By EditorDavid from Slashdot's beyond-man-pages department
A medium-sized company just hired a new IT manager who wants advice from the Slashdot community about their two remaining IT "gofers":
These people have literally been here their entire "careers" and are now near retirement. Quite honestly, they do not have any experience other than reinstalling Windows, binding something to the domain and the occasional driver installation -- and are more than willing to admit this. Given many people are now using Macs and most servers/workstations are running Linux, they have literally lost complete control over the company, with most of these machines sitting around completely unmanaged.
Firing these people is nearly impossible. (They have a lot of goodwill within other departments, and they have quite literally worked there for more than 60 years combined.) So I've been tasked with attempting to retrain these people in the next six months. Given they still have to do work (imaging computers and fixing basic issues), what are the best ways of retraining them into basic network, Windows, Mac, Linux, and "cloud" first-level help desk support?
Monster_user had some suggestions -- for example, "Don't overtrain. Select and target areas where they will be able to provide a strong impact." Any other good advice?
Leave your best answers in the comments. What's the best way to retrain old IT workers?Read Replies (0)
By EditorDavid from Slashdot's first-star-I-see-tonight department
NASA will host a media teleconference at 1 p.m. EST Thursday, Dec. 14, to announce the latest discovery made by its planet-hunting Kepler space telescope. The discovery was made by researchers using machine learning from Google. Machine learning is an approach to artificial intelligence, and demonstrates new ways of analyzing Kepler data... When Kepler launched in March 2009, scientists didn't know how common planets were beyond our solar system. Thanks to Kepler's treasure trove of discoveries, astronomers now believe there may be at least one planet orbiting every star in the sky.
Kepler spots alien worlds by noticing the tiny brightness dips they cause when they cross the face of their host star from the spacecraft's perspective. Kepler is the most accomplished planet hunter in history. It has found more than 2,500 confirmed alien worlds -- about 70 percent of all known exoplanets -- along with a roughly equal number of "candidates" that await confirmation by follow-up observations or analyses. The vast majority of these discoveries have come via observations that Kepler made during its original mission, which ran from 2009 to 2013. Study of these data sets is ongoing; over the past few years, researchers have used improved analysis techniques to spot many exoplanets in data that Kepler gathered a half-decade ago or more.
Space.com describes Thursday's announcement as an exoplanet discovery. (Earlier they reported on the discovery of "a possibly habitable alien world" about 2.2 times the size of earth orbiting a dwarf star "within the range of distances where liquid water could exist on a world's surface".)
Slashdot reader schwit1 points out that other less-credible sites speculate NASA's announcement will be "a major discovery about life beyond earth."Read Replies (0)
By EditorDavid from Slashdot's init-for-the-money department
"Systemd developers split the community over a tiny detail that decreases stability significantly and increases complexity for not much real value." So argues Nico Schottelius, talking about his experiences as the CEO of a Swiss company providing VM hosting, datacenters, and high-speed fiber internet. Long-time Slashdot reader walterbyrd quotes Nico's essay:
While I am writing here in flowery words, the reason to use Devuan is hard calculated costs. We are a small team at ungleich and we simply don't have the time to fix problems caused by systemd on a daily basis. This is even without calculating the security risks that come with systemd. Our objective is to create a great, easy-to-use platform for VM hosting, not to walk a tightrope...
[W]hat the Devuan developers are doing is creating stability. Think about it not in a few repeating systemd bugs or about the insecurity caused by a huge, monolithic piece of software running with root privileges. Why do people favor Linux on servers over Windows? It is very easy: people don't use Windows, because it is too complex, too error prone and not suitable as a stable basis. Read it again. This is exactly what systemd introduces into Linux: error prone complexity and instability. With systemd the main advantage to using Linux is obsolete.
