So, right now, the parent would be sitting in front of a computer.
Well meaning no disrespect, it is a Techfest where research scientists get to show off everything they've been working on, mostly to other Microsoft employees plus a few journalists and academics. (As usual the slashdot summary is woefully inaccurate and misleading.)
I didn't read anything that implied that this bear was a product actually for sale, and I'd presume that it exists only as much as all of the wired up dream homes that Microsoft has been showcasing for the past several years. Example quote from here on the techfest:
"Though Schofield declined to say how many of these products will eventually make it into the real world, the tech that reaches implementation will most likely be reworked and repackaged before it's sent into circulation."
If it were sold and primarily used as a product to help parents by babysit their children without having to take an active part, I admit I'd have very similar concerns to yourself.
The tasks you've mentioned do NOT involve sitting in front of a computer.
Exactly right, and the point I was trying to make in my final paragraph was that in the proposed Microsoft future, which I tend to like (despite not being a great fan of Microsoft), people won't be sitting in front of computers all the time when they're using them.
You're limiting your point of view by assuming that computers are restricted to rectangular boxes in fixed places that people have to be gone to in order to be used. On the contrary, Microsoft wants computers everywhere (running Microsoft software), all networked into a big integrated system and designed for people to interact with. A network-enabled teddy bear is just another part of it. From the article itself:
It's part of a broader focus by researchers on alternative methods of interacting with computers. Another initiative along those lines is something that Microsoft researchers call "surface computing."
The surface computing projects use combinations of sensors, cameras and projectors to turn various surfaces into computing interfaces. For example, one of the projects turns an ordinary tabletop into an alternative type of computer screen that senses the presence of objects and displays graphics and text.
In such a world, it's completely feasible that a parent might be keeping an eye on their child in the other room for a few minutes via a networked monitor on the refrigerator or a stove top, for instance. Sitting in front of a computer isn't necessary, nor is it desirable. If something's wrong, then put things down and go through and check what's going on. Meanwhile, the state of the networked cooking appliances can be monitored to some reasonable extent from the other room.
I realise that many kids do love things like laundry and when they do it's brilliant, but it doesn't mean that they'll want to be near their parents doing laundry or cooking all the time, or that the parent won't also have to deal with two or three other children. There will always be unpredictible situations where it's complicated for parents to be everywhere at once, and this could be seen as one possible way to add a bit more convenience to parenting if it's used appropriately.
Obviously bad parents could remain bad parents by using this in a bad way and rarely actually interacting with their children. But like many other things, just because it's possible for it to be abused by misguided parents doesn't automatically make it a bad thing.
Anyone who thinks that a stuffed animal is a good substitute for the presence of a parent is bonkers.
I agree absolutely, but in this case I think it's more an issue of whether the bear is in the hands of good parents or bad parents. I certainly wouldn't advocate abandoning your children to a camera-equipped teddy bear all day -- to do so sounds more like child neglect than anything resembling good parenting. But most parents I know, even when at home with their children (which they hopefully are) aren't able to stay directly attached to their children all the time in order to look after them properly.
In order to maintain a decent environment for bringing up children, parents typically have to do all sorts of things including cooking, dishwashing, laundry, and all sorts of general housework. Even if it's just to help keep an eye on a child who's in another room, I can understand that many parents might find something like this to be very beneficial.
This is, of course, keeping in mind that one of Microsoft's future visions is a home environment that's very integrated with the 'net. It doesn't necessarily entail going to your desktop computer and opening a web browser to see your child.
An OTA show has only one mission: to get people to watch commercials. If not enough people see the commercials, the show isn't doing its job, and it goes off the air.
I don't know about the USA, but locally I remember when subscription channels (cable, satellite, etc) used to make a big thing about not having commercials at all. The point of paying for them was to fund the shows so that commercials wouldn't have to.
More recently, cable and satellite channels have become so much of a commodity that everyone has, that they can show commercials all they like because everyone else is anyway. Very often people who don't pay for TV have comparatively nothing to watch, but it's ironic that so many people end up paying to have more commercials stuffed in their faces. (Having said that, I'm very skeptical that there's much actually worth watching on TV, anyway.)
I was wondering why slashdot was so empty today. I block YRO and Ask Slashdot from my front page and I came in here because I was bored, but it looks like more than half the recent front-page stories have been posted in this section.
Now I know how to install it without clicking "I agree". So we'll be seeing some benchmark results on.NET real soon now, right?
Just make sure you read every line of the agreement for whatever application installs the spyware. If they're being cautious, they probably have a line similar to "We might install the.NET framework on your behalf, and therefore you must read and agree with all of the Microsoft.NET framework terms of service outlined at [url]", right next to the statement about how they're going to install spyware on your PC.
