The problem here is that this will not keep. There is definitely luck involved, and if this person was, say, working 80h weeks, then the compensation still sucks.
Very much so. And you can make a lot more as a gray-hat, with no risk of prison time. These people are basically a bit more advanced amateurs with big egos that exploit themselves.
Indeed. This is completely bogus. People doing it will go for the low-hanging fruit and if they find something really juicy by accident, they can easily make one order of magnitude more money on it. Nothing more complicated will ever get reported to the company. This may also explain why the cost of this is 1/10 of other methods: It has far less than 1/10 of the results and is dangerous in addition.
Now, a really competent security review will be expensive, but it will look at things like code quality, design and architecture, competence of the implementers and maintainers, processes, roadmap, etc. It will, for example, find cases where only one safeguard is effective (and hence things cannot get hacked), but the risk is hight, because you usually want two independent safeguards. It will find things were technology is not quite there yet to attack them. It will find conditions that were unknown, but must be met in order for a system to remain secure.
Of course, if done by one of the big IT consulting agencies, it will only pretend to do all these things, but as compensation it will be even more expensive. The amount and quality of fail I have seen in reports of IT evaluations from big names is staggering.
In short, this is the moronic version of IT security, which is not worth the money saved on it, even if it would cost 1/100 of a real security review. It may have some short-term benefits for the bonuses of those having made this utterly stupid decision, but that is it. Long-term, it is disastrous.
Of course, it may sell like crazy, as many people have never come to grips with mortality (and hence are not adults by any sane definition) and will do anything to create an illusion of immortality.
Recursion is not about performance. In fact, any recursive program can be made faster by transforming it to iterative form and good compilers actually offer that as optimization. Recursion is about simplicity of the code, which in turn is about reliability, maintainability and security.
Well, first, you can often do it "rolled out" and with no per-level storage. You would need to document that you actually do recursion, just optimized for stack usage. But that is for cases where this (complicated) implementation is still easier to understand than a conceptually iterative one.
But second, I do agree. Stack usage is something any real coder needs to understand. Unfortunately, the modern stuff most people know exclusively (Java, modern scripting) hides that and as soon as such people do run into memory constraints they have no clue what happened and are completely lost.
Well, those exist, but they have the advantage that they are easy to identify (always the same brain-dead agenda) and one may hope that they will disappear when ignored for long enough. Although advertising (which often is just a bit more benign trolling these days) would indicate they may not.
Ahahahahahaha, you must not have any real experience with system administration or software development.
Here is a hint: Changes like this do not even work "perfectly" if you have competent and experienced people work on them. Systemd does not have either.
I do not see that difference. Engineers and coders that decided to work for the NSA are leaving their morality at the door when they come to work. They knew what the NSA was doing or they know now and have decided to stay. They are just as guilty as the ones taking the decisions.
One reason and one reason only: It is cheaper. Well, it is cheaper in the short run. That is all management focused on the year's end bonus if often caring about. I see it all the time. But even used internally, Windows "servers" are a constant problem, they never can compete to UNIX on maintenance cost, flexibility and reliability and performance. Sure, they are cheaper initially, but you pay for that for a long, long time. It becomes grossly obvious when you have global changes, and the windows servers are _always_ those lagging behind or needing special exceptions and the like. Windows on the server is a "90% OS": It only has 90% of what is really needed.
While older economic branches usually have found a modus to do without this (as it ultimately harms everybody), these "young savages" do not know what it means to be civilized and will apparently do anything for a short-term gain.
The right question would be "Do you understand functional programming?". And when you see about 99% of all "coders" having no clue, then you could ask the rest why they invested the time.
No, one is supposed to have laws against this sort of thing. Unless the law has reverted completely to a tool for oppression (the US seems to be fast approaching that state), laws are there to protect citizens against corporations too.
These people are sadists (the prototypical troll) and people that hate about everything for other reasons, often because they are pathetic themselves. Because they somehow think that social media is not a social situation, they believe they do not need to control their urges.
There is nothing that can be done about this. Censorship and punishment for voicing opinions (repulsive as they may be) are only compatible with a totalitarian state and those cause orders of magnitude more pain and suffering than the trolls ever could. It is just one more thing that people need to learn when growing up: There are people out there that are not nice in any way and the best way to deal with them on social media is to ignore them. This is actually a pretty important thing to understand for other situations as well.
The problem here is that this will not keep. There is definitely luck involved, and if this person was, say, working 80h weeks, then the compensation still sucks.
Very much so. And you can make a lot more as a gray-hat, with no risk of prison time. These people are basically a bit more advanced amateurs with big egos that exploit themselves.
