One: I find it kind of funny that it's okay to deluge us drivers with advertisement. Billboards, small signs, flashing strobe lights in convenience stores. This is all designed to drag a driver's attention off other traffic and entice them to read about the SPECIAL sale/price/product/crap businesses offer.
Two: I've texted while driving. Just like any other non-driving action taken in the car (such as changing radio stations or inserting CDs) I deliberately chopped the task up into short stages. Open the CD case. Review traffic. Eject current CD. Review traffic. Put current CD on passenger seat. Review traffic. Pick up new CD. Review traffic. Insert new CD. Review traffic. Press play. Return to full-time driving.
I did that when reading, or composing text messages. Read a few words. Type a few letters. Few being two, maybe three. Review traffic. Type a few more. Review traffic.
Sure, if you put your head down and read or write 140 characters at a time you're unsafe. Sure, by definition doing anything while driving is less safe than exclusively driving. But I dispute that it's meaningfully so if done even vaguely responsibly.
Three: my problem with this law is that it's making illegal something everyone is going to do, until we have wireless data links in our heads. More so than drunk-driving penalties, this law is toothless. Almost everyone will get away with it almost all the time, and the social/business pressure to do this illegal act is high and will remain high. The crime won't go away. The law will almost never be enforced. This is an act of futility.
I missed those arguments. That's what I get for reading only 5-rated comments. I guess the cure for that is as close as the "threshold" pull-down. I choose to not cure that defect for the time being.
This is me, glancing at my brilliantly-designed comment. This is me, glancing at the nice Score:2 indicator. This is me, re-reading your reply. This is me, kind of baffled.
I can see how the topic of meddling with DNA to augment/fix people can be a slippery slope, but by itself the question of "is it morally wrong to cure colorblindness" seems to be the same as "is it morally wrong to cure short/far sightedness". We already normalize things like this and it's entirely by individual choice. You can choose to wear your glasses or not and now you'll be able to get your color vision corrected or not.
No, no it isn't a slippery slope. You threw augmenting in, which isn't what this is about at all. It's about fixing that which is broken. There is nothing slippery or slope-like about that. If you can cure diabetes, do. If you can cure blindness, do. If you can cure paraplegia, do. If you can cure mental retardation, do. If you can cure narcolepsy, do.
What is a moral quandary is the process of deciding what is broken. The inability to do that which the vast majority of humans can do... that's broken. So go ahead and fix colour blindness.
All the tangential arguments about homosexuality or baldness or pedophilia or enjoying country & western music... that's hysteria and not related to the core issue.
Sometimes to explain things to the uninformed you have to condense to the point of being easily misunderstood by others in-the-know.
If your explanation is easily misunderstood by the learned, how can it be accurately uderstood by the ignorant?
The consumer will interpret that "syncing" thing as "doing whatever techno-wizardry is necessary to make sure the purchased stuff Just Works (tm)".
Do you put up with that from your auto mechanic? I don't, and it's still dishonest.
It can be uderstood (sic) by the ignorant just fine because the degree of understanding that the ignorant is trying to extract is significantly lower than the learned might try for.
Do I put up with that from my mechanic? Absolutely. I have a long-term relationship with him and he has a pretty good understanding of my level of knowledge and how much detail I care for. He'd never say "rebuild your transmission" when he means "change your wiper blades". But he'd certainly put "plugged vacuum leak" on an invoice knowing that I don't really care if it was a hose, gasket, or other cause. Maybe he just stuck a bolt in the end of a hose that was supposed to be plugged. Maybe he changed a gasket. It's up to me to decide how much detail I want, and I can always ask for more.
You know what... this reminds me of people who can't cope with end-users because they're stuck in some intellectually superior stratosphere. Users boot up their hard drives. No matter how many times you explain that's a computer and the hard drive is a component inside, to them it's a hard drive. Get this: it's not a sin as a computer guy to ask a user to boot up their hard drive. Yes, it's inaccurate. Yes, some literalist might open up the computer and take out the hard drive and do something horrible to it. Yes. But the risk is trivial compared to the benefit of being understood because of your inaccuracies. (I've got users who insist the monitor is the computer.)
Again, I'm convinced this is a bunch of us elitist techno-snobs freaking out about a choice of words that wasn't targeted at us.
