I believe you, that the NSA has incentive to improve Operating Systems from easy, well-documented security issues. But I also believe that it's in their interest to introduce "hard" security issues that give the NSA a unique advantage, and to withhold information about the vulnerabilities that are lesser-known. Don't kid yourself: "Hard" vulnerabilities and back doors would be a major military strategic advantage, especially back doors that can be controlled by the NSA (i.e. open by default; shut on command).
You can bet that the NSA employs some of the world's best mathematicians, and I'm quite certain that they have poured over encryption techniques looking for flaws. And if they have discovered a flaw, or a shortcut to code-breaking, the NSA is not going to share it with the world. Expecting them to do so is like expecting them to publish the names of our spies.
Remember, Strong Crypto (PGP, for example) was considered munitions (and therefore illegal to export) for years - to the point where Phil Zimmerman was pursued as a criminal. Clearly, the US Government recognizes the value of secrecy.
It would not surprise me in the least to find out that there's an unpublished flaw in some underlying crypto technology that the NSA knows about, and default Windows (as well as other operating systems) uses an un-patched version of the crypto. And perhaps if you happen to put in a license number for Windows that indicates that the software was purchased on a GSA contract, an alternate (i.e. patched) crypto technique is substituted for the flawed version. That'd give the NSA potential access to computers worldwide, while locking people out of US Government computers.
I'd be disappointed if they are NOT doing something like this!
Attn US Government: I'd love to work on these sorts of security projects. You know I have the mathematical background and the security knowledge. Call me. I'm sure you know where to find me.
The problem is that we don't train people in the fine art of bullshit detection
Has anyone considered the fact that NASA may be the ones who are failing in the art of bullshit detection?
Who hasn't pranked on someone of authority? I know of college students who called the suicide hotline because they were bored (not suicidal). I know of students who asked dumb questions just to get the teacher flustered. I know of reporters who asked politicians questions just to tease them.
Many of these comments assume that the boss is an unethical jerk. My experience is that most business-minded people are both ethical and reasonably smart.
I suspect that you went to the boss and said "I can't find the licenses", and the boss heard "here comes a lot of cost, for zero benefit, being recommended by the new guy just because he doesn't know where the records are".
Your approach really should be that you, personally, don't want to do anything unethical. Do you think ANY company in their right mind would NOT want an employee with that attitude?
So a) go on record that you have sought out the licenses and can't find them, and that your boss is sure that they are legally licensed software installations. (Keep in mind that there is NOTHING illegal with installing licensed software and not keeping good records.)
b) Do your best to HELP the boss get the licensing under control. The Software vendors have really made this a nightmare. Your boss may not know. So present your boss with a software inventory (what's installed), and ask him or her to give a best guess as to how many transferable licenses you have for each software product. Then ask HIM/HER to accept responsibility for that number, and stick within those parameters.
c) If there's a huge discrepancy between what he's willing to sign off on, and what is needed for the business, put a plan in place to decommission or license the unlicensed software. This is RISK MITIGATION. You can explain the risks to the boss, and recommend the spreading of the costs over a year or two (explaining that the longer the period, the higher the risk), If your budget can't support purchasing licenses, then look for free alternatives. (Look for free alternatives either way,)
Mostly, you just need to put it in terms of a business proposition. There's a business risk of having poor license-records. You want to get that under control within a fixed period. There should be absolutely NO Issue in getting this under control within 5 years (as most everything will be replaced by then, I would think - just make sure that license records are kept on all new purchases, and nothing new gets installed without license). Your goal should be to make sure that this period of risk is within the company's tolerance level for risk. Can you resolve it within 2 years? 6 months?
Software license records are like other business risks. There's a price for perfection. Like physical security - SOME risk is ok. You should be working to help minimize the risk over time - not on day 1.
"You're driving down the road, and you stop at a traffic light. A man, dressed like a mechanic, approaches your car and says 'I think your car has a problem. Please pop the hood, and let me do a free analysis." Do you let him?"
"You get a package in the mail. You don't recognize the return address. You open it, and inside is a device with a note that says 'want a good laugh? press this button'. Do you press it?"
"A stranger walks up to you on the bus, and says 'My name is Rev. Kwame. I want a reliable person who could assist us to transfer the sum of Twenty Million Five Hundred Thousand United States Dollars ( $20,500,000 ) into his / her account.This fund resulted by way of gratification from a contract awarded by us under the budget allocation to my Ministry and this bill has been approved for payment by the concerned Ministries.' Do you give them your bank account number?"
