I fully agree. The whole thing is far worse though: They want to regulate _bathrooms_ with laws that come with harsh penalties! I mean anything wrong you could do to somebody else in a bathroom already has penalties on it, and hence this is completely insane. These people have completely lost it.
That, if true, is very far from the standard case. The standard case is that the "coder" is clueless because of lack of capability for insight. That is not a question of "doing the exercises".
While I thing that this will still require quire some time and I think most frameworks make application coding actually more difficult (at least if anything goes wrong), I do agree that eventually only a few real coders will be left. But that is the same in other fields. For example, there are much more electricians than EEs (working as EEs), and the like. Of course, the only good jobs will be the ones where you write real code and everybody else will be easily replaceable.
This is a very tough mental field. The campaigns to teach everyone to code make it seem like it's house work. Anyone can do it. I think they are finally realizing it's not so.
Welcome to industrialized "education" for money. Where I teach (on the side), they have an absolute class size limit of 30 for all classes, enforced by there simply not being more space in the classrooms. With that, you get actual interaction and that is incredible valuable. I think that somewhere beyond 150 participants or so you lose basically all of the advantages of direct teaching. But the university makes more money and that seems to be key here.
Ah yes, for example the Java "programmers" that can only call existing functions and methods and can only do it with code copied from the web. The job-security aspect for IT security consulting is correct though, I am benefiting from that. Although when I have to explain to a web application programmer how to find out what his code does that is really demented. It is much more satisfying to do this in an academic setting, there I can just fail those that do not understand what they are doing.
Often it is extremely easy to determine, namely from patterns of mistakes. I once, as a TA, had a case where I refused points for some exercises to several students. They complained, and then I showed them how a comma had become a dash and then had become a quote over several generations of copying (with the dash and the quote making absolutely no sense in the given context). That shut them up pretty fast.
Of course, for simple and correct code fragments you cannot actually detect cheating reliably. The easy solution is to make the exercises more complex. Students are coddled far too often in coding courses anyways.
Just give them two warnings and on the third time caught kick them out. And of course even on the first time caught, fail them for that course.
Oh wait, this is education for money, i.e. that form were even the most stupid cheater has to make it in order to keep the money flowing. Well, why not make all courses optional and just sell that degree directly?
Why would these companies perform a security review (which costs money and reduces profit) unless they are forced to?
Long-term economic survival. The problem is mostly not that these companies are profit-oriented, the problem is the incredible short-term focus used so often today. And, of course, the problem is people (like the typical CEO) only looking out for their own economic well-being but have zero loyalty to the company they are supposed to be serving.
You miss the point. "Ethical hacker" is a term with a defined meaning. It is not a "hacker" that simply behaves "ethical". A synonym for "ethical hacker" is "white hat hacker" and that does not involve hats of a white color either.
That said, I do agree that "legal" and "ethical" are often only loosely connected and sometimes they are not connected at all. The latter does not even need a totalitarian state where the law is mostly or only a tool for oppression. People that mistake "legal" for "ethical" do not understand either concept.
There are shades of grey here. A wish to protect your society when nobody else does is a valid concern. Sure, it is vigilantism, but besides regular law enforcement (which is conceptually unable to tolerate any competition), vigilantism is a "grey" thing to most people, not pure black or white as you suggest.
I do know the traditional meaning. But sticking to a traditional meaning that is not used anymore by almost everybody just makes you sound like a prick that claims to be superior for knowing the "true meaning". I prefer to be able to communicate, even if language is alive and words lose their former meaning and get different ones. These days I do not even wince when somebody says "cyber", even is that is a newer development on my side.
Information about your network or code should not result in it being compromised, and won't unless there are serious flaws lurking somewhere.
Indeed. In actual reality that unfortunately is often not true. Keeping information secret (besides crypto keys and similar things like passwords) should always only be regarded as an additional layer of security, but quite often it is all that keeps attackers out. For a while.
