Keeping your sexual orientation secret in the workplace is easy enough if you just take simple measures like requiring all your employees to refer to their lovers only in gender-neutral terms and to use gender-ambiguous pronouns when talking about eir partners, and firing anyone who drops gender-revealing names (People dating 'Sam' are fine, people dating 'Deekoo' are not). At most non-porn jobs, your sexual orientation is not going to be relevant to your job performance.
When it comes to games, this sort of thing is *not reasonable*. Most mmog players are doing it *for fun* and don't want to have to use the genderless pronouns they use at work. And they're doing it *for fun*. Why should people have to keep their orientation secret *while playing a game*?
IMO, per-app exceptions make things insanely complicated. What I personally think is right in your scenario is to examine the API and its users (that is, the applications) to see what they're actually doing; if the API does one thing and the docs say it does something else, you patch the docs. If for some reason the API changes to fix one thing *have to* break something else, then you determine which thing is more important. Most of the time, the thing that's currently working is more important, because users will be a lot more angry if the device that worked in the last kernel does not work in the current kernel than they will if the device that didn't work in the last kernel also doesn't work in the current kernel.
In instances where an app actually relies on a bug, you need to figure out how important fixing that bug actually is. 'Bug #16384: Computer works as I expect it to.' is not actually a bug.
As long as the machine doesn't have an actual rootkit, that is.
If you are booting into the infected system, you CANNOT count on any program that you run within it being able to remove infections. Safe mode itself can be disabled or overridden by malware; your approach only works if you're up against a relatively low-end piece of malware. Luckily for users and technicians, most malware isn't that well written - but acting like safe mode is an easy out is a bad idea.
I used to do computer repair; it wasn't particularly unusual to find customer machines infected with malware that their AV or anti-spyware program did not yet detect. Once a computer is infected, it's possible for malware to hide itself or render itself unremovable even if the antimalware program is later updated to detect it.
Impact: One to three hours of billable technician time per call, typically, with new malware being more likely to take longer. Reduced email deliverability for the people sharing a network connection with the warezd00dette who managed to get herself infected with Spamforo. Hours to days of reduced productivity due to both direct effects of malware and necessary countermeasures. Exposure of confidential data (I once got to review draft government regulations before the general public did because some idiot's Sircam infection sent me a file in order to have my advice.). Increased bandwidth costs. (Thankfully, the one customer whose infection autodialed 900 numbers did not have a modem on their computer.)
The opinions of the Framers (not necessarily Founders - IIRC, Jefferson was shipped off to France to keep him from getting in the way of the Constitutional Convention) are *completely irrelevant*. The authority of their Constitution derives from the elections that ratified it, not from the wisdom of the authors. Our distant ancestors (well, the male, white, wealthy ones, at least) voted for or against the TEXT. If the wisdom of the Framers was what mattered or what they thought should guide them, they would not have needed to bother with a written Constitution - they could have simply put all the Framers in the Senate and made do with an unwritten one.
Would they have authorized private ownership of nukes? I don't know. Some of the Founders were mad scientists by profession; some were narcoterrorists. Maybe they would have thought nukes for everyone were a great idea. (Doubtful, though: if nukes were available at the time, either the war would have been fought with a policy of bilateral restraint, or most of the framers would have been radioactive corpses and Amendment 1 would have been BRAAAAAAAAAIIIIIINS.)
If they release a Javascript RPC implementation, their competitors will be able to use it to make their apps as slow, clunky, and unreliable as Wave seemed to be?
Actually, solar flux does a pretty good job of explaining the differences between Venus and Earth. The sun started out colder than it is now; as the temperature rose, it would have reached a point where a primordial venereal ocean boiled. The increased water vapor in the atmosphere would have raised temperatures further, and as ultraviolet disassociated water molecules the freed oxygen would have reacted with carbon previously sequestered in the rocks to produce carbon dioxide. A moon would not have prevented this, any more than our moon has leeched all the carbon from terrestrial rocks.
(Meanwhile, the humans are eagerly moving all the sequestered carbon they can get their hands on into the atmosphere.)
Once in a universe? The universe is bigger than the solar system, you know.
Out of a statistically insignificant sample of solid planets (four terrestrial planets and eight icy dwarf planets), 25% (Earth, Pluto, and 2003EL61) are orbited by moons apparently >=1% of the primary's mass.
Out of the available Terrestrial planets in the inner solar system, 25% have huge moons like ours, and 100% show what could be signs of major impacts (Venus rotates backwards, and the Martian impact features are displacing Mercury's Caloris Basin and chaotic terranes as the biggest.) We haven't gotten close enough to the dwarves to do more than speculate about their impact histories.