Read the article. This was Microsoft's partner group manager, Simon Aldous. Not "just" some clueless employee, but a high ranking clueless employee speaking to the press.
This is MUCH different from a factory worker. This is Microsoft's partner group manager, Simon Aldous. Microsoft's partner group manager, Simon Aldous. Not a factory worker. Microsoft's partner group manager, Simon Aldous.
Furthermore, it was a comment made to the press, by Microsoft's partner group manager, Simon Aldous. This is someone who should know better, who's comments should accurately reflect the company's stance.
Glenn Beck loves publicity and controversy. Guy who does a parody on Glenn Beck calls attention to Glenn Beck.
I couldn't give a rats ass about Glenn Beck. I never heard of the dork until I picked up a used book-on-CD at Half-price-books. I'm a (fiscally) conservative thinker, but I found Beck's CD to be annoying - not even funny. That's the only time I "returned" something to Half-Price Books (as opposed to selling it back to them). Yes, I admit, I used Half-Price Books as a library! But that product sucked.
OK, I haven't THOUGHT about Glenn Beck for at least a year, and now this parody guy causes Beck to pop back into my brain. Beck was gone, but thanks to the Streisand Effect, and the parody, Beck's got more attention.
I think the strategy of ignoring the dorks works pretty well.
E-Mail servers associate data with only one index: the e-mail address.
...Valid points, except for your use of the word "one". My email can be retrieved by my email address, but also selected by the folder that it's in, sorted by sender, subject, date or priority, and searched by keyword.
There are only a couple of handfuls of thing that need to be indexed, but certainly more than 1.
If you're a Linux hacker, you should be able to set up a machine next to the Tivo, connected to the internet, and getting schedule data from SchedulesDirect. Then with a little code, and an IR blaster, you could browse the TV guide, and press record, and watch your Linux machine program your Tivo.
Maybe even write a GreaseMonkey Script that browses TV Guide.com or TimeWarner's TV schedule, or whatever. And when you click on a show, blast the InfraRed programming instructions to the DVR.
There's a good project for you! (or just buy a video card and run MythTV)
Facebook also has a criminal contempt case on Wallace
I thought criminal cases were always "The State v. ___" or another government agency. I have a hard time believing that Facebook has a criminal case against the guy.
Is there a lawyer in the house (or at least someone who plays lawyer on Slashdot)?
And really, a registered death certificate proves SOMEONE is dead. It does not prove that the dead person is the person associated with this FaceBook page.
Not too tough to find an obituary for Mary Smith, just to prank on my friend with the same name.
The sentence "I could care less" is grammatically correct - it's the content that's wrong. And for me, my biggest language pet peeve ever.
No, it's not a semantic error. He is simply leaving out a portion of the sentence. "I could care less [than anyone imagines]". You are assuming that he means something completely different, adding a "negative" into the sentence. But it seems in either case, we arrive at the same conclusion - that he really doesn't care much.
It's very common to leave out parts of sentences, just as you did, in your critique that I have quoted, above, and highlighted in bold. I was left thinking "your biggest pet peeve ever DID WHAT?"
Since the 16 subjects were asked "which sounds better" and were not given an alternative "there's no difference" then it's actually possible that 12 of the 16 thought there was no difference, and so they randomly picked A or B. And 6 picked A.
So it's possible that only 25% could tell the difference and selected the higher bit rate.
1) arrange for a partner to drive a car with you. 2) Put a really big antenna on the car and on the RV 3) Park the car in Starbuck's parking lot, leeching off their WiFi 4) Explore the countryside in the RV, within a 237 mile radius of the car. 5) Pack up the car and move to the next starbucks.
Yup, a long-term study spends significant time and resources researching something to come to a conclusion. But with your keen perception and research skills, you have totally debunked it.
Let me get this straight.
The premise of your post is that there's somehow a correlation between making the statement "Correlation does not equal Causation" and poor research?
And you are saying that poor research is the cause of making that statement?
Slashdot Mirror
I believe you, that the NSA has incentive to improve Operating Systems from easy, well-documented security issues. But I also believe that it's in their interest to introduce "hard" security issues that give the NSA a unique advantage, and to withhold information about the vulnerabilities that are lesser-known. Don't kid yourself: "Hard" vulnerabilities and back doors would be a major military strategic advantage, especially back doors that can be controlled by the NSA (i.e. open by default; shut on command).
You can bet that the NSA employs some of the world's best mathematicians, and I'm quite certain that they have poured over encryption techniques looking for flaws. And if they have discovered a flaw, or a shortcut to code-breaking, the NSA is not going to share it with the world. Expecting them to do so is like expecting them to publish the names of our spies.
