I do often find it amusing hearing American officials talking about how there have been hordes of foreign fighters infiltrating Iraq and creating conflict....
Justifying your own actions is much easier than justifying someone else's. No matter how stupid your own reasons may be, they will always seem sufficient (at least at the moment of execution).
Hero or not, I think that we should respect the fact that they're out getting their asses shot at for the sake of our comfort. I don't agree with the war, and I think that Bush is a raving crack-head and a coward, but I think that the soldiers deserve our respect.
Most of the real don't live long enough to tell their story.
35,000 Californians will get notices because California law requires it.
The article points out that "Lee said law enforcement officials have so far advised the firm that only Californians need to be notified.", so I'm guessing that there are probably another 300,000, or so, nationwide who will not be notified by the company.
A few other really high-profile types might get a notice, but I'm betting that no more than a couple dozen non-Californian SlashDot readers will get notices.
Does anybody else want to call and ask and see if they even get an answer? (I don't live in the US, so I probably don't count, statistically speaking.)
On the other hand, spikes like that occur in random data as a matter of course... Take a look at my quick investigation of into random sum results on my website. I have similar spikes, but with no 'interesting' event to cause it. If I let it run for longer (or just used/dev/urandom, which produces 'random' numbers much faster than/dev/random), I probably could have gotten larger (but otherwise similar) spikes.
The program used to evaluate the data is there (perl), and the graphing was done using gnumeric's graphing function (the x/y graph to be precise).
I think that what they want to prevent is people who do automatic comparisons of the results at Orbitz and other sites. (they may be embarassed at the results). The result of what they're asking for appears to be preventing any linking to their site other tha saying 'this company exists, and this is what they do'.
If this gets enforced, chances are that they'll all but disappear off of google within a year os so (other than google ads, which now can't present
ads based on queries to other similar sites).
Depending on your definition of neglegence, this either clearly wasn't (wasn't any worse than typical businesses) or could have been (a known risk which best practices clearly say not to do).
This is a company that regularly does high-security work, and hires people like former CIA directors. They work with sensitive and secret data on a regular basis.
There is no defence of ignorance here. People who regularly handle secret (and above) data did a bad job of protecting sensitive data. I'd say that this bodes ill for the truly secret data that they have at other sites.
The people who talked to the press didn't know if the data had been encrypted. At a quick guess, I'd say that if someone could say that it was encrypted that info would have been passed on to the PR geeks, so I'm betting 75/25 that the data was cleartext.
I really don't think it's a joke. I've been telling people that for years. Stuff that the Open Source world would consider "public Beta", Microsoft has been shipping on a regular basis. XP Service Pack 2 is an example of what happens when you do that -- lots of broken software due to changes in a so-called "production" product.
Why don't you visit the sites mentioned in the article or easily found in a google search before you say they are a fraud?
It's like tossing spam. You look at the subject, and go "Oh, man, not this sh*t again", then you toss it in the junk folder to add to the filtering stats.
Of course, I once almost tossed an email from my mom with the subject "Fwd: You'll never believe this".
In any case, this looks like your average case of popsci about pseudoscience. If not, the law of the site is that somebody here at slashdot will do the more research that you're asking for (but apparently didn't do yourself), and go.... "Hmm... they really do have valid methods and good data, here, here and here." (with proper explanations of the methods and data) which I'll then follow. I'm not holding my breath, though.
It obviously won't repeat itself verbatim, but MS has other ways to do the same thing. There was, for example, the case when Word on OS-X didn't properly support Hebrew. The Microsoft Rep said that it just wasn't worth their time to upgrade it. They still refused when Israel offered to pay for the programmers to do the fix and promise a minimum number of sales to boot.
"Sorry -- No dice. Move to Windows
It wasn't untill Israel awarded a grant to port Open Office to OS-X and seriously threatened to cut off Microsoft's standing PO for the entire government that Microsoft relented and suddenly started negotiating in good faith.
Microsoft is a company that you can trust as far as you can throw them -- and they're big.