If you had only the one large moon, speculation about it being truly unique would be plausible - with three of twelve candidates orbited by big moons, this becomes a lot less plausible - why would conditions uniquely make _THIS_ planet more like the ice dwarves than all the other terrestrial planets in the galaxy?
Is it just me, or are you saying that Iranian organized crime, in your country, *hogs parking spots*?
May I relocate to your country? Over here, organized crime seems to prefer manipulating the stock market, spamming, and smuggling heroin and cocaine. And the occasional spot of assassination.
I think they meant 'undocumented' rather than 'secret'. Yes, at least some of the Windows source is widely available (I don't know how much, beyond that there was something about a source release of CE a while back), but figuring out not only what everything does but what it's intended to do is liable to take a while.
Not to mention that NDA thing that the anonymous followup above me pointed out.
I'm guessing that the second "All your base..." announcement is probably due two days before election day, and will be followed by a Kerry/Bush joint appearance announcing that Bush has appointed Kerry vice president and that they've come to an agreement that the election will be suspended until after they've wiped out all terrorism everywhere.
Such a scheme could be made more resistant to vote-buying by giving voters the tools to make fake receipts. Someone wants to buy my vote? Fine. They can. And it's their wild guess whether or not the receipt that matches a vote for Joseph Moneybags IV is in fact *yours*.
/me still cannot believe they named a Mozilla variant Chimera. "Firebird" has no namespace collision; it's a DB, or a browser. Chimera, on the other hand, is an HTML 3.something-compatible browser that, when I had it installed on my machine, didn't like backgrounds.
A while later ISTR needing to upgrade Netscape to 4.7something to fix Some Stupid Bug.
Hmm. What happened in the Carter administration? The only thing I can remember is some rather dubious stuff involving hostages, Iran, and elections, though I'm sure other crap got pulled.
Don't forget, too, that this may not be intended to hide something Really Important from 1978. Something from 1981 might concern 'em more...
While phone calls are *legally* granted privacy, it exists only on paper in the US. CALEA mandates that various pieces of telco hardware be easy to wiretap. Cellphones aren't encrypted in the US to make monitoring easier; to protect your privacy, they just make it illegal for private citizens to own the monitoring hardware.
Most likely, the privacy of the aggregate system would be the lowest common denominator - phone spam unleashed and voice greppers applied to all the phone networks. (Though I strongly suspect that the latter is already the case.)
SFTP and HTTP-over-SSL use comparable encryption strength. And all SFTP/SSH clients I've seen handle public key approval in a *much* better way than the way the HTTP clients I've seen handle SSL certs. (SSH clients tend to show you a key fingerprint that you can check. HTTPS clients tend to check to see if the server's administrator spent money for a certificate.)
And to think. All this time that I've wasted using unproductive keyboard-controlled editors like pico, vim, and innumerable wordstar-clones, when I could be using vexed (voice-extended ed) instead.
I'd tell you where to get the Nifty SuperCool EasyToRearrange Keyboard From Heaven, but then the odds are that everyone who reads this post'll snarf up all the good ones.
(Hint: There's several keyboards like that. I still mourn the one that had thirty-six function keys. Yes, thirty-six.)
The one I'm using probably came from the mid-1980s. It clacks. It has Removable Keytops. The original was missing a couple. The keycaps for the control keys are labelled "Enter" and "Reset"/"Quit" respectively. On the sides of PF1 through PF12 are "PSA" through "PSF", two fast-forward glyphs, and what appear to be Hercules Mono Word-Processor Commands (as they bear an inverse lowercase a, a lowercase a with a halo, and an underlines lowercase a.
It is Dvorak. (now.).
Keycaps have been found to fill in the holes.
More keycaps have been found for Decoration (replacing more prosaic ones with No/&, Lowercase a with Circumflex, and Bright Red Clear.
This one is only 101-key model; I will perform sexual favours for the 125-key model.
Changing the browser ID on a per-page basis by default is a bad idea - *every* time you load a page, the browser then has to check "Does this match [target-malfy-page]?".
Which becomes a measurable performance and logistics hit when you consider how much AOL and M$ own and how often they break things.
On occasion, AOL-owned crap (the result of clicking one of those stupid "take me to your site" buttons in the Netscape toolbar by mistake) has told me that my browser isn't supported. Their list of browsers that *were* supported didn't include anything that wasn't either IE or running on Windows.
On another occasion, I was unable to download security patches from M$ using IE. Netscape, however, worked.
I think I'll just set my browser to identify itself as WOOGLEFLUTZEL.