Remember, Strong Crypto (PGP, for example) was considered munitions (and therefore illegal to export) for years - to the point where Phil Zimmerman was pursued as a criminal. Clearly, the US Government recognizes the value of secrecy.
It would not surprise me in the least to find out that there's an unpublished flaw in some underlying crypto technology that the NSA knows about, and default Windows (as well as other operating systems) uses an un-patched version of the crypto. And perhaps if you happen to put in a license number for Windows that indicates that the software was purchased on a GSA contract, an alternate (i.e. patched) crypto technique is substituted for the flawed version. That'd give the NSA potential access to computers worldwide, while locking people out of US Government computers.
I'd be disappointed if they are NOT doing something like this!
Attn US Government: I'd love to work on these sorts of security projects. You know I have the mathematical background and the security knowledge. Call me. I'm sure you know where to find me.
There is a significant difference in calling something 'stupdi' and calling something 'FUCKING STUPID!!!'
Sometimes typos can make you look fucking stupdi!
The problem is that we don't train people in the fine art of bullshit detection
Has anyone considered the fact that NASA may be the ones who are failing in the art of bullshit detection?
Who hasn't pranked on someone of authority? I know of college students who called the suicide hotline because they were bored (not suicidal). I know of students who asked dumb questions just to get the teacher flustered. I know of reporters who asked politicians questions just to tease them.
Do they have a bacteria that can help me with FreeCell? I was already pretty good at Minesweeper.
If you get your legs blown off thanks to a previously undiscovered mine, don't come running to me.
Yeah, I think "more power" is exactly what was intended the last time a government wanted to get into the match-making industry.
OK, we can officially declare this discussion closed now.
OK, so I guess this guy had the technique inverted (as previously discussed.
Or perhaps he was REALLY committing murder, and only got nailed for burglary! hmm.....
Many of these comments assume that the boss is an unethical jerk. My experience is that most business-minded people are both ethical and reasonably smart.
I suspect that you went to the boss and said "I can't find the licenses", and the boss heard "here comes a lot of cost, for zero benefit, being recommended by the new guy just because he doesn't know where the records are".
Your approach really should be that you, personally, don't want to do anything unethical. Do you think ANY company in their right mind would NOT want an employee with that attitude?
So
a) go on record that you have sought out the licenses and can't find them, and that your boss is sure that they are legally licensed software installations. (Keep in mind that there is NOTHING illegal with installing licensed software and not keeping good records.)
b) Do your best to HELP the boss get the licensing under control. The Software vendors have really made this a nightmare. Your boss may not know. So present your boss with a software inventory (what's installed), and ask him or her to give a best guess as to how many transferable licenses you have for each software product. Then ask HIM/HER to accept responsibility for that number, and stick within those parameters.
c) If there's a huge discrepancy between what he's willing to sign off on, and what is needed for the business, put a plan in place to decommission or license the unlicensed software. This is RISK MITIGATION. You can explain the risks to the boss, and recommend the spreading of the costs over a year or two (explaining that the longer the period, the higher the risk), If your budget can't support purchasing licenses, then look for free alternatives. (Look for free alternatives either way,)
Mostly, you just need to put it in terms of a business proposition. There's a business risk of having poor license-records. You want to get that under control within a fixed period. There should be absolutely NO Issue in getting this under control within 5 years (as most everything will be replaced by then, I would think - just make sure that license records are kept on all new purchases, and nothing new gets installed without license). Your goal should be to make sure that this period of risk is within the company's tolerance level for risk. Can you resolve it within 2 years? 6 months?
Software license records are like other business risks. There's a price for perfection. Like physical security - SOME risk is ok. You should be working to help minimize the risk over time - not on day 1.
The problem is, you might not get the 1 million dollars.
My usual approach is in the form of an analogy.
"You're driving down the road, and you stop at a traffic light. A man, dressed like a mechanic, approaches your car and says 'I think your car has a problem. Please pop the hood, and let me do a free analysis." Do you let him?"
"You get a package in the mail. You don't recognize the return address. You open it, and inside is a device with a note that says 'want a good laugh? press this button'. Do you press it?"
"A stranger walks up to you on the bus, and says 'My name is Rev. Kwame. I want a reliable person who could assist us
to transfer the sum of Twenty Million Five Hundred Thousand United States Dollars ( $20,500,000 ) into his / her account.This fund resulted by way
of gratification from a contract awarded by us under the budget allocation to my Ministry and this bill has been approved for payment by
the concerned Ministries.' Do you give them your bank account number?"
