Many times in a 30 year IT career, I have seen Human Resources people who are clueless about technology writing ads that have qualifications that nobody could meet. Examples: 5 months after the introduction of the JDK 1.0, there were ads asking for 3-5 years of Java experience. There are ads currently out there asking for 3-5 years of ActionScript 3 (introduced I think June of 2006). Requiring a bachelors degree for an entry level help desk position doesn't add up to a healthy pool of qualified applicants either.
Job ads often have a huge list of "requirements" as well, and an applicant missing even one of them might well be screened out. An example of this? Seasoned web developers might not bother listing FTP on their resume. In their view, requiring a web developer to have FTP experience is like requiring a carpenter to know how to use a saw. But that failure to list FTP on the resume might well mean the application is automatically trashed. I have seen HR screen out applicants for a web developer position because they neglected to list HTTP, DHTML, and Photoshop on their resume. And don't get me started about HR's lack of understanding of the difference between a web developer and a web designer.
If HR departments are the source of some of the statistical and anecdotal evidence being trotted forth in support of the existence of this "shortage", I am not surprised the picture looks grim.
I realize an SSN is nine digits. It's just that in the USA you have 300,000,000+ people, so you need all nine just to make them unique identifiers. In Canada, we have only 33,000,000 people, so 8 digits will suffice for a unique identifier and we have the ninth digit to use for checksum.
In Canada, we use a Social Insurance Number rather than an SSN. It's 9 digits, and the 9th digit is in fact a checksum digit. I'm kind of surprised that the US didn't go with more digits back in the early days of computerization - the early 70s in the case of this stuff. Then they would have had a checksum digit also. I have coded payroll systems in tha past, and you would be surprised at how often the Canadian SIN is mistyped and caught by checksum. I've seen the error counts.
All of what you say is very true, of course. This whole thing is more an interesting thought exercise than anything else. I must admit though that I am very surprised that anyone from Microsoft ever mentioned the option of playing hardball with the US government outside of secret high level meetings within the company itself. I was certain that internally they would have discussed it at some length, but to actually express sentiments such as those to a customer strikes me as very foolhardy. I'm guessing that maybe it was just one or two loose cannons?
Of course it's not going to happen. It's just an interesting thought exercise really: what could they get away with.
Personally, I don't think Microsoft will need to pull out of Europe, they will be frozen out almost completely within a few years anyway for several reasons, only one of which is their monopolistic business practices.
...to see what the reaction would be if Microsoft indicated that it was simply not going to pay the fines. They could go further and say that attempts to force payment would result in an amount equal to the fines going to pay for moving part of their European workforce to a non-European location. Oh - and those Server 2008 licenses needed to run the European government computing facilities? Not for sale, and by the way, all other support and licensing contracts will not be renewed after they expire.
I would be very interested to see what would happen if a tech giant decided to play hardball with a government. After all, the Microsoft decision makers that count would be beyond the reach of the European authorities in terms of arrest and imprisonment.
These arrests were in Quebec. What they are not telling us is that the arrests were REALLY for not hacking into the boxes using both official languages.
Very true, I'll concede that. One can always have gcc output the assembler code also (-S) and the assembler can then be played with and further shrunk. No matter the tool used, if someone is well aware of how their use of the development environment impacts the actual code produced, then huge bloated aplications can be avoided.
I guess part of my comment stems from frustration with so-called "developers" who practically cannot write a single line of code. Without their IDE they are helpless. It is the ubiquity of this type of Microsoft certified bloat builder that might very well lead someone to conclude that assembler is dead or dying.
I disagree, and I know of someone else much more prominent than me who would disagree also: Steve Gibson of Gibson Research Corporation. Steve has written some amazing little applications in assembler, and "little" is a good adjective for them. Try using Visual C++ to write a comprehensive disk recovery application that fits in 170K. And within that 170K is the capability to work under any operating system (Windoze, Linux,...) using any file format (FAT, NTFS,...) on any type of drive (SATA, SCSI,...) connected to the PC in any way (USB, 1394/Firewire,...)
Writing application software in assembler is not easy, therefore very few people undertake to do it, but the results can be well worth the effort. Tiny executables that run with blinding speed are the most obvious advantage.
...after all, it was only a matter of time once rootkit source code was published for anyone to grab. From that time onwards, true stealth malware was possible to create without needing to be a security researcher. Combine the ease of integrating someone else's rootkit code into a payload with a vigorous open market for Windows vulnerability information ($25,000 gets you a brand new zero-day exploit) and you reach the situation we have today.