This isn't to say that any of it would necessarily hold up if tested in court, and it doesn't mean that Microsoft wouldn't have "issues" with the spyware distributor for bypassing the display of their license to the user installing the software. But if you're the sort of person who cares about clicking 'I agree' at all, then you should probably consider this, too.
The reason people constantly point out problems like this is that they just keep happening in US Aerospace programs.
It's a fair enough comment, but I think it should also be pointed out that things of this magnitude, at least, don't seem to be that uncommon in anyone else's space programme, either.
This wasn't a particularly critical problem: they were near-identical instruments calibrated differently. Once this was discovered, it's not too much effort to compensate for it and still obtain correct results. Compare this mis-hap with the amount of times that Mir, for instance, almost died although it just kept flying, because competent engineers were able to compensate for and work around the problems.
It's clear that the US space programme makes some serious mistakes, and I think it's a valid point that you've made about the contractors. But to me, this particular incident doesn't seem like one of them. Making mistakes that can be fixed isn't so much the problem as making catastrophic errors.
Kevin Mitnick is looking at it from companies' points of view right now, but I think the whole problem is really created by some fundamental flaws in software architecture patterns and how most software these days interacts with the users. (Arguably it's as much a fault with the operating systems as everything else.)
I don't think that there should be that much of a burden put on the user to be responsible for saying yes or no all the time. So much software that's out there today directly bombards the user with so many questions about things that they don't understand, care about, or have time to deal with, that it's not practical for most people to spend so much time caring about what they're being asked.
Passwords, which Kevin Mitnick also talks about, are an equally bad design. They're there for the convenience of the machine -- not the person using it. Most people aren't mentally capable of remembering and matching lots of different passwords for different services, certainly not if they're supposed to (or forced to) change them every few months. It's no surprise that in order to get their actual work done, people are simply going to resort to predictible patterns or writing down secret information.
I can set aside the time for dealing with these sorts of things, and I'm sure that many people here can... but then I have more than a passing interest in computers and what's going on inside mine. For many more users out there, a computer is just a tool that's used towards something that's much more interesting to them, and dealing with the tool is one of the last things they want to care about.
Teaching people to "say no" is certainly part of the equation, but it won't work beyond a certain point. I don't know what the answer is, whether it's reducing the number of options over all software, trying to make more intelligent decisions without asking the user, arranging things so that people's software is generally configured entirely by an administrator who understands the issues, or something else. I think it's important to realise, though, that research about reducing social engineering in software is at least as important to security as researching technical security holes. It's as much of an HCI problem as a security problem.
Ultimately I think I agree with many others here, in that the main point is probably political -- so that Microsoft can look as if it's doing something good without it really being very useful.
That said, I think it is still slightly better than having no source at all. For one thing, it's possible to examine the API's more closely and get a better idea of what's going on behind them. Sometimes this can be very useful, especially if the documentation's missing something important or not giving the most useful examples for a particular situation.
Thanks. I'd found the first link, and it seems that most of the pages and applications that it points to are obsolete. I wasn't aware of the Office Converter Pack, though, and I'll take a closer look at it in the next few days.
Firefox's built-in pop-up blocking hasn't yet failed to block a pop-up ad
I've stumbled on at least one Firefox bug that allowed popups through. (For more details and a test case, head over to bugzilla where I reported it as bug 273851.)
I haven't actually seen it exploited yet, but it seems that any advertisers who really wanted pop up windows would be able to find holes here and there in many browsers. If it was done a lot, though, it probably wouldn't be long before they were filled.
What happens if the company that makes the software goes out of business?
...or simply decides to stop supporting their own format. I have a sizable number of Microsoft Works files from the early 1990's that I just can't open anymore. The earliest Microsoft software that I can now find won't open versions earlier than 4, and it seems that they're too old for anyone else to care about supporting them.
Luckily I can get some text out by viewing the raw file or using tools like 'strings', but I'd much rather have all of the original marked up formatting.
I know that intergalactic disasters are a hard sell for primetime news, but is it really necessary to endanger Earth every f-ing time something in the universe blows up?
Actually there are a lot of things blowing up in the Universe that I doubt you've ever heard about. This one just happened to get more media attention for one reason or another. If the media publish something like this, they'll want to make it sound interesting for as many people as possible, even
when it isn't.
I have a lot of sympathy for the astronomers being quoted. I've had enough experience dealing with journalists to know that it doesn't really matter what you say to them -- they'll often twist it whatever way is most useful to them for the story they want to write.
Is it the news outlets adding the "If X was close to Earth we'd be dead" or is it the scientists seeking to justify their work?
It looks like the news wire to me. Gaensler (who was quoted) clearly states that there aren't any stars like that within 10 light years, making it obvious that he was really just making a comparison to demonstrate how powerful it was, and that there's no actual danger. It's the journalist who made the decision to include the comment in the story, and at the very least I think it's to his credit that the entire quote was included in what appears to be a reasonable context.... unlike the slashdot summary for this story, which is pointlessly sensationalist by taking the first half of the quote without the last half.