Etc.
Read the article. This was Microsoft's partner group manager, Simon Aldous. Not "just" some clueless employee, but a high ranking clueless employee speaking to the press.
This is MUCH different from a factory worker. This is Microsoft's partner group manager, Simon Aldous. Microsoft's partner group manager, Simon Aldous. Not a factory worker. Microsoft's partner group manager, Simon Aldous.
Furthermore, it was a comment made to the press, by Microsoft's partner group manager, Simon Aldous. This is someone who should know better, who's comments should accurately reflect the company's stance.
Kiss his career goodbye.
A printed map? Don't they know that this is already obsolete?
Can't we get this electronically on a Tom Tom, so we can find our way home?
Who is Streisand in this case? Consider this -
Glenn Beck loves publicity and controversy.
Guy who does a parody on Glenn Beck calls attention to Glenn Beck.
I couldn't give a rats ass about Glenn Beck. I never heard of the dork until I picked up a used book-on-CD at Half-price-books. I'm a (fiscally) conservative thinker, but I found Beck's CD to be annoying - not even funny. That's the only time I "returned" something to Half-Price Books (as opposed to selling it back to them). Yes, I admit, I used Half-Price Books as a library! But that product sucked.
OK, I haven't THOUGHT about Glenn Beck for at least a year, and now this parody guy causes Beck to pop back into my brain. Beck was gone, but thanks to the Streisand Effect, and the parody, Beck's got more attention.
I think the strategy of ignoring the dorks works pretty well.
E-Mail servers associate data with only one index: the e-mail address.
...Valid points, except for your use of the word "one". My email can be retrieved by my email address, but also selected by the folder that it's in, sorted by sender, subject, date or priority, and searched by keyword.
There are only a couple of handfuls of thing that need to be indexed, but certainly more than 1.
If you're a Linux hacker, you should be able to set up a machine next to the Tivo, connected to the internet, and getting schedule data from SchedulesDirect. Then with a little code, and an IR blaster, you could browse the TV guide, and press record, and watch your Linux machine program your Tivo.
Maybe even write a GreaseMonkey Script that browses TV Guide.com or TimeWarner's TV schedule, or whatever. And when you click on a show, blast the InfraRed programming instructions to the DVR.
There's a good project for you! (or just buy a video card and run MythTV)
I've been using Schedules Direct successfully ever since it came out.
Have you tried it?
From the summary:
I thought criminal cases were always "The State v. ___" or another government agency. I have a hard time believing that Facebook has a criminal case against the guy.
Is there a lawyer in the house (or at least someone who plays lawyer on Slashdot)?
Great. First we bomb the moon, looking for water. Then we bomb the Atlantic Ocean. Were we looking for Moons?
And really, a registered death certificate proves SOMEONE is dead. It does not prove that the dead person is the person associated with this FaceBook page.
Not too tough to find an obituary for Mary Smith, just to prank on my friend with the same name.
No, it's not a semantic error. He is simply leaving out a portion of the sentence. "I could care less [than anyone imagines]". You are assuming that he means something completely different, adding a "negative" into the sentence. But it seems in either case, we arrive at the same conclusion - that he really doesn't care much.
It's very common to leave out parts of sentences, just as you did, in your critique that I have quoted, above, and highlighted in bold. I was left thinking "your biggest pet peeve ever DID WHAT?"
Since the 16 subjects were asked "which sounds better" and were not given an alternative "there's no difference" then it's actually possible that 12 of the 16 thought there was no difference, and so they randomly picked A or B. And 6 picked A.
So it's possible that only 25% could tell the difference and selected the higher bit rate.
Great study. Very Scientific.
Get the B out of there, in the headline. It's not life"B"logging!!!! You made up that word.
The article refers to lifelog, not lifeblog.
Let's not let another crappy made-up word enter our vocabulection!
1) arrange for a partner to drive a car with you.
2) Put a really big antenna on the car and on the RV
3) Park the car in Starbuck's parking lot, leeching off their WiFi
4) Explore the countryside in the RV, within a 237 mile radius of the car.
5) Pack up the car and move to the next starbucks.
Yup, a long-term study spends significant time and resources researching something to come to a conclusion. But with your keen perception and research skills, you have totally debunked it.
Let me get this straight.
The premise of your post is that there's somehow a correlation between making the statement "Correlation does not equal Causation" and poor research?
And you are saying that poor research is the cause of making that statement?
Good work, Sherlock. Is there any irony here?