The thing is, I'd have to argue that in most cases I've seen, on-call and after hours work IS a fundamental aspect of the job. If important server X goes down at 2am someone needs to fix it asap. You could hire someone to work nights but most of the time there isn't actually enough work that needs to be done during those hours to justify paying another person. Due to the way business and life is scheduled you really need most or all of your staff there during the day (meetings, trainings, general communication, more stuff needs to be fixed faster due to other employees using it, more activity to monitor, etc.) and someone just available during the evening/night for just in case, so moving one or two of the current daytime staff to nights is also not the best solution.
In exchange we frequently get paid more and at every company I've worked at IT also has other perks like frequently getting less restricted access to internet/web (or just getting access to the web at all) while at work.
Re:I thought IT workers can telecommute to work?
on
Women Are Fleeing IT Jobs
·
· Score: 3, Interesting
In my experience management doesn't like people to work from home most of the time. They can't see how much time the employee is spending working. Most management I've had cares more about how much time you spend working than how much work you get done.
To be fair, there is some rationale to that... if it only takes you 3 hrs/day to do all of your work you can for the day and another guy in your department 4 hrs/day to do his work, then the company can get rid of one of you and still get the same amount of work done in an 8 hr day.
I'm already prepared for the day I find a wire dangling off of my display. I've got a bookmark group that opens meatspin, goatse, and tubgirl in one shot.
From a personal standpoing my main concern with a system like this is not that off chance of someone else managing to mimic my typing. It's that 10% (or whatever the real number was, not 100% accurate, though) chance that it's not going to recognize my own typing. If it just does it once, well, annoying but whatever, I'll get in on the next try. That combined with (or to be fair, possibly caused by) all of the factors mentioned in posts before mine that could affect how I type my password and it seems there's a good chance for me to not be able to access my system.
Now spread that problem out over an entire company. I did my time on phone support recently enough in the past that it's still pretty clear in my mind. People have a hard enough time with their passwords as it is without the system adding in its own mistakes to lock them out. There's the potential for a lot of lost productivity with something like this. More people can't log in and get to work as soon due to the screwed up password, more calls to the helpdesk resulting in taking longer to get accounts unlocked, etc.
I read about this semi-recently (as in within the last year) and at that point the recognition based on the actual keystroke timing was pretty poor. With only 2 or 3 people they could tell who it was something like 90% of the time if I remember right. It got considerably worse as there were more people to recognize.
Now, you could possibly argue that it only needs to be able to recognize 1 person or at most 2, you and "not you", as once it determines it is not you the system does not care about the specific identify. Still, until they get that number to 100% it's going to be more hassle than it's worth, especially at a place with a 3 attempt lockout policy or the like.
I would argue that your second group is just as dumb and in just as much need of education as your first group. They bought into the "hackers are everywhere and trying to get your data 24/7 no matter where you are and what you're doing" hype. They then went out and blew money on various worthless garbage, be it truly ineffective or just far more security than they actually need or understand how to use properly, and end up with at least as much trouble as they would have without it. You see this problem all over the place even with fairly basic security stuff. How many times have you seen people complaining that they bought and setup a firewall and now half of their Internet related activities don't work because ports need forwarded and whatnot and they don't have the knowledge or desire to gain the knowledge to deal with it? They weren't saved from any problems, they just changed the kinds of problems they would have.
In the end it still all comes down to education (or lack thereof) and, even more accurately imo, desire to be educated. Whether you don't understand the issue enough to realize that you truly do need the protection or don't understand the problem enough to realize what protection you actually need and how to properly use it, the right tool for the job is out there and the only reason you don't have it is lack of education.
Or perhaps I could take that money that would have gone into an instrument I'll mess with for a few months at most before sticking it in the closet and put it into a console which I'll use for years and a fun game. Said fun game I'll probably play at least as long as the instrument plus can invite my video game playing and non-instrument playing friends over to play, which may be more rewarding than sitting alone in my bedroom doing a bad job playing an instrument. After the fun of the game has worn off, the part of the investment that went into the console is still getting use when I pick up other games.
You play video games, even ones that semi-simulate playing an instrument, for different reasons than you play a real instrument. Some people like to do one thing and some like to do the other. Some rebels out there even like to do both.