If you tell someone to come up with a password they'll try and come up with a word, and chances are that it will be between 4 and 6 letters long -- 8 if you're lucky.
If you ask them to come up with a passphrase then they'll come up with a phrase. It's almost that easy.
Of course, we'll soon end up with crack dictionarys containing things like "Natalie Portman with grits", but it's still a lot harder on the crackers than 'password7'.
I'll still strongly suggest that people throw in a few random special symbols, since that will help throw off most dictionary attacks. (I.e. "Natalie Portman(8) 4 gr!ts")
I think that some Security geeks figured out that a random english word is worth about10-15 bits of entropy (randomness), but if you tie them together into a proper english phrase, then you can easily see how the successive words will have way less entropy to them. Adding or substituting other characters and/or words helps to break up the pattern and add back entropy.
Of course, you'll then have to remember how you mangled the passphrase, but that's the nature of entropy. Check my password page for a better idea of what I'm talking about. It was written for an 8 letter password world (Solaris), but the full phrases can work in a more real world.
I have a short instruction sheet for passwords that I use when I'm teaching intro to OS and sysadmin type courses. Because Solaris was (until very recently) still limited to 8 characters, I had to teach them how to build hard to guess 8 character passwords.
Thing to note here is that I still suggest that you mangle the pass phrase that you're using so that it's not pure english (or any other language). As far as I'm concerned, expanding the password to a passphrase is a good thing, since it's always adding a few more bits of entropy into any brute force (or even more finessed) search algorithm.
I think that, these days, just about every modern well-designed operating system, the 'password' system allows semi-arbitrary long passwords (255 characters or more).
Hmm.. I just went and actually RTFA. It looks like Windows likes to store your password as a cryptographically weak hash, if it can, and then converts to something a bit harder. Sigh.
Oh well. Yet another reason to use long passwords -- short passwords in Window are easily recognizable as easy to crack.
.
I once scanned thru a list of a few thousand 'live' unencrypted passwords. Absolute top of the list was 'password', followed closely by 'Password'. I never bothered to do the awk|sort | uniq -c | sort -n | tail -100 thing, but just paging thru the file, I'd say that I'd have at least one 'password' password on any given screen. It was absolutely frightening.
You could remove IE and get it to still work, now, if you remove it you virtually kiss your OS goodbye.
At the time, My roommate (who did a lot of windows stuff) figured out that you could use the IE3 uninstaller to uninstall IE4, and you'd be fine.
For me this simply proved that MS was, in fact capable of safely removing IE4, but they chose not to --- and, in fact, they willfully broke the OS of any customer impertinent enough to remove Microsoft's browser from their system.
Then, of course, there was the
Word 97 fiasdo. Word 97 was incompatible with Word 95. Now this wasn't nasty in, and of itself -- there will almost always be new features that won't work in older versions, and sometimes there are good reasons to sometimes switch to newer formats when you have a major sea change in how you're doing things (like Open Office's move to the Open Document Format, along with KOffice and most of the rest of the Open Source word processors).
Thing about Word 97 is that it was unwilling to save in word 5/95 format. This is something that MS refused to fix for the better part of a year.
In the meantime, any company that bought a new PC was only offered word 97 for the new machine. This meant that, the first time they saved a document that needed to be read anywhere else in the company, all recipients needed to buy the '97 version to read it (much less to edit it). You could save your document in RTF format, but the '97 RTF format was sadly broken.... Back to plan A.
MS did, in time, release an official plugin that allowed you to save in word'95 format (as long as you were willing to work your way thru the warning messages), but I don't believe that it was possible to set '95 as the default save format, so -- sooner or later you'd accidently just 'save', and the next thing you know, your recipients can't read your document.
The end result of this is that MS raked in Billions of dollars in spurious sales by forcing people to abandon all older versions of their word processors. This is part of the way that they cemented their monopoly on the office software market.