The essay argues that while Devuan foisted another choice into the community, "it is not their fault. Creating Devuan is simply a counteraction to ensure Linux stays stable. which is of high importance for a lot of people."Read Replies (0)
By EditorDavid from Slashdot's cause-or-effect? department
An anonymous reader quotes the Atlantic:
Blaine Hurst, the CEO and president of Panera, told me that because of its new [self-service] kiosks, and an app that allows online ordering, the chain is now processing more orders overall, which means it needs more total workers to fulfill customer demand. Starbucks patrons who use the chain's app return more frequently than those who don't, the company has said, and the greater efficiency that online ordering allows has boosted sales at busy stores during peak hours. Starbucks employed 8 percent more people in the U.S. in 2016 than it did in 2015, the year it launched the app...
James Bessen, an economist at Boston University School of Law, found that as the number of ATMs in America increased fivefold from 1990 to 2010, the number of bank tellers also grew. Bessen believes that ATMs drove demand for consumer banking: No longer constrained by a branch's limited hours, consumers used banking services more frequently, and people who were unbanked opened accounts to take advantage of the new technology. Although each branch employed fewer tellers, banks added more branches, so the number of tellers grew overall. And as machines took over many basic cash-handling tasks, the nature of the tellers' job changed. They were now tasked with talking to customers about products -- a certificate of deposit, an auto loan -- which in turn made them more valuable to their employers. "It's not clear that automation in the restaurant industry will lead to job losses," Bessen told me.Read Replies (0)
By EditorDavid from Slashdot's living-long-and-prospering department
An anonymous reader quotes Newsweek:
We have reached our peak in terms of lifespan, athletic performance and height, according to a new survey of research and historical records... "These traits no longer increase, despite further continuous nutritional, medical, and scientific progress," said Jean-FranÃois Toussaint, a physiologist at Paris Descartes University, France, in a press release... For the study, published in the journal Frontiers in Physiology, a team of French scientists, including Toussaint, from a range of fields analyzed 120 years' worth of historical records and previous research to gauge the varying pace of changes seen in human athletic performance, human lifespan and human height. While, as they observe, the 20th century saw a surge in improvements in all three areas that mirrored industrial, medical and scientific advances, the pace of those advances has slowed significantly in recent years.
< article continued at Slashdot's living-long-and-prospering department
>Read Replies (0)
By EditorDavid from Slashdot's back-to-the-futures department
"5PM CT is the start of Bitcoin futures trading and the $CBOE website appears to be down," one market watcher posted on Twitter (and his observation was quickly confirmed by other cryptocurrency-watching accounts and confirmed by CBOE). "I'm guessing watching Bitcoin futures start trading is a more popular spectator sport than anticipated."
Bitcoin futures will also begin trading on the Chicago Mercantile Exchange in eight days. The Street report that the anticipation of that "has triggered wild swings in bitcoin prices over the last week."
Overall, trading bitcoin futures is a positive development for the cryptocurrency says the research team at Fundstrat... The introduction of derivatives lays the necessary market structure for institutions to allocate cash towards cryptocurrencies, points out Fundstrat...
Short sellers may now express negative views on bitcoin, which could lead to short-term pricing pressure. But the ability for short sellers to hate on bitcoin could be viewed as a longer term positive, Fundstrat says. Shorting essentially creates true price discovery and means that hedge funds could take bitcoin more seriously. This should improve the long-term prospects of bitcoin as it broadens sponsorship, Fundstrat believes.Read Replies (0)
By EditorDavid from Slashdot's uh-oh department
Several popular interpreted programming languages are affected by severe vulnerabilities that expose apps built on these languages to attacks, according to research presented at the Black Hat Europe 2017 security conference. An anonymous reader writes:
Fuzzing involves providing invalid, unexpected, or random data as input to a software application. The researcher created his own fuzzing framework named XDiFF that broke down programming languages per each of its core functions and fuzzed each one for abnormalities. His work exposed severe flaws in all five languages, such as a hidden flaw in PHP constant names that can be abused to perform remote code execution, and undocumented Python methods that can be used for OS code execution. Arnaboldi argues that attackers can exploit these flaws even in the most secure applications built on top of these programming languages.Read Replies (0)
By EditorDavid from Slashdot's Pai-in-your-face department
"FCC general counsel Tom Johnson has told the New York State attorney general that the FCC is not providing information for his investigation into fake net-neutrality comments, saying those comments did not affect the review, and challenging the state's ability to investigate the feds." Variety has more:
The FCC's general counsel, in a letter to New York Attorney General Eric Schneiderman, also dismissed his concerns that the volume of fake comments or those made with stolen identities have "corrupted" the rule-making process... He added that Schneiderman's request for logs of IP addresses would be "unduly burdensome" to the commission, and would "raise significant personal privacy concerns."
