By the way, just to point something out: lots of other hardware/software comes with default passwords. Remember the SQL Server worm a few months ago? (Sorry, can't recall the name of the worm.) It could only get in if you didn't change the default sa password away from blank. It's not just MS, either -- Sybase has exactly the same default logon name and password, and Oracle has a default logon name of system with a default password of manager.
Oh boy, how much do I agree. The difference however seems to be that Sybase makes it excessively clear that you must change the sa password after installation (even better: create an account with appropriate privileges and lock down sa) in their installation/configuration manual for the respective platform.
Evenb though I think Microsoft is a deeply unethical and dishonest company, which screws its customers from front, back and the side and have an abyssimal track record regarding security they didn't deserve the bad press regarding this "hole".
The Sprint issue seems very different though, from what I read they provide the DSL modem as an applicance, which they own and maintain and should be held responsible for their incompetence or lazyness.
If I as a database consultant set up SQL Server (or any other database engine for that matter) it is my professional responsibilty to apply basic industry standard security practices to the product, which I installed. If I ship you a CD with postgresql on it it's your responsibility to read the installation manual and apply such fundamental changes yourself. It's that simple.
No voter id required, provided you use a gsm phone, which is pretty good at authenticating that the phone is indeed the voters phone.
Even though there is a small problem popping up: Provided that authentication is airtight (I think it's pretty good on gsm phones) I can tell that the vote was cast via the phone of the authorized voter; i can not guarantee that it was actually cast by the authorized voter
It's the same dilemma as with digital signatures. I might be able to tell, that it was signed by your computer, but not necessarily by you
This is (in terms of voters convenience) not that big a deal as it sounds.
Dependent on the community you live in you can vote by mail at no charge. In Zurich it works like this:
3 to 4 weeks prior to a referendum (there are 2-3 per year) you get an envelope, which contains the official information, the voting forms, a card and a small envelope. You fill out the forms, place them into the small envelope, on which you seal the flap (so voting confidentiality is guaranteed), sign the card, stick everything back into the envelope it came in, close it (it's supplied with a mechanism to do just that) and drop it into the next mail box at your convenience (no stamps required).
So there is really no excuse not to vote.
I really don't see e-voting as that much more convenient and loaded with a whole pile of potential problems.
A very annoying method people use is filters which auto-reply if your email is not in a positive list, giving you instructions how you should resend your mail.
If I just get a reply with instructions to reply to the reply I don't see why this would be annoying.
One might want to mention, that they (as a very old fashioned and conservative paper) have a kick-ass 2 years ahead of its time media and IT section every Friday.
Open source / free software (while picked up by the mainstream press about now) got extended coverage three years ago and they are one of the few publications, which don't just gush Redmonds press releases to the general public in slightly altered form.
If the readership of this fine forum can deal with German I strongly recommend, that they tune in every Friday.
If it has the same technical feats as Microsofts Windows Smart Phone edition, then the watch owners might be in for a surprise.
This is a translation (without permission) from a blurb in todays Neue Zurcher Zeitung regarding introduction of a new Microsoft Powered cell phone to be introduced by Swisscom.
[...] While Orange integrated their customers into bug hunting, Swisscom is still waiting until the first software update is rolled out.
Currently engineers at Swisscom, Microsoft and HTC (the manufacturer) are trying to determine why the phone doesn't ring on incoming calls[...]
I know, that this is slightly offtopic. But would you trust such a watch to provide the correct time of day?
Yep, I know. Just ride the subway in Tokyo (where using the cell phone to yak away is very much frowned upon and socially unacceptable, while hacking away seems to be the pasttime of 50% of the travellers).
The Japanese market though is very unique in its nature. This doesn't mean that it's a viable business model for other countries / continents, which are not as gadget addicted as the Japanese folks.
SMS was one revenue source for mobile providers, will camera phones become another?
...if camera phones will become the next direly awaited revenue source for the carriers, but there's one significant difference in those "products":
GSM was really, really smart engineering, which took off because the various stakeholders (wireless carriers, handset manufacturers, network equipment providers) pooled their resources and ideas and achieved a great standard which served everybody (even, if not most the users).
SMS was actually a byproduct of that standard and nobody had an idea how much it would take off. It's immensly successful and a nice source of additional revenue for the carriers.
Camera phones however seems more to be a product of marketing cree^H^H^H^Hexperts in the sense that they try to create a need, which otherwise doesn't exist.
