The Lounge is rated PG. If you're about to post something you wouldn't want your
kid sister to read then don't post it. No flame wars, no abusive conduct, no programming
questions and please don't post ads.
Hair plugs are worse. Trust me. I had to train a technical bod from our New York distributer - good bloke, spoken to him on the phone loads of times. So he flew over and we meet for the product training ... And he had hair transplants.
All the hair on his head was in little identical clumps, in absolutely straight rows and columns, and while you're talking to him your eyes are continually rising up, and up in fascinated horror to the regular field of - presumably - butt hair all over his head ...
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
I worked with a person once who was having to parse XML. Person would scream every time the schema (we used DTDs) changed. Now, I would think screaming is normal because the schema should not change after development started (at least not much). So I kept my head down and ignored it.
Well, this person screamed much worse and never stopped. The person would scream from one day to the next - even until the next schema change happened, at which time the person claimed the code had just started working again due to the previous change. One day this person left the company. A second person who was working with this person was now responsible for the code...
The second person came to me and asked if it was right... I looked at the code and the first person was parsing the entire LARGE XML structure manually as a string. Nothing worked and it was bug ridden. I looked at the 2nd person funny, who never raised the alarm while working with the 1st person. Both had degrees from prestigious universities - but could not ask anyone else in the company how to parse XML. We were using MS products of course, which have built in libraries for doing such things.
That is my XML story...
Lesson 1... be humble and ask for help. Ten minutes of help could have saved weeks of screaming
Lesson 2... if your employees scream too much... you should code review their work before it is too late
So you have an issue with programming methodolgies that can affect the product, timelines, people's sanity and probably profitability and instead of sitting down to dig into the issue he tells you to get back to work?
The problem isn't ExpertDev. The problem is the manager.
"Look, it doesn't really matter, because by the time anyone finds out that it's not great code it won't matter because then those people will just have to deal with it anyways. But, if you make noise, upper level management will think something is wrong in my group and then they might start looking more closely at me and my life is good right now. And that's what matters...my life being easy."
a C# developer who pooh-poohs Java without ever having tried it
When the C# developer has tried Java he will still pooh-pooh it though
Erik's blog on the expert beginner was in The Insider a while back. The problem is that the more you know the better you know what you don't know. That's why the good people are modest, while the people who know just a little bit shout the hardest.
To be fair some of the Microsoft classes can be difficult to use. After a few months battling my way through problem with the configuration classes, I really regretted my decision to use those MS classes.
In future, I might roll my own or find an alternative. My point being, is that we all will have bad experiences that influence our future decisions. In time, you may forget what those reasons were and just stick to the libraries and patterns you're familiar with.
Arguing over performance was the wrong argument to have. You should have really dug into the statement 'weren't any good.
When I was a system engineer with Sperry-UNIVAC back in the day, one of the account reps told us a story about an IT manager that he swore was true.
A client IT director was complaining about the slowness of printing reports from one of our small mainframe machines. As most of these directors did not want to spend the monies to upgrade to the far faster printers, this particular account rep suggested that the director put the disk drive units on their third floor, the mainframe unit on the second and the printer on the first. This way the electrons would be going down and as a result, much faster to the printer.
About a month later when the account rep visited the account for a regular checkup-call he found the director immersed in blue-prints for the reconstruction of the IT department. Asked what the director was doing he told the account rep that he had gotten permission to start rebuilding the IT areas to implement the account rep's previous month's suggestion for faster printing...
Our profession is just littered with stories of such stupidity, which are more often than not completely true. The reason for this is that the quality of technical management in our field tends to be quite low despite all the hype about how they consistently try to hire the best and brightest. In short, most such management are irrational, incompetents who barely have the ability to reason beyond what the company expects of them.
They in turn hire buffoons who the original poster of this thread described.
Rational, technical personnel who understand this perpetuation of irrationality in our field slowly go insane over the many years we attempt to deal with such people in during our career.
It is no wonder that our profession is such a mess?
Sr. Software Engineer
Black Falcon Software, Inc.
I will never forget the expression of the account rep's face when he told us that story. He said the day that he went into that company and found out what was going on he was incredulous to the point of shock that someone could be so stupid as to actually believe what he had told them...
Sr. Software Engineer
Black Falcon Software, Inc.
I think what you describe here can be hypothetically (partially) explained by the "Dunning-Kruger" research: [^]; however, I suspect there are other dimensions to the dynamic of your interactions, as well, such as: maintenance of "face" by the nominally senior role-holder who feels challenged by you, technically.
Without more information on context, like where, when, public/private, who else was present, etc., useless to speculate more.
«There is a spectrum, from "clearly desirable behaviour," to "possibly dodgy behavior that still makes some sense," to "clearly undesirable behavior." We try to make the latter into warnings or, better, errors. But stuff that is in the middle category you don’t want to restrict unless there is a clear way to work around it.» Eric Lippert, May 14, 2008
We have a large corporate client that is asking for our Windows 10 software (network service) and Windows mobile 6.5 hardware/software to be Penetration (PEN) tested. Does anyone out there have any experience in this area?
1. Recommend a vendor to provide PEN-testing 2. Suggest what it might cost to PEN-Test a Windows application and/or a device 3. Have suggestions to avoid hazards in going down this unknown road?
We are being given results back from Qualys w.r.t. how our system performs. Anyone have experience with them?
What you really want is a Vulnerability Assessment, which may or may not include a pen test. If they're insisting on that, it's fine, but a pen test alone will only give you specific details, not an actual overview of system vulnerabilities (and therefore a road map as to how to fix it).
Just make sure it's an established security consultant (if they've been in business less than a year, move on) and that they hold a certain level of certification (SANS, CISSP, etc). Any consultant or service worth their salt should be able to provide references.
If the client has a specific parameter for who they want, or what accreditation they hold, and they're really that big of a client, it's likely best to follow their model.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
Got some initial prices for Pen Test from a vendor today.
Looks like range of prices are: $ 2K - you do the work to get the application to comply $20K - They hand hold you to get the application to comply
Some of the breakdowns are:
$2500 / day for onsite testing - usually 3-5 days $8000 for code review. $2000 for subscription to Dynamic Scan of application for one year. Can be run as many times as required and includes 3hrs of support (total) $7000 for 3hrs per month of support.
I leave for a few years and holy crap, the only things I recognize from the site is bob, the color orange, and some of the posters (OriginalGriff, Nish, Joan Murt, Nagy, Marc Clifton, Chris [of course, the hamster whisperer lives here!])..
June 15, 2011, I get repatriated... 1/September, 2016, HPE makes me a phenomenal offer to move from Calgary, AB, Canada to Dubai, UAE (that's where I am officially, but I live in Amman, Jordan [again])... I cry myself silently to sleep these days, but at least the income is good.
Last trip was to Madrid (I actually landed on New Year's day) and brought back 6 RPI 3s... can't source them easily in Amman, Jordan or in Dubai