The BBC story (linked from the slashdot dupe) is the worst rendition that I've seen, though. BBC published the quote at the end of the article, but copied the "10 light year" comment to the top in an unclear context, emphasising it and making it appear as if it actually was a danger. As far as I'm concerned, that's just irresponsible reporting. It's trying to make out that there's a potential disaster in the works when there clearly isn't one.
Perhaps. But "Earth" seems much more immediate than "any planets within a few light years of it".
Yes, that's true. I'd just rather that journalists stuck to the facts rather than made things up. If there's actually a reason for us to be concerned, which there isn't in this case, it'd be nice if they'd actually tell us what that is rather than invent something and tell us to be worried.
Dr Fender was quoted near the end of the article, using the example as a comparison to demonstrate the power of the explosion. The anonymous journalist took this off-hand comment, and emphasised it at the beginning of the article with the impression that it could actually happen here. That's irresponsible reporting as far as I'm concerned.
True, but we need something to galvanize action. The sooner we get off this dirtball deathtrap of a planet the better; there's all kinds of stuff that can kill off all larger life forms. Just as a dinosaur.
Well I guess my point was that a nearby star possibly blowing up and wiping us out has nothing to do with us needing to get off this planet. It's not going to happen -- at the very least, not in any way like the article suggests it might. If there are all kinds of things that can kill us off, I'd rather hear about them than be told that something unrealistic will kill us.
Dr. Fender was quoted in the article (near the end), stating this as a comparison to show how powerful it was. That's fine with me, because at that point the context is clear. Unfortunately, the anonymous journalist went out of their way to play this up at the beginning of the article, with no relevant context, as if it were something that might actually happen and we should be concerned about it.
I'd rather journalists stuck to the facts in their reporting. If they think it's important for us to get off this planet, then they should tell me why they think it's important, and I'll decide if I agree. Spinning people's comments on unrelated matters as if they're facts that support your own unrelated opinion isn't responsible reporting. It's inaccurate, and making things up.
There are enough cool things without being needlessly sensational, and invoking the Wipe-Out-All-Civilization radius definitely counts as sensational.
I couldn't agree more. There are only 10 stars within 10 light years of us -- one trinary, two doubles and three individual stars. None of them are anywhere near being potential supernovae. The BBC sensationalism was pointless and misleading.
The actual quote from which that comment was derived was probably the one in the New Scientist article:
That relatively small distance, coupled with an accurate energy measurement by NASA's RHESSI satellite, means the explosion was not as powerful - at source - as more distant bursts linked with black holes. Nevertheless, it "may have sterilised any planets within a few light years of it", says Rob Fender, an astronomer at Southampton University, UK, who is studying the lingering radio emission from the flare.
Assuming this is correct, the BBC journalist seems to have taken an off-hand comment and put it into an unreleated and meaningless context.
I've always felt that the non-exploitation pact--that international agreement that says it's a Bad Thing to stripmine on Mars--was a really bad idea. Taking the possibility of commercial gain out of space travel is an excellent way to ensure that all space travel is done by governments and universities.
While I'm not entirely averse to it, I'm a bit skeptical about this point of view. I don't particularly trust governments either... they tend to have a bad record of dealing with new frontiers. But private corporations are, quite honestly, no better. Corporations have probably done at least as many stupid and destructive things in the past as governments.
Historically, the fringes of modern society who get to new places first simply tear them up before the majority of people get there to enjoy what it used to have. It doesn't matter if it's a government or private citizens: they'll go in there to destroy it for as much short term gain as possible, because once everyone else turns up it'll be too late to make a profit. Initial european colonisation of the USA, for instance, was built on herding and killing the natives and taking their land. Pizarro did similar things through South America: almost single-handedly he wiped out a civilisation in a new land to take their gold and become rich.
There aren't people on Mars, but there's a lot we could learn about it and a lot we could do with it that simply might not be possible after it's been seriously visited. The same goes for any other new place: I'd be devestated, for instance, if someone found an alternative reason to go to Europa and contaminated it in the process, eliminating many possibilities of finding life there.
The main problem, with which I hope you'll agree, is developing technology to get to these sorts of places. I'll be the first to admit that I don't know exactly how to solve it. On the other hand, I'm not convinced that offering anyone the ability to abuse a new resource for short term gains at the expense of everyone who might have benefitted later, is the only way to do this.
What it's conceding is that the only incentive we can come up with for people to go there is that normal rules and laws don't apply, so they can do what they want. If it's done this way, then the whole thing could quite easily end up rife with corruption, corporate/governmental sabotage, possibly wars, and enormous wastage at the expense of everyone who follows. Such an incentive doesn't really impress me, and to me it seems more destructive than useful.
