As a practical matter, a lot of valuable talent is not healthy.
This is so true. It is difficult to deal with as a boss and even more so as an employer. One of my guys is seriously over weight, and has a number of health complications that come with it. He is also highly intelligent and very capable. It is challenge because I want to be able to depend on him, and for the most part I can. But I also have to mitigate risk and make sure that there are people shadowing his projects and documenting his recommendations so that they can carry on if the time comes that he is no longer able to come into work.
As his boss, I want to have a legitimate, sincere conversation with him about his health and his value to the company. I also want to have it with him as a friend and someone who cares about him. But due to the way employment law works, I have to avoid the subject.
What is the cost to the business if the risk of continuing to use passwords is realized?
What is the cost of implementing an alternate system? Be sure to include the costs in training, process re-engineering, systems re-engineering, etc.
What value, if any, is generated by replacing passwords?
Unless the money you are going to spend is either going to generate more money for the business than the dozens of other projects that are competing for resources, you practically have zero hope of your change being embraced.
While some organizations are risk adverse to the point where they will act on them, more often than not unless you or your direct supervisor are liable for mitigating the risk, you are doing your career a disservice by raising the risk.
Guilty by association. Usually gang members who are not hard core / have not been charged with a crime before... yet always seem to be nearby when things are happening. See the above comments about 'uncooperative witnesses'. While freedom of speech protects a person's right to throw up gang signs and tell an officer to go fuck themselves, and dress just like the gangsters who are dealing drugs and breaking into apartments... we do have a system that still vaguely upholds the ideal of 'innocent until proven guilty'.
Think of petty crimes. Out after curfew for example. Police pick someone up for a curfew violation. District attorney has too many cases and refuses to prosecute. The person has 'broken the law' but 'not been charged'.
Not really. Gang A shoots at Gang B. Gangster B1 gets hit. Gangsters B2 through B12 refuse to help police because snitches get stitches. Therefore they are likely involved with the gang, or sympathetic to the gang.
You can safely assume that the police can tell the difference between "someone afraid to testify due to fear of retaliation" versus "uncooperative witnesses".
Not exactly true. Crime is a numbers game. Criminals get away with it far more frequently than they get caught. But sooner or later, everyone gets caught. The careless ones get caught more often, that is true. But even the 'good' ones roll the dice every time they break the law.
Even if they are completely racist in their arrests, so what? The strategy of the system is to identify serious repeat offenders and take them off of the streets.
If there is a corresponding decrease in crime, it is mostly safe to say that the strategy is effective. If five years from now there is a negligible decrease or an increase in crime, we can start having a serious discussion about the merits of the system.
The article gives a couple of good examples of how the system has been used. Here is one example, there are others that you can review for yourself...
"In May we created our crime-strategies unit. Wilmington has one of the highest violent-crime rates in the country, but 1 to 2 percent of the people are doing 70 percent of the crimes. We’ve taken dozens of high-risk offenders off the street.”
Presumably, within a few months to a year, they will be able to check crime stats and determine of the absence of those high-risk offenders has had a measurable impact on crime.
I think what you will see is that it does. The reality is that the truly anti-social, dangerously violent, willing to use force on other human beings types of criminals are a small percentage of the overall criminal population. If you focus on removing those severe cases, it will take a while for the population to produce more of them.
To a lesser extent, the same thing happens with property crimes. Let's say you have a guy who likes to smash car windows and steal things. He has a few friends who see him getting away with it and they adopt the same behavior. They tend to work a particular neighborhood. If you take those guys out of the equation, that neighborhood will see a decrease in that kind of crime for a little while. But if you let it go unchecked, it will increase. Other criminals will start to realize, "Hey, let's go down to VehicleTheftVille and get some center console change" because the police do not seem to be doing anything about it, and everyone else is doing it.
"Over time, this will allow us to turn off the 207 different legacy systems, and give us one common data platform that maybe has 207 different processes interoperating at the data layer on that platform. "
One process per system? Has this guy even worked in IT before?
Queue excuses along the lines of, "We vastly underestimated the size and complexity of the individual systems." in 3, 2, 1....
Given the wide scale adoption of Exchange, the first thing that came to mind is Outlook Web Access. The internal and external passwords are the same. Or more accurately, it is the exact same account, accessed via a web server versus a client side application.
The password dialogue that appears in the email is a common Microsoft password dialogue. We see similar boxes when loading documents from a SharePoint site for example. Your average corporate user would be very unlikely to think twice about that kind of prompt, especially when clicking a link in an email that appears to come from a colleague.
