I notice they even provide a Form Letter that could be used to generate fake content. I pity the poor secretaries who need to separate the real correspondence from the fake. Too bad they decided to work for Satan himself. SPAM filtering will get lots, but stuff that looks like the letter they are expecting will take a non-trivial amount of human effort to validate. With very little effort and only a single botnet at my disposal, I'm pretty sure that their e-mail will become useless very quickly. I think they need to find a better method of communicating with their potential victims.
Stealing isn't bad. Getting caught is bad. If I can steal without getting caught, then I'll do it. Stealing from the rich is much better, since I minimize my risk (assuming equal risk for each endeavour) while maximizing my potential profit (because the rich have way more stuff to steal). Obviously the fact that laws exist to prevent me from doing so is irrelevant, since there's some other factor that's driving me to ignore the laws. In my case, it's because the DMCA blatantly favours the rich. When the law fails to protect the average citizen (explain to me how being deprived of entertainment because I'm too poor is protecting me), it's an unjust law. Unjust laws have the added benefit of not causing any guilt in the perpetrator. At least not for me. </pirate>
Of course that's assuming we're stealing. Which we're not (see above).
AACS took years to develop, and it has been broken in weeks. The developers spent billions, the hackers spent pennies. Ah, another Robin Hood story. Does the heart good, it does. Unless you're working for Dick Cheney.
Seriously though, given that many of the political struggles surrounding DMCA are bordering on economic warfare, this is a clear victory for the Good Guys!
I'm definitely disturbed by this news. However, this is more a case of TELUS flexing their political muscle than Harper flexing his non-existent political muscle. Technically TELUS already violates net neutrality; there's a special gateway for routing Google (traceroute www.google.ca from the TELUS network). Not surprisingly, no one has complained yet.
However, TELUS has a terrible tendency to overcompensate when they actually do something. Don't like certain servers sitting on residential line? Block incoming ports on residential service and call it an anti-virus policy. I don't want to pay TELUS anything and still have DSL service -- not possible because you need a phone line and you can only get one from TELUS. They just lurk in the shadows for ages, then BAM! they have a policy they want implemented -- and it happens. Keep in mind that the infrastructure that made TELUS big was paid for largely by Canadian Taxpayers and now once again, we have to sit back and watch TELUS make self-serving decisions with property that was given to them by the Canadian Public.
This is crap. I don't care if Google loads 2ms faster or is available even when other sites are not. We haven't seen the pay-TELUS-or-your-blog-gets-slow-delivery-to-Canad ian-customers yet, but this is definitely the writing on the wall. I haven't said it in a while, but they definitely deserve it for this bullshit: Screw you TELUS! I haven't wanted to give you money in 5 years, and this is yet another reason I don't. Burn in hell beside Microsoft and Novell!
Of course they'll support it! OpenID Authentication Server for Windows 2000/XP/Vista (not available for home or professional versions) -- coming soon!
Unfortunately, OpenID will utterly fail in it's task: it will never be a trustworthy source of identification. It's only useful for things where MS Passport was previously useful: throw-away Hotmail accounts and that's about it.
A Real Security(TM) implementation that required absolute knowledge of a person's identity would have to be based on the Web-of-Trust model, much like you don't have a single piece of identification. You have a driver's license, a social insurance number, a credit card, a health care card, etc. No one piece of ID is sufficient, especially when applying for new pieces of identification. The analogue on the Internet is similar, though even finer-grained. Instead of a series of governmental organizations correlating each other's data on a particular identity, every single person in the world is able to verify every other person's identity. This is known as "Federated Identity".
Such a mechanism does not preclude the idea that a government could support a particular identity; in fact, they could also sign a person's public key. While webs of trust are more difficult to set up, there is no longer a single point of failure in the identification. Going back to OpenID, all I need to do is supply my own authentication server, and I have corroborated my own identification. Or, in a slightly less legitimate fashion, I could take over someone else's authentication server and steal all the identities from it. A Web of trust is much more difficult to steal; you need to crack the passphrase on my certificate (not impossible, but much harder and I can revoke the certificate if I suspect that the certificate has been compromised). Once the DMV, Health Authority and Credit Card companies have all signed my public key, it's much more believable that something signed with my public key is definitely signed by me.
