The best advocacy results I've ever seen was this week, when we at the office demoed the Kororaa Xgl Live CD to the Windows people. I have never seen so many people so impressed in such a short time. And by such seemingly useless (but just plain cool) features as wobbling windows, 3D virtual desktops, and what not. The word spread quite quickly and people from all over the office came in to see the magic and get copies of the CD.:-)
No, the iPod operating system is on its own partition on the iPod hard disk (or flash memory, on Nano), separate from your MP3's. So you can usually just rewrite that partition without touching your music collection. This is why you can play around with installing Linux and whatnot without having to worry about messing up things too much.
And, besides, as others have pointed out, the way iPod/iTunes works is that it's a copy of your music library on your computer, so even if you wipe the entire hard drive for some reason, it will get re-copied there the next time you sync with iTunes.
try and add something before or after the actual e-mail message and see how much sense it would make to someone reading it...
Huh. That's exactly what I did. Note that the message body is not altered. And that the mail headers (From, To, Subject) are separate from the message body. The inserted text is inserted just before the actual e-mail message body.
Sorry, but this like a big deal to me. The whole point of digital signatures is that you can know exactly what has been signed by the signer -- and be sure that nothing has been added and removed on the way. Consider this e-mail:
From: BOSS@CORPORATE.COM
To: MIDDLEMANAGER@CORPORATE.COM
Subject: Employee Burt Reynolds
That's a fine lad! Let's give him a raise!
-- Boss
GPG SIGNATURE VERIFIED: BOSS@CORPORATE.COM
Now, this message can be intercepted and a new part inserted before the actual message body, without the receiver being notified -- here I have marked the new part with bold text:
From: BOSS@CORPORATE.COM
To: MIDDLEMANAGER@CORPORATE.COM
Subject: Employee Burt Reynolds
Fire him immediately. He is a waste of space.
Employee Foo Bar, on the other hand. That's a fine lad! Let's give him a raise!
-- Boss
GPG SIGNATURE VERIFIED: BOSS@CORPORATE.COM
The message meaning has been completely altered, and GPG still verifies the signature. Feels like a big deal to me. But of course, I might have completely missed something.
The first account you set up does not have root access. It has sudo access, which is different. The user has to authenticate (with password) each time he or she wants to do something that requires root-privileges.
"Smörgossar" might not be such a good idea -- it means something like "butter boys".:-) The word you're thinking of is probably "smörgåsar" (~"sandwiches").
I have a work mobile, and I keep it on at all times, because I use it as my private phone, too. Not once has a colleague called me outside of office hours (other than to arrange for beerdrinking or other complete non-work-related activities, that is). So I think it's completely sane to have your work phone on at all time as long as you know that your colleagues respect your private time.
If they'd call me outside of office hours, I'd immediately know that they had gone through all other options and that the situation is truely of an emergency nature. And in that case, I actually want to be able to help.
In my team, we keep a short (15 minute) meetings daily, where also stakeholders from other parts of the company and customer care representatives are invited. I don't find this intrusive at all, rather a very good way of get a clear picture of what everyone is doing and what they expect from you. When the meeting is over, we often have informal chats about whatever has come up, which is a great way of getting help and personal feedback.
Except that one-way-hashed passwords won't be very good if you want to support challenge-response authentication mechanism where the plaintext password must in fact be known by both parties.
This is really a bunch of total crap. I have worked in many different areas, and in any real business, people are not hard-coding backend-system-passwords into their code. They are specified in configuration files.
The article is probably written by some consultant trying to sell that "digital vaulting technology". Whatever that is.
Well, actually, also every transaction is verified using the same box, where the customer enters the transaction sum into the box to verify it (at least that how it used to work for my old bank FSB - nowadays I don't even live in Sweden so I may not be entirely up to date). So even if you could do a MITM attack on the (SSL-protected, of course, which at least makes it quite hard to do an MITM attack in practice) web site, you can't do anything but watch since all transactional activity requires the user's verification too.
In almost all (all except one of the big ones, I think) banks in Sweden, the authentication process is that you have a challenge-response "box" (that looks like a tiny pocket calculator) that is protected by your PIN. You enter your PIN into your the box, and then ask your online bank for a challenge, which you then also enter into your box. The box then spits out a one-time password that is used to log onto the system.
As you can see, your PIN never even enters your computer, it just unlocks your keycode box. This way the bank can (given that the system uses a non-predictable challenge-response algorithm and that the hardware is fairly secure) ensure that you 1) have the valid issued hardware, and 2) know the PIN to that hardware.
And, given that some million of customers use it only in Sweden, I don't really see it as being particularly cumbersome to use either.
Actually, if you read the mail (and you seem to know Swedish, so you could), you'll see that the poster claims that the logo in question is identified as a rotated Debian logo even when compared pixel-by-pixel. Simply using the same Illustrator brush shouldn't produce that kind of similarity, should it?
Slashdot Mirror
I think that'd be what they call a cluster bomb.
Every time something like this pops up, I can't help but remember Don't Copy That Floppy.
I use Bits On Wheels. It's closed source and doesn't have all the niftiest features, but it works quite well for me.