Amy Spitalnick, Schneiderman's press secretary, said in a statement that the FCC "made clear that it will continue to obstruct a law enforcement investigation. It's easy for the FCC to claim that there's no problem with the process, when they're hiding the very information that would allow us to determine if there was a problem. To be clear, impersonation is a violation of New York law," she said... "The only privacy jeopardized by the FCC's continued obstruction of this investigation is that of the perpetrators who impersonated real Americans."
One of the FCC's Democratic commissioners claimed that this response "shows the FCC's sheer contempt for public input and unreasonable failure to support integrity in its process... Moreover, the FCC refuses to look into how nearly half a million comments came from Russian sources."Read Replies (0)
By EditorDavid from Slashdot's who-watches-the-Watchmen? department
Slashdot reader Trax3001BBS shares an article from The Register:
Microsoft posted an out-of-band security update Thursday to address a remote code execution flaw in its Malware Protection Engine. Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this will happen automatically. The security hole is present in Windows Defender and Microsoft Security Essentials, as well as Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016... According to Microsoft, the vulnerability can be triggered when the Malware Protection Engine scans a downloaded file to check for threats. In many systems this is set to happen automatically for all new files. By exploiting a memory corruption error in the malware scanning tool, the attack file would be able to execute code on the target machine with LocalSystem privileges.Read Replies (0)
By EditorDavid from Slashdot's justice-leagues department
Remember NIST, the non-regulatory agency of the U.S. Department of Commerce? Their mission expanded over the years to protecting businesses from cyberthreats, including a "Cybersecurty Framework" first published in 2014. "The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation's critical infrastructure, such as bridges and the electric power grid," NIST wrote in January, "but the framework has been widely adopted by many types of organizations across the country and around the world." Now SC Media reports:
The second draft of the update to the National Institute of Standards and Technology's cybersecurity framework, NIST 1.1, is meant "to clarify, refine, and enhance the Cybersecurity Framework, amplifying its value and making it easier to use," according to NIST. Specifically, it brings clarity to cybersecurity measurement language and tackles improving security of the supply chain. Calling the initial NIST CSF "a landmark effort" that delivered "important benefits, such as providing common language for different models" of standards and best practices already in use, Larry Clinton, president and CEO of the Internet Security Alliance, said "it fell short of some of the most critical demands of Presidential Executive Order 13636, which generated its development...
< article continued at Slashdot's justice-leagues department
>Read Replies (0)
By EditorDavid from Slashdot's asking-for-Santa department
"What's your opinion on the current state of smartwatches?" asks long-time Slashdot reader rodrigoandrade. He's been researching both smartwatches and fitness trackers, and shares his own opinions:
- Manufacturers have learnt from Moto 360 that people want round smartwatches that actually look like traditional watches, with a couple of glaring exceptions....
- Android Wear 2.0 is a thing, not vaporware. It's still pretty raw (think of early Android phones) but it works well. The LG Sport Watch is the highest-end device that supports it.
- LTE-enabled smartwatches finally allow you to ditch your smartphone, if you wish. Just pop you nano SIM in it and party on. The availability is still limited to a few SKUs in some countries, and they're ludicrously expensive, but it's getting there.