My choices of Internet where I am are 1) Verizon 2) Comcast - I haven't read their ToS/AUP/etc, but I'd be willing to be it's no better, which means switching is just a hassle with no real benefit in the end. 3) Cavalier - They require you to have a landline through them to get DSL. They lease all of their lines from Verizon, so if you have Cavalier, you are still helping to keep Verizon in business.
They could differentiate themselves from the internet stores by emphasising personal service but seeing as they are cutting their higher paid people I'd say that isn't going to happen.
As an ex-Best Buy employee (as in 10 or so years ago) I'd argue that the top paid/"ranked" employees weren't giving good personal service. They may have been good at making the customer think they were getting good personal service, but that was just part of the sales tactic which allows them to do what really gets them top paid and thought of as a top employee.
What really gets you to be a top salesperson is sticking the gold plated USB (or parallel in my day)cable in their cart, plus a couple ink refills for the printer they are buying, selling the extended warranty, selling the latest re-branded and/or ISP partnership subscription, and selling them on the overpriced "system maintenance" where the in store techs go through and remove excess software, etc. (which isn't necessarily a bad thing, but hardly worth the $30 or whatever to most people who are going to want some of that crap back and/or just install new junk software instead).
This lack of value assumes that everyone (or at least enough people) have unlimited $1 bills. If only you and the parent poster have unlimited $1 bills and everyone else in the world still has to work for their money as usual then it's not at all worthless and still quite the advantage.
Debatable, but even if it was perfectly true it doesn't open an avenue to a solution. The odds of Joe User noticing that the email really came from accounts@ppaypal.com aren't very good. After all, he already missed the fact that the url links to http://12323984378/steal/my/info.php [12323984378].
Unless the provider uses domain keys or the like for ALL email (not just email @paypal.com) paypal's problem isn't addressed. That means every mail server operator, even the home hobbiest, has to subscribe to some third-party authentication service like domain keys.
Good points there. I definitely agree that it's not a perfect solution and could have some negative impact but do we really have any better options available right now (aside from joe user getting more intelligent about the internet, which I don't think we can really count on)?
Dammit, I hate when I forget to preview first. I missed a set of blockquote tags, so just in case that above post is unclear, here's where the second blockquote should have been.
Except if you check closely, the messages probably didn't use paypal.com in the envelope sender; they probably only used it in the From header. This means that if the service blocked those messages then anybody agregating multiple email addresses in to one mailbox would see their messages fail at the forwarder.
Just to make sure I'm understanding you right (I'm pretty sure I am, but it's the Internet, communications go wrong sometimes), you mean as in if I had say 5 e-mail address and each of them forwarded the e-mail to me@myemail.com so that I could check them all in one place and my real paypal e-mails were being sent to one of those original 5?
If that's the case I'm guessing that Ebay/Paypal are just betting on there being a minimal amount of people doing that who are also going to be incapable or unwilling to just have paypal send stuff directly to their main address or work out some other technical solution if they've got enough control/access to the servers.
Then they don't need domain keys, do they? They could just drop messages with paypal.com in the from address that fail SPF.
My understanding of the article is that using SPF might be considered a valid protection. DomainKeys is the only thing specifically mentioned but the article does say "several technologies". While SPF isn't digital signing, I wouldn't be surprised if it is included in that list. Basically asking providers to use one or more of a variety of technologies to help with the problem.
Except if you check closely, the messages probably didn't use paypal.com in the envelope sender; they probably only used it in the From header. This means that if the service blocked those messages then anybody agregating multiple email addresses in to one mailbox would see their messages fail at the forwarder.
Just to make sure I'm understanding you right (I'm pretty sure I am, but it's the Internet, communications go wrong sometimes), you mean as in if I had say 5 e-mail address and each of them forwarded the e-mail to me@myemail.com so that I could check them all in one place and my real paypal e-mails were being sent to one of those original 5?
If that's the case I'm guessing that Ebay/Paypal are just betting on there being a minimal amount of people doing that who are also going to be incapable or unwilling to just have paypal send stuff directly to their main address or work out some other technical solution if they've got enough control/access to the servers.
I know we don't traditionally rtfa before commenting, but for some reason I was compelled to do so.