Of course every industry player is very interested in multimedia messaging to succeed. The manufacturers like to sell new, snazzy and expensive phones, carriers charge an arm and a leg and have a huge interest in mms taking off and network equipment providers can sell nice upgrades to the wireless infrastructure.
Now if the consumers play nice, or if this is another wap fiasko in the making only time will tell.
Now, if anyone can tell me where to sign up for the NO SPAM list, I'll be even happier.
Easy, just send an email to the "Porn Pusher Association of America" (info@ppaa.us), I think the illicit Viagra pushers, the barely legal slut convention and 7892134698hnjdflks@yahoo.com will also put you on the list if you ask nicely.
That's $500 if you can get their contact info. If you ask for the name and address of the legal dept of the company placing the call, the guy will likely hang up.
Isn't calling somebody and then hanging up considered phone harrassment. And isn't the phone company / DA/whoever obliged to prosecute this?
I would say we're lucky this technology wasn't determined by American companies (and I basically don't care if they are European or Asean), or else we'd pay double for our phones, just for the patents to use the proprietary communication format.
To the best of my knowledge, you pretty much describe Qualcomms business model.
From what I know they are liked in the industry about as much as Rambus.
Thanks god (or whoever is in charge) that it's after midnight and I don't sit at work, given that I just came down with a red face from a hysterical laughing spree.
Although one must say that bolixed devices are not funny at all. I experienced bolix on one of my old hard disks. But then again I was able to restore most files, alas that fucker made rather strange noises upon choking out its remains.
You're generalising of course, or you live in the US, where the train system appears to be more rotten then in Rumania
Let's see? Zurich to Frankfurt by train 4 hours. By plane 50 minutes + 30 minutes to the airport + 90 minutes in advance for check in and security + 40 minutes = 3 hrs 30 minutes. This doesn't account for delays, which you will encounter virtually by default. It doesn't account for the front seat squeezing your knee during the entire flight and it doesn't account for the fat Russian gentleman seat neighboors of yours using up half of your seat and spilling his bloody mary on your nice beige suit.
Another example ? Brussel to Paris by Thalys. Takes 90 minutes. This can be the time you need to get to the airport via taxi, if traffic is dense.
Another really nice option can be night trains (if you're a good sleeper that is) in luxury (sleeping car) or on the cheap (sleeperettes) you just sleep off the trip. You're welcome to try that in that overcrowded 25 years old Alitalia 747-200 that flew me to Tokyo.
And lastly: I almost always chose the train for trips up to 8 hours. Otherwise I'm aggravated for two days and trains are nice, spacy, clean and convenient. But that of course is a matter of preference.
It was amusing to some guy in an MS golf shirt demonstrate things such as web browsing, IRC, and
FTP and how they would better be served in an MS-only environment.
Yeah, FTP and the microsoft way of treating everything in ascii.
Gave me one helluva hard time in installing (actually downloading) the NVidia drivers for Linux before realising, that some utterly brainless idiot at Microsoft Corp. decided that ascii is the default for FTP-servers.
And from all companies to actually decide on ascii as a default for just about frigging anything the BloatBoys in Redmond would be the last you expect to pull such a shitty.
Buy the machine with XP, install linux, and sell your copy of XP to whomever you want. They're free to register it, or not.
My guess is, it's the same here (Switzerland). Although the EULA contains all sort of bullshit, I don't think that they can prevent you from reselling the license. Most European countries have even stronger consumer protection.
What does prevent it however, are the fine folks @ Microsoft, who extort your OEM in adding a crippled copy of XP, which only insalls on - say - Fujitsu-Siemens computers and then it just formats away and provides you with the base install of your computer. (Moderators note, they call that recovery disk. You might as well mod Microsoft as funny.)
Of course such a crippled version is just about useless and it's resell value is probably zilch.
Now, a proprietary version of Linux... that is more likely, especially if the level of desperation rises!
Wouldn't that be impossible, without blatant violation of the GPL?
So, if they really have the balls to do this (they sure as hell have the money and the lawyers to try it), this would totally, utterly and indefinitely invalidate any claims that Microsoft ever had on intellectual property.
I don't mean only from a moral and ethical perspective. But it's really hard to send the BSA thugs over to punish violations, while you on the other hand are the biggest violator of all, publicly pissing on intellectual property rights.