There's only one argument missing here: the DMCA does nothing to prevent actual copyright infringement. If I want to host a video that's clearly infringing on the MAFIAA's copyright, then I'll host it on my own server, with no logs (I might not have common carrier status, but I'm still my own ISP) with no public access, stored on an encrypted drive. Have all the bots you want, I laugh at you thus: "Arrrr!". It just goes to display, yet again, another ill-conceived idea that mistakenly identifies the innocent as guilty, and still no closer to the real infringers.
.NET is theoretically platform-agnostic. However, Microsoft leaves the implementation of other platforms as an exercise for the reverse engineer. Mono, however, is a proof-of-concept that.NET can be developed and deployed (mostly) on non-Windows platforms.
Anyone else feel chills? Remember how good the Import/Export of.WPD files was in Word? I'm guessing that this will be of similar quality. At least it's OSS. But I wouldn't hold my breath waiting for this to bridge the gap between ODF and OpenXML. Best is to use OpenOffice and save as.DOC if you have to.
Here's the Microsoft Press Release about it.
You realize of course that's there's more than one moderator. And that there's meta-moderators (do they change the final score, though?) Sounds like you need a drink or two. Come back on Monday:)
Yeah, not the best possible response, even if she was being exceptionally difficult. Let me give it a try:
"I am responsible for all decisions regarding Customer Service. At this time, we have followed our normal policy for free accounts. We offered you the opportunity to upgrade your account, which would have paid for one of our staff to restore your e-mails for you. However, since we didn't hear from you in 48 hours, the automated process has run normally and completely deleted your e-mail. It is absolutely unrecoverable. I'm sorry for your inconvenience, but we've provided the service that you signed up for. Please provide comments that will help us improve our service in the future if you wish. However, as the Manager of Customer Service for all of Lycos, I have decided that this particular case is closed and will provide no further reply to your questions and concerns."
Hmmm. Same thing, but not quite as confrontational. It still states the important bits: it was policy, we warned you, you ignored us, I'm the manager and I've decided to close this issue without further correspondence. "10/10 for effort, but minus a few points for style, ya?"
Same could be said for many of the good Nintendo portable titles too (Final Fantasy and Castelvania remakes anyone?).
Mostly I'm interested in how PSP handles good 3-d graphics on a lower-end processor. The crap games (of which there are many) don't have smooth 3-d graphics. It takes some effort to port to PSP (or any portable for that matter) well. These graphics don't seem to be too ambitious, yet cool enough to have some really good eye candy.
You've taken this out of context. TFA gives the User Access Control example. People turn off UAC because it's constantly prompting you, even for things that you don't think it should. It was a feature added to avoid negative publicity about security and software quality while contributing to neither.
When all is said and done, it's not that I don't like Vista. It's that I've lost faith in Microsoft to deal in an evenhanded way with end users and corporate buyers of its software. We just need more intelligent, rational people to start thinking like this. I have no doubt that Vista will appeal to lots of users. Unfortunately, those users have been hosed repeatedly by Microsoft and still appear no closer to the quoted revelation.
This is not Microsoft astroturfing (I'm actually working on a freelance article talking about how Ubuntu Linux works in the home - I prefer Ubuntu Linux to Windows for day to day home productivity, personally,) and I'm insulted by the insinuation that it is. Be insulted all you want. Whether you intended to or not, you are astroturfing for Microsoft, and this quote is just as bad as the rest of the crap you wrote.
I hear you saying something like this: "Linux can't make it in the Big Business world, but that's ok because it's a perfectly good home machine." Sorta like the insane uncle that you don't admit you have. You further try to prove that Linux can't make it since your guy who's flailing has been "using it for 10 years."
Like it or not, this guy's blog post is not newsworthy, interesting or typical of people who do use Linux as a business solution. He's an idiot (as many have pointed out) and you're even more of an idiot by attempting to defend him. If you weren't astroturfing, you would have posted the article and left yourself out of the discussion. Why are you so eager to vindicate someone who is clearly not competent to be doing what he's attempting?
Do us all a favour and delete all copies of that freelance article you're working on. I really doubt it contains any useful information, and I really don't want to see you posting anything else to/. At least most editors have the good sense to ignore the insults. Don't post it if you can't handle the criticism.
Um. I'm already trained on the server side. And you've hired me as a consultant, so that's the IT training looked after. Are you seriously suggesting that any of Thunderbird/Evolution/Kontact are so complicated to use that it requires more than a helpful co-worker to "train" them? My grandmother could learn all three in less than an hour.