Having been in management for a while, I have seen too many bad managers at this point. Unfortunately technical competence does not directly translate into management ability. As a manager, one of the most important skills to have is the ability to understand and predict the needs of the business. A programmer is in a good position to develop that ability because they are constantly being tasked with fulfilling those needs. If the OP has not developed those skills he is either organizationally tone deaf from being eyeballs deep in his code, or he does not care enough to pay attention what is going on around him.
For all we know, he already has that ability in spades. Nothing about the original post mentions it one way or the other, and I tend to give people the benefit of the doubt. Most good programmers are really good at coming up with effective solutions for real world challenges.
If he has the experience that he says he has, he should already have the business and risk mitigation functions under control. As a programmer, I presumably has spent his career developing programs that the business needs. If he cannot anticipate business needs by now, he probably lacks the intelligence to be in management anyway. The same thing goes for mitigating risk. If he cannot foresee project risks and is still relying on others to tell him what to work on, and what NOT to do, then he is not much more valuable than a mid-level programmer.
Managerial functions on the other hand are a whole new ball game. Unlike programs, people are unpredictable and cannot be debugged or rewritten to function the way we would like them to. I agree with you that those functions are not simple, and that could make the transition rough.
None the less, the OP is on the right track. A good employee should be leading a team and mentoring junior employees. I look at it as the personnel equivalent of systems administration. As an employer, do you want a guy who is still provisioning servers by hand, or do you want the guy who has automated everything and can make a change across ten thousand systems as easily as one? I do not mean to disparage the admin who can fine tune the golden image to the point where it consumes as few resources as possible. But without the talent to extend that skill beyond a single system, they are going to be professionally limited.
Not sure why I bother replying to an AC, but I usually play Conquest so I do PTFO you tool.
K:D is something that everyone, even someone who does not play BF4, can understand.
How about this... when I am playing on a hack free server, I am usually in the top 5 (because I am PTFingO and earning points for my team). If I was all about K:D, I would not spend so much time with a Stinger where I only earn about 50 points for a mobility kill and get 0 player kills.
They ban them, but I think it is a limited time ban. As someone else commented, those hackers are paying customers. They do not want to cut off the revenue stream.
I think that they should let them play on hacker only servers. Let the trolls all roll around in the muck with each other and leave the rest of the community alone.
I keep hoping and praying that one day someone will come out with a way to effectively deal with this, but the reality is that the problem is here to stay. The way this pans out is that you get a day or two of hack free game play when the publisher updates their anti-cheat code. Then the hackers come out with new binaries that cannot be detected and the game sucks again.
I like FPS games and I really like FPS games on the computer where I can use a keyboard and mouse. Hackers just kill the game though. On a hacker free BF4 server, I will go 3:1 or 4:1 frequently. Yet my overall ratio for the game is down around 0.8:1. That gives some sense of how often the hacks are going undetected.
I do not understand why companies like EA, Valve, etc do not just subscribe to the hacks themselves and update the detection routines as soon as they come out. They have proven that they have technology that will catch the large majority of them. It just seems like they are too lazy to stay on top of it. The cynical side of me thinks that they are have only been aggressive with the BF4 hackers in the last week or two due to Hardline coming out soon.
This right here is what I miss the most about swapping warez.
I haven't pirated software with any regularity since a 56k modem was fast, but even back then, any game that I enjoyed I bought to support the publisher so that they had a chance to stay in business and continue to pump out good products.
A try before you buy model would crush the software industry, but would be a godsend for gamers. Even a model where you get to play the first level, or play for 10 hours would strike the balance between piracy and profits.
I cannot believe that you wasted money buying that garbage either.
Get with the rest of the smart people and wait next time. I did. Oddly enough, I am not kicking myself in the ass for not pre-ordering AC:Unity. Go figure....
That is not say that I do not want to play the game, or that I will not enjoy playing it in two months from now when the public beta period is over, the bugs are worked out, and I purchase the game for a discount.
I adopted a similar tactic. I have been burned one time too many. After the cluster fuck that was Watch Dogs, I will never buy a pre-release version of another Ubisoft game.
The same goes for EA, after the cluster fuck that was BF4.
It is better to wait a month or two, let everyone else deal with the public beta test period, and then get it at a discount.
Slashdot Mirror
Because life is not a TV and people who deal with the public for a living, especially detectives and trained investigators, know how to read people.
It is a combination of a previous back injury, a bunch of poor dietary and health choices, and a genetic predisposition to weight gain.
I have talked to him about it as much as I feel like I can. Like I said, I care about the guy. It is just that my hands are tied.
And, he's not a single point of failure, but the organization would feel the loss.
As a practical matter, a lot of valuable talent is not healthy.
This is so true. It is difficult to deal with as a boss and even more so as an employer. One of my guys is seriously over weight, and has a number of health complications that come with it. He is also highly intelligent and very capable. It is challenge because I want to be able to depend on him, and for the most part I can. But I also have to mitigate risk and make sure that there are people shadowing his projects and documenting his recommendations so that they can carry on if the time comes that he is no longer able to come into work.