There's not much reason for most people to have HTTP access at work... just firewall port 80 and be done with it.
(As an added bonus, this offers protection against the expenses associated with viewing of pr0n, political subversion, and posting to slashdot on the company dime.)
A very large proportion of credit card fraud takes place in circumstances where the seller doesn't even *SEE* the buyer. You expect a biometric ID to stop someone from buying access to half a dozen porn sites with your credit card how, exactly? And this will protect against theft in general, too... I guess you'll check the ID of the next person who snatches your purse?
(And, from the Magic World of Fraud: Recently, it was discovered that some of the companies checking for insurance fraud in state-run insurance programs were getting paid but not actually doing any work...)
What gives you the idea that you'll be permitted to choose who you show the card to? Or who scans your retina? Government-supplied identity papers drift off into mandatory identification fairly readily; for example, in California it is illegal to leave your house without your ID card. And you *can* be stopped on the street and ordered to show the card. It doesn't happen that often, but it does happen. Especially if you're rude to the secret police.
And if you'll look at the pro-ID arguments, you'll note that a very large proportion hinge on showing it being mandatory. You really trust everyone who thinks it'll stop illegal immigration *not* to encourage their MPs to permit Arbitrary Inspections?
The existance of biometric data on the card does not protect you. It simply makes it so that whomever you *do* decide to permit to scan your retina has the data necessary for a replay attack - with your identifying information, they can reliably convince a suitably vulnerable machine that they are you. (See c't's review of an assortment of consumer biometric devices - while most of the spoofing techniques used are obvious to a human watching the machine be used, if the machine operator cooperates with the spoofer, they can generate a record that says you were here and is *as good as your card was* at proving that you are in fact, the owner of Your Name and the person who bought that ammonium nitrate...
And without the central repository to check against, the card just says "Someone with this retina says their name is ZYX.".
I also find something rather amusing in an anonymous post supporting identifying everyone...
Slashdot Mirror
Keeping your sexual orientation secret in the workplace is easy enough if you just take simple measures like requiring all your employees to refer to their lovers only in gender-neutral terms and to use gender-ambiguous pronouns when talking about eir partners, and firing anyone who drops gender-revealing names (People dating 'Sam' are fine, people dating 'Deekoo' are not). At most non-porn jobs, your sexual orientation is not going to be relevant to your job performance.
When it comes to games, this sort of thing is *not reasonable*. Most mmog players are doing it *for fun* and don't want to have to use the genderless pronouns they use at work. And they're doing it *for fun*. Why should people have to keep their orientation secret *while playing a game*?
IMO, per-app exceptions make things insanely complicated. What I personally think is right in your scenario is to examine the API and its users (that is, the applications) to see what they're actually doing; if the API does one thing and the docs say it does something else, you patch the docs. If for some reason the API changes to fix one thing *have to* break something else, then you determine which thing is more important. Most of the time, the thing that's currently working is more important, because users will be a lot more angry if the device that worked in the last kernel does not work in the current kernel than they will if the device that didn't work in the last kernel also doesn't work in the current kernel.
In instances where an app actually relies on a bug, you need to figure out how important fixing that bug actually is. 'Bug #16384: Computer works as I expect it to.' is not actually a bug.
As long as the machine doesn't have an actual rootkit, that is.
If you are booting into the infected system, you CANNOT count on any program that you run within it being able to remove infections. Safe mode itself can be disabled or overridden by malware; your approach only works if you're up against a relatively low-end piece of malware. Luckily for users and technicians, most malware isn't that well written - but acting like safe mode is an easy out is a bad idea.
I used to do computer repair; it wasn't particularly unusual to find customer machines infected with malware that their AV or anti-spyware program did not yet detect. Once a computer is infected, it's possible for malware to hide itself or render itself unremovable even if the antimalware program is later updated to detect it.
Impact: One to three hours of billable technician time per call, typically, with new malware being more likely to take longer. Reduced email deliverability for the people sharing a network connection with the warezd00dette who managed to get herself infected with Spamforo. Hours to days of reduced productivity due to both direct effects of malware and necessary countermeasures. Exposure of confidential data (I once got to review draft government regulations before the general public did because some idiot's Sircam infection sent me a file in order to have my advice.). Increased bandwidth costs. (Thankfully, the one customer whose infection autodialed 900 numbers did not have a modem on their computer.)