Some people believe the largest botnets out there are ones built with the Storm Worm or other similar exploits. My bet would be that there are plenty larger out there, undetectable because they hide behind rootkits and don't do stupid stuff like turn the box into a spam cannon. And for people who think that the C&C (Command and Control) would be detected, think again: if a rootkit can conceal a file then it can also conceal a process, a named pipe, an interrupt handler, you name it.
I'm interested in the implications for non-citizens myself, and I don't mean resident aliens, as I don't reside in the USA. I mean visitors. I travel to America on business or leisure quite frequently, and while I don't often have to visit a federal building it is not completely unknown. And the visitor information centre mentioned in the article is something I might want to visit.
So - how do they handle me as a Canadian citizen and a visitor? There is no way I will have REAL ID, and I would prefer not to have to carry my passport everywhere I go (for obvious reasons). My guess is that the ID requirement could not really be applied to non citizens, which raises the interesting spectre of a non citizen having more rights than an American citizen from any of several states. Or perhaps the ID requirement WILL be enforced against non citizens, in which case just watch as your tourism industry evaporates almost overnight. Visitors HATE people in authority demanding "PAPERS!"
This is the exact reason I can foresee domain names actually becoming less and less important (and valuable) with advancing time. As search engine's crawlers get more powerful and results better targeted, it won't matter any more if the data you want comes from "ghr664-32jyz5.com".
I agree with the parent post. El Al, the Israeli airline, has been using this as part of their security arsenal for almost as long as they've been around. Made some excellent collars also, some of terrorists, occasionally a terrorist that was planning on blowing up the flight they were trying to board.
My only concern with this is who is doing the behavioural profiling. A highly experienced security person that has undergone a comprehensive training program for behavioural profiling will be very effective. A typical US airport $10/hour "rent-a-cop" that sat through a boring badly designed half hour seminar with 200 others will be worse than useless.
After many years in IT, I've stopped tolerating over the top security crap like you've related. Years ago I would have just put up with it. Now? if someone pulled a stunt like that with the laptop I'd carted across the country, I'd just reformat it and install my compiler anyway.
Reminds me of a few years back when I was a contract project manager for a company that had their desktops locked down so tightly you couldn't even change the default colours in Windows. I had a new programmer assigned to my team and a few minutes after being assigned his workstation, he came back to me and indicated that he couldn't work because he couldn't change his desktop. Seemed far fetched until he told me he was colour blind: he could not read the screen. You would think it would have been simple to get an exception made so he could alter his own desktop to be useable. Nope. It took 2 weeks and a great deal of disbelief and arrogance on the part of the network admins. Finally, what it took was a letter in writing to the chief of operations from my new guy threatening a lawsuit under the Americans With Disabilities Act. That got action. Fast.
Sometimes I think Scott Adams was right with his Dilbert strip character - the one who's chief of information security. "Our goal is that nobody can use anything" or something like that.
I'm actually surprised that we are not seeing more data centres in Canada precisely because of this. Where I am right now in central Ontario, we have 5 inches of snow on the ground and the temperature is at -3 Celsius (27 Fahrenheit). If I had to set up a server farm somewhere, I would seriously look at my own location. Power from two separate reliable sources on the grid and less than 5 months of shorts and T-shirt weather (compared to 6 in Toronto and higher in most parts of the US). Significant savings on cooling costs almost certainly. And Siberia would be better than here.
After all, if it's good enough to be Boeing's primary 3D CAD tool, it should work for autocad users. Not sure if it's available for Linux yet, but Sun's Solaris will run it.
Obviously it won't be 1.7 MB if you use gcc, or for that matter assembler (in which case I can bring it in under 1k). But try it using an IDE from a certain unnamed software and flying chair provider famous for bloat and see what size your executable is. Especially if you let it include everything it wants to in your project.
Actually, there was a Ghostbusters game written for the Commodore 64 that I can recall playing back in about 1984. Surprisingly good graphics for the standards of the time, and considering the machine could only user 8K of RAM for video (and that 8K it had to steal from the 64K RAM total in the machine).
As I recall, the program was a little over 30K in size. Hmph. These days a "hello world" executable can run 1.7 MB.
Slashdot Mirror
Many times in a 30 year IT career, I have seen Human Resources people who are clueless about technology writing ads that have qualifications that nobody could meet. Examples: 5 months after the introduction of the JDK 1.0, there were ads asking for 3-5 years of Java experience. There are ads currently out there asking for 3-5 years of ActionScript 3 (introduced I think June of 2006). Requiring a bachelors degree for an entry level help desk position doesn't add up to a healthy pool of qualified applicants either.