It might well be that Mars will be strip-mined in the future. I just hope that if and when it's done, it's done for reasons that benefit as many people as possible rather than a few profiteers at everyone else's expense.
Now I have another problem to worry about when releasing Windows software... how to deal with machines running this Crippleware edition of Windows.
To me it seems that the problem has been more with an historic problem with Windows' handling of dependencies than anything else, and I think Microsoft dug itself into a hole to some extent... and took a lot of third party developers with it. People shouldn't be forced to have software they don't want, but if they want to use other software that requires it it shouldn't be too complicated to get running.
The point of this was to force Microsoft to split out Media Player to give people more options of what they wanted to have installed on their system... which I think is fair enough. Personally I'd much rather choose what software I get with my operating system, and it still doesn't mean that distributers can't choose to bundle Media Player. It also doesn't prevent people from downloading and installing Media Player on their own, and doing so should solve any compatability problems.
I suppose you could state Windows Media Player as a requirement for your software, and just tell people they need to download and install it first. It's not quite as ideal as having things "just work", but this would have been a standard way to deal with things before Microsoft started bundling it anyway, and it is a standard thing with most other types of software and file formats.
MS Works isn't any more compatible with itself than MS Word/Office. Years ago, I was dissappointed to find out that all of the early version Microsoft Works documents that I created in 1992 and 1993 now seem to be un-openable by anything that I can find. It's not just recently, either. MS Word doesn't open them, and MS Works for about the past 10 years or so hasn't opened them.
What he really means of course, is free alternatives trying to interoperate with Microsoft's non-documented proprietary standards.
I've just read the article, and to me it seems that he is bashing interoperability between open souce products and each other. I couldn't find any reference to him criticising interoperability between any OS product and any Microsoft product.
That aside, though, I don't think we should really take too much out of it even if he did claim it. Businesses will always claim that other people can't match their product, even if they've clearly designed it to prevent other people from matching it. Many Microsoft corporate customers are likely to respect this, because many already do exactly the same thing in their own line of business: They develop some kind of product, and then try to arrange it so that they're the only entity that can provide that product as the customer likes it. It's called a competitive advantage.
Whatever you might think about Microsoft's obligations to open their file formats, APIs and so on, I think this is just normal marketing behaviour for almost any business that wants to push an advantage that it thinks it has... irrespective of how it got or maintains that advantage.
I'm not trying to simply criticise the corporate mind-set, either. The legal system itself encourages this in many respects (although admittedly Microsoft's situation is in dispute). That's what intellectual property laws are for, after all. The patent system was invented with the clear intention of letting someone take and use a monopoly on a particular instance of technology for a limited time.
It's not unusual for a company to obtain a patent, build something based on it, and then make a primary marketing point of the fact that they've built up a legal block so nobody else could possibly (legally) match it. Even if it may seem underhanded, this is the type of behaviour that the legal system supports in principle, which I guess is one reason why it's such a complicated process to force Microsoft to open its formats for others to use them.
Microsoft doesn't appear to be waving patents as an advantage in this particular instance, but what they're saying isn't entirely untrue, either. They've engineered things so its hard for others to interoperate with their products (a competitive advantage in their eyes), and then they market it. It is an advantage in their and many other people's eyes, and that's all that matters in business ethics.
Which brings up a point, what's the point in LIMITING the characters that can be used in passwords? How horrible are these designers that their apps choke on '&Dkf*l,@a', but 'b4dp4ass' is OK? What could they be doing that would disallow a number as the first character?
I don't work in security of any sort, and I agree with you that more characters means better security. My immediate guess is that although it may make the password more crackable from one perspective, having fewer characters to worry about would make it safer to run the password through many API's.
Many string-related functions will do unexpected things with some special characters, and unless you know everything that it might do with every character, and all the ways that people might abuse this, it can be risky to assume that they've all been caught. In an ideal world, the programmer would know them all and know exactly what's happening to the password when it's processed, but I still know lots of great programmers who wouldn't be aware of several gotcha's in the printf() family of functions, for instance, that might be abused by crackers in one way or another.
Especially if some software was being coded in a group and everyone had to understand it, I'd sympathise with coders or managers who'd prefer to go with a password system they understood rather than gamble they knew more about their libraries than potential crackers.
Well you may have a point. Although it seems to me that if they don't understand what an OS is, then having it changed won't necessarily be a big deal if they're able to keep doing the basic things they normally do... and have someone available to be an administrator if necessary when things break.
It's just a sketchy idea at this point, anyway, but I think it has some merit.
This is a great idea except that I believe the average Joe end-user would find this kind of administration to be a hassle. I mean, having to call or e-mail someone everytime you install a new piece of software? That is just not going to fly in terms of hassle-factor and ease-of-use.
Thanks for the comments.