# aptitude install httpd postfix dovecot sasl2 # vi/etc/httpd/httpd.conf (enable WebDAV on a folder somewhere - iCal is ready to go) # openssl req -new... # openssl x509 -req... (create your SMTP site SSL certificates) # saslpasswd2 -a user1 user2 user3... (this sets the SMTP authentication passwords for your mail users) # vi/etc/postfix/main.cf (enable SSL/TLS and SASL authentication) # openssl req -new... # openssl x509 -req... (create your IMAP site SSL certificates) # vi/etc/dovecot/dovecot.conf (configure to deliver to Maildir folder in user home directory) # vi/etc/openldap/slapd.conf (configure the root DN)
and, since I have some time left over:
# aptitude install spamd clamav
And I still have plenty of time left in that 2 hours to mess around with an LDAP schema that suits my purposes. Mine are never very complicated, so I'll admit it might take a while to get a more complex one right. However, the infrastructure is in place, the LDAP administrator has been given their password, the users have the required information to configure their mail clients and my job as root is done.
Are you stupid? Probably not. I've just done this a few times already. Exchange is big, ugly and unnecessarily complicated. However, what it does isn't.
I beg to differ. There is no solution that doesn't involve replacing both Outlook and Exchange, but the functionality has been available for some time. Exchange gets replaced with IMAP and SMTP (and gains the benefit of SSL/TLS encryption and SASL authentication in the process), a WebDAV folder for posting iCals (and gains the benefit of interoperating with MacOS in the process) and OpenLDAP for storing organization-wide contacts. Outlook gets replaced with Thunderbird (if you only need contacts and e-mail) or Evolution (for GNOME people) or Kontact (for the KDE folks).
I believe that's a complete replacement for both Outlook and Exchange, and I even added some nifty security features while I did so. Total cost is $0 for software, and about 2 hours of my time (at most) to set it up. That comes in comfortably under the cost of Exchange + Outlook, even if my time is worth $500/hr.
I don't really see this as a problem. If there are no dumb Linux users, then a lovely intellectual elitist community forms where we sit around all day writing witty and interesting articles about the latest Vistaexploits and flaming Microsoft trolls. I rather enjoy the prospect, actually.
All fantasy games are the same fantasy game. Well, at least the ones that are based on the d20 system. The Open Game License has made it even easier to base games on this system.
They want familiar fantasy. Yes. Personally, I like the d20 system. It can be applied to many different fantasy worlds, and provides familiar gameplay.
Fantasy gamers have the taste of a 4-year-old. That's where I start disagreeing with you (unless you are referring to the child's near-infinite curiosity). Even without leaving the fantasy worlds published by the Wizards of the Coast themselves, I have an entire bookshelf devoted to manuals and magazines containing new places to explore, new magic spells, new character classes, etc. These are often written by freelance contributors and are released under the OGL I mentioned above.
But d20 has been applied to countless other worlds as well. d20 Modern fits into a less fantastic, more contemporary world. Completely new RPGs and game worlds have been created based on this system. It's been nearly 40 years since the first d20 has been rolled, and millions of people have contributed to make it what it is today.
I don't think that having a consistent system for gameplay can be equated to a lack of originality. Think of it more as a framework for dealing with the nitty-gritty details, leaving the game author to concentrate on the design and visual aspects.
I'd take a lazy approach to security. As fun as it is being paranoid about my own server security, it's my time and money that gets spent on that project. If you're in an industry that has specific security requirements (e.g. VISA, SOX), then there's an obvious cost: the ongoing cost of paying the fines of non-compliance. In the case of VISA, you may even be forced to stop accepting credit cards if you were to fail an audit.
Is security an ongoing problem or a theoretical one? If it's theoretical, than you simply won't be able to attach a real number to it. You can be creative and present your boss the scenarios that keep you awake at night, but if it hasn't happened, then you're just saying what you have to say to get your fancy new toys and go play in your lab for a while. If it's ongoing, then the calculation is simple: how often does it happen? What's the result of it happening?
As a simple example, say you have an internal webapp that isn't particularly stable or secure. Sometimes random 'net traffic makes it break, or some joker in IT screws with it once in a while. In this case, I'd say it's probably not worth the effort to fix it, since the cost of a breach is neglible (a few lost man-hours of work, maybe some inaccuracy in non-business-critical areas). On the other hand, maybe you just landed a really big client and suddenly non-disclosure is of the highest importance. In that case, the ROI is the revenue that the new client will bring.
