Straw man argument. If you, in your individual data center/office/etc are able to exhaust all of the private ip blocks for your management network that has no business facing the Internet, you have way more hardware than you really need and should probably consider virtualization, blades or some other method of reducing your server footprint.
All that extra power usage contributes to global warming, after all...;)
Besides the obvious discrimination, etc things that are pointed out below, it's based on a passenger+luggage, and they typically plan for average weight for luggage+passenger/seat the plane can hold. It also generally has a pretty wide margin of error, and extra fuel.
Seriously, he was the major force behind some of the major usability improvements in gnome, including dumping window managers that were becoming far too complicated.
There's quite a bit of truth to the article allthough I'd say that true rockstar programmers do use the right tool for the job. If a programmer builds a custom Java CMS where Joomla would do, he isn't a rockstar. He's an idiot.
That..depends. If off-the-shelf technology has not been evaluated, and the project jumps right into "let's write custom software", it may be because of "Not invented here" syndrome. If, on the other hand, the ONLY options are off-the-shelf, possibly with customizations, you may have hit the polar opposite, which is also a pitfall. I have seen many IT projects that try to beat a plowshare into a sword. While it may do the minimal job, it usually requires hours of consulting, customization, or other tools added on top to actually meet all the needs. Sometimes, if you need a sword, you should just forge the thing from scratch.
If a rockstar doesn't have those, he'll be faster than others in producing workable stuff, but if he gets hit by a bus it will be just as much worth as the other unfinished stuff.
I call this the "bus test". I'd also argue that a rock star isn't a star (ie, he's just a rock) if he can't transfer enough knowledge that someone else on the team can pick up and keep going, even if it's at a slower pace.
Many programmers I know hat are considered rockstars are quite mediocre.
I would say your next point plays to this nicely: If you haven't got the communication/teamwork skills to deal with others on your team, you aren't a Rock Star. If you can communicate, know your craft (ie, program your way out of a paper bag), and (big one) admit your own shortcomings (be it "I made this bug" or "Yes, that's more efficient/a better idea than what I wrote"), then you might be worthy of being a rock star. This doesn't mean you are always the BEST programmer.. to some extent it's more about being able to bring things together.
Bottom line: Rockstar is always relative. Very relative.
And there they worked by contracting when an electrical current was applied.. this seems rather similar.
Personally, I'm hoping that they can develop this further for things like artificial limbs/muscles. If we can one day replace degenerated muscle tissue, it could provide an answer for things like MD or ALS. (Although in the case of ALS, it would need to replace motor control with an external source of some sort..)
So I have my per user unique salt right there in the database (possibly in a different table) as the password? So the person who compromised the DB now has the salt and the password?
I'd argue that getting at the tables in a database (miss a SQL injection for instance) than getting at the general code for a site. Keeping them at least on two physically separated machines (and you can still do a hard-coded salt + some form of per user salt combination) is more secure.
Now all this being said, if they have full access to your entire environment, you're screwed no matter what you do. If I have your source, I know how you hash your passwords, and how to legit retrieve info on an authenticated user. Heck, I don't even have to know your password at that point, I just need a list of valid users.
The issue here is finding the balance of "secure enough" and linked in didn't even do a basic salt.
As the summary notes, 8 character passwords can be cracked pretty quickly. 15 Characters with the crappy password rules we've enforced for minimum 8 character passwords become hard for users. It's time we start demanding correcthorsebatterystaple style random word passwords with maximum lengths of 255 characters (and a minimum > 8 characters).
That and WTF the passwords were unsalted? Salt them and DON'T keep the salt in the database.
Wait.. wait.. hear me out. The MBA will give you insight into how those who are MBAs think (and therefore, most of management). Also, your experience will say "I can do IT/CS", while the degree will say "I can do business". Which means you're more likely to be able to make a jump to management if you find your career options topping out on the IT/CS end.
And you'd be following in the footsteps of Alan Cox.
It's also worth pointing out that they suggest that common phrases like "Manchester United" or "Harry Potter" would be used quite a bit. Just because it's a passphrase doesn't mean you shouldn't still use a "common dictionary" (or in this case "Common Phrasebook") to prevent people from choosing things like the above, possibly with a length check of some sort involved as well, to prevent cases like "fee fai foh fum", which may not be caught by the common phrase check, but has all words of the same length.