Job ads often have a huge list of "requirements" as well, and an applicant missing even one of them might well be screened out. An example of this? Seasoned web developers might not bother listing FTP on their resume. In their view, requiring a web developer to have FTP experience is like requiring a carpenter to know how to use a saw. But that failure to list FTP on the resume might well mean the application is automatically trashed. I have seen HR screen out applicants for a web developer position because they neglected to list HTTP, DHTML, and Photoshop on their resume. And don't get me started about HR's lack of understanding of the difference between a web developer and a web designer.
If HR departments are the source of some of the statistical and anecdotal evidence being trotted forth in support of the existence of this "shortage", I am not surprised the picture looks grim.
I realize an SSN is nine digits. It's just that in the USA you have 300,000,000+ people, so you need all nine just to make them unique identifiers. In Canada, we have only 33,000,000 people, so 8 digits will suffice for a unique identifier and we have the ninth digit to use for checksum.
In Canada, we use a Social Insurance Number rather than an SSN. It's 9 digits, and the 9th digit is in fact a checksum digit. I'm kind of surprised that the US didn't go with more digits back in the early days of computerization - the early 70s in the case of this stuff. Then they would have had a checksum digit also. I have coded payroll systems in tha past, and you would be surprised at how often the Canadian SIN is mistyped and caught by checksum. I've seen the error counts.
Hmm. It seems to me that rootkitting your customer's computers is more like the REAL race to the bottom.
It would be big news if even one artist received so much as one thin dime from these legally sanctioned shakedowns.
But does it run Linux?
Who sold Ballmer the good BC buds?
All of what you say is very true, of course. This whole thing is more an interesting thought exercise than anything else. I must admit though that I am very surprised that anyone from Microsoft ever mentioned the option of playing hardball with the US government outside of secret high level meetings within the company itself. I was certain that internally they would have discussed it at some length, but to actually express sentiments such as those to a customer strikes me as very foolhardy. I'm guessing that maybe it was just one or two loose cannons?
Of course it's not going to happen. It's just an interesting thought exercise really: what could they get away with.
Personally, I don't think Microsoft will need to pull out of Europe, they will be frozen out almost completely within a few years anyway for several reasons, only one of which is their monopolistic business practices.
...to see what the reaction would be if Microsoft indicated that it was simply not going to pay the fines. They could go further and say that attempts to force payment would result in an amount equal to the fines going to pay for moving part of their European workforce to a non-European location. Oh - and those Server 2008 licenses needed to run the European government computing facilities? Not for sale, and by the way, all other support and licensing contracts will not be renewed after they expire.
I would be very interested to see what would happen if a tech giant decided to play hardball with a government. After all, the Microsoft decision makers that count would be beyond the reach of the European authorities in terms of arrest and imprisonment.
These arrests were in Quebec. What they are not telling us is that the arrests were REALLY for not hacking into the boxes using both official languages.
Very true, I'll concede that. One can always have gcc output the assembler code also (-S) and the assembler can then be played with and further shrunk. No matter the tool used, if someone is well aware of how their use of the development environment impacts the actual code produced, then huge bloated aplications can be avoided. I guess part of my comment stems from frustration with so-called "developers" who practically cannot write a single line of code. Without their IDE they are helpless. It is the ubiquity of this type of Microsoft certified bloat builder that might very well lead someone to conclude that assembler is dead or dying.
I disagree, and I know of someone else much more prominent than me who would disagree also: Steve Gibson of Gibson Research Corporation. Steve has written some amazing little applications in assembler, and "little" is a good adjective for them. Try using Visual C++ to write a comprehensive disk recovery application that fits in 170K. And within that 170K is the capability to work under any operating system (Windoze, Linux, ...) using any file format (FAT, NTFS, ...) on any type of drive (SATA, SCSI, ...) connected to the PC in any way (USB, 1394/Firewire, ...)
Writing application software in assembler is not easy, therefore very few people undertake to do it, but the results can be well worth the effort. Tiny executables that run with blinding speed are the most obvious advantage.
You had me up until your "Hymiewood" slur.
...after all, it was only a matter of time once rootkit source code was published for anyone to grab. From that time onwards, true stealth malware was possible to create without needing to be a security researcher. Combine the ease of integrating someone else's rootkit code into a payload with a vigorous open market for Windows vulnerability information ($25,000 gets you a brand new zero-day exploit) and you reach the situation we have today.