Agreed. There are plenty of instances where dumbing-down technical descriptions of what us technology-savvy folk are doing edges into falsehood. Sometimes to explain things to the uninformed you have to condense to the point of being easily misunderstood by others in-the-know.
The consumer will interpret that "syncing" thing as "doing whatever techno-wizardry is necessary to make sure the purchased stuff Just Works (tm)". The technician will basically test for DOA, or make whatever minor adjustments (ie. take off the packing foam) are needed. Syncing. Good enough.
No sign of intent to mislead or defraud. Alarmism.
Do you know what $50 was worth 10 years ago in today's dollars?
According to the Bank of Canada, something that cost $50 in 2000 would now cost $61.42 and something that cost $50 in 1990 would now cost $74.87.
On the other hand, here's food for thought: not everything goes up in price over time. For instance, the price of an entry-level PC. Consumer electronics in general drop in price over time while increased capability rolls out. In theory, software could be one of those categories given the way 20 years ago we didn't have re-usable game engines. In theory, we should be (and possibly are) seeing lots of code re-use and re-used art assets. Who needs to write a convincing simulator for the behaviour of blades of grass for Game 3.0? Sure, the level environments get more detailed, and the textures prettier, but I don't know we're looking at as much new content as we think we are.
No. Diplomats have preconceived notions that predicate on their experience negotiating between assholes with human agendas. You're almost suggesting to assign a psychologist to speak on our behalf. Shadowbearer's list of qualifications has a heavy basis in neutrality. We want that. A person who simply represents us as an average. Let the aliens who dragged themselves all this way decide if they like what we are.
No diplomats "spinning" things to make us look better than we are. I would really prefer to not get caught in a lie or a lie by omission when Kruul shows up.
Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time,
In what strange alternate reality does the web require Java in 2010?
Is Bill Joy President of the United States in your reality?
There are plenty of "web apps" that are actually Java apps, or Java that runs in the middle of a web page. I've got customers in multiple different demographics that have these. Most of them tend to be hosted internally on their Intranet but the point remains. "The web" is the web, be it inside the firewall or out.
Absolutely. It's kind of funny because it was over five years ago that Microsoft "got it" and started reducing the attack surface in their operating systems. Non-essential services were disabled by default for instance.
Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time, and potentially a slew of other plug-ins. Everything from WinZip to the Google Toolbar has a service running in the background to update it periodically, and there's a push for unrelated shit to be bundled with what we try to install. Download managers are becoming increasingly the norm, with Adobe burying their direct link to Reader and Flash one link further from the "Click Here to Download" link the same week they patched an exploit in it.
We need to re-think how we compute. Less is more. Pick a standard such as HTML5 and stick to it. No plugins. (Beyond page-agnostic browser functionality add-ons like Ad-Block Plus.) No background services, no download managers, no web-extending formats. If a stock browser less than three years old can't render it, it isn't the web. If it isn't the web, we don't code for it. JPG, PNG, and a handful of standardized other formats can be direct linked-to.
That's not the panacea... it won't solve it all. But going the way we're going is the wrong direction. Let's try less crap on our machines that might be vulnerable.
roaming profiles are the worst way of a solution to this problem. Ever have to wait like 20 minutes to log in just because MSIE puts it's huge webcache into the profile. Oh no no... Profiles are great, but don't do them the "roaming" way, because that's the rowing way.
Albanach already hit you with the Cluestick but I'm going to take a swing. Worse than what he pointed out, I'd like to mention that by default IE's cache is NOT in the roaming profile. That means you have to deliberately jack things around to cause what you describe to happen. All that good stuff in C:\docume~1\username\locals~1 doesn't roam. At least not unless you do truly idiotic stuff.
Yes, you can throw a tonne of crap on your desktop and have a slow logon. Yes, you can acquire a few thousand cookies and have a slow logon. Yes, there are a couple other ways in "normal" use to cause slow logon. But what you describe is absolutely, positively, not normal. Just because your admin (or you) broke the feature doesn't mean the feature is broken.
After all, there's no way that their malware tool could have spotted it, or the update could have checksummed the files before patching them.
If they put half as much effort into their anti-malware activities as they do into their DRM regime, the world would be a better place. We'd all have unicorns, and a pot of gold.
Again... the patch did not patch the infected file. It patched the kernel. So how bad is it really that a properly patched kernel won't initialize an infected driver?