I wouldn't necessarily expect it to work that way exactly. I guess the main point is that the user shouldn't have to deal with lots of niggly administrational issues, although this doesn't necessarily imply that they'd have to deal with someone on the other end. For instance, it could be done through a fancy package manager with a point-and-click install system... and in the hopefully occasional instances when things really did go wrong, such as a spyware app getting into the web browser, or some-such thing, the user could call in an administrator to deal with it remotely rather than have to manage the problem themselves. Asking people to fix software on their PC's seems to me like asking them to fix their cars when they break. The advantage with PC's is that they don't necessarily need physical access for someone to fix it.
I've already responded to several other people and indicated that it's probably not the sort of business that I'd expect someone to get right first time, but lots of businisses fail first time which doesn't necessarily mean they can't be successful if a few problems are fixed.
The support staff here (university) basically forbids people from administering their own systems, due to all the Windows viruses, spyware, etc.
Well without meaning to dismiss what you've said (I agree it would be a problem), you clearly have a support staff that's not representative of the system I was proposing.
What I had in mind was an organisation that would provide support and administration for the main apps needed for a group of users, probably beginning with people who just want to use the web, email people, do some word processing, and whatever else. It wouldn't be for everyone, but clearly it'd need to be able to provide the bulk of services people are likely to want, and have some way of responding quickly when someone needs administrative support to fix something on their computer.
On the side, I often do local installs in my home directory on the NetBSD boxes in our department, but I really am a relative power user compared with other students, and it's more of a credit that the admins don't mind than that they're slow to respond when I ask for something... because everyone in the department has a lot of respect for them. The rest of the university is run by the ITS department, which is a Windows shop full of middle managers, and admittedly awful at keeping things running and responding to what people want. I'm glad I don't have to deal with them.
Slashdot Mirror
Well meaning no disrespect, it is a Techfest where research scientists get to show off everything they've been working on, mostly to other Microsoft employees plus a few journalists and academics. (As usual the slashdot summary is woefully inaccurate and misleading.)
I didn't read anything that implied that this bear was a product actually for sale, and I'd presume that it exists only as much as all of the wired up dream homes that Microsoft has been showcasing for the past several years. Example quote from here on the techfest:
If it were sold and primarily used as a product to help parents by babysit their children without having to take an active part, I admit I'd have very similar concerns to yourself.
Exactly right, and the point I was trying to make in my final paragraph was that in the proposed Microsoft future, which I tend to like (despite not being a great fan of Microsoft), people won't be sitting in front of computers all the time when they're using them.
You're limiting your point of view by assuming that computers are restricted to rectangular boxes in fixed places that people have to be gone to in order to be used. On the contrary, Microsoft wants computers everywhere (running Microsoft software), all networked into a big integrated system and designed for people to interact with. A network-enabled teddy bear is just another part of it. From the article itself:
In such a world, it's completely feasible that a parent might be keeping an eye on their child in the other room for a few minutes via a networked monitor on the refrigerator or a stove top, for instance. Sitting in front of a computer isn't necessary, nor is it desirable. If something's wrong, then put things down and go through and check what's going on. Meanwhile, the state of the networked cooking appliances can be monitored to some reasonable extent from the other room.
I realise that many kids do love things like laundry and when they do it's brilliant, but it doesn't mean that they'll want to be near their parents doing laundry or cooking all the time, or that the parent won't also have to deal with two or three other children. There will always be unpredictible situations where it's complicated for parents to be everywhere at once, and this could be seen as one possible way to add a bit more convenience to parenting if it's used appropriately.
Obviously bad parents could remain bad parents by using this in a bad way and rarely actually interacting with their children. But like many other things, just because it's possible for it to be abused by misguided parents doesn't automatically make it a bad thing.
I agree absolutely, but in this case I think it's more an issue of whether the bear is in the hands of good parents or bad parents. I certainly wouldn't advocate abandoning your children to a camera-equipped teddy bear all day -- to do so sounds more like child neglect than anything resembling good parenting. But most parents I know, even when at home with their children (which they hopefully are) aren't able to stay directly attached to their children all the time in order to look after them properly.
In order to maintain a decent environment for bringing up children, parents typically have to do all sorts of things including cooking, dishwashing, laundry, and all sorts of general housework. Even if it's just to help keep an eye on a child who's in another room, I can understand that many parents might find something like this to be very beneficial.
This is, of course, keeping in mind that one of Microsoft's future visions is a home environment that's very integrated with the 'net. It doesn't necessarily entail going to your desktop computer and opening a web browser to see your child.
I don't know about the USA, but locally I remember when subscription channels (cable, satellite, etc) used to make a big thing about not having commercials at all. The point of paying for them was to fund the shows so that commercials wouldn't have to.
More recently, cable and satellite channels have become so much of a commodity that everyone has, that they can show commercials all they like because everyone else is anyway. Very often people who don't pay for TV have comparatively nothing to watch, but it's ironic that so many people end up paying to have more commercials stuffed in their faces. (Having said that, I'm very skeptical that there's much actually worth watching on TV, anyway.)