_____
Then of course, there's the NT filesystem that is sorely short on public documentation, and almost impossible to figure out. As far as I can tell, Microsoft is entirely uninterested in letting others interoperate with it. In fact, I'm guessing that they put in some strange land-mines just to piss off people trying to use it other than from inside of the most recent versions of Windows.
More seriously, there are a lot of people who are putting together media control systems, and -- for the most part -- it's not eating most of the CPU power of your average 2Gz CPU, so why not set up people to dual-use their home PC? It's just another way for them to maintain their hold on their market share.
You need permission irregardless of marital status.
True, but if you can't get permission to go down on your bride, I'm thinking that you should probably have a long conversation to figure out why not (and, hopefully, correct it).
What are these "bride" things of which you speak, and where can I download one?
You can go down on one, if it's yours (or you otherwise have the necessary permission). As for downloading one... cyber sex hasn't gotten that far. On the other hand, I do have a lot of spam from 'naughty houswives' that I'd be very happy to redirect into your mailbox (if I could figure out a way to do it automagically).
Works of art (including the originals) can be bought with and without publication rights. I've bought examples of each. Owning the master copy of a record doesn't give you the right to make copies. It's having the contract that transfers (or licenses) the copyright that makes it worthwhile owning the master (other than as a collectible).
If you're willing to wait the 150 years (+-50) that it takes for a copyright to expire these days, then you can make all of the copies that you want.
That having been said, there's the concept of 'reasonable use' in copyright law, and taking pictures of something that's been donated to a public park should probably fit in that definition. If I lived in Chicago, I'd probably call their bluff and ask them to take me to court.
If I was in a really snarky mood, and had the time and/or money, I might even file for a declaratory judgment.
but what if they have lots of macros written for the Office suite?
Let's say that they hire 5 programmers solely to translate macros: That's -- what? $400K And when they're not translating macros, they can be producing new functionality.
why do they feel like they have to upgrade? Why can't they stick with the version they have?
Microsoft likes to push upgrades. Newer versions are vaguely (or noticably) incompatible with older version (the worst case was word 97 (or was it 95) which was downright hostile to older versions.) Because MS doesn't like to sell versions of Word other than the latest and greatest, once you start running into version inompatabilitis, your ownly real choice is to upgrade your current copies. The more copies you update, the more important it is to upgrade the rest of them..
Newer versions have new file formats and capabilities that don't work on the older versions. It also happens with Open Office, but updates for OO are free, so it's not a cost item. Micorosoft, on the other hand sometimes seems to take advantage of the process to push customers into the upgrade path.
I hope that they do because the attention span of some countries is really short and if you don't keep the Tsunami in the news it means decreased donations to help the victims.
Roughly the same number of people have died in Iraq (+-50%) -- Thing about Iraq is that it is a man-made tragedy (and reasonably predictable), it has occured much more slowly and we don't have thousands of rich people who like to vacation there.
Not that I want any less help to go to the Indian Ocean, but if the US had put as much work into the first few weeks of recovering Iraq as they did into the first few weeks of the Tsunami relief, chances are that they'd be doing a lot less bomb-dodging right now.
(Not quite fully off-topic. More like tangental).
Slashdot Mirror
Justifying your own actions is much easier than justifying someone else's. No matter how stupid your own reasons may be, they will always seem sufficient (at least at the moment of execution).
Most of the real don't live long enough to tell their story.
The article points out that "Lee said law enforcement officials have so far advised the firm that only Californians need to be notified.", so I'm guessing that there are probably another 300,000, or so, nationwide who will not be notified by the company. A few other really high-profile types might get a notice, but I'm betting that no more than a couple dozen non-Californian SlashDot readers will get notices.
Does anybody else want to call and ask and see if they even get an answer? (I don't live in the US, so I probably don't count, statistically speaking.)
The program used to evaluate the data is there (perl), and the graphing was done using gnumeric's graphing function (the x/y graph to be precise).
and then spends the next 2 hours throwing up plastic-coated furrballs.
If this gets enforced, chances are that they'll all but disappear off of google within a year os so (other than google ads, which now can't present ads based on queries to other similar sites).
