crypto algorithms are incredibly robust. What most developers don't pay any attention to is that fact that all the other pieces of the system have to be equally as robust, or you get a trivial crack.
Most of these systems are brought down by some very humble flaw. A locked bank vault with the combination hidden under the mat.
Cities have been using the LED lights for several years now, so it is not as if this is a new issue. I've seen LED lights in the Minneapolis area for a long time. And as many people have pointed out, in the right conditions snow covers just about everything - street signs, mile markers, reflectors in the median, lane markings, etc.
Having signal lights get obscured a few days a year, when everything else is getting obscured as well, hardly seems to warrant this level of reaction. It is not as if the failure mode results in all red or all green lights. Instead drivers struggle to see which light is lit. The proper solution to that is to slow down until you can tell if it is safe to cross. And you know what? In those conditions you should have slowed down anyways.
No doubt whatsoever that the time has to be productively spent. In my admittedly contrived example I assumed the uber coder was given the histogrammer because it really was performance critical and a high risk component in the system.
Another factor is that the manager likely recognizes the uber coders, and any piece that is particularly difficult or important gets assigned to the uber coder. So their productivity may appear to be no better than others because the lead has compensated by giving them the pieces that nobody else can be trusted to do.
One guy has great productivity creating a frequency distribution report. It works, looks good, and everyone is happy. It took him a week to do. The uber coder could have batted that out in an afternoon, but instead spent a week ensuring that histogrammer behind the report was multi-core aware and could scale to billions of data points without dragging the system to its knees. The fact that the report programmer would have floundered at that task for weeks is not going to be apparent to most people - even many other people on the team. So the uber-ness of the uber programmer is hidden by the work they are assigned.
I'd suggest converting every book you own really fucking quick. No telling how long it will take Amazon to make a similar format that will take another year or so to break. You can bet that once they do, they'll remotely switch everyone's ebooks over to that new format and then push a firmware upgrade to ensure compliance.
Or, I could say that my Kindle works just fine as is, and that the presence of the DRM has been a non-event for me. In the event Amazon goes under I could be out of luck (though the most likely thing that would happen is that everything on my Kindle would continue to work for as long as the device lived). But what are the odds that Amazon will disappear in the next few years?
I'd rather we lived in a world where nobody felt the need for DRM, but that is not the world we have. Amazon and Apple seem to have about the most benign forms of DRM around, and I have been happy with the value I have received for my money.
The point is that I have already gotten you to execute a malicious executable. What more have I gained with a hidden payload? The damage is already done.
I will grant that this does open up one new vulnerability - I can write new malware that can be used to help the user execute old malware that is already known to the AV scanners.
But I still say that once I have gotten you to execute malware I don't worry about getting a second payload in place.
Whose to say that the malware doesn't have an executable renamed to a have a log extension, and the antiviruse skips over it. How trivial would it be to have a loader that does nothing except load "safe" files and do its bad things under the cloak of "but its a log file.... it should be safe".
Excluding any files on the computer is a bad thing, and needs to be discouraged.
So if you manage to get an executable onto the system, you can then use it to execute a malicious payload hidden in a seemingly innocuous file?
If I can get an executable on the system, I have already compromised your security. Why bother with a hidden payload at that point?
It is perfectly OK for free software to cost money, but since the requirement is to allow redistribution of the source, anything even remotely popular will become a race to the bottom.
If I pay $X for a chunk of software that includes source, I can immediately resell the same software for $X/2. Even if I only find one person who wants to buy it, that is a good deal for me.
That is why open source apps usually try to charge for support, customization or maintenance, rather than just licensing the core code.
So sure, go ahead and sell free software, just don't expect to make any money doing so.
I can understand replacing IE with Firefox, but unless you are planning on using IMAP instead of MAPI I think Outlook is a far more capable product than Thunderbird. Free as in beer I understand, but if your parents already have a valid Outlook license why would you take it away?
Your salary accounts for ~1/3 of the cost to the employer for having you around, if you count facilities and energy costs and taxes. This is only going to get worse as taxes go up to cover the costs of government spending on things like the war in Afghanistan and on universal healthcare. So it's a lot easier to increase responsibility at the cost of a small increase in salary and some title inflation than it is to hire more people.
I don't know where you come up with the 1/3 figure, but where I work the fully burdened cost per employee is 1.28 * salary. Most of that is benefits and employer paid taxes. Facilities charges are only a few thousand per person.
Yes, let's hope for the employer's sake that they don't ever trash him to future employers, because that would be a very easy lawsuit for slander. Any smart company has a strict policy that they refuse to discuss such things, and will only verify dates of employment.
The place where I work now has such a policy - we verify dates of employment, and whether someone is eligible for rehire. Yet when we call for references we try to get the real story, and HR says they have very little difficulty getting an honest answer on candidates, even from places that have a policy just like ours. Eventually you reach the point where refusal to say anything about a candidate is itself a negative. You want to be helpful to people who left on good terms, and of course nobody sues you for giving a positive reference. So if the company will only verify dates of employment you wonder what they are afraid to tell you.
And do you really think that suing an employer for slander will not be viewed as a big red flag by other employers?