As his boss, I want to have a legitimate, sincere conversation with him about his health and his value to the company. I also want to have it with him as a friend and someone who cares about him. But due to the way employment law works, I have to avoid the subject.
What is the risk of continuing to use passwords?
What is the cost to the business if the risk of continuing to use passwords is realized?
What is the cost of implementing an alternate system? Be sure to include the costs in training, process re-engineering, systems re-engineering, etc.
What value, if any, is generated by replacing passwords?
Unless the money you are going to spend is either going to generate more money for the business than the dozens of other projects that are competing for resources, you practically have zero hope of your change being embraced.
While some organizations are risk adverse to the point where they will act on them, more often than not unless you or your direct supervisor are liable for mitigating the risk, you are doing your career a disservice by raising the risk.
Guilty by association. Usually gang members who are not hard core / have not been charged with a crime before... yet always seem to be nearby when things are happening. See the above comments about 'uncooperative witnesses'. While freedom of speech protects a person's right to throw up gang signs and tell an officer to go fuck themselves, and dress just like the gangsters who are dealing drugs and breaking into apartments... we do have a system that still vaguely upholds the ideal of 'innocent until proven guilty'.
Think of petty crimes. Out after curfew for example. Police pick someone up for a curfew violation. District attorney has too many cases and refuses to prosecute. The person has 'broken the law' but 'not been charged'.
Not really. Gang A shoots at Gang B. Gangster B1 gets hit. Gangsters B2 through B12 refuse to help police because snitches get stitches. Therefore they are likely involved with the gang, or sympathetic to the gang.
You can safely assume that the police can tell the difference between "someone afraid to testify due to fear of retaliation" versus "uncooperative witnesses".
Not exactly true. Crime is a numbers game. Criminals get away with it far more frequently than they get caught. But sooner or later, everyone gets caught. The careless ones get caught more often, that is true. But even the 'good' ones roll the dice every time they break the law.
Most big cities have police RVs that they use as mobile command posts.
Here is one that my home town has...
https://www.ldvusa.com/vehicle...
Even if they are completely racist in their arrests, so what? The strategy of the system is to identify serious repeat offenders and take them off of the streets.
If there is a corresponding decrease in crime, it is mostly safe to say that the strategy is effective. If five years from now there is a negligible decrease or an increase in crime, we can start having a serious discussion about the merits of the system.
The article gives a couple of good examples of how the system has been used. Here is one example, there are others that you can review for yourself...
"In May we created our crime-strategies unit. Wilmington has one of the highest violent-crime rates in the country, but 1 to 2 percent of the people are doing 70 percent of the crimes. We’ve taken dozens of high-risk offenders off the street.”
Presumably, within a few months to a year, they will be able to check crime stats and determine of the absence of those high-risk offenders has had a measurable impact on crime.
I think what you will see is that it does. The reality is that the truly anti-social, dangerously violent, willing to use force on other human beings types of criminals are a small percentage of the overall criminal population. If you focus on removing those severe cases, it will take a while for the population to produce more of them.
To a lesser extent, the same thing happens with property crimes. Let's say you have a guy who likes to smash car windows and steal things. He has a few friends who see him getting away with it and they adopt the same behavior. They tend to work a particular neighborhood. If you take those guys out of the equation, that neighborhood will see a decrease in that kind of crime for a little while. But if you let it go unchecked, it will increase. Other criminals will start to realize, "Hey, let's go down to VehicleTheftVille and get some center console change" because the police do not seem to be doing anything about it, and everyone else is doing it.
At least he has some app dev experience. Even it was developing a GUI....
https://www.linkedin.com/profi...
"Over time, this will allow us to turn off the 207 different legacy systems, and give us one common data platform that maybe has 207 different processes interoperating at the data layer on that platform. "
One process per system? Has this guy even worked in IT before?
Queue excuses along the lines of, "We vastly underestimated the size and complexity of the individual systems." in 3, 2, 1....
Given the wide scale adoption of Exchange, the first thing that came to mind is Outlook Web Access. The internal and external passwords are the same. Or more accurately, it is the exact same account, accessed via a web server versus a client side application.
The password dialogue that appears in the email is a common Microsoft password dialogue. We see similar boxes when loading documents from a SharePoint site for example. Your average corporate user would be very unlikely to think twice about that kind of prompt, especially when clicking a link in an email that appears to come from a colleague.