I.e.: If this works as advertised, they're toast.
This is a company that regularly does high-security work, and hires people like former CIA directors. They work with sensitive and secret data on a regular basis.
There is no defence of ignorance here. People who regularly handle secret (and above) data did a bad job of protecting sensitive data. I'd say that this bodes ill for the truly secret data that they have at other sites.
The people who talked to the press didn't know if the data had been encrypted. At a quick guess, I'd say that if someone could say that it was encrypted that info would have been passed on to the PR geeks, so I'm betting 75/25 that the data was cleartext.
I really don't think it's a joke. I've been telling people that for years. Stuff that the Open Source world would consider "public Beta", Microsoft has been shipping on a regular basis. XP Service Pack 2 is an example of what happens when you do that -- lots of broken software due to changes in a so-called "production" product.
It's like tossing spam. You look at the subject, and go "Oh, man, not this sh*t again", then you toss it in the junk folder to add to the filtering stats.
Of course, I once almost tossed an email from my mom with the subject "Fwd: You'll never believe this".
In any case, this looks like your average case of popsci about pseudoscience. If not, the law of the site is that somebody here at slashdot will do the more research that you're asking for (but apparently didn't do yourself), and go.... "Hmm... they really do have valid methods and good data, here, here and here." (with proper explanations of the methods and data) which I'll then follow. I'm not holding my breath, though.
Omigod..... I'm PSYCHIC!!!!
I think I'll just go to sleep now ... before I get more tired.
It obviously won't repeat itself verbatim, but MS has other ways to do the same thing. There was, for example, the case when Word on OS-X didn't properly support Hebrew. The Microsoft Rep said that it just wasn't worth their time to upgrade it. They still refused when Israel offered to pay for the programmers to do the fix and promise a minimum number of sales to boot.
"Sorry -- No dice. Move to Windows
It wasn't untill Israel awarded a grant to port Open Office to OS-X and seriously threatened to cut off Microsoft's standing PO for the entire government that Microsoft relented and suddenly started negotiating in good faith.
Microsoft is a company that you can trust as far as you can throw them -- and they're big.
If you ask them to come up with a passphrase then they'll come up with a phrase. It's almost that easy.
Of course, we'll soon end up with crack dictionarys containing things like "Natalie Portman with grits", but it's still a lot harder on the crackers than 'password7'.
I'll still strongly suggest that people throw in a few random special symbols, since that will help throw off most dictionary attacks. (I.e. "Natalie Portman(8) 4 gr!ts")
I think that some Security geeks figured out that a random english word is worth about10-15 bits of entropy (randomness), but if you tie them together into a proper english phrase, then you can easily see how the successive words will have way less entropy to them. Adding or substituting other characters and/or words helps to break up the pattern and add back entropy.
Of course, you'll then have to remember how you mangled the passphrase, but that's the nature of entropy. Check my password page for a better idea of what I'm talking about. It was written for an 8 letter password world (Solaris), but the full phrases can work in a more real world.
Thing to note here is that I still suggest that you mangle the pass phrase that you're using so that it's not pure english (or any other language). As far as I'm concerned, expanding the password to a passphrase is a good thing, since it's always adding a few more bits of entropy into any brute force (or even more finessed) search algorithm.
I think that, these days, just about every modern well-designed operating system, the 'password' system allows semi-arbitrary long passwords (255 characters or more).
Hmm.. I just went and actually RTFA. It looks like Windows likes to store your password as a cryptographically weak hash, if it can, and then converts to something a bit harder. Sigh.
Oh well. Yet another reason to use long passwords -- short passwords in Window are easily recognizable as easy to crack. .
I once scanned thru a list of a few thousand 'live' unencrypted passwords. Absolute top of the list was 'password', followed closely by 'Password'. I never bothered to do the awk|sort | uniq -c | sort -n | tail -100 thing, but just paging thru the file, I'd say that I'd have at least one 'password' password on any given screen. It was absolutely frightening.