Well, in theory. In practice you never have "everything" and often you are missing important things, like source-code. But a white-hat hacker may well do a black-box pen-test. (Not that these make much sense, but if the customer asks for it...)
But note that "insider information" is not "insider information" anymore for the purpose of an authorized attack if given to the hacker voluntarily, because a hacker is always an "outsider", even if simulating being an insider.
What we do know these days is that "emergent phenomenon" is just another word for "bullshit" or "wishful thinking". In Physics, the whole is not and cannot be more than the sum of its parts and interactions. The same is true, by extension, in computing. When people claim that machines will get intelligence or even consciousness if they are made just complex enough, then that is techno-mysticism (and to some degree Cargo Cult) but not science. That is not to say this is impossible, but if it is possible, the mechanism for it is unknown and present day Physics would have to get some rather strong extensions to accommodate it. Given how well present-day Physics is established, I think that is not very likely to happen. Of course that does not make it impossible either.
Hence that "black box" is real at this time. We can (and I think should) continue to try to look into it, but there are no assurances we will ever have success and if we do, there are no assurances about hat we will find. It ranges from pure mechanics (although that is hard to imagine for consciousness and equally hard for general intelligence, once you understand the limits of computing machines) to something actually akin to "magic" (in religion usually called a "soul", but they did not invent that idea, they merely co-opted it because it makes some sense).
At this time we have no useful facts either way. We do know that the brain does a lot of things which could well be on the level of automation (akin to weak AI), and we do know at least part of the human memory is physical storage in the brain. But we have no clue about the missing parts only that they are there and are far more important than the ones we know. In particular, all the "results" from Neuro-"Sciences" are BS, as they universally confuse interface behavior with root-cause. In essence they are looking at the "blinking lights" and think that is what does the computations.
You're suggesting that human brains are somehow non-physical? That's... extremely unlikely.
As are the things it can to. In fact, there are rather strong indications at this time that some human brains can do things that may not be possible in this universe. Hence "unlikely" is not a show-stopper here. Incidentally, you have no basis for that probability assessment. Physics cannot even model plain life today, so we only know that quite a few things must be missing and at this time, because they are not described by Physics, they are extra-physical. Of course, I do not mean "out of existence", I mean "not part of Physics as it is known today". The terminology gets fuzzy and hard to handle in these areas.
An advantage has to be used well to count. The US is not 2nd world yet (like Argentina), but it seems to be on the way there by slowly falling behind. Of course, it would be to anybodies benefit if that could be fixed, because the things done now (protectionism, sabotage of competition) basically only do harm. But I do not see it happen anytime soon. It will be interesting to see at what time the US economy bottoms out and start to catch up again. There are some huge challenges to overcome for that and Trump is making things worse at the moment long-term, by attempting to lighten some straw-fires so he does not quite look like the utter failure he is.
Excellent point. The US has grown fat and lazy while it was ahead and that now makes it difficult for them to even only keep pace with the others.
I do know a European example that was not bombed in WWII: Switzerland. The difference is that they used that advantage and are today in 2nd place as to GDP per capita in Europe, after Luxembourg (apparently suffered very little infrastructure-damage in WWII as well and would be a second example) and with about twice the value of Germany, the UK or France. Not having to build-up infrastructure again is a huge advantage, but it has to be used well to count long-term.
Indeed. And given that the root cause was both minor and expected ("power outage" is a very standard IT disaster scenario that a competent organization is well prepared for), but had such a devastating effect, a major outage will probably kill them.
And that is just the point. Competent Indian IT staff is _not_ any cheaper, because they can get jobs all over the world at local salaries. And outsources always adds to the cost.
He's the CEO. The buck stops on his desk, no matter what.
Not these days. The CEO not taking responsibility for anything except successes (that he usually had no part in creating) is pretty much in the job description.
I fully agree. The whole thing is far worse though: They want to regulate _bathrooms_ with laws that come with harsh penalties! I mean anything wrong you could do to somebody else in a bathroom already has penalties on it, and hence this is completely insane. These people have completely lost it.