I was wondering why slashdot was so empty today. I block YRO and Ask Slashdot from my front page and I came in here because I was bored, but it looks like more than half the recent front-page stories have been posted in this section.
I'm glad I block it.
Just make sure you read every line of the agreement for whatever application installs the spyware. If they're being cautious, they probably have a line similar to "We might install the .NET framework on your behalf, and therefore you must read and agree with all of the Microsoft .NET framework terms of service outlined at [url]", right next to the statement about how they're going to install spyware on your PC.
This isn't to say that any of it would necessarily hold up if tested in court, and it doesn't mean that Microsoft wouldn't have "issues" with the spyware distributor for bypassing the display of their license to the user installing the software. But if you're the sort of person who cares about clicking 'I agree' at all, then you should probably consider this, too.
It's a fair enough comment, but I think it should also be pointed out that things of this magnitude, at least, don't seem to be that uncommon in anyone else's space programme, either.
This wasn't a particularly critical problem: they were near-identical instruments calibrated differently. Once this was discovered, it's not too much effort to compensate for it and still obtain correct results. Compare this mis-hap with the amount of times that Mir, for instance, almost died although it just kept flying, because competent engineers were able to compensate for and work around the problems.
It's clear that the US space programme makes some serious mistakes, and I think it's a valid point that you've made about the contractors. But to me, this particular incident doesn't seem like one of them. Making mistakes that can be fixed isn't so much the problem as making catastrophic errors.
Kevin Mitnick is looking at it from companies' points of view right now, but I think the whole problem is really created by some fundamental flaws in software architecture patterns and how most software these days interacts with the users. (Arguably it's as much a fault with the operating systems as everything else.)
I don't think that there should be that much of a burden put on the user to be responsible for saying yes or no all the time. So much software that's out there today directly bombards the user with so many questions about things that they don't understand, care about, or have time to deal with, that it's not practical for most people to spend so much time caring about what they're being asked.
Passwords, which Kevin Mitnick also talks about, are an equally bad design. They're there for the convenience of the machine -- not the person using it. Most people aren't mentally capable of remembering and matching lots of different passwords for different services, certainly not if they're supposed to (or forced to) change them every few months. It's no surprise that in order to get their actual work done, people are simply going to resort to predictible patterns or writing down secret information.
I can set aside the time for dealing with these sorts of things, and I'm sure that many people here can... but then I have more than a passing interest in computers and what's going on inside mine. For many more users out there, a computer is just a tool that's used towards something that's much more interesting to them, and dealing with the tool is one of the last things they want to care about.
Teaching people to "say no" is certainly part of the equation, but it won't work beyond a certain point. I don't know what the answer is, whether it's reducing the number of options over all software, trying to make more intelligent decisions without asking the user, arranging things so that people's software is generally configured entirely by an administrator who understands the issues, or something else. I think it's important to realise, though, that research about reducing social engineering in software is at least as important to security as researching technical security holes. It's as much of an HCI problem as a security problem.
Ultimately I think I agree with many others here, in that the main point is probably political -- so that Microsoft can look as if it's doing something good without it really being very useful.
That said, I think it is still slightly better than having no source at all. For one thing, it's possible to examine the API's more closely and get a better idea of what's going on behind them. Sometimes this can be very useful, especially if the documentation's missing something important or not giving the most useful examples for a particular situation.
Thanks. I'd found the first link, and it seems that most of the pages and applications that it points to are obsolete. I wasn't aware of the Office Converter Pack, though, and I'll take a closer look at it in the next few days.
I've stumbled on at least one Firefox bug that allowed popups through. (For more details and a test case, head over to bugzilla where I reported it as bug 273851.)
I haven't actually seen it exploited yet, but it seems that any advertisers who really wanted pop up windows would be able to find holes here and there in many browsers. If it was done a lot, though, it probably wouldn't be long before they were filled.
Luckily I can get some text out by viewing the raw file or using tools like 'strings', but I'd much rather have all of the original marked up formatting.
Actually there are a lot of things blowing up in the Universe that I doubt you've ever heard about. This one just happened to get more media attention for one reason or another. If the media publish something like this, they'll want to make it sound interesting for as many people as possible, even when it isn't.
I have a lot of sympathy for the astronomers being quoted. I've had enough experience dealing with journalists to know that it doesn't really matter what you say to them -- they'll often twist it whatever way is most useful to them for the story they want to write.
It looks like the news wire to me. Gaensler (who was quoted) clearly states that there aren't any stars like that within 10 light years, making it obvious that he was really just making a comparison to demonstrate how powerful it was, and that there's no actual danger. It's the journalist who made the decision to include the comment in the story, and at the very least I think it's to his credit that the entire quote was included in what appears to be a reasonable context.... unlike the slashdot summary for this story, which is pointlessly sensationalist by taking the first half of the quote without the last half.
