An article on open source security has sparked off a furious backlash in the normally polite and businesslike world of a British Computer Society journal. Commentards have reacted furiously to a piece by Steve Smith, managing director of IT security consultancy Pentura, in the July Edition of ITNow. A lengthy first response by …
IT Now is an appalling pile of shite, whomever produces it should hang their head in shame. Ridiculous, wasteful graphics (a one page article on software piracy consisting of three quarters of a page of a picture of a sailing ship, for example; no, for fuck's sake) obviously soaking up the budget and dreadful illiterate ramblings from sales people with thinly hidden agendas. Plus it appears to be pitched at morons rather than members of a computer society. And don't start me on the sub- "wot I done on holidays" reviews - it's a book, with a title and thirteen chapters with lots of words about computers, it is very gud. The end.
Really _REALLY_ glad
I left the BCS after the EGM nonsense, what a shambles of an organisation
Its the BCS ... who cares?
I was a member of the BCS for all of 3 years. I think i joined when I was a student. The fees went up when I got employed but for whatever reason, I tought giving them anything at all was a waste of money.
I read this article mainly because I was intrigued that the BCS still exhisted. I see no point in it at all. Cant see the point of being "chartered" either in this profession.
Been in software professionally 18 years and still dont see any relevance.
As for the topic of security. There are certainly two sides to the story. Obfiscation does help as it lessens the chance of a security flaw being discovered. On the flip side it reduces the chance of a security being discovered and hence rectified.
Its the BCS ... who cares?
Here is a tip, try pressing F7...
..which is why..
..which is why I am not a member of this godforsaken institution.
but as a professional organisation we have a responsibility to remove expletives
They're calling you unprofessional again.
Expletives and professionalism
Expletives have no place in a professional piece. Period.
If you are unable to bring your point across without expletives, then you're better off shutting your gob, or sitting back and calming down before you try again.
But they weren't bringing *their* point across.
They were quoting someone. As a grown up, I feel I can handle quotes verbatim, without someone removing the swears for me.
Ever noticed how the sun will asterisk out swearing but broadsheets will print the quotes?
Experts argue closed source is more secure ?
"Experts argue that keeping the source code closed provides an additional layer of security through obscurity"
No experts have ever said such a thing and the argument is the exact opposite, that security through obscurity is the worst possible thing.
I was a member of the BCS once. I used to wear nappies as well.
Tbh even back in the 80s I thought they were a bunch of stuffed shirts who had nothing to say of any relevance to the real world. Just goes to show that not everything in IT changes.
IT? - Because we're discussing the BCS.
I'm afraid that IT Now ceased to be any more than puerile, silly ramblings vaguely about IT a long time ago. I can remember that it used to have a few interesting articles but for many years the coverage of "IT" has been with the amount of depth that you'd see in a Daily Mail article about science.
Compared to the IEE and their periodicals, IT Now is just pathetic.
"IT?" because that's the BCS's understanding of what IT is. I could go on, but I can feel my blood pressure increasing just thinking about the amount of rubbish spouted to me and many other professionals in the IT industry.
Hasn't been called the IEE for a few years now
Look at what it does.
And take a look at its publications - little more than press releases and advertorial
It seems to me that the BCS is just travelling down the same road a few years behind.
As for Chartered Engineer, if it ever meant anything, (power engineering excepted) it has been diluted to homeopathic levels with similar real levels of potency
Are you one o'tham thar power engineers? Five Amps? pah! that's leakage current.
Linux !== OSS && OSS !== Linux
Now that's out of the way; I concur with the previous posters, no point in being a member of BCS, who would pay an organisation to constantly advertise to them with no substantual benefit?.. Oh right, sorry didn't see you there BSkyB/Virgin customers...
What sort of idiot would pay an organisation to advertise to him?
I agree. Also, what sort of idiot would pay a premium price to advertise someone else's clothing label on his own clothing? Someone with more money than sense.
"Compared to the IEE and their periodicals"
Have you checked lthe IEE periodicals lately, or did you mean IEEE not IEE (or IET as she is now).