Four or so words chosen at random without association can be memorized and provide greater security. They can even come from a book, as long as they come from different places ie: "Classes Default Automatic When". Words chosen at random, almost sounds like a phrase, but is unlikely to be checked within a certain number of retries. Even using less common phrases from a source would likely be fine. "To be or not to be" will probably be checked early, as it is common. "Nobler in the mind to suffer" would not likely come up, as it is not the start of the phrase, or even the complete phrase.
The certs noted in the article are almost all for products that aren't on the edge of technology anymore, and in one case was for a specific version of that technology. I bet the number of jobs in those areas are also shrinking a bit. The article also notes that certs for jobs that are the most "in demand" have growing salaries.
All in all, the article is crying wolf.
(Also.. for those of you who are managers and don't like certified people: Some of the certs out there require hands-on experience to be proven.. research before you reject all certifications out of hand).
It's a good ruling (and about damn time on this one), but it could have gone farther. As the minority opinion says, and I agree, what's to stop non-intrusive methods such as future UAV drones from being used without a warrant?
As someone else with high blood pressure, I have to ask: did you ever ask why the doctor is doing so much lab work?
I don't know what medication you're on, but I know that the one I'm on requires regular checks on kidney function. A previous medication would deplete my Potassium (yay, Bananas). Now to be fair this didn't require MONTHLY checks, but I have normal kidney function and was fairly good about keeping my potassium levels up. If my kidney functions showed a little bit off, or I had some other risk factor, I wouldn't be surprised if my normal doctor visit went from 3-6 months to once a month.
As to why they do the blood pressure check every time is simple: people lie. (After all, how many people do you think will admit honestly: "I don't bother doing this at home even though you said it was important". They'll more likely go with "I do this three or four times a week and my numbers look good")
It's entirely possible your doctor is just milking your insurance for all he can get, but at least ask. Take control of your health and don't just be a sheep.
Just to turn this around for a second: Why haven't you? Try house of reps, or more local.
I've thought about it, and my only issue with doing so myself is "electability" (ie: the people that vote care more about a candidate's opinion on , for example, abortion than if they will fix the immediate real problems out there) coupled with the massive amount of fundraising which must be done to be a "viable candidate".
....Considering I pay the city for trash pick up (and where I am, we actually pay private firms.. the city does not provide trash pick up) they should be the ones to sort it, in my opinion. If I can pay more and not do my own sorting, I'm all for it. Everywhere I have been that makes you sort recyclables has been way too picky about what can and can't be recycled. "Plastic, but not this type, paper not including newspaper, x glass but not y glass". Pain in the ass.
Siri's biggest plus, I think, is the integration of text to speech within iOS. It's fairly accurate and no longer requires a separate app (like the Dragon dictate app).Now, if it's a text box that pops up the on-screen keyboard, you can talk to it.
Siri's downside comes in the limitations that appear to have been arbitrary decisions: I can't add or manipulate contacts hands-free, Most of the information (including directions) that siri retrieves will not be read. (Seriously, how hard is it to say read me the weather that was just retrieved without me having to ask "Describe the weather on sunday"?) and an inability to do simple tasks it has information for ("Pull up facebool/Open Angry birds.." or "List [songs|albums] by $artist that I have" both should be trivial)
I am happier with it's overall control for the ipod, however. It's about time I can ask it to play a song by title.
Maybe I'm missing something.. but doesn't it seem like the First is the last amendment you'd want to argue in this case? What about the fourth? Or the Due Process clause of the 14th?
I mean, nobody involved in the site has been actually charged with a crime.. so isn't the idea that the domain was being used to support a crime invalid? If you want to take it, you need to press charges.
Even better, it's trademark infringement. If I expect that when I type in google.com and/or submit a search there and I get a result back from somewhere else, you've just created confusion about who is providing the search results. Even more so if you try to disguise your page as a genuine google page. Every search engine needs to sue not just the company providing this "service" to ISPs, but the ISPs themselves. it'll take care of itself pretty quickly.
It's not MBAs that are the particular problem here. It's more Dodge v. Ford Motor company and the legacy of that decision. The only goal most corporations have at this point is short term stock price increases or selling the company. Until more focus is placed on long-term outlooks, bad (and sometimes purely unethical) practices will rule corporate america.
Slashdot Mirror
Straw man argument. If you, in your individual data center/office/etc are able to exhaust all of the private ip blocks for your management network that has no business facing the Internet, you have way more hardware than you really need and should probably consider virtualization, blades or some other method of reducing your server footprint.