In summary, be honest about the actual cost of a breach to the business. Admittedly, the SysAdmin's peace-of-mind is important too and needs to be considered. However, the reality is that security is considered for things that don't need to be secured any more than storing the data on a hard drive behind closed doors (and having an off-site backup). Until you've got customer data that you'll be sued or smeared for leaking, or you have actual security requirements mandated by a government or other authority, the cost of Real Security(TM) is usually too high.
If you're talking about GWB, then he appears to hate freedom because he does. The United States can hardly be considered a democratic nation, nor will Iraq be anytime soon. The form of government currently operating in the USA is Fascist. Unlike most fascist governments, you won't have to overthrow them with a violent revolution, but you will have to get out of your armchair, quit listening to the Pundits and actually VOTE for a democratic government.
So great. The solution is to call Microsoft, and everyone swears they'll happily hand over a license key instead of trying to get more money out of you. Unfortunately, my time is rather valuable and it's really Microsoft that's wasting my time. If it was my fault, they wouldn't have given me a new license key, so ergo...
OK, so after I jump through the hoops of wasting my time with Microsoft, I've now had to charge my client extra. Realistically, it should be Microsoft that pays my consulting bill here, not the client who shouldn't have had the problem in the first place. Anyone know where to send such a bill?
Slashdot Mirror
From my journal: Pay the Fine and Get on with your Life. Admittedly a rant, but certainly appropriate here.
I notice they even provide a Form Letter that could be used to generate fake content. I pity the poor secretaries who need to separate the real correspondence from the fake. Too bad they decided to work for Satan himself. SPAM filtering will get lots, but stuff that looks like the letter they are expecting will take a non-trivial amount of human effort to validate. With very little effort and only a single botnet at my disposal, I'm pretty sure that their e-mail will become useless very quickly. I think they need to find a better method of communicating with their potential victims.
Stealing isn't bad. Getting caught is bad. If I can steal without getting caught, then I'll do it. Stealing from the rich is much better, since I minimize my risk (assuming equal risk for each endeavour) while maximizing my potential profit (because the rich have way more stuff to steal). Obviously the fact that laws exist to prevent me from doing so is irrelevant, since there's some other factor that's driving me to ignore the laws. In my case, it's because the DMCA blatantly favours the rich. When the law fails to protect the average citizen (explain to me how being deprived of entertainment because I'm too poor is protecting me), it's an unjust law. Unjust laws have the added benefit of not causing any guilt in the perpetrator. At least not for me.
</pirate>
Of course that's assuming we're stealing. Which we're not (see above).
Indeed, especially since the domain is owned by the RIAA. Isn't that something like entrapment?
I'm definitely disturbed by this news. However, this is more a case of TELUS flexing their political muscle than Harper flexing his non-existent political muscle. Technically TELUS already violates net neutrality; there's a special gateway for routing Google (traceroute www.google.ca from the TELUS network). Not surprisingly, no one has complained yet.
d ian-customers yet, but this is definitely the writing on the wall. I haven't said it in a while, but they definitely deserve it for this bullshit: Screw you TELUS! I haven't wanted to give you money in 5 years, and this is yet another reason I don't. Burn in hell beside Microsoft and Novell!
However, TELUS has a terrible tendency to overcompensate when they actually do something. Don't like certain servers sitting on residential line? Block incoming ports on residential service and call it an anti-virus policy. I don't want to pay TELUS anything and still have DSL service -- not possible because you need a phone line and you can only get one from TELUS. They just lurk in the shadows for ages, then BAM! they have a policy they want implemented -- and it happens. Keep in mind that the infrastructure that made TELUS big was paid for largely by Canadian Taxpayers and now once again, we have to sit back and watch TELUS make self-serving decisions with property that was given to them by the Canadian Public.
This is crap. I don't care if Google loads 2ms faster or is available even when other sites are not. We haven't seen the pay-TELUS-or-your-blog-gets-slow-delivery-to-Cana
Of course they'll support it! OpenID Authentication Server for Windows 2000/XP/Vista (not available for home or professional versions) -- coming soon!
Unfortunately, OpenID will utterly fail in it's task: it will never be a trustworthy source of identification. It's only useful for things where MS Passport was previously useful: throw-away Hotmail accounts and that's about it.