The modern monthly IET News could easily be mistaken for a sunday colour supplement or a National Instruments advertorial or both. It has exactly the same "three quarter page pointless graphic one quarter page useless text" problem as has been mentioned already. But on the other hand it has won at least one award for magazine design, which is obviously what the IET News folks care about these days as there's usually zero industry-related content of interest to professional electrical/electronic engineers and technologists.
[Why am I still a member? I wouldn't be except it's one of the few "CPD" things my employers are willing to pay for; unfortunately the modern IET is largely irrelevant to continuing professional development]
you got there first
Why am I still a member? Largely because it's on direct debit and I worked hard to get CEng.
While it's never been of any use it's a tug to throw it away.
mbcs or a tug: what's the difference?
> While it's never been of any use it's a tug to throw it away.
that's a fair trade-off, though i suppose it depends on who gives the tug.
paris icon 'cos she can tug me off any time.
Better value - BCS or lego?
Yup, spent this year's membership fees on some lego for the kids. Much more practical, with the added advantage that the glossy booklet that comes with it is remarkably light on the sort of troll-baiting witlessness and advertorial that passes for IT journalism in NoWit.
I think we ought to come up with a better meaning for the BCS tla? Any ideas manfrommars?
for the monstrous lego blocks of concrete, metal and glass posing as modern architecture: looks as if the "architects" never got past Lego buildings.
Same goes for much modern software design,expecially web interfaces.
Anon because I'm "working".
BCS = Waste of time, money & oxygen
I used to be a BCS member, through my employer who stipulated all staff had to be members (at least they paid for the memberships!!) the second it came to paying myself I bailed...
I've never seen the point of the organisation, sure I can understand how it seemed like a good idea to follow every other engineering speciality and have a society, responsible for dishing out chartered status to the worthy..
...but absolutely pointless if staffed by marketing f**ktards, capable of creating drivel like this and absolutely invisible as far as employers or the market for knowledgeable geeks is concerned..some could say 'quango' ??!!
If the BCS publishes a magazine and there's no members left to read it
is it still a pile of bollocks?
Does the bear still wipe itself off on it?
...how fondly I remember that fresh flush of youth when, armed with a newly-minted degree that granted me full exemption from any BCS membership examination nonsense, I thought that joining up and being all chartered and MBCS-ish might be a good idea.
However, during the course of my fun and (largely) carefree postgrad days, I soon realised that membership of the IEEE and ACM were much more useful: better magazines; more respected journals and much higher potential for racking up a few peer-reviewed conference publications (and jetting off on international jollies as a result).
Of course, when I finally left the ivory tower, tempted out by filthy commercial lucre, I discovered that none of these august institutions counted for much at all in the "real" world. So I let the old IEEE and ACM memberships lapse and have been determinedly unattached (at least as far as professional associations are concerned) ever since. And, funnily enough, it never did me any harm at all in my career - such things were never mentioned by anyone, at interview or anywhere else, as far as I can recall.
Nowadays, when the only time I ever hear about the BCS is when they seem to be going flat out to make themselves look like squabbling schoolchildren or emphasizing their apparent total detachment from what actually happens in the commercial IT world, I'm rather glad that that first flush of youth was so fleeting and didn't lead anywhere. I've probably saved myself quite a few beer tokens over the years...
Just read the article, what a load of bollocks.
Looks like the BCS is as irrelevant as it was 20 years ago when as a junior developer I asked my colleagues if I should join. I got my answer when they fell about laughing.
Compare ITNow to C Vu / Overload
Being a member of the BCS and the ACCU I must say that the ACCU's journals are more 'code-centric' than IT Now hence more enjoyable, useful and appropriate for my professional day-to-day requirements as a software engineer.
I definitely agree that IT Now has way too many pictures of the flavour that you find on IT recruitment websites and their ilk.
Have you noticed that many articles in the Computing and Computer Weekly and similar have a predominantly sales and managerial emphasis - all about IT leadership, CIO's, management and sales issues, enterprise level integration issues, outsourcing issues, and wait for it, skill shortages, etc, etc, etc. Ooha and don't forget about staff retention, morale and training!
Just who are thee people in these photos that are splashed around IT Now? Coders? Agile nuts?