Ah, yes. Some students truly aim to attain new heights of incompetence. Leaving the name in is pretty "special" ;-)
That, if true, is very far from the standard case. The standard case is that the "coder" is clueless because of lack of capability for insight. That is not a question of "doing the exercises".
While I thing that this will still require quire some time and I think most frameworks make application coding actually more difficult (at least if anything goes wrong), I do agree that eventually only a few real coders will be left. But that is the same in other fields. For example, there are much more electricians than EEs (working as EEs), and the like. Of course, the only good jobs will be the ones where you write real code and everybody else will be easily replaceable.
This is a very tough mental field. The campaigns to teach everyone to code make it seem like it's house work. Anyone can do it. I think they are finally realizing it's not so.
I sure do hope so.
Welcome to industrialized "education" for money. Where I teach (on the side), they have an absolute class size limit of 30 for all classes, enforced by there simply not being more space in the classrooms. With that, you get actual interaction and that is incredible valuable. I think that somewhere beyond 150 participants or so you lose basically all of the advantages of direct teaching. But the university makes more money and that seems to be key here.
Ah yes, for example the Java "programmers" that can only call existing functions and methods and can only do it with code copied from the web. The job-security aspect for IT security consulting is correct though, I am benefiting from that. Although when I have to explain to a web application programmer how to find out what his code does that is really demented. It is much more satisfying to do this in an academic setting, there I can just fail those that do not understand what they are doing.
Often it is extremely easy to determine, namely from patterns of mistakes. I once, as a TA, had a case where I refused points for some exercises to several students. They complained, and then I showed them how a comma had become a dash and then had become a quote over several generations of copying (with the dash and the quote making absolutely no sense in the given context). That shut them up pretty fast.
Of course, for simple and correct code fragments you cannot actually detect cheating reliably. The easy solution is to make the exercises more complex. Students are coddled far too often in coding courses anyways.
Just give them two warnings and on the third time caught kick them out. And of course even on the first time caught, fail them for that course.
Oh wait, this is education for money, i.e. that form were even the most stupid cheater has to make it in order to keep the money flowing. Well, why not make all courses optional and just sell that degree directly?
Why would these companies perform a security review (which costs money and reduces profit) unless they are forced to?
Long-term economic survival. The problem is mostly not that these companies are profit-oriented, the problem is the incredible short-term focus used so often today. And, of course, the problem is people (like the typical CEO) only looking out for their own economic well-being but have zero loyalty to the company they are supposed to be serving.
You miss the point. "Ethical hacker" is a term with a defined meaning. It is not a "hacker" that simply behaves "ethical". A synonym for "ethical hacker" is "white hat hacker" and that does not involve hats of a white color either.
That said, I do agree that "legal" and "ethical" are often only loosely connected and sometimes they are not connected at all. The latter does not even need a totalitarian state where the law is mostly or only a tool for oppression. People that mistake "legal" for "ethical" do not understand either concept.
There are shades of grey here. A wish to protect your society when nobody else does is a valid concern. Sure, it is vigilantism, but besides regular law enforcement (which is conceptually unable to tolerate any competition), vigilantism is a "grey" thing to most people, not pure black or white as you suggest.
I do know the traditional meaning. But sticking to a traditional meaning that is not used anymore by almost everybody just makes you sound like a prick that claims to be superior for knowing the "true meaning". I prefer to be able to communicate, even if language is alive and words lose their former meaning and get different ones. These days I do not even wince when somebody says "cyber", even is that is a newer development on my side.
Information about your network or code should not result in it being compromised, and won't unless there are serious flaws lurking somewhere.
Indeed. In actual reality that unfortunately is often not true. Keeping information secret (besides crypto keys and similar things like passwords) should always only be regarded as an additional layer of security, but quite often it is all that keeps attackers out. For a while.
Well, in theory. In practice you never have "everything" and often you are missing important things, like source-code. But a white-hat hacker may well do a black-box pen-test. (Not that these make much sense, but if the customer asks for it...)