A Real Security(TM) implementation that required absolute knowledge of a person's identity would have to be based on the Web-of-Trust model, much like you don't have a single piece of identification. You have a driver's license, a social insurance number, a credit card, a health care card, etc. No one piece of ID is sufficient, especially when applying for new pieces of identification. The analogue on the Internet is similar, though even finer-grained. Instead of a series of governmental organizations correlating each other's data on a particular identity, every single person in the world is able to verify every other person's identity. This is known as "Federated Identity".
Such a mechanism does not preclude the idea that a government could support a particular identity; in fact, they could also sign a person's public key. While webs of trust are more difficult to set up, there is no longer a single point of failure in the identification. Going back to OpenID, all I need to do is supply my own authentication server, and I have corroborated my own identification. Or, in a slightly less legitimate fashion, I could take over someone else's authentication server and steal all the identities from it. A Web of trust is much more difficult to steal; you need to crack the passphrase on my certificate (not impossible, but much harder and I can revoke the certificate if I suspect that the certificate has been compromised). Once the DMV, Health Authority and Credit Card companies have all signed my public key, it's much more believable that something signed with my public key is definitely signed by me.
There's only one argument missing here: the DMCA does nothing to prevent actual copyright infringement. If I want to host a video that's clearly infringing on the MAFIAA's copyright, then I'll host it on my own server, with no logs (I might not have common carrier status, but I'm still my own ISP) with no public access, stored on an encrypted drive. Have all the bots you want, I laugh at you thus: "Arrrr!". It just goes to display, yet again, another ill-conceived idea that mistakenly identifies the innocent as guilty, and still no closer to the real infringers.
.NET is theoretically platform-agnostic. However, Microsoft leaves the implementation of other platforms as an exercise for the reverse engineer. Mono, however, is a proof-of-concept that .NET can be developed and deployed (mostly) on non-Windows platforms.
Anyone else feel chills? Remember how good the Import/Export of .WPD files was in Word? I'm guessing that this will be of similar quality. At least it's OSS. But I wouldn't hold my breath waiting for this to bridge the gap between ODF and OpenXML. Best is to use OpenOffice and save as .DOC if you have to.
Here's the Microsoft Press Release about it.
Whoa! Cowboy!
:)
You realize of course that's there's more than one moderator. And that there's meta-moderators (do they change the final score, though?) Sounds like you need a drink or two. Come back on Monday
Yeah, not the best possible response, even if she was being exceptionally difficult. Let me give it a try:
"I am responsible for all decisions regarding Customer Service. At this time, we have followed our normal policy for free accounts. We offered you the opportunity to upgrade your account, which would have paid for one of our staff to restore your e-mails for you. However, since we didn't hear from you in 48 hours, the automated process has run normally and completely deleted your e-mail. It is absolutely unrecoverable. I'm sorry for your inconvenience, but we've provided the service that you signed up for. Please provide comments that will help us improve our service in the future if you wish. However, as the Manager of Customer Service for all of Lycos, I have decided that this particular case is closed and will provide no further reply to your questions and concerns."
Hmmm. Same thing, but not quite as confrontational. It still states the important bits: it was policy, we warned you, you ignored us, I'm the manager and I've decided to close this issue without further correspondence. "10/10 for effort, but minus a few points for style, ya?"
Same could be said for many of the good Nintendo portable titles too (Final Fantasy and Castelvania remakes anyone?).
Mostly I'm interested in how PSP handles good 3-d graphics on a lower-end processor. The crap games (of which there are many) don't have smooth 3-d graphics. It takes some effort to port to PSP (or any portable for that matter) well. These graphics don't seem to be too ambitious, yet cool enough to have some really good eye candy.
Subject says it all. There aren't many good titles for PSP, but this may well be one of the better ones. :)
You've taken this out of context. TFA gives the User Access Control example. People turn off UAC because it's constantly prompting you, even for things that you don't think it should. It was a feature added to avoid negative publicity about security and software quality while contributing to neither.
Um. I'm already trained on the server side. And you've hired me as a consultant, so that's the IT training looked after. Are you seriously suggesting that any of Thunderbird/Evolution/Kontact are so complicated to use that it requires more than a helpful co-worker to "train" them? My grandmother could learn all three in less than an hour.