As a former BCS member, fees and lack of any real use being why I left, and a current ACCU member also, I have to agree.
The ACCU publications are more diverse and interesting, you might even learn something from them.
The BCS magazine is more a "management waffle" publication, sometimes providing interesting interviews with people, but still the sort of thing I see in all the free junk mail "industry" magazines, so I suppose its not doing anything that others dont.
Tbh, most things they might write in there are about things you could already read elsewhere, like here.
i'm not even from britain and i've still heard about what crap the bcs is.
don't agree or disagree
Both Open source and closed sourced have their purpose. It depends how much you spend on software developing, testing, debugging it. Something being open source doesn't make it more secure than closed source by default. For a FOSS project if you had 2 people developing it for 2 hours a year don't think that you have good chances it's decent. Applications like Firefox etc of course are decent and secure cause of the amount of resources spent on the software.
Exactly the same logic applies for closed source for something developed by microsoft or Oracle commercially. If you have a small little company with few resources developing something commercially it may not be great software. Can someone unintentionally or maliciously develop a security hole in commercial or open source systems and not get discovered? The answer is the same, depends on the resources spend on developing it, testing it.
a play mobile re-creation of your typical BCS meeting
Will it feature swearing?
will it feature various members throwing their toys out of their prams
will it feature most people involved in software and designing going "what a bunch of CENSORED" and canceling their subscritptions.
Oh who cares
1) The BCS is possibly the most pointless "society" I can think of
2) The article isn't all the bad - to sum it up "open source is good, but it's not a magical cost bullet in business and don't be sucked in with the security argument"
One a related note...
One a related note, the BCS voted to still keep the spending secret,
The BCS receives about £30million per year. It's big money and there is revolt by the members on the management of the money.
.... they have charitable status and should therefore be publishing accounts.......
If they aren't then surely they are in trouble I would have thought.
Management capture. Followed by producing the same "products" as every other management captured organisation. It has become a standard failure mode.
I still keep my BCS membership and iffy CITP certification, mainly because one of my clients thinks it's actually worth a damn and uses it as a guideline of competence. Poor misguided fool. Without that, the £135 a year it costs would be abysmal value for me.
Each issue of IT Now goes in a pile and I'll scan it on days when I'm really bored but the articles are just advertorials these days trying to sell crap. For me, the "articles" have about the objective impartiality you read in the free advertising newspaper stuffed through your letterbox every Friday. Even the weekly email newsletter has adverts stuffed throughout it.
The really surprising thing is that someone actually took the effort to constructively criticise one of these articles rather than simply treating them with the contempt they deserve. Surely only the idiots of the world actually take what's written in IT Now as fact?
Provoking a flame war gets BCS mentioned in news headlines...
I'm sure there's a marketing term for this tactic.
The original reply
can be found here: http://advogato.org/article/1044.html
No excuse for using swear words in his argument though.
bollocks to not swearing
"No excuse for using swear words in his argument though."
yes there is - it saves anyone else from having to use them. by going completely overboard, i've done people the favour of being so outrageous that anything else is tame by comparison. thus, anyone who would like to say something critical of the article, but would otherwise feel intimidated doing so, can go "well, pffh, what i've got to say is _mild_ in comparison to that!"
Waste of money.
I've been a BCS Member for 4 years now, and I think I've bothered to open one ITNow from its plastic bag, and I regretted that.
However certified status for IT practioners could be a really good thing to filter out the "I graduated in art histrory, and attended a 1 week java course and am now a software engineer" problem that I come across all too often.
If CITP t is actually done properly, and becomes a legal requirement in a similar manner as being a member of the BMA before practicing medicine then it could be a really positive thing. Personally I want properly trained professionals programming the systems that monitor air traffic control, remote controlled drones, warships, NHS embedded hardware systems, my bank systems etc. unfortunately at the moment CITP doesn't guarantee that and I don't see the BCS solving that any time soon!
Trained professionals != people who know what they're doing
Just how would "trained professionals" help with critical systems? The training could have gone in one ear and out through any other orifice, exams don't test real ability, and "professional", although it seems to have lost most of the derogatory implications it once had, is still connected with being paid rather than with being competent or even taking a pride in the job. (I know of one computer R&D manager who had the honesty to describe himself as "pimp to a bunch of intellectual prostitutes".)