The opinions of the Framers (not necessarily Founders - IIRC, Jefferson was shipped off to France to keep him from getting in the way of the Constitutional Convention) are *completely irrelevant*. The authority of their Constitution derives from the elections that ratified it, not from the wisdom of the authors. Our distant ancestors (well, the male, white, wealthy ones, at least) voted for or against the TEXT. If the wisdom of the Framers was what mattered or what they thought should guide them, they would not have needed to bother with a written Constitution - they could have simply put all the Framers in the Senate and made do with an unwritten one.
Would they have authorized private ownership of nukes? I don't know. Some of the Founders were mad scientists by profession; some were narcoterrorists. Maybe they would have thought nukes for everyone were a great idea. (Doubtful, though: if nukes were available at the time, either the war would have been fought with a policy of bilateral restraint, or most of the framers would have been radioactive corpses and Amendment 1 would have been BRAAAAAAAAAIIIIIINS.)
If they release a Javascript RPC implementation, their competitors will be able to use it to make their apps as slow, clunky, and unreliable as Wave seemed to be?
Actually, solar flux does a pretty good job of explaining the differences between Venus and Earth. The sun started out colder than it is now; as the temperature rose, it would have reached a point where a primordial venereal ocean boiled. The increased water vapor in the atmosphere would have raised temperatures further, and as ultraviolet disassociated water molecules the freed oxygen would have reacted with carbon previously sequestered in the rocks to produce carbon dioxide. A moon would not have prevented this, any more than our moon has leeched all the carbon from terrestrial rocks.
(Meanwhile, the humans are eagerly moving all the sequestered carbon they can get their hands on into the atmosphere.)
Once in a universe? The universe is bigger than the solar system, you know.
Out of a statistically insignificant sample of solid planets (four terrestrial planets and eight icy dwarf planets), 25% (Earth, Pluto, and 2003EL61) are orbited by moons apparently >=1% of the primary's mass.
Out of the available Terrestrial planets in the inner solar system, 25% have huge moons like ours, and 100% show what could be signs of major impacts (Venus rotates backwards, and the Martian impact features are displacing Mercury's Caloris Basin and chaotic terranes as the biggest.) We haven't gotten close enough to the dwarves to do more than speculate about their impact histories.
If you had only the one large moon, speculation about it being truly unique would be plausible - with three of twelve candidates orbited by big moons, this becomes a lot less plausible - why would conditions uniquely make _THIS_ planet more like the ice dwarves than all the other terrestrial planets in the galaxy?
'Persian Mafia'?
Is it just me, or are you saying that Iranian
organized crime, in your country, *hogs parking
spots*?
May I relocate to your country? Over here,
organized crime seems to prefer manipulating
the stock market, spamming, and smuggling
heroin and cocaine. And the occasional spot of
assassination.
I think they meant 'undocumented' rather than
'secret'. Yes, at least some of the Windows
source is widely available (I don't know how much,
beyond that there was something about a source
release of CE a while back), but figuring out
not only what everything does but what it's
intended to do is liable to take a while.
Not to mention that NDA thing that the anonymous
followup above me pointed out.
Both boats and planes can be placed on trailers, taken home, and shoved into a garage as desired.
I'm guessing that the second "All your base..."
announcement is probably due two days before
election day, and will be followed by a Kerry/Bush
joint appearance announcing that Bush has
appointed Kerry vice president and that they've
come to an agreement that the election will be
suspended until after they've wiped out all
terrorism everywhere.
Use the security holes that the newest service
pack fixes to break in and install said service
pack?
Or just have the proxy stick a signed ActiVex
control that updates their systems in every
webpage they download.
Such a scheme could be made more resistant to
vote-buying by giving voters the tools to make
fake receipts. Someone wants to buy my vote?
Fine. They can. And it's their wild guess
whether or not the receipt that matches a vote
for Joseph Moneybags IV is in fact *yours*.
/me still cannot believe they named a Mozilla
variant Chimera. "Firebird" has no namespace
collision; it's a DB, or a browser. Chimera, on
the other hand, is an HTML 3.something-compatible
browser that, when I had it installed on my
machine, didn't like backgrounds.
A while later ISTR needing to upgrade Netscape
to 4.7something to fix Some Stupid Bug.
Carter administration.
Hmm. What happened in the Carter administration?
The only thing I can remember is some rather
dubious stuff involving hostages, Iran, and
elections, though I'm sure other crap got pulled.
Don't forget, too, that this may not be intended
to hide something Really Important from 1978.
Something from 1981 might concern 'em more...
While phone calls are *legally* granted privacy,
it exists only on paper in the US. CALEA
mandates that various pieces of telco hardware
be easy to wiretap. Cellphones aren't encrypted
in the US to make monitoring easier; to protect
your privacy, they just make it illegal for
private citizens to own the monitoring hardware.