The best advocacy results I've ever seen was this week, when we at the office demoed the Kororaa Xgl Live CD to the Windows people. I have never seen so many people so impressed in such a short time. And by such seemingly useless (but just plain cool) features as wobbling windows, 3D virtual desktops, and what not. The word spread quite quickly and people from all over the office came in to see the magic and get copies of the CD. :-)
It looks to me that the submitter has just pasted the link from his RSS feed. See this comment.
No, the iPod operating system is on its own partition on the iPod hard disk (or flash memory, on Nano), separate from your MP3's. So you can usually just rewrite that partition without touching your music collection. This is why you can play around with installing Linux and whatnot without having to worry about messing up things too much.
And, besides, as others have pointed out, the way iPod/iTunes works is that it's a copy of your music library on your computer, so even if you wipe the entire hard drive for some reason, it will get re-copied there the next time you sync with iTunes.
Huh. That's exactly what I did. Note that the message body is not altered. And that the mail headers (From, To, Subject) are separate from the message body. The inserted text is inserted just before the actual e-mail message body.
Sorry, but this like a big deal to me. The whole point of digital signatures is that you can know exactly what has been signed by the signer -- and be sure that nothing has been added and removed on the way. Consider this e-mail:
From: BOSS@CORPORATE.COM
To: MIDDLEMANAGER@CORPORATE.COM
Subject: Employee Burt Reynolds
That's a fine lad! Let's give him a raise!
-- Boss
GPG SIGNATURE VERIFIED: BOSS@CORPORATE.COM
Now, this message can be intercepted and a new part inserted before the actual message body, without the receiver being notified -- here I have marked the new part with bold text:
From: BOSS@CORPORATE.COM
To: MIDDLEMANAGER@CORPORATE.COM
Subject: Employee Burt Reynolds
Fire him immediately. He is a waste of space.
Employee Foo Bar, on the other hand. That's a fine lad! Let's give him a raise!
-- Boss
GPG SIGNATURE VERIFIED: BOSS@CORPORATE.COM
The message meaning has been completely altered, and GPG still verifies the signature. Feels like a big deal to me. But of course, I might have completely missed something.
Ja, vi elsker dette landet! Not that you need to apologize. It was a very funny misspelling. :-D
The first account you set up does not have root access. It has sudo access, which is different. The user has to authenticate (with password) each time he or she wants to do something that requires root-privileges.
"Smörgossar" might not be such a good idea -- it means something like "butter boys". :-) The word you're thinking of is probably "smörgåsar" (~"sandwiches").
Also see the Barcelona Supercomputing Centre's Linux-On-Cell project.
My customers don't have my phone number (they probably don't even know who I am). Of course I wouldn't carry the phone around off-hours if they had.
I have a work mobile, and I keep it on at all times, because I use it as my private phone, too. Not once has a colleague called me outside of office hours (other than to arrange for beerdrinking or other complete non-work-related activities, that is). So I think it's completely sane to have your work phone on at all time as long as you know that your colleagues respect your private time.
If they'd call me outside of office hours, I'd immediately know that they had gone through all other options and that the situation is truely of an emergency nature. And in that case, I actually want to be able to help.
Worked fine on my Mac using the link provided in this post.
In my team, we keep a short (15 minute) meetings daily, where also stakeholders from other parts of the company and customer care representatives are invited. I don't find this intrusive at all, rather a very good way of get a clear picture of what everyone is doing and what they expect from you. When the meeting is over, we often have informal chats about whatever has come up, which is a great way of getting help and personal feedback.
Except that one-way-hashed passwords won't be very good if you want to support challenge-response authentication mechanism where the plaintext password must in fact be known by both parties.
This is really a bunch of total crap. I have worked in many different areas, and in any real business, people are not hard-coding backend-system-passwords into their code. They are specified in configuration files. The article is probably written by some consultant trying to sell that "digital vaulting technology". Whatever that is.
So, what's the URL of the picture? :-)
Well, actually, also every transaction is verified using the same box, where the customer enters the transaction sum into the box to verify it (at least that how it used to work for my old bank FSB - nowadays I don't even live in Sweden so I may not be entirely up to date). So even if you could do a MITM attack on the (SSL-protected, of course, which at least makes it quite hard to do an MITM attack in practice) web site, you can't do anything but watch since all transactional activity requires the user's verification too.
Not necessarily.
In almost all (all except one of the big ones, I think) banks in Sweden, the authentication process is that you have a challenge-response "box" (that looks like a tiny pocket calculator) that is protected by your PIN. You enter your PIN into your the box, and then ask your online bank for a challenge, which you then also enter into your box. The box then spits out a one-time password that is used to log onto the system.
As you can see, your PIN never even enters your computer, it just unlocks your keycode box. This way the bank can (given that the system uses a non-predictable challenge-response algorithm and that the hardware is fairly secure) ensure that you 1) have the valid issued hardware, and 2) know the PIN to that hardware.
And, given that some million of customers use it only in Sweden, I don't really see it as being particularly cumbersome to use either.
Just stream some medium-quality video a few hours a day (ie. replace your TV), and you're all set.
Actually, if you read the mail (and you seem to know Swedish, so you could), you'll see that the poster claims that the logo in question is identified as a rotated Debian logo even when compared pixel-by-pixel. Simply using the same Illustrator brush shouldn't produce that kind of similarity, should it?
Actually, the original server is stilll loading blazingly fast, so there's no reason just yet.