And I'll be sceptical if you suggest formal methods to go with the professionalism; I've done some research on usability of a formal method for specifications v.s. natural language specs (unpublished results, as we found the company we were working with hadn't split the engineers randomly) and we found the group using the new notation were 60% as accurate, 80% as confident of the answers, and took 160% as long to read the specs, compared with the natural language spec group.
Re: Waste of money
"However certified status for IT practioners could be a really good thing to filter out the "I graduated in art histrory, and attended a 1 week java course and am now a software engineer" problem that I come across all too often."
I have a degree in History and Languages, no formal IT qualifications, but I'm employed as an architect and senior software developer. I've written software for stuff including embedded systems and web applications in C, C++ and Java over the course of a 15 year career. In that time I've interviewed and worked with people with and without formal IT education, and more often it's the self taught people that have proven to be better software engineers. In my case, it comes down to enthusiasm and a genuine interest in how things work under the hood that started with programming 8 and 16 bit home computers as a kid. I'm sure the same is true of many of the competent people who are self taught.
As for people coming out of uni - they all to often have an arrogant attitude and an expectation that they'll be earning big bucks straight away. Thankfully, programming tests and technical interviews weeds them out.
SHOCK! I read the article and thought it was reasonably balanced
Much less well balanced were some of the comments. The author did NOT conclude that OSS was unfit for purpose, he just went through some of the pros and cons of using it in a business environment. Admittedly the article was quite generalised. But reading some of the replies, one would have thought he'd said that OSS was the work of the devil himself! The religous zeal of some open source advocats is a bit freaky/scary in my opinion.
you patiently read the article all the way through, and clearly have a good memory. read it again, "paragraph-at-a-time". the article basically re-hashed some of the most tired and negative arguments about free software.... and THEN, only towards the end, began to say "but actually these arguments don't entirely stack up".
so the article LOOKED like it was a free software basher yet actually turned out to just be a hedger / fence-sitter. its primary crime though was that it gave no actual useful advice of any kind, so i felt compelled to mention the stuff about doing business/turnover-related risk analysis, even whilst writing at somewhere around 1am. thank you alan for alerting me at 11pm at night to a load of bollocks :)
I joined the BCS
as a student but they were no use whatsoever. In my opinion BCS is absolutely terrible and seems outdated.
They are going to have to do a lot better or else they are going to end up on the scrapheap.
"The BCS is possibly the most pointless 'society' I can think of."
How about The Worshipful Company of Information Technologists?
Uselessness tightly coupled with pretension...
WCIT / ITC
It's an outdated name yes (they have changed it to Information Technologists Company recently) but they actually do something to the benefit of others and act more like a charity and help the community directly - http://www.wcit.org.uk/staticc/what.html
I've had a pretty low opinion of the BCS when I last looked to possibly join - looked too much like a stuffy club for academics, rather than something useful. Nice to hear that a lot of Reg readers are still of a similar opinion.
Personally, I came away thinking that putting my membership dosh into other orgs was better. After all, it's not like there's a shortage - IEEE, ACM, IAP, ACCU to name four are all pretty good (and I've been, or still am, a member of two of those).
Can't comment on the article itself, but it sounds pretty damned stupid. However, no matter how mindbendingly dumb it was, then there's really no need for an expletive-laden reply.
"looked too much like a stuffy club for academics"
Haha - you couldn't be further from the truth, the BCS is more like a stuffy club of business managers who happen to work in the IT industry.
I got a free membership as a student and the monthly magazine was so boring I actually cried a little
down here in NZ is a life member (many years of work) so he gets the IPE (or similar) publication and passes it on to me.
However I agree with him in his opinion about what it has become.
Bugger all about Engineering , and mainly about being sensitive nature and photos of girls wearing hard hats.
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Feature Be your own Big Brother: Monitoring your manor, the easy way
- Boffins say they've got Lithium batteries the wrong way around
- In a spin: Samsung accuses LG exec of washing machine SABOTAGE
- Phones 4u slips into administration after EE cuts ties with Brit mobe retailer