This sounds like some underpaid and undertrained phone support guy misinterpreting the general "we don't provide support for Linux users" type rule and taking it a bit too far, to the point where Linux clearly wasn't the problem. The fact that the PR person has pointed out that it's pretty clear that the problem was not caused by Linux and should be considered an exception to the rule andmake that pretty obvious.
The problem is that context is just as important as what was said. Sure, people said some shit they probably shouldn't have. They didn't actually do those things, though, and being the Internet, it's unlikely they have any plans to do so or actually believe that these things should be gone through with. People talk shit on the Internet. People say things just to be dicks on the Internet because they can be fairly certain it's not going to result in the ass kicking they probably deserve.
In this case specifically, these "threats" look like 90% of the arguments I see on the Internet. As far as I know not one of them has resulted in any of those suggestions occurring. This is what happens on the Internet.
If it is in fact believed that a person intends to make good on such threats or wants to believe they will (whether they actually can/will or not), well, we've already got that covered.
We've got a few crappy pictures of a closed laptop with what to me looks like a cheap velvet covering. The website is a static site (although apparently using some sort of dynamic capable back end) with absolutely no information and some questionable grammar. I can't find any mention of this company through google other than articles about this laptop and a couple job postings from February 2007 (one of which suggests that they are basically a start up) on gumtree.com, which appears to be an EU version of craigslist, which doesn't really say "Well known luxury company who only deals with the richest of the rich" to me.
How long until we find out the Phantom guys are behind this?
You can travel a lot more without needing more official vacation time. I've done it.
Everywhere I've worked you don't get a laptop and VPN access so that you can stay home and work. You get them so that after you've spent the day at work you can go home and continue to do more work.
As soon as you convince my employer, my school, and the local IT headhunters to start using OO instead of MS Word, I'll get right on that. Until then, I'll write anything I need to at home in OO and save to Word format, then take a few seconds at work or school to make sure the formatting is correct before sending it off to anyone of any importance. Unfortunately, we can't expect the general public to be willing to go through those same extra steps just to use a piece of software they've never heard of.
A somewhat obvious question is raised: why isn't OpenOffice already available by default on new PC's and Workstations?"
I would say for the same (or at least closely related and similar) reason that PC's come with and the majority of people want/keep using Windows over other OS choices which are arguably better and just as easy or easier to use. It's what people are familiar with. I'm pretty confident your average joe on the street has heard of MS Office. That same guy probably has not heard of OpenOffice. People know the name, the use it at work, they are comfortable with it. Given the choice between a computer with OO and a Computer with MS Office, all other things being equal (or at least equal to your average use), they're probably going to take the one with MS Office. Therefore, it makes sense for computers to come with it (most at least come with Word and Excel these days, I believe).
On top of that, it's still not 100% compatible with MS Office... I frequently have to slightly adjust things converting between OO's.odf and Office's.doc and have had some features of Excel spreadsheets not work in OO. That alone is going to make it unacceptable for use on projects for school or work which are then going to probably be used in MS Office.
Sure, as OO is free, it could be included along with Word/Excel/full MS Office, etc. but I suspect at best it'll go mostly unused and just take up disk space and at worst potentially confuse customers.
As I understand it, Apple is the technological source of this DRM in question, but not the muscle that pushes for its incorporation into the files. If Disney wants DRM on its digital downloadable movies as a provision for Apple to sell them, then it's Disney that is failing to "open up." If Apple refuses to put DRM on their products, then I'd guess they wouldn't have those products to sell.
If I could mod this up I would. I can't at the moment, though, so instead I'll confirm that this is a reason at least some of the time.
This is a very good point that I should have thought of myself. I'm a programmer at a company involved in distribution of various music and video content types. We don't really care if our product has DRM on it or not as every one of use knows full well that anyone with the will and half a brain can get at this content with no DRM (just talking business side of things here, not our personal feelings on it) but the various labels will not give us the rights to distribute the content without the DRM. So we slap the DRM on our content, sell it to those willing to pay for DRM'd content, and collect our shiny paychecks.
I assume they mean determining the region (and I would still consider this just as untrustworthy as using the IP) by figuring in things such as the types of attacks used, apparent knowledge, what they were attacking, what information they took/used/ignored, etc as compared to trends of the same measures from different areas of the world.