But note that "insider information" is not "insider information" anymore for the purpose of an authorized attack if given to the hacker voluntarily, because a hacker is always an "outsider", even if simulating being an insider.
What we do know these days is that "emergent phenomenon" is just another word for "bullshit" or "wishful thinking". In Physics, the whole is not and cannot be more than the sum of its parts and interactions. The same is true, by extension, in computing. When people claim that machines will get intelligence or even consciousness if they are made just complex enough, then that is techno-mysticism (and to some degree Cargo Cult) but not science. That is not to say this is impossible, but if it is possible, the mechanism for it is unknown and present day Physics would have to get some rather strong extensions to accommodate it. Given how well present-day Physics is established, I think that is not very likely to happen. Of course that does not make it impossible either.
Hence that "black box" is real at this time. We can (and I think should) continue to try to look into it, but there are no assurances we will ever have success and if we do, there are no assurances about hat we will find. It ranges from pure mechanics (although that is hard to imagine for consciousness and equally hard for general intelligence, once you understand the limits of computing machines) to something actually akin to "magic" (in religion usually called a "soul", but they did not invent that idea, they merely co-opted it because it makes some sense).
At this time we have no useful facts either way. We do know that the brain does a lot of things which could well be on the level of automation (akin to weak AI), and we do know at least part of the human memory is physical storage in the brain. But we have no clue about the missing parts only that they are there and are far more important than the ones we know. In particular, all the "results" from Neuro-"Sciences" are BS, as they universally confuse interface behavior with root-cause. In essence they are looking at the "blinking lights" and think that is what does the computations.
You're suggesting that human brains are somehow non-physical? That's... extremely unlikely.
As are the things it can to. In fact, there are rather strong indications at this time that some human brains can do things that may not be possible in this universe. Hence "unlikely" is not a show-stopper here. Incidentally, you have no basis for that probability assessment. Physics cannot even model plain life today, so we only know that quite a few things must be missing and at this time, because they are not described by Physics, they are extra-physical. Of course, I do not mean "out of existence", I mean "not part of Physics as it is known today". The terminology gets fuzzy and hard to handle in these areas.
An advantage has to be used well to count. The US is not 2nd world yet (like Argentina), but it seems to be on the way there by slowly falling behind. Of course, it would be to anybodies benefit if that could be fixed, because the things done now (protectionism, sabotage of competition) basically only do harm. But I do not see it happen anytime soon. It will be interesting to see at what time the US economy bottoms out and start to catch up again. There are some huge challenges to overcome for that and Trump is making things worse at the moment long-term, by attempting to lighten some straw-fires so he does not quite look like the utter failure he is.
Excellent point. The US has grown fat and lazy while it was ahead and that now makes it difficult for them to even only keep pace with the others.
I do know a European example that was not bombed in WWII: Switzerland. The difference is that they used that advantage and are today in 2nd place as to GDP per capita in Europe, after Luxembourg (apparently suffered very little infrastructure-damage in WWII as well and would be a second example) and with about twice the value of Germany, the UK or France. Not having to build-up infrastructure again is a huge advantage, but it has to be used well to count long-term.
On the plus side, by statistics, they are not going to have another of these for quite a while now, so all is well! Oh, wait...
And that is just wrong. If you have more than a PC with office and email on it, IT is _not_ a commodity at all these days.
Indeed. And given that the root cause was both minor and expected ("power outage" is a very standard IT disaster scenario that a competent organization is well prepared for), but had such a devastating effect, a major outage will probably kill them.
Nice quote! Assumes a competent buyer of course, and with this joke of a CEO right here under discussion, that one is nowhere in sight.
And that is just the point. Competent Indian IT staff is _not_ any cheaper, because they can get jobs all over the world at local salaries. And outsources always adds to the cost.
He's the CEO. The buck stops on his desk, no matter what.
Not these days. The CEO not taking responsibility for anything except successes (that he usually had no part in creating) is pretty much in the job description.