Indeed. This is completely bogus. People doing it will go for the low-hanging fruit and if they find something really juicy by accident, they can easily make one order of magnitude more money on it. Nothing more complicated will ever get reported to the company. This may also explain why the cost of this is 1/10 of other methods: It has far less than 1/10 of the results and is dangerous in addition.
Now, a really competent security review will be expensive, but it will look at things like code quality, design and architecture, competence of the implementers and maintainers, processes, roadmap, etc. It will, for example, find cases where only one safeguard is effective (and hence things cannot get hacked), but the risk is hight, because you usually want two independent safeguards. It will find things were technology is not quite there yet to attack them. It will find conditions that were unknown, but must be met in order for a system to remain secure.
Of course, if done by one of the big IT consulting agencies, it will only pretend to do all these things, but as compensation it will be even more expensive. The amount and quality of fail I have seen in reports of IT evaluations from big names is staggering.
In short, this is the moronic version of IT security, which is not worth the money saved on it, even if it would cost 1/100 of a real security review. It may have some short-term benefits for the bonuses of those having made this utterly stupid decision, but that is it. Long-term, it is disastrous.
Of course, it may sell like crazy, as many people have never come to grips with mortality (and hence are not adults by any sane definition) and will do anything to create an illusion of immortality.
Recursion is not about performance. In fact, any recursive program can be made faster by transforming it to iterative form and good compilers actually offer that as optimization. Recursion is about simplicity of the code, which in turn is about reliability, maintainability and security.
Well, first, you can often do it "rolled out" and with no per-level storage. You would need to document that you actually do recursion, just optimized for stack usage. But that is for cases where this (complicated) implementation is still easier to understand than a conceptually iterative one.
But second, I do agree. Stack usage is something any real coder needs to understand. Unfortunately, the modern stuff most people know exclusively (Java, modern scripting) hides that and as soon as such people do run into memory constraints they have no clue what happened and are completely lost.
Well, those exist, but they have the advantage that they are easy to identify (always the same brain-dead agenda) and one may hope that they will disappear when ignored for long enough. Although advertising (which often is just a bit more benign trolling these days) would indicate they may not.
I wonder how well it works. Probably perfectly.
Ahahahahahaha, you must not have any real experience with system administration or software development.
Here is a hint: Changes like this do not even work "perfectly" if you have competent and experienced people work on them. Systemd does not have either.
Thanks!
On your request? That would be a waste of time. You are incapable of recognizing real evidence.
I would mod this "Funny", but I have already commented. Sorry ;-)
Indeed. Same thing the KZ guards and those sending people there (often regular police) claimed.
Evil on a large scale (and the NSA qualifies) cannot being done without large numbers of those willing helpers. They are the actual problem.
I do not see that difference. Engineers and coders that decided to work for the NSA are leaving their morality at the door when they come to work. They knew what the NSA was doing or they know now and have decided to stay. They are just as guilty as the ones taking the decisions.
One reason and one reason only: It is cheaper. Well, it is cheaper in the short run. That is all management focused on the year's end bonus if often caring about. I see it all the time. But even used internally, Windows "servers" are a constant problem, they never can compete to UNIX on maintenance cost, flexibility and reliability and performance. Sure, they are cheaper initially, but you pay for that for a long, long time. It becomes grossly obvious when you have global changes, and the windows servers are _always_ those lagging behind or needing special exceptions and the like. Windows on the server is a "90% OS": It only has 90% of what is really needed.
While older economic branches usually have found a modus to do without this (as it ultimately harms everybody), these "young savages" do not know what it means to be civilized and will apparently do anything for a short-term gain.
Ah, yes. Lots struggle even with basic concepts of coding. Sad, but true.
The right question would be "Do you understand functional programming?". And when you see about 99% of all "coders" having no clue, then you could ask the rest why they invested the time.
They cannot. Rather obviously.
You demonstrating that you are a dumb fuckup? I already know that...
There is the little fact (apparently flying right over your head) that Linux did not replace anything that was free and working well.
Thanks for the sentiment anyways!
No, one is supposed to have laws against this sort of thing. Unless the law has reverted completely to a tool for oppression (the US seems to be fast approaching that state), laws are there to protect citizens against corporations too.
That is bound to fail. Outrages are short-term things.
These people are sadists (the prototypical troll) and people that hate about everything for other reasons, often because they are pathetic themselves. Because they somehow think that social media is not a social situation, they believe they do not need to control their urges.
There is nothing that can be done about this. Censorship and punishment for voicing opinions (repulsive as they may be) are only compatible with a totalitarian state and those cause orders of magnitude more pain and suffering than the trolls ever could. It is just one more thing that people need to learn when growing up: There are people out there that are not nice in any way and the best way to deal with them on social media is to ignore them. This is actually a pretty important thing to understand for other situations as well.
Since prison or the threat of prison (or even harsher penalties) never did anything to curb crime, I highly doubt that.