Writing the client in C# also means it's not portable to game consoles or non-x86 embedded devices that mostly run Linux, so they're on a dead end.
What about Mono? I haven't played with it and understand that there are some features of.Net not yet implemented and others that are probably never going to work due to being stuff specific to Windows, but we've got a.Net environment and compiler for Linux.
Well, the article with some arguments covered one thing I was going to mention, there's a big difference between software to control jet engines or nuclean powerplants and software to be used as an office suite or the like. Of course there will be quality differences between those as bugs in one can likely kill people where as bugs in the other probably won't. They have different levels of allowable bugs and required quality.
The other thing which was not mentioned in the second article was this. What were the bugs and how quickly are they fixed? Having the same amount of bugs or even more bugs may not be a problem if those bugs are mere annoyances rather than something that can cause you to lose hours of work or security holes which can cause you to have secure information stolen or be used to attack someone else. How fast the bugs are fixed also matters. What if one piece of software has only 3 bugs but they take 2 weeks each to fix whereas another piece of software has 8 bugs of similar urgency to fix but has each of them fixed in only 1 or 2 days? Which is the better software in this case?
Now maybe these things were taken into account, but the article certainly didn't make it clear to me if they were or not.
Slashdot Mirror
The thing is, I'd have to argue that in most cases I've seen, on-call and after hours work IS a fundamental aspect of the job. If important server X goes down at 2am someone needs to fix it asap. You could hire someone to work nights but most of the time there isn't actually enough work that needs to be done during those hours to justify paying another person. Due to the way business and life is scheduled you really need most or all of your staff there during the day (meetings, trainings, general communication, more stuff needs to be fixed faster due to other employees using it, more activity to monitor, etc.) and someone just available during the evening/night for just in case, so moving one or two of the current daytime staff to nights is also not the best solution.
In exchange we frequently get paid more and at every company I've worked at IT also has other perks like frequently getting less restricted access to internet/web (or just getting access to the web at all) while at work.
In my experience management doesn't like people to work from home most of the time. They can't see how much time the employee is spending working. Most management I've had cares more about how much time you spend working than how much work you get done.
To be fair, there is some rationale to that... if it only takes you 3 hrs/day to do all of your work you can for the day and another guy in your department 4 hrs/day to do his work, then the company can get rid of one of you and still get the same amount of work done in an 8 hr day.
I'm already prepared for the day I find a wire dangling off of my display. I've got a bookmark group that opens meatspin, goatse, and tubgirl in one shot.
From a personal standpoing my main concern with a system like this is not that off chance of someone else managing to mimic my typing. It's that 10% (or whatever the real number was, not 100% accurate, though) chance that it's not going to recognize my own typing. If it just does it once, well, annoying but whatever, I'll get in on the next try. That combined with (or to be fair, possibly caused by) all of the factors mentioned in posts before mine that could affect how I type my password and it seems there's a good chance for me to not be able to access my system.
Now spread that problem out over an entire company. I did my time on phone support recently enough in the past that it's still pretty clear in my mind. People have a hard enough time with their passwords as it is without the system adding in its own mistakes to lock them out. There's the potential for a lot of lost productivity with something like this. More people can't log in and get to work as soon due to the screwed up password, more calls to the helpdesk resulting in taking longer to get accounts unlocked, etc.
I read about this semi-recently (as in within the last year) and at that point the recognition based on the actual keystroke timing was pretty poor. With only 2 or 3 people they could tell who it was something like 90% of the time if I remember right. It got considerably worse as there were more people to recognize.
Now, you could possibly argue that it only needs to be able to recognize 1 person or at most 2, you and "not you", as once it determines it is not you the system does not care about the specific identify. Still, until they get that number to 100% it's going to be more hassle than it's worth, especially at a place with a 3 attempt lockout policy or the like.
I would argue that your second group is just as dumb and in just as much need of education as your first group. They bought into the "hackers are everywhere and trying to get your data 24/7 no matter where you are and what you're doing" hype. They then went out and blew money on various worthless garbage, be it truly ineffective or just far more security than they actually need or understand how to use properly, and end up with at least as much trouble as they would have without it. You see this problem all over the place even with fairly basic security stuff. How many times have you seen people complaining that they bought and setup a firewall and now half of their Internet related activities don't work because ports need forwarded and whatnot and they don't have the knowledge or desire to gain the knowledge to deal with it? They weren't saved from any problems, they just changed the kinds of problems they would have.