Possible, that US courts would hold up such an atrocity, but I don't think that this is applicable for the rest of the world.
As William Henry Gates III (also known as billg@microsoft.com) proves in this letter, he's a tad paranoid regarding the use of his software.
I conclude from there (and from the evil empires behavior in general), that he would be even more paranoid to reveal any source code to the general public, because somebody might er! steal it.
It's likely, that this involves all of Microsofts software ("Shared" source initiative not whitstanding) up and including WinHelloWorld(tm)
Slashdot Mirror
Oh boy, how much do I agree. The difference however seems to be that Sybase makes it excessively clear that you must change the sa password after installation (even better: create an account with appropriate privileges and lock down sa) in their installation/configuration manual for the respective platform.
Evenb though I think Microsoft is a deeply unethical and dishonest company, which screws its customers from front, back and the side and have an abyssimal track record regarding security they didn't deserve the bad press regarding this "hole".
The Sprint issue seems very different though, from what I read they provide the DSL modem as an applicance, which they own and maintain and should be held responsible for their incompetence or lazyness.
If I as a database consultant set up SQL Server (or any other database engine for that matter) it is my professional responsibilty to apply basic industry standard security practices to the product, which I installed. If I ship you a CD with postgresql on it it's your responsibility to read the installation manual and apply such fundamental changes yourself. It's that simple.
No voter id required, provided you use a gsm phone, which is pretty good at authenticating that the phone is indeed the voters phone.
Even though there is a small problem popping up: Provided that authentication is airtight (I think it's pretty good on gsm phones) I can tell that the vote was cast via the phone of the authorized voter; i can not guarantee that it was actually cast by the authorized voter
It's the same dilemma as with digital signatures. I might be able to tell, that it was signed by your computer, but not necessarily by you
Alice posts to list
Helpful Bob (bob@helpful.org) responds
Alice doesn't know bob, so he receives an automated reply explaining the issue and asking him to just hit reply on the auto-reply message
Bobs reply goes through and bob@helpful.org is whitelisted at Alice' and they live happily ever after.
What's wrong with that?
Dependent on the community you live in you can vote by mail at no charge. In Zurich it works like this:
3 to 4 weeks prior to a referendum (there are 2-3 per year) you get an envelope, which contains the official information, the voting forms, a card and a small envelope. You fill out the forms, place them into the small envelope, on which you seal the flap (so voting confidentiality is guaranteed), sign the card, stick everything back into the envelope it came in, close it (it's supplied with a mechanism to do just that) and drop it into the next mail box at your convenience (no stamps required).
So there is really no excuse not to vote.
I really don't see e-voting as that much more convenient and loaded with a whole pile of potential problems.
If I just get a reply with instructions to reply to the reply I don't see why this would be annoying.
Thanks for the education.
yup
Open source / free software (while picked up by the mainstream press about now) got extended coverage three years ago and they are one of the few publications, which don't just gush Redmonds press releases to the general public in slightly altered form.
If the readership of this fine forum can deal with German I strongly recommend, that they tune in every Friday.
This is a translation (without permission) from a blurb in todays Neue Zurcher Zeitung regarding introduction of a new Microsoft Powered cell phone to be introduced by Swisscom.
[...] While Orange integrated their customers into bug hunting, Swisscom is still waiting until the first software update is rolled out.
Currently engineers at Swisscom, Microsoft and HTC (the manufacturer) are trying to determine why the phone doesn't ring on incoming calls[...]
I know, that this is slightly offtopic. But would you trust such a watch to provide the correct time of day?
I'm shocked sir, truely shocked.
The Japanese market though is very unique in its nature. This doesn't mean that it's a viable business model for other countries / continents, which are not as gadget addicted as the Japanese folks.
GSM was really, really smart engineering, which took off because the various stakeholders (wireless carriers, handset manufacturers, network equipment providers) pooled their resources and ideas and achieved a great standard which served everybody (even, if not most the users).
SMS was actually a byproduct of that standard and nobody had an idea how much it would take off. It's immensly successful and a nice source of additional revenue for the carriers.
Camera phones however seems more to be a product of marketing cree^H^H^H^Hexperts in the sense that they try to create a need, which otherwise doesn't exist.
Of course every industry player is very interested in multimedia messaging to succeed. The manufacturers like to sell new, snazzy and expensive phones, carriers charge an arm and a leg and have a huge interest in mms taking off and network equipment providers can sell nice upgrades to the wireless infrastructure.