All that extra power usage contributes to global warming, after all... ;)
Besides the obvious discrimination, etc things that are pointed out below, it's based on a passenger+luggage, and they typically plan for average weight for luggage+passenger/seat the plane can hold. It also generally has a pretty wide margin of error, and extra fuel.
Ah.. you must mean Havoc.
Seriously, he was the major force behind some of the major usability improvements in gnome, including dumping window managers that were becoming far too complicated.
There's quite a bit of truth to the article allthough I'd say that true rockstar programmers do use the right tool for the job. If a programmer builds a custom Java CMS where Joomla would do, he isn't a rockstar. He's an idiot.
That..depends. If off-the-shelf technology has not been evaluated, and the project jumps right into "let's write custom software", it may be because of "Not invented here" syndrome. If, on the other hand, the ONLY options are off-the-shelf, possibly with customizations, you may have hit the polar opposite, which is also a pitfall. I have seen many IT projects that try to beat a plowshare into a sword. While it may do the minimal job, it usually requires hours of consulting, customization, or other tools added on top to actually meet all the needs. Sometimes, if you need a sword, you should just forge the thing from scratch.
If a rockstar doesn't have those, he'll be faster than others in producing workable stuff, but if he gets hit by a bus it will be just as much worth as the other unfinished stuff.
I call this the "bus test". I'd also argue that a rock star isn't a star (ie, he's just a rock) if he can't transfer enough knowledge that someone else on the team can pick up and keep going, even if it's at a slower pace.
Many programmers I know hat are considered rockstars are quite mediocre.
I would say your next point plays to this nicely: If you haven't got the communication/teamwork skills to deal with others on your team, you aren't a Rock Star.
If you can communicate, know your craft (ie, program your way out of a paper bag), and (big one) admit your own shortcomings (be it "I made this bug" or "Yes, that's more efficient/a better idea than what I wrote"), then you might be worthy of being a rock star. This doesn't mean you are always the BEST programmer.. to some extent it's more about being able to bring things together.
Bottom line:
Rockstar is always relative. Very relative.
This.
No disrespect, but we developers also have a name for people that describe developers the way you do :-)
Project Managers?
oracle is actually an acronym: One Rich Asshole Ceo, Larry Ellison
We all float down here, in the clown.
s/cloud/clown
makes reading stories about "clown gaming", "clown storage", and anything else they put in the clown much more interesting.
This is what I thought of as well.
And there they worked by contracting when an electrical current was applied.. this seems rather similar.
Personally, I'm hoping that they can develop this further for things like artificial limbs/muscles. If we can one day replace degenerated muscle tissue, it could provide an answer for things like MD or ALS. (Although in the case of ALS, it would need to replace motor control with an external source of some sort..)
Except for the whole part where companies now have to refund you money they don't use on your health care from your premiums.. sure..
Wait... what?
So I have my per user unique salt right there in the database (possibly in a different table) as the password? So the person who compromised the DB now has the salt and the password?
I'd argue that getting at the tables in a database (miss a SQL injection for instance) than getting at the general code for a site. Keeping them at least on two physically separated machines (and you can still do a hard-coded salt + some form of per user salt combination) is more secure.
Now all this being said, if they have full access to your entire environment, you're screwed no matter what you do. If I have your source, I know how you hash your passwords, and how to legit retrieve info on an authenticated user. Heck, I don't even have to know your password at that point, I just need a list of valid users.
The issue here is finding the balance of "secure enough" and linked in didn't even do a basic salt.
As the summary notes, 8 character passwords can be cracked pretty quickly. 15 Characters with the crappy password rules we've enforced for minimum 8 character passwords become hard for users. It's time we start demanding correcthorsebatterystaple style random word passwords with maximum lengths of 255 characters (and a minimum > 8 characters).
That and WTF the passwords were unsalted? Salt them and DON'T keep the salt in the database.
Wait.. wait.. hear me out. The MBA will give you insight into how those who are MBAs think (and therefore, most of management). Also, your experience will say "I can do IT/CS", while the degree will say "I can do business". Which means you're more likely to be able to make a jump to management if you find your career options topping out on the IT/CS end.
And you'd be following in the footsteps of Alan Cox.
It's also worth pointing out that they suggest that common phrases like "Manchester United" or "Harry Potter" would be used quite a bit. Just because it's a passphrase doesn't mean you shouldn't still use a "common dictionary" (or in this case "Common Phrasebook") to prevent people from choosing things like the above, possibly with a length check of some sort involved as well, to prevent cases like "fee fai foh fum", which may not be caught by the common phrase check, but has all words of the same length.