The BBC story (linked from the slashdot dupe) is the worst rendition that I've seen, though. BBC published the quote at the end of the article, but copied the "10 light year" comment to the top in an unclear context, emphasising it and making it appear as if it actually was a danger. As far as I'm concerned, that's just irresponsible reporting. It's trying to make out that there's a potential disaster in the works when there clearly isn't one.
Yes, that's true. I'd just rather that journalists stuck to the facts rather than made things up. If there's actually a reason for us to be concerned, which there isn't in this case, it'd be nice if they'd actually tell us what that is rather than invent something and tell us to be worried.
Dr Fender was quoted near the end of the article, using the example as a comparison to demonstrate the power of the explosion. The anonymous journalist took this off-hand comment, and emphasised it at the beginning of the article with the impression that it could actually happen here. That's irresponsible reporting as far as I'm concerned.
Well I guess my point was that a nearby star possibly blowing up and wiping us out has nothing to do with us needing to get off this planet. It's not going to happen -- at the very least, not in any way like the article suggests it might. If there are all kinds of things that can kill us off, I'd rather hear about them than be told that something unrealistic will kill us.
Dr. Fender was quoted in the article (near the end), stating this as a comparison to show how powerful it was. That's fine with me, because at that point the context is clear. Unfortunately, the anonymous journalist went out of their way to play this up at the beginning of the article, with no relevant context, as if it were something that might actually happen and we should be concerned about it.
I'd rather journalists stuck to the facts in their reporting. If they think it's important for us to get off this planet, then they should tell me why they think it's important, and I'll decide if I agree. Spinning people's comments on unrelated matters as if they're facts that support your own unrelated opinion isn't responsible reporting. It's inaccurate, and making things up.
I couldn't agree more. There are only 10 stars within 10 light years of us -- one trinary, two doubles and three individual stars. None of them are anywhere near being potential supernovae. The BBC sensationalism was pointless and misleading.
The actual quote from which that comment was derived was probably the one in the New Scientist article:
Assuming this is correct, the BBC journalist seems to have taken an off-hand comment and put it into an unreleated and meaningless context.
While I'm not entirely averse to it, I'm a bit skeptical about this point of view. I don't particularly trust governments either... they tend to have a bad record of dealing with new frontiers. But private corporations are, quite honestly, no better. Corporations have probably done at least as many stupid and destructive things in the past as governments.
Historically, the fringes of modern society who get to new places first simply tear them up before the majority of people get there to enjoy what it used to have. It doesn't matter if it's a government or private citizens: they'll go in there to destroy it for as much short term gain as possible, because once everyone else turns up it'll be too late to make a profit. Initial european colonisation of the USA, for instance, was built on herding and killing the natives and taking their land. Pizarro did similar things through South America: almost single-handedly he wiped out a civilisation in a new land to take their gold and become rich.
There aren't people on Mars, but there's a lot we could learn about it and a lot we could do with it that simply might not be possible after it's been seriously visited. The same goes for any other new place: I'd be devestated, for instance, if someone found an alternative reason to go to Europa and contaminated it in the process, eliminating many possibilities of finding life there.
The main problem, with which I hope you'll agree, is developing technology to get to these sorts of places. I'll be the first to admit that I don't know exactly how to solve it. On the other hand, I'm not convinced that offering anyone the ability to abuse a new resource for short term gains at the expense of everyone who might have benefitted later, is the only way to do this.
What it's conceding is that the only incentive we can come up with for people to go there is that normal rules and laws don't apply, so they can do what they want. If it's done this way, then the whole thing could quite easily end up rife with corruption, corporate/governmental sabotage, possibly wars, and enormous wastage at the expense of everyone who follows. Such an incentive doesn't really impress me, and to me it seems more destructive than useful.
It might well be that Mars will be strip-mined in the future. I just hope that if and when it's done, it's done for reasons that benefit as many people as possible rather than a few profiteers at everyone else's expense.
To me it seems that the problem has been more with an historic problem with Windows' handling of dependencies than anything else, and I think Microsoft dug itself into a hole to some extent... and took a lot of third party developers with it. People shouldn't be forced to have software they don't want, but if they want to use other software that requires it it shouldn't be too complicated to get running.
The point of this was to force Microsoft to split out Media Player to give people more options of what they wanted to have installed on their system... which I think is fair enough. Personally I'd much rather choose what software I get with my operating system, and it still doesn't mean that distributers can't choose to bundle Media Player. It also doesn't prevent people from downloading and installing Media Player on their own, and doing so should solve any compatability problems.
I suppose you could state Windows Media Player as a requirement for your software, and just tell people they need to download and install it first. It's not quite as ideal as having things "just work", but this would have been a standard way to deal with things before Microsoft started bundling it anyway, and it is a standard thing with most other types of software and file formats.