Most likely, the privacy of the aggregate system
would be the lowest common denominator - phone
spam unleashed and voice greppers applied to all
the phone networks. (Though I strongly suspect
that the latter is already the case.)
SFTP and HTTP-over-SSL use comparable encryption
strength. And all SFTP/SSH clients I've seen
handle public key approval in a *much* better
way than the way the HTTP clients I've seen
handle SSL certs. (SSH clients tend to show you
a key fingerprint that you can check. HTTPS
clients tend to check to see if the server's
administrator spent money for a certificate.)
The NiftySuperCoolTypeWeirdCharactersKey, of
course. Like option.
And to think. All this time that I've wasted
using unproductive keyboard-controlled editors
like pico, vim, and innumerable wordstar-clones,
when I could be using vexed (voice-extended ed)
instead.
I'd tell you where to get the Nifty SuperCool
EasyToRearrange Keyboard From Heaven, but then
the odds are that everyone who reads this post'll
snarf up all the good ones.
(Hint: There's several keyboards like that. I
still mourn the one that had thirty-six function
keys. Yes, thirty-six.)
The one I'm using probably came from the
mid-1980s. It clacks. It has Removable Keytops.
The original was missing a couple. The keycaps
for the control keys are labelled "Enter" and
"Reset"/"Quit" respectively. On the sides of
PF1 through PF12 are "PSA" through "PSF", two
fast-forward glyphs, and what appear to be
Hercules Mono Word-Processor Commands (as they
bear an inverse lowercase a, a lowercase a with
a halo, and an underlines lowercase a.
It is Dvorak. (now.).
Keycaps have been found to fill in the holes.
More keycaps have been found for Decoration
(replacing more prosaic ones with No/&, Lowercase
a with Circumflex, and Bright Red Clear.
This one is only 101-key model; I will perform
sexual favours for the 125-key model.
Changing the browser ID on a per-page basis by
default is a bad idea - *every* time you load a
page, the browser then has to check "Does this
match [target-malfy-page]?".
Which becomes a measurable performance and
logistics hit when you consider how much AOL
and M$ own and how often they break things.
On occasion, AOL-owned crap (the result of
clicking one of those stupid "take me to your
site" buttons in the Netscape toolbar by
mistake) has told me that my browser isn't
supported. Their list of browsers that *were*
supported didn't include anything that wasn't
either IE or running on Windows.
On another occasion, I was unable to download
security patches from M$ using IE. Netscape,
however, worked.
I think I'll just set my browser to identify
itself as WOOGLEFLUTZEL.
There's not much reason for most people to have
HTTP access at work... just firewall port 80
and be done with it.
(As an added bonus, this offers protection
against the expenses associated with viewing of
pr0n, political subversion, and posting to
slashdot on the company dime.)
A very large proportion of credit card fraud
takes place in circumstances where the seller
doesn't even *SEE* the buyer. You expect a
biometric ID to stop someone from buying access
to half a dozen porn sites with your credit card
how, exactly? And this will protect against
theft in general, too... I guess you'll check
the ID of the next person who snatches your
purse?
(And, from the Magic World of Fraud: Recently,
it was discovered that some of the companies
checking for insurance fraud in state-run
insurance programs were getting paid but not
actually doing any work...)
What gives you the idea that you'll be permitted
to choose who you show the card to? Or who scans
your retina? Government-supplied identity papers
drift off into mandatory identification fairly
readily; for example, in California it is illegal
to leave your house without your ID card. And
you *can* be stopped on the street and ordered to
show the card. It doesn't happen that often, but
it does happen. Especially if you're rude to the
secret police.
And if you'll look at the pro-ID arguments, you'll
note that a very large proportion hinge on showing
it being mandatory. You really trust everyone who
thinks it'll stop illegal immigration *not* to
encourage their MPs to permit Arbitrary
Inspections?
The existance of biometric data on the card does
not protect you. It simply makes it so that
whomever you *do* decide to permit to scan your
retina has the data necessary for a replay
attack - with your identifying information, they
can reliably convince a suitably vulnerable
machine that they are you. (See c't's review
of an assortment of consumer biometric devices -
while most of the spoofing techniques used are
obvious to a human watching the machine be used,
if the machine operator cooperates with the
spoofer, they can generate a record that says you
were here and is *as good as your card was* at
proving that you are in fact, the owner of Your
Name and the person who bought that ammonium
nitrate...
And without the central repository to check
against, the card just says "Someone with this
retina says their name is ZYX.".
I also find something rather amusing in an
anonymous post supporting identifying everyone...