You're asking MS to check the MD5 of every file they provide, every time anything anywhere is patched. Further, the MD5 table has to hold every variant of every MS file, any of which could be valid. Further, files could be deliberately replaced by the user for any of a number of completely valid reasons. Not reasonable.
Completely understood. For brevity I summarized my actions. My work was done in a PE environment, outside of any root-kitted OS. I compared the binary of the SP3 version of ATAPI.SYS after its install relative to a known stable environment and there were no binary diffs.
I get it that the box in general is never going to be trustworthy again. In my opinion it never was because the end-user had and still has admin rights. Fortunately its role is not one where this is a meaningful threat. It's not on a domain and it doesn't have a business role. The owner uses it for basic web surfing at best, and printing shipping labels from a template that never changes.
I can't justify a nuke & load on it when due to his desires he gets admin rights. The box won't be hardened so this is just going to happen again. The best I could reasonably do was update it and purge anything evident.
It's pretty easy to fault them for not taking a checksum before they patch to ensure that the file isn't modified. If it is, warn the user.
You're both missing what's actually happening here.
1} The "patch code" doesn't choke. The patched kernel does next reboot. 2} The patch doesn't touch the infected file.
The problem appears to be a compromised atapi.sys driver. Is it really reasonable for Microsoft's patch to the kernel to react gracefully to whatever corruption is present in that driver? I know the obvious is that Windows should fail gracefully on any fault, but really... we don't have any clue what's present in that file.
Summary: patch patches the kernel. Kernel tries to initialize a compromised driver. BSOD.
Extra stuff...
I actually encountered such a machine this morning. This was pretty much while folks were realizing what was going on, before we collectively knew WHICH patch was responsible. I backed out the offending patch and got the system back up. I then found the box was WinXP Pro SP2, so I applied SP3. The SP3 install choked while examining the environment, saying that something had a handle on ATAPI.SYS Well, being a tech, I fired up some tools, found a system process had the handle, closed it, and let SP3 continue. I then patched up everything else. Finally, I reinstalled KB977165. Lo and behold, the system worked fine. So in hindsight I can see that yeah, something was funky about that file in particular. Malware or not, something wasn't right about it. For the record, the system in question did have current AV (Norton 360) and was behind a simple NAT router but the user did have admin rights. Zero other signs of infection.
For all we know we're going to find out that this was actually some bull-crap DRM solution.
Hypothetical situation: I moved to 1234 XYZ Street on Thursday of last week, specifically because I'd done my homework and knew that I would have access to the Internet via Verizon who didn't block 4chan. The following day they changed their network and blocked the site. Today's Monday. Shall I move now?
ISPs have no business deciding where my data packets go, or what they contain.
This is not unlike the electric company deciding I can't use electricity I buy from them to recharge my electric shaver. Or my wife's drilldo(TM). Why? Because blah blah religious blah blah sin. If my grow-op is illegal, that's a matter for the police, not the meter-reader.
More to the point... how is it that my digital camera isn't required to keep a log of every image I take with it? Why isn't my camcorder sending samples of everything I tape? Why doesn't every teddy bear come with a GPS tracker and camera built in?
In short, how is it that none of the equipment required to actually make child porn is immune, yet I - who run a web site that has zero upload capacity - am in theory being required to keep its visitor logs?
Bite. Me.
Evidently the person who hacked my server and filled with with kids in bathtubs also made a scheduled task that overwrites the logs every ten seconds. In fact, they skipped the uploading nekkid children. Must not have got to that part yet.
Also, a rule which meant that people under 18 were not allowed to participate in the body scanner trial has been overturned by the government. There is no mention of blurring out the genitals, however reports a few years back said X-ray backscatter devices aren't effective unless the genitals of people going through them are visible.
Yeahh... That's probably complete bullshit. I can just see British parents dragging their children through scanners that take pictures of their genitals.
If it is true, I see a precipitous drop in air travel in that country. Screwing with adults and their privacy is one thing, photographing naked children is some next level shit to put it bluntly.
I've half a mind to see what would happen if I simply dropped my pants at a security line. "I have nothing to hide and I'm proud of it." They're taking "naked" pictures of me, transmitting them and storing them to places I have no control over. All of this so I earn the right to pay them for access to their transportation device. Yet if I got naked, I'm pretty sure I'd be shot by security. And I'm not even unusually deformed.
As for the kids thing, it'd be further interesting to have a nudist family do the same. "Hey, if you're already taking pictures of my son's 'member' and looking at it, you might as well do it right."