In the end it still all comes down to education (or lack thereof) and, even more accurately imo, desire to be educated. Whether you don't understand the issue enough to realize that you truly do need the protection or don't understand the problem enough to realize what protection you actually need and how to properly use it, the right tool for the job is out there and the only reason you don't have it is lack of education.
Or perhaps I could take that money that would have gone into an instrument I'll mess with for a few months at most before sticking it in the closet and put it into a console which I'll use for years and a fun game. Said fun game I'll probably play at least as long as the instrument plus can invite my video game playing and non-instrument playing friends over to play, which may be more rewarding than sitting alone in my bedroom doing a bad job playing an instrument. After the fun of the game has worn off, the part of the investment that went into the console is still getting use when I pick up other games.
You play video games, even ones that semi-simulate playing an instrument, for different reasons than you play a real instrument. Some people like to do one thing and some like to do the other. Some rebels out there even like to do both.
My choices of Internet where I am are
1) Verizon
2) Comcast - I haven't read their ToS/AUP/etc, but I'd be willing to be it's no better, which means switching is just a hassle with no real benefit in the end.
3) Cavalier - They require you to have a landline through them to get DSL. They lease all of their lines from Verizon, so if you have Cavalier, you are still helping to keep Verizon in business.
What really gets you to be a top salesperson is sticking the gold plated USB (or parallel in my day)cable in their cart, plus a couple ink refills for the printer they are buying, selling the extended warranty, selling the latest re-branded and/or ISP partnership subscription, and selling them on the overpriced "system maintenance" where the in store techs go through and remove excess software, etc. (which isn't necessarily a bad thing, but hardly worth the $30 or whatever to most people who are going to want some of that crap back and/or just install new junk software instead).
This lack of value assumes that everyone (or at least enough people) have unlimited $1 bills. If only you and the parent poster have unlimited $1 bills and everyone else in the world still has to work for their money as usual then it's not at all worthless and still quite the advantage.
Good points there. I definitely agree that it's not a perfect solution and could have some negative impact but do we really have any better options available right now (aside from joe user getting more intelligent about the internet, which I don't think we can really count on)?
And now, time for a meeting... bleh.
Just to make sure I'm understanding you right (I'm pretty sure I am, but it's the Internet, communications go wrong sometimes), you mean as in if I had say 5 e-mail address and each of them forwarded the e-mail to me@myemail.com so that I could check them all in one place and my real paypal e-mails were being sent to one of those original 5?
If that's the case I'm guessing that Ebay/Paypal are just betting on there being a minimal amount of people doing that who are also going to be incapable or unwilling to just have paypal send stuff directly to their main address or work out some other technical solution if they've got enough control/access to the servers.
My understanding of the article is that using SPF might be considered a valid protection. DomainKeys is the only thing specifically mentioned but the article does say "several technologies". While SPF isn't digital signing, I wouldn't be surprised if it is included in that list. Basically asking providers to use one or more of a variety of technologies to help with the problem.
Except if you check closely, the messages probably didn't use paypal.com in the envelope sender; they probably only used it in the From header. This means that if the service blocked those messages then anybody agregating multiple email addresses in to one mailbox would see their messages fail at the forwarder.
Just to make sure I'm understanding you right (I'm pretty sure I am, but it's the Internet, communications go wrong sometimes), you mean as in if I had say 5 e-mail address and each of them forwarded the e-mail to me@myemail.com so that I could check them all in one place and my real paypal e-mails were being sent to one of those original 5?
If that's the case I'm guessing that Ebay/Paypal are just betting on there being a minimal amount of people doing that who are also going to be incapable or unwilling to just have paypal send stuff directly to their main address or work out some other technical solution if they've got enough control/access to the servers.
The same way the SPF records catch them, most of them I get claiming to be from paypal have a paypal.com e-mail address as the from address.
I know we don't traditionally rtfa before commenting, but for some reason I was compelled to do so.