Having been in management for a while, I have seen too many bad managers at this point. Unfortunately technical competence does not directly translate into management ability. As a manager, one of the most important skills to have is the ability to understand and predict the needs of the business. A programmer is in a good position to develop that ability because they are constantly being tasked with fulfilling those needs. If the OP has not developed those skills he is either organizationally tone deaf from being eyeballs deep in his code, or he does not care enough to pay attention what is going on around him.
For all we know, he already has that ability in spades. Nothing about the original post mentions it one way or the other, and I tend to give people the benefit of the doubt. Most good programmers are really good at coming up with effective solutions for real world challenges.
It is all about perspective. You will always toil away at something. Whether or not you love it is up to you.
If he has the experience that he says he has, he should already have the business and risk mitigation functions under control. As a programmer, I presumably has spent his career developing programs that the business needs. If he cannot anticipate business needs by now, he probably lacks the intelligence to be in management anyway. The same thing goes for mitigating risk. If he cannot foresee project risks and is still relying on others to tell him what to work on, and what NOT to do, then he is not much more valuable than a mid-level programmer.
Managerial functions on the other hand are a whole new ball game. Unlike programs, people are unpredictable and cannot be debugged or rewritten to function the way we would like them to. I agree with you that those functions are not simple, and that could make the transition rough.
None the less, the OP is on the right track. A good employee should be leading a team and mentoring junior employees. I look at it as the personnel equivalent of systems administration. As an employer, do you want a guy who is still provisioning servers by hand, or do you want the guy who has automated everything and can make a change across ten thousand systems as easily as one? I do not mean to disparage the admin who can fine tune the golden image to the point where it consumes as few resources as possible. But without the talent to extend that skill beyond a single system, they are going to be professionally limited.
Not sure why I bother replying to an AC, but I usually play Conquest so I do PTFO you tool.
K:D is something that everyone, even someone who does not play BF4, can understand.
How about this... when I am playing on a hack free server, I am usually in the top 5 (because I am PTFingO and earning points for my team). If I was all about K:D, I would not spend so much time with a Stinger where I only earn about 50 points for a mobility kill and get 0 player kills.
They ban them, but I think it is a limited time ban. As someone else commented, those hackers are paying customers. They do not want to cut off the revenue stream.
I think that they should let them play on hacker only servers. Let the trolls all roll around in the muck with each other and leave the rest of the community alone.
Very much like HFT.
It really does not require any more skill. If hacking were allowed, it would come down to who has the fastest computer and lowest ping to the server.
Playing the game without hacks requires skill.
I keep hoping and praying that one day someone will come out with a way to effectively deal with this, but the reality is that the problem is here to stay. The way this pans out is that you get a day or two of hack free game play when the publisher updates their anti-cheat code. Then the hackers come out with new binaries that cannot be detected and the game sucks again.
I like FPS games and I really like FPS games on the computer where I can use a keyboard and mouse. Hackers just kill the game though. On a hacker free BF4 server, I will go 3:1 or 4:1 frequently. Yet my overall ratio for the game is down around 0.8:1. That gives some sense of how often the hacks are going undetected.
I do not understand why companies like EA, Valve, etc do not just subscribe to the hacks themselves and update the detection routines as soon as they come out. They have proven that they have technology that will catch the large majority of them. It just seems like they are too lazy to stay on top of it. The cynical side of me thinks that they are have only been aggressive with the BF4 hackers in the last week or two due to Hardline coming out soon.
This right here is what I miss the most about swapping warez.
I haven't pirated software with any regularity since a 56k modem was fast, but even back then, any game that I enjoyed I bought to support the publisher so that they had a chance to stay in business and continue to pump out good products.
A try before you buy model would crush the software industry, but would be a godsend for gamers. Even a model where you get to play the first level, or play for 10 hours would strike the balance between piracy and profits.
I cannot believe that you wasted money buying that garbage either.
Get with the rest of the smart people and wait next time. I did. Oddly enough, I am not kicking myself in the ass for not pre-ordering AC:Unity. Go figure....
That is not say that I do not want to play the game, or that I will not enjoy playing it in two months from now when the public beta period is over, the bugs are worked out, and I purchase the game for a discount.
Given the likelihood of that happening (hint: not at all), the only sane option is to stop buying on the release date.
I saw the trailers for AC:Unity and thought that it looks like a fun game. Then I remembered what a cluster fuck Watch Dogs was and decided to wait.
Surprise, I made the wise choice there.
I might pick up the game in another month or two once the public beta period is over, and Ubisoft has knocked 20%+ off of the price.
I adopted a similar tactic. I have been burned one time too many. After the cluster fuck that was Watch Dogs, I will never buy a pre-release version of another Ubisoft game.
The same goes for EA, after the cluster fuck that was BF4.
It is better to wait a month or two, let everyone else deal with the public beta test period, and then get it at a discount.
They finally figure out how to mitigate aimbots and wall hacks.