Four or so words chosen at random without association can be memorized and provide greater security. They can even come from a book, as long as they come from different places ie: "Classes Default Automatic When". Words chosen at random, almost sounds like a phrase, but is unlikely to be checked within a certain number of retries. Even using less common phrases from a source would likely be fine. "To be or not to be" will probably be checked early, as it is common. "Nobler in the mind to suffer" would not likely come up, as it is not the start of the phrase, or even the complete phrase.
The certs noted in the article are almost all for products that aren't on the edge of technology anymore, and in one case was for a specific version of that technology. I bet the number of jobs in those areas are also shrinking a bit. The article also notes that certs for jobs that are the most "in demand" have growing salaries.
All in all, the article is crying wolf.
(Also.. for those of you who are managers and don't like certified people: Some of the certs out there require hands-on experience to be proven.. research before you reject all certifications out of hand).
It's a good ruling (and about damn time on this one), but it could have gone farther. As the minority opinion says, and I agree, what's to stop non-intrusive methods such as future UAV drones from being used without a warrant?
As someone else with high blood pressure, I have to ask: did you ever ask why the doctor is doing so much lab work?
I don't know what medication you're on, but I know that the one I'm on requires regular checks on kidney function. A previous medication would deplete my Potassium (yay, Bananas). Now to be fair this didn't require MONTHLY checks, but I have normal kidney function and was fairly good about keeping my potassium levels up. If my kidney functions showed a little bit off, or I had some other risk factor, I wouldn't be surprised if my normal doctor visit went from 3-6 months to once a month.
As to why they do the blood pressure check every time is simple: people lie. (After all, how many people do you think will admit honestly: "I don't bother doing this at home even though you said it was important". They'll more likely go with "I do this three or four times a week and my numbers look good")
It's entirely possible your doctor is just milking your insurance for all he can get, but at least ask. Take control of your health and don't just be a sheep.
Just to turn this around for a second: Why haven't you?
Try house of reps, or more local.
I've thought about it, and my only issue with doing so myself is "electability" (ie: the people that vote care more about a candidate's opinion on , for example, abortion than if they will fix the immediate real problems out there) coupled with the massive amount of fundraising which must be done to be a "viable candidate".
....Considering I pay the city for trash pick up (and where I am, we actually pay private firms.. the city does not provide trash pick up) they should be the ones to sort it, in my opinion. If I can pay more and not do my own sorting, I'm all for it. Everywhere I have been that makes you sort recyclables has been way too picky about what can and can't be recycled. "Plastic, but not this type, paper not including newspaper, x glass but not y glass". Pain in the ass.
for some reason I hear this in the voice of three-dog from Fallout 3.
Siri's biggest plus, I think, is the integration of text to speech within iOS. It's fairly accurate and no longer requires a separate app (like the Dragon dictate app).Now, if it's a text box that pops up the on-screen keyboard, you can talk to it.
Siri's downside comes in the limitations that appear to have been arbitrary decisions: I can't add or manipulate contacts hands-free, Most of the information (including directions) that siri retrieves will not be read. (Seriously, how hard is it to say read me the weather that was just retrieved without me having to ask "Describe the weather on sunday"?) and an inability to do simple tasks it has information for ("Pull up facebool/Open Angry birds.." or "List [songs|albums] by $artist that I have" both should be trivial)
I am happier with it's overall control for the ipod, however. It's about time I can ask it to play a song by title.
Because updating DNS zone files is a "exceptional circumstance" for an admin?
Maybe I'm missing something.. but doesn't it seem like the First is the last amendment you'd want to argue in this case? What about the fourth? Or the Due Process clause of the 14th?
I mean, nobody involved in the site has been actually charged with a crime.. so isn't the idea that the domain was being used to support a crime invalid? If you want to take it, you need to press charges.
Even better, it's trademark infringement. If I expect that when I type in google.com and/or submit a search there and I get a result back from somewhere else, you've just created confusion about who is providing the search results. Even more so if you try to disguise your page as a genuine google page.
Every search engine needs to sue not just the company providing this "service" to ISPs, but the ISPs themselves. it'll take care of itself pretty quickly.
It's not MBAs that are the particular problem here. It's more Dodge v. Ford Motor company and the legacy of that decision. The only goal most corporations have at this point is short term stock price increases or selling the company. Until more focus is placed on long-term outlooks, bad (and sometimes purely unethical) practices will rule corporate america.