Some people believe the largest botnets out there are ones built with the Storm Worm or other similar exploits. My bet would be that there are plenty larger out there, undetectable because they hide behind rootkits and don't do stupid stuff like turn the box into a spam cannon. And for people who think that the C&C (Command and Control) would be detected, think again: if a rootkit can conceal a file then it can also conceal a process, a named pipe, an interrupt handler, you name it.
I'm interested in the implications for non-citizens myself, and I don't mean resident aliens, as I don't reside in the USA. I mean visitors. I travel to America on business or leisure quite frequently, and while I don't often have to visit a federal building it is not completely unknown. And the visitor information centre mentioned in the article is something I might want to visit.
So - how do they handle me as a Canadian citizen and a visitor? There is no way I will have REAL ID, and I would prefer not to have to carry my passport everywhere I go (for obvious reasons). My guess is that the ID requirement could not really be applied to non citizens, which raises the interesting spectre of a non citizen having more rights than an American citizen from any of several states. Or perhaps the ID requirement WILL be enforced against non citizens, in which case just watch as your tourism industry evaporates almost overnight. Visitors HATE people in authority demanding "PAPERS!"
This is the exact reason I can foresee domain names actually becoming less and less important (and valuable) with advancing time. As search engine's crawlers get more powerful and results better targeted, it won't matter any more if the data you want comes from "ghr664-32jyz5.com".
Does that mean that I am not getting served at one of these places? My drivers license doesn't have any bar code on it.
I agree with the parent post. El Al, the Israeli airline, has been using this as part of their security arsenal for almost as long as they've been around. Made some excellent collars also, some of terrorists, occasionally a terrorist that was planning on blowing up the flight they were trying to board.
My only concern with this is who is doing the behavioural profiling. A highly experienced security person that has undergone a comprehensive training program for behavioural profiling will be very effective. A typical US airport $10/hour "rent-a-cop" that sat through a boring badly designed half hour seminar with 200 others will be worse than useless.
After many years in IT, I've stopped tolerating over the top security crap like you've related. Years ago I would have just put up with it. Now? if someone pulled a stunt like that with the laptop I'd carted across the country, I'd just reformat it and install my compiler anyway.
Reminds me of a few years back when I was a contract project manager for a company that had their desktops locked down so tightly you couldn't even change the default colours in Windows. I had a new programmer assigned to my team and a few minutes after being assigned his workstation, he came back to me and indicated that he couldn't work because he couldn't change his desktop. Seemed far fetched until he told me he was colour blind: he could not read the screen. You would think it would have been simple to get an exception made so he could alter his own desktop to be useable. Nope. It took 2 weeks and a great deal of disbelief and arrogance on the part of the network admins. Finally, what it took was a letter in writing to the chief of operations from my new guy threatening a lawsuit under the Americans With Disabilities Act. That got action. Fast.
Sometimes I think Scott Adams was right with his Dilbert strip character - the one who's chief of information security. "Our goal is that nobody can use anything" or something like that.
I'm actually surprised that we are not seeing more data centres in Canada precisely because of this. Where I am right now in central Ontario, we have 5 inches of snow on the ground and the temperature is at -3 Celsius (27 Fahrenheit). If I had to set up a server farm somewhere, I would seriously look at my own location. Power from two separate reliable sources on the grid and less than 5 months of shorts and T-shirt weather (compared to 6 in Toronto and higher in most parts of the US). Significant savings on cooling costs almost certainly. And Siberia would be better than here.
I guess Ballmer's not satisfied anymore with throwing chairs at people. He's decided to add Siberian exile to the mix.
After all, if it's good enough to be Boeing's primary 3D CAD tool, it should work for autocad users. Not sure if it's available for Linux yet, but Sun's Solaris will run it.
Check it out here.
Obviously it won't be 1.7 MB if you use gcc, or for that matter assembler (in which case I can bring it in under 1k). But try it using an IDE from a certain unnamed software and flying chair provider famous for bloat and see what size your executable is. Especially if you let it include everything it wants to in your project.
Actually, there was a Ghostbusters game written for the Commodore 64 that I can recall playing back in about 1984. Surprisingly good graphics for the standards of the time, and considering the machine could only user 8K of RAM for video (and that 8K it had to steal from the 64K RAM total in the machine).
As I recall, the program was a little over 30K in size. Hmph. These days a "hello world" executable can run 1.7 MB.