Isn't a statistically tiny possibility of being blown up on an airplane better than a statistically guaranteed unpleasant, intrusive, and in fact risky trip past airport security?
You cannot compare our need for oil to our "need" for manufactured goods. The former is a finite resource, you can only get it from a handful of places around the world, the latter will be sourced from literally whoever is cheapest. If China suddenly cut the west's supply of goods off I'm sure one of their cheapest competitors would happily step in to fill the void. Or if it got too expensive then they would be produced in the west.
Too expensive? No, I don't think that's the danger. Too cheap is the danger. The most important asset a country has is its workers. We've seen decades of off-shoring and out-sourcing, resulting in huge proportions of unemployment within many cities. Many Americans are unemployed pretty much because someone else - somewhere - is willing to make a cheaper thing. The global economy is a complicated system, but I'd think it would be better to actually be the cheapest manufacturer, and sell the thing to others in exchange for other things you want. If all the best things are made elsewhere, what do you have left to trade? Wood? Ore? Maybe some corn? Right. Resources. Great.
I could be wrong, but it seems to me that where the jobs are, that's where the prosperity is. At least in the long term.
Slashdot is not the manufacture of the car or the iPad, so bitching here isn't doing anything other than trolling.
Wrong.
Many, many people don't have the time or brilliance to explore every ramification of every product. Some people come to places like Slashdot for the purpose of absorbing the opinions and analysis of other people. Slashdot is a good choice in that the variety of responses is wide, and it's reasonable to expect that irrational or misinformed comments will either be moderated or replied to.
Point is: posting to places like Slashdot is absolutely more functional than trolling.
Troll? Really? Because I'm not sold on open-source/free software being the best choice in schools or because I think there's no implicit relationship between rack space specs and software vendors?
I only post when I'm shooting for +5 Insightful, so I have to say I'm baffled on this one.
There is no mandate for NZ schools to use Microsoft software. There is a collective agreement (one of many agreements, including one with Apple), and the schools have always been able to choose the software they want.
Standard slashdot bias and hype. FUD FUD FUD
Agreed. Also, the fact that newly constructed schools spec out 4x48 racks doesn't say anything about how many U are typically consumed in a Microsoft solution shows bad editorializing. New construction also likely calls for 2" conduit in each wall for future cabling needs, but it certainly doesn't imply that using MS software would require 2" diameter worth of wires to be pulled to fill those conduits.
I'd applaud the school for using low-to-no-cost solutions in-house were it not for the fact they're basically teaching the kids on platforms they - statistically speaking - will never use in the real world. Monopoly is bad, but denying reality is worse.
In my humble opinion, the problem with IPv6 is that it's too radical a methodology change for most IT folks to be interested in. I wouldn't be surprised at all if a huge number of us are silently, subconsciously "waiting it out", for someone to propose and ratify a less intimidating address-extension protocol.
It's not that I can't handle Hex... it's not that I can't handle colons. It's not that I can't handle learning about tunnels, or brokers, or 6to4 or any of the other immense pile of knowledge surrounding IPv6. It's that I don't WANT to. IPv4 is terribly simple and does its job. IP, mask, gateway. By and large that encompasses just about everything you really need to know about IPv4 as a network admin. Sure, it's tough to have huge routing tables, but that's life. Hardware keeps getting faster and memory cheaper. Deal with it.
Yeah, okay, IPv6 can't - by definition - be the same since it's got to overlay things. But really, if this standard was to have "caught on", it should have changed as little as possible at once. IPv4 machines should simply be a.b.c.d.0.0.0.0.0.0 or something equally obvious. Routers and IP stacks could be written to extend the address space a few more bits, and the same methods as used in IPv4 should have been used to denote subnets. It SHOULD have been a simple task of padding out IPv4 space into IPv6, and software that doesn't grok the full address space just couldn't use it. Imagine adding two more "numbers" to your telephone, so phone "numbers" could include Pi and e. Call me at 1-800-555-5e55. If your phone doesn't have the buttons, you can't dial it. Fine. But the backbone should have been smoothly extended.
That's what IPv6 SHOULD have done. Add more address space and nothing else.
We could have MANY rovers instead of wasting money on the Shuttle. The hurry to get men in space without exploring it first or developing robotic tech we absolutely require anyway bleeds vital resources from unmanned programs whose missions can last for years.