This sounds like some underpaid and undertrained phone support guy misinterpreting the general "we don't provide support for Linux users" type rule and taking it a bit too far, to the point where Linux clearly wasn't the problem. The fact that the PR person has pointed out that it's pretty clear that the problem was not caused by Linux and should be considered an exception to the rule andmake that pretty obvious.
The problem is that context is just as important as what was said. Sure, people said some shit they probably shouldn't have. They didn't actually do those things, though, and being the Internet, it's unlikely they have any plans to do so or actually believe that these things should be gone through with. People talk shit on the Internet. People say things just to be dicks on the Internet because they can be fairly certain it's not going to result in the ass kicking they probably deserve.
In this case specifically, these "threats" look like 90% of the arguments I see on the Internet. As far as I know not one of them has resulted in any of those suggestions occurring. This is what happens on the Internet.
If it is in fact believed that a person intends to make good on such threats or wants to believe they will (whether they actually can/will or not), well, we've already got that covered.
We've got a few crappy pictures of a closed laptop with what to me looks like a cheap velvet covering. The website is a static site (although apparently using some sort of dynamic capable back end) with absolutely no information and some questionable grammar. I can't find any mention of this company through google other than articles about this laptop and a couple job postings from February 2007 (one of which suggests that they are basically a start up) on gumtree.com, which appears to be an EU version of craigslist, which doesn't really say "Well known luxury company who only deals with the richest of the rich" to me.
How long until we find out the Phantom guys are behind this?
As soon as you convince my employer, my school, and the local IT headhunters to start using OO instead of MS Word, I'll get right on that. Until then, I'll write anything I need to at home in OO and save to Word format, then take a few seconds at work or school to make sure the formatting is correct before sending it off to anyone of any importance. Unfortunately, we can't expect the general public to be willing to go through those same extra steps just to use a piece of software they've never heard of.
I would say for the same (or at least closely related and similar) reason that PC's come with and the majority of people want/keep using Windows over other OS choices which are arguably better and just as easy or easier to use. It's what people are familiar with. I'm pretty confident your average joe on the street has heard of MS Office. That same guy probably has not heard of OpenOffice. People know the name, the use it at work, they are comfortable with it. Given the choice between a computer with OO and a Computer with MS Office, all other things being equal (or at least equal to your average use), they're probably going to take the one with MS Office. Therefore, it makes sense for computers to come with it (most at least come with Word and Excel these days, I believe).
On top of that, it's still not 100% compatible with MS Office... I frequently have to slightly adjust things converting between OO's
Sure, as OO is free, it could be included along with Word/Excel/full MS Office, etc. but I suspect at best it'll go mostly unused and just take up disk space and at worst potentially confuse customers.
This is a very good point that I should have thought of myself. I'm a programmer at a company involved in distribution of various music and video content types. We don't really care if our product has DRM on it or not as every one of use knows full well that anyone with the will and half a brain can get at this content with no DRM (just talking business side of things here, not our personal feelings on it) but the various labels will not give us the rights to distribute the content without the DRM. So we slap the DRM on our content, sell it to those willing to pay for DRM'd content, and collect our shiny paychecks.
I assume they mean determining the region (and I would still consider this just as untrustworthy as using the IP) by figuring in things such as the types of attacks used, apparent knowledge, what they were attacking, what information they took/used/ignored, etc as compared to trends of the same measures from different areas of the world.
What about Mono? I haven't played with it and understand that there are some features of
You'll need one hell of a truck to ship those tubes.
Well, the article with some arguments covered one thing I was going to mention, there's a big difference between software to control jet engines or nuclean powerplants and software to be used as an office suite or the like. Of course there will be quality differences between those as bugs in one can likely kill people where as bugs in the other probably won't. They have different levels of allowable bugs and required quality. The other thing which was not mentioned in the second article was this. What were the bugs and how quickly are they fixed? Having the same amount of bugs or even more bugs may not be a problem if those bugs are mere annoyances rather than something that can cause you to lose hours of work or security holes which can cause you to have secure information stolen or be used to attack someone else. How fast the bugs are fixed also matters. What if one piece of software has only 3 bugs but they take 2 weeks each to fix whereas another piece of software has 8 bugs of similar urgency to fix but has each of them fixed in only 1 or 2 days? Which is the better software in this case? Now maybe these things were taken into account, but the article certainly didn't make it clear to me if they were or not.