At the time, My roommate (who did a lot of windows stuff) figured out that you could use the IE3 uninstaller to uninstall IE4, and you'd be fine.
For me this simply proved that MS was, in fact capable of safely removing IE4, but they chose not to --- and, in fact, they willfully broke the OS of any customer impertinent enough to remove Microsoft's browser from their system.
Thing about Word 97 is that it was unwilling to save in word 5/95 format. This is something that MS refused to fix for the better part of a year.
In the meantime, any company that bought a new PC was only offered word 97 for the new machine. This meant that, the first time they saved a document that needed to be read anywhere else in the company, all recipients needed to buy the '97 version to read it (much less to edit it). You could save your document in RTF format, but the '97 RTF format was sadly broken.... Back to plan A.
MS did, in time, release an official plugin that allowed you to save in word'95 format (as long as you were willing to work your way thru the warning messages), but I don't believe that it was possible to set '95 as the default save format, so -- sooner or later you'd accidently just 'save', and the next thing you know, your recipients can't read your document.
The end result of this is that MS raked in Billions of dollars in spurious sales by forcing people to abandon all older versions of their word processors. This is part of the way that they cemented their monopoly on the office software market.
_____
Then of course, there's the NT filesystem that is sorely short on public documentation, and almost impossible to figure out. As far as I can tell, Microsoft is entirely uninterested in letting others interoperate with it. In fact, I'm guessing that they put in some strange land-mines just to piss off people trying to use it other than from inside of the most recent versions of Windows.
More seriously, there are a lot of people who are putting together media control systems, and -- for the most part -- it's not eating most of the CPU power of your average 2Gz CPU, so why not set up people to dual-use their home PC? It's just another way for them to maintain their hold on their market share.
True, but if you can't get permission to go down on your bride, I'm thinking that you should probably have a long conversation to figure out why not (and, hopefully, correct it).
You can go down on one, if it's yours (or you otherwise have the necessary permission). As for downloading one ... cyber sex hasn't gotten that far. On the other hand, I do have a lot of spam from 'naughty houswives' that I'd be very happy to redirect into your mailbox (if I could figure out a way to do it automagically).
If you're willing to wait the 150 years (+-50) that it takes for a copyright to expire these days, then you can make all of the copies that you want.
That having been said, there's the concept of 'reasonable use' in copyright law, and taking pictures of something that's been donated to a public park should probably fit in that definition. If I lived in Chicago, I'd probably call their bluff and ask them to take me to court.
If I was in a really snarky mood, and had the time and/or money, I might even file for a declaratory judgment.
Just a silly thought.
Let's say that they hire 5 programmers solely to translate macros: That's -- what? $400K And when they're not translating macros, they can be producing new functionality.
why do they feel like they have to upgrade? Why can't they stick with the version they have?
Microsoft likes to push upgrades. Newer versions are vaguely (or noticably) incompatible with older version (the worst case was word 97 (or was it 95) which was downright hostile to older versions.) Because MS doesn't like to sell versions of Word other than the latest and greatest, once you start running into version inompatabilitis, your ownly real choice is to upgrade your current copies. The more copies you update, the more important it is to upgrade the rest of them..
Newer versions have new file formats and capabilities that don't work on the older versions. It also happens with Open Office, but updates for OO are free, so it's not a cost item. Micorosoft, on the other hand sometimes seems to take advantage of the process to push customers into the upgrade path.
Roughly the same number of people have died in Iraq (+-50%) -- Thing about Iraq is that it is a man-made tragedy (and reasonably predictable), it has occured much more slowly and we don't have thousands of rich people who like to vacation there.
Not that I want any less help to go to the Indian Ocean, but if the US had put as much work into the first few weeks of recovering Iraq as they did into the first few weeks of the Tsunami relief, chances are that they'd be doing a lot less bomb-dodging right now.
(Not quite fully off-topic. More like tangental).
IE is only faster than Firefox if IE is too full of worms and spywae to start quickly.