Posts by C. Fuhrman

Investment pays off over time

I am a self-taught programmer who also got his diploma, and I agree the diploma doesn't help in terms of skills.

However, the comments about HR are true. The world's simply not fair and whining about it only makes the truth more painful.

Another scenario I saw more than once proves my point. The self-taught non-diploma guru reaches mid-life in a consulting company. He has a good reputation, maybe even manages some coders, but the new hires (with diplomas) make his salary starting out! This is especially true in sectors where jobs are contracted to the government. Allowable billed rates are based on measurable education levels, at least with the US government. Such people have a harder time going back to school because they have families, mortgages, and tuition is more expensive than it was 15-20 years prior.

Does Go make it easier to program bug-free concurrent code?

One of the biggest problems with concurrent programming is writing code that is free of deadlocks, livelocks, race conditions, etc.

There's no mention of how Go makes this easier, so I'm guessing it doesn't?

Nobody can feel the weight in outer space

Mac Portable in zero-G action...

http://www.youtube.com/watch?v=vMNw99Q8Ok0

Too bad that Firefox had to raise the bar, but at least they did it.

How many times has Adobe's Flash and Reader plug-in had exploitable vulnerabilities, and yet there are no auto-update features? Actually, Adobe Acrobat has an update that works if you buy the full version (not the free reader).

Check out another useful tool: Secunia PSI (works for more than just plug-ins, and finds all third-party software on your PC that is at risk and needing updates).

@Peter Lee (Close the windows next time!)

Well, if I were a member of U2 and rehearsing new tunage, I would not be doing it in a place that others can hear it.

They can afford to rehearse in a Swiss atomic shelter (every building has one of those in Switzerland). You can't hear jack when the 2' door is closed.

Paris, for the brilliance of leaving the windows open when you're rehearsing new material.

@Jeremy

Sadly I think the "PHad" is here to stay

@Anonymous Coward

Your analysis makes a lot of sense.

I think the 95% is misleading to most users because they don't see what goes on "behind the inbox" at the SMTP server-level.

Vigilante justice?

I totally agree that it's unethical to shut down the Kraken Trojan. But I think the real reason isn't "life support" ROFL but rather Tipping Point getting sued.

On the other hand, ISPs don't do their part, even when IPs get reported as infected. End user's don't do their part by installing proper firewall software or enabling automatic updates. Programmer's don't do their part by writing software that doesn't have security flaws.

Just waiting for the Register to publish an article about Vigilante Zombie Killer groups that can't get sued (like the whitehats can).

RE: ISPs could help

ISPs could monitor traffic, but other systems diagnose zombies pretty fast. Spam-sending bots usually draw attention on SpamCop.net. That means that the ISP of the machine in question gets at least one report saying the IP address is responsible for sending spam. It's easy to spot the zombie when you get a spam. It's usually the last IP on the "received" headers of the email, and it's an IP address in a block of IPs reserved for home machines. There are block-lists keeping track of zombie IPs. The ISPs could use all of this info. If an IP is sending 100,000 spams/day, which is often the case, you can imaging the ISP gets MORE THAN ONE report from SpamCop about it. But one report is enough to tell them it's a zombie.

I use SpamCop a lot, but rarely does an ISP show that they are taking out the zombies. I get "confirmations" from Sky.net on a regular basis. It takes them 3-5 days (from the time they get the SpamCop reports) to take out a zombie. That's frankly too slow. That's 300,000-500,000 extra spam messages per zombie on their network.

All programmers cut from the same (holey) cloth

If anything, this contest confirms that no OS is any safer than the others. It's the same basic education system that goes into making up the coders, whether it's Apple, Windows, Linux. Unless universities change fundamentally how coders learn about what good security coding is, and static analysis tools are used to find security flaws, etc. software such as browsers with enough complexity is always going to have lots of holes.

I suspect that ATT are using PBL on SpamHaus

People with DNS2Go don't have static IP addresses (that's why they use dns2Go). Email should not be coming from dynamic IP addresses. Spam is sent by zombie computers, which are mostly running on dynamic IP addresses. Because home users (also on dynamic IPs) don't install updates, allowing hackers to turn their PCs into spam-sending zombies.

Maybe ATT finally got a clue and are using SpamHaus' PBL to block the traffic.

Don't talk to SMTP senders who are on ISPs that say their dynamic IP blocks don't send SMTP except through their local server. This is what PBL is all about. I bet DNS2Go users have been getting a free ride until now.