Keep reading for his assessment of four high-end choices -- and share your own opinions in the comments.Read Replies (0)
By EditorDavid from Slashdot's oh-the-humanity department
An anonymous reader writes: In November "Cards Against Humanity" announced "a complicated holiday promotion" where people paid $15 for six surprises in December. (For the first surprise in the Cards Against Humanity Saves America promotion, "we purchased a plot of vacant land on the border and retained a law firm specializing in eminent domain to make it as time-consuming and expensive as possible for Trump to build his wall.") The second surprise was the launch of a new podcast filled with positive news, and for the third surprise, they're redistributing the money people paid to join the event. "Most of our subscribers (about 140,000 people) got nothing today — they could have it worse. The next 10,000 subscribers received a full $15 refund of their Cards Against Humanity Saves America purchase. Finally, the poorest 100 people received a check for $1,000, paid for by everyone else."
A new web page shares stories from the grateful participants, and explains the site's careful methodology for determining who needed the $1,000 checks the most. ("We excluded all Canadians. They already have universal healthcare. They'll be fine.") It argues that wealth inequality is the biggest issue in the world, but "Our lawyers advised against our first choice — a campaign to eat all the rich people and live in their houses — so we settled for something more achievable."Read Replies (0)
By EditorDavid from Slashdot's comic-cons-in-court department
The Deseret News reports:
A jury has found that Salt Lake Comic Con founders Dan Farr and Bryan Brandenburg, along with their company, violated a trademark when they named their fan convention a "comic con." However, the jury decided that the trademark was not willfully violated, and only awarded $20,000 of the $12 million that San Diego Comic-Con had asked for in damages. The decision came at the end of an eight-day jury trial and three years of legal maneuvering... And with an estimated 140 other fan conventions across the country calling themselves comic cons, the impact of the decision could be felt nationwide...
The Salt Lake group also has an ongoing action with the U.S. Patent and Trademark Office seeking to invalidate San Diego's "comic-con" trademark... San Diego Comic-Con, which has been holding events since 1970, has a trademark on "comic-con" with a hyphen, but was unsuccessful in its 1995 bid to trademark "comic con," with a space. The unhyphenated name "Comic Con International," as well as the event's iconic "eye logo," are also protected by trademark. The event maintains that its trademarks cover the term "comic con" in all its forms...
San Diego Comic-Con wanted more than $12 million in damages from Salt Lake, including over $9 million for a three-month "corrective advertising campaign" to dispel confusion... In his closing arguments, Michael Katz, an attorney for Salt Lake Comic Con, questioned the amount San Diego was seeking, noting that San Diego authorities said during trial the organization generally spends between $20,000 and $30,000 for a month of advertising.
Slashdot reader AlanBDee writes:
When I attended the Salt Lake City Comic Con I did assume it was the same organization that put on San Diego Comic-Con... But now I have to wonder how that will affect other Comic Cons around the nation? What should these comic based fan conventions be called if not Comic Con?Read Replies (0)
By EditorDavid from Slashdot's off-the-shelf-spyware department
Citizen Lab has been studying information controls since 2001, and this week their director -- a Toronto political science professor -- revealed how governments (including Ethiopia's) are using powerful commercial spyware. Slashdot reader mspohr shared their report:
We monitored the command and control servers used in the campaign and in doing so discovered a public log file that the operators mistakenly left open... We were also able to identify the IP addresses of those who were targeted and successfully infected: a group that includes journalists, a lawyer, activists, and academics... Many of the countries in which the targets live -- the United States, Canada, and Germany, among others -- have strict wiretapping laws that make it illegal to eavesdrop without a warrant... Our team reverse-engineered the malware used in this instance, and over time this allowed us to positively identify the company whose spyware was being employed by Ethiopia: Cyberbit Solutions, a subsidiary of the Israel-based homeland security company Elbit Systems. Notably, Cyberbit is the fourth company we have identified, alongside Hacking Team, Finfisher, and NSO Group, whose products and services have been abused by autocratic regimes to target dissidents, journalists, and others...
< article continued at Slashdot's off-the-shelf-spyware department
>Read Replies (0)