# aptitude install httpd postfix dovecot sasl2
# vi
(enable WebDAV on a folder somewhere - iCal is ready to go)
# openssl req -new
# openssl x509 -req
(create your SMTP site SSL certificates)
# saslpasswd2 -a user1 user2 user3...
(this sets the SMTP authentication passwords for your mail users)
# vi
(enable SSL/TLS and SASL authentication)
# openssl req -new
# openssl x509 -req
(create your IMAP site SSL certificates)
# vi
(configure to deliver to Maildir folder in user home directory)
# vi
(configure the root DN)
and, since I have some time left over:
# aptitude install spamd clamav
And I still have plenty of time left in that 2 hours to mess around with an LDAP schema that suits my purposes. Mine are never very complicated, so I'll admit it might take a while to get a more complex one right. However, the infrastructure is in place, the LDAP administrator has been given their password, the users have the required information to configure their mail clients and my job as root is done.
Are you stupid? Probably not. I've just done this a few times already. Exchange is big, ugly and unnecessarily complicated. However, what it does isn't.
I beg to differ. There is no solution that doesn't involve replacing both Outlook and Exchange, but the functionality has been available for some time. Exchange gets replaced with IMAP and SMTP (and gains the benefit of SSL/TLS encryption and SASL authentication in the process), a WebDAV folder for posting iCals (and gains the benefit of interoperating with MacOS in the process) and OpenLDAP for storing organization-wide contacts. Outlook gets replaced with Thunderbird (if you only need contacts and e-mail) or Evolution (for GNOME people) or Kontact (for the KDE folks).
I believe that's a complete replacement for both Outlook and Exchange, and I even added some nifty security features while I did so. Total cost is $0 for software, and about 2 hours of my time (at most) to set it up. That comes in comfortably under the cost of Exchange + Outlook, even if my time is worth $500/hr.
I don't really see this as a problem. If there are no dumb Linux users, then a lovely intellectual elitist community forms where we sit around all day writing witty and interesting articles about the latest Vista exploits and flaming Microsoft trolls. I rather enjoy the prospect, actually.
And since you can't prove the negative...
I'd take a lazy approach to security. As fun as it is being paranoid about my own server security, it's my time and money that gets spent on that project. If you're in an industry that has specific security requirements (e.g. VISA, SOX), then there's an obvious cost: the ongoing cost of paying the fines of non-compliance. In the case of VISA, you may even be forced to stop accepting credit cards if you were to fail an audit.
Is security an ongoing problem or a theoretical one? If it's theoretical, than you simply won't be able to attach a real number to it. You can be creative and present your boss the scenarios that keep you awake at night, but if it hasn't happened, then you're just saying what you have to say to get your fancy new toys and go play in your lab for a while. If it's ongoing, then the calculation is simple: how often does it happen? What's the result of it happening?
As a simple example, say you have an internal webapp that isn't particularly stable or secure. Sometimes random 'net traffic makes it break, or some joker in IT screws with it once in a while. In this case, I'd say it's probably not worth the effort to fix it, since the cost of a breach is neglible (a few lost man-hours of work, maybe some inaccuracy in non-business-critical areas). On the other hand, maybe you just landed a really big client and suddenly non-disclosure is of the highest importance. In that case, the ROI is the revenue that the new client will bring.
In summary, be honest about the actual cost of a breach to the business. Admittedly, the SysAdmin's peace-of-mind is important too and needs to be considered. However, the reality is that security is considered for things that don't need to be secured any more than storing the data on a hard drive behind closed doors (and having an off-site backup). Until you've got customer data that you'll be sued or smeared for leaking, or you have actual security requirements mandated by a government or other authority, the cost of Real Security(TM) is usually too high.
If you're talking about GWB, then he appears to hate freedom because he does. The United States can hardly be considered a democratic nation, nor will Iraq be anytime soon. The form of government currently operating in the USA is Fascist. Unlike most fascist governments, you won't have to overthrow them with a violent revolution, but you will have to get out of your armchair, quit listening to the Pundits and actually VOTE for a democratic government.
So great. The solution is to call Microsoft, and everyone swears they'll happily hand over a license key instead of trying to get more money out of you. Unfortunately, my time is rather valuable and it's really Microsoft that's wasting my time. If it was my fault, they wouldn't have given me a new license key, so ergo...
OK, so after I jump through the hoops of wasting my time with Microsoft, I've now had to charge my client extra. Realistically, it should be Microsoft that pays my consulting bill here, not the client who shouldn't have had the problem in the first place. Anyone know where to send such a bill?