Now if the consumers play nice, or if this is another wap fiasko in the making only time will tell.
I agree, I don't have a right not to be annyed, but...
I firmly believe to have a right not to be annoyed by scum abusing my property (time / equipment / resources) in order to annoy me.
Actually prostitution is legal in large parts of the civilized world.
Since I never had one banging on my door during dinner in order to offer me 10% off on a blowjob subscription the analogy still doesn't wash.
Easy, just send an email to the "Porn Pusher Association of America" (info@ppaa.us), I think the illicit Viagra pushers, the barely legal slut convention and 7892134698hnjdflks@yahoo.com will also put you on the list if you ask nicely.
Isn't calling somebody and then hanging up considered phone harrassment. And isn't the phone company / DA /whoever obliged to prosecute this?
To the best of my knowledge, you pretty much describe Qualcomms business model.
From what I know they are liked in the industry about as much as Rambus.
Seemed to be a smart choice after all..
Thanks god (or whoever is in charge) that it's after midnight and I don't sit at work, given that I just came down with a red face from a hysterical laughing spree.
Although one must say that bolixed devices are not funny at all. I experienced bolix on one of my old hard disks. But then again I was able to restore most files, alas that fucker made rather strange noises upon choking out its remains.
Bolix! But otoh it tought me to do backups.
Ross Thomas worded it pretty nicely (paraphrased):
"Sharing a secret between two people is a conspiracy, while letting in five people on it is called a convention
Let's see? Zurich to Frankfurt by train 4 hours. By plane 50 minutes + 30 minutes to the airport + 90 minutes in advance for check in and security + 40 minutes = 3 hrs 30 minutes. This doesn't account for delays, which you will encounter virtually by default. It doesn't account for the front seat squeezing your knee during the entire flight and it doesn't account for the fat Russian gentleman seat neighboors of yours using up half of your seat and spilling his bloody mary on your nice beige suit.
Another example ? Brussel to Paris by Thalys. Takes 90 minutes. This can be the time you need to get to the airport via taxi, if traffic is dense.
Another really nice option can be night trains (if you're a good sleeper that is) in luxury (sleeping car) or on the cheap (sleeperettes) you just sleep off the trip. You're welcome to try that in that overcrowded 25 years old Alitalia 747-200 that flew me to Tokyo.
And lastly: I almost always chose the train for trips up to 8 hours. Otherwise I'm aggravated for two days and trains are nice, spacy, clean and convenient. But that of course is a matter of preference.
Yeah, FTP and the microsoft way of treating everything in ascii.
Gave me one helluva hard time in installing (actually downloading) the NVidia drivers for Linux before realising, that some utterly brainless idiot at Microsoft Corp. decided that ascii is the default for FTP-servers.
And from all companies to actually decide on ascii as a default for just about frigging anything the BloatBoys in Redmond would be the last you expect to pull such a shitty.
My guess is, it's the same here (Switzerland). Although the EULA contains all sort of bullshit, I don't think that they can prevent you from reselling the license. Most European countries have even stronger consumer protection.
What does prevent it however, are the fine folks @ Microsoft, who extort your OEM in adding a crippled copy of XP, which only insalls on - say - Fujitsu-Siemens computers and then it just formats away and provides you with the base install of your computer. (Moderators note, they call that recovery disk. You might as well mod Microsoft as funny.)
Of course such a crippled version is just about useless and it's resell value is probably zilch.
Wouldn't that be impossible, without blatant violation of the GPL?
So, if they really have the balls to do this (they sure as hell have the money and the lawyers to try it), this would totally, utterly and indefinitely invalidate any claims that Microsoft ever had on intellectual property.
I don't mean only from a moral and ethical perspective. But it's really hard to send the BSA thugs over to punish violations, while you on the other hand are the biggest violator of all, publicly pissing on intellectual property rights.
Possible, that US courts would hold up such an atrocity, but I don't think that this is applicable for the rest of the world.
As William Henry Gates III (also known as billg@microsoft.com) proves in this letter, he's a tad paranoid regarding the use of his software.
I conclude from there (and from the evil empires behavior in general), that he would be even more paranoid to reveal any source code to the general public, because somebody might er! steal it.
It's likely, that this involves all of Microsofts software ("Shared" source initiative not whitstanding) up and including WinHelloWorld(tm)