MS Works isn't any more compatible with itself than MS Word/Office. Years ago, I was dissappointed to find out that all of the early version Microsoft Works documents that I created in 1992 and 1993 now seem to be un-openable by anything that I can find. It's not just recently, either. MS Word doesn't open them, and MS Works for about the past 10 years or so hasn't opened them.
I've just read the article, and to me it seems that he is bashing interoperability between open souce products and each other. I couldn't find any reference to him criticising interoperability between any OS product and any Microsoft product.
That aside, though, I don't think we should really take too much out of it even if he did claim it. Businesses will always claim that other people can't match their product, even if they've clearly designed it to prevent other people from matching it. Many Microsoft corporate customers are likely to respect this, because many already do exactly the same thing in their own line of business: They develop some kind of product, and then try to arrange it so that they're the only entity that can provide that product as the customer likes it. It's called a competitive advantage.
Whatever you might think about Microsoft's obligations to open their file formats, APIs and so on, I think this is just normal marketing behaviour for almost any business that wants to push an advantage that it thinks it has... irrespective of how it got or maintains that advantage.
I'm not trying to simply criticise the corporate mind-set, either. The legal system itself encourages this in many respects (although admittedly Microsoft's situation is in dispute). That's what intellectual property laws are for, after all. The patent system was invented with the clear intention of letting someone take and use a monopoly on a particular instance of technology for a limited time.
It's not unusual for a company to obtain a patent, build something based on it, and then make a primary marketing point of the fact that they've built up a legal block so nobody else could possibly (legally) match it. Even if it may seem underhanded, this is the type of behaviour that the legal system supports in principle, which I guess is one reason why it's such a complicated process to force Microsoft to open its formats for others to use them.
Microsoft doesn't appear to be waving patents as an advantage in this particular instance, but what they're saying isn't entirely untrue, either. They've engineered things so its hard for others to interoperate with their products (a competitive advantage in their eyes), and then they market it. It is an advantage in their and many other people's eyes, and that's all that matters in business ethics.
I don't work in security of any sort, and I agree with you that more characters means better security. My immediate guess is that although it may make the password more crackable from one perspective, having fewer characters to worry about would make it safer to run the password through many API's.
Many string-related functions will do unexpected things with some special characters, and unless you know everything that it might do with every character, and all the ways that people might abuse this, it can be risky to assume that they've all been caught. In an ideal world, the programmer would know them all and know exactly what's happening to the password when it's processed, but I still know lots of great programmers who wouldn't be aware of several gotcha's in the printf() family of functions, for instance, that might be abused by crackers in one way or another.
Especially if some software was being coded in a group and everyone had to understand it, I'd sympathise with coders or managers who'd prefer to go with a password system they understood rather than gamble they knew more about their libraries than potential crackers.
Well you may have a point. Although it seems to me that if they don't understand what an OS is, then having it changed won't necessarily be a big deal if they're able to keep doing the basic things they normally do... and have someone available to be an administrator if necessary when things break.
It's just a sketchy idea at this point, anyway, but I think it has some merit.
Thanks for the comments.
I wouldn't necessarily expect it to work that way exactly. I guess the main point is that the user shouldn't have to deal with lots of niggly administrational issues, although this doesn't necessarily imply that they'd have to deal with someone on the other end. For instance, it could be done through a fancy package manager with a point-and-click install system... and in the hopefully occasional instances when things really did go wrong, such as a spyware app getting into the web browser, or some-such thing, the user could call in an administrator to deal with it remotely rather than have to manage the problem themselves. Asking people to fix software on their PC's seems to me like asking them to fix their cars when they break. The advantage with PC's is that they don't necessarily need physical access for someone to fix it.
I've already responded to several other people and indicated that it's probably not the sort of business that I'd expect someone to get right first time, but lots of businisses fail first time which doesn't necessarily mean they can't be successful if a few problems are fixed.
Well without meaning to dismiss what you've said (I agree it would be a problem), you clearly have a support staff that's not representative of the system I was proposing.
What I had in mind was an organisation that would provide support and administration for the main apps needed for a group of users, probably beginning with people who just want to use the web, email people, do some word processing, and whatever else. It wouldn't be for everyone, but clearly it'd need to be able to provide the bulk of services people are likely to want, and have some way of responding quickly when someone needs administrative support to fix something on their computer.
On the side, I often do local installs in my home directory on the NetBSD boxes in our department, but I really am a relative power user compared with other students, and it's more of a credit that the admins don't mind than that they're slow to respond when I ask for something... because everyone in the department has a lot of respect for them. The rest of the university is run by the ITS department, which is a Windows shop full of middle managers, and admittedly awful at keeping things running and responding to what people want. I'm glad I don't have to deal with them.
That's pretty neat. Does he have a website or anything that I could look up? Just out of interest....