You're probably already aware, but all of this exploration comes from public funding, which is tied to public opinion.
Tell me a kid who grows up thinking "some day I'm going to drive a robot on Mars" is going to approve of space-spending in the same degree that a kid who grows up thinking "some day I'm going to mars to drive a robot".
Manned space flight is fantastic. As in the stuff of fantasy. Only it's within our grasp.
What is interesting is that unlike basically every other technology we've invented, space-flight doesn't seem to get cheaper over time. You'd think nearly 40 years after landing on the moon, we'd be able to do it cheaper. Problem is what we're complicating the process, of course. The Apollo capsules were simple machines. Today, we'd load them up with intricate gear and triply-redundant equipment, all of which would require orders of magnitude more testing than the legacy stuff, driving the price astronomically high.
My advice? Stop worrying so much about safety. There are plenty of qualified volunteers who would leap at a chance of making it alive. Simplify the gear, spend the money on the actual sensor and science packages, and get some boots back on the moon, and then Mars.
We have a tendency to anthropomorphize our gadgets, especially gadgets that move around and do stuff. How many times have we read about "the plucky rover" or "the rover that wouldn't quit" or "the rover that slept with my now-ex-girlfriend, the whore" ?
They're machines. They were designed to do a job for a specific period of time with the expectation that we'd continue to use them until they finally broke down. Spirit has pretty much broken down. It's been a great run and we've gotten a shit-ton of data from it, but it's time to hit the Off switch and release the staff to other projects... like prepping for the next rover mission.
I hear the point you're trying to make, but it's not as black & white as you paint it to be. The real-world costs of getting a new rover to Mars is very high. The cost of paying a team of appropriately trained specialists for a few days or even weeks to potentially extend the useful lifespan of the existing rover is much lower. You and I aren't qualified to know the statistical odds of success, or the relative costs associated. Your words "it's time" are words we have no business speaking at this time.
I know no one reads the articles, as that would get in the way of the knee-jerking we all love to do. But the article makes it quite clear: the kindle includes a text-to-speech application, but no way for visually impaired folks to navigate. Therefore, the Kindle is not the right choice of e-book reader for institutions such as colleges and universities to promote. It is the Kindle that is unusable by the blind, not the e-books themselves.
Fair enough. New rule: educational institutions that purchase e-books are hereby granted permission to print a physical copy for each purchased license, for purposes of providing access to people unable to operate the e-book reader chosen by that institution. Make it law. Make it part of the mandatory licensing scheme, impose it on publishers, make it clear this MUST be permitted. Move on.
Seriously, what if (for instance) the ideal device that pandered to everyone's needs cost twice as much as the Kindle? Make the right purchase for the majority of circumstances and make additional/different purchases for the special cases. Don't sweat that one size doesn't fit all.
Not that I'm a proponent of e-book readers in schools at this stage of the technology's development and price-point, but my point stands alone.
If a 'Loss of Signal' can interrupt a POP session, wouldn't it also interrupt a file upload? Couldn't they just POP into the server on Earth once a day to grab their emails to be stored in a simple mbox or some such?
No. I could be wrong, but while something like FTP supports resume commands, I don't believe POP3 does. As far as I know, if you get 99% done RETR for a given e-mail and your socket drops, you have to RETR it again, from byte 0.
I also assume that there's some latency issues involved with all of this. A straight RPC over HTTP connection to the Exchange server would obsolete all of this, but it's a really chatty protocol. I imagine they fell back to fundamentals for a good reason.
Slashdot Mirror
A few thoughts.
One: I find it kind of funny that it's okay to deluge us drivers with advertisement. Billboards, small signs, flashing strobe lights in convenience stores. This is all designed to drag a driver's attention off other traffic and entice them to read about the SPECIAL sale/price/product/crap businesses offer.
Two: I've texted while driving. Just like any other non-driving action taken in the car (such as changing radio stations or inserting CDs) I deliberately chopped the task up into short stages. Open the CD case. Review traffic. Eject current CD. Review traffic. Put current CD on passenger seat. Review traffic. Pick up new CD. Review traffic. Insert new CD. Review traffic. Press play. Return to full-time driving.
I did that when reading, or composing text messages. Read a few words. Type a few letters. Few being two, maybe three. Review traffic. Type a few more. Review traffic.
Sure, if you put your head down and read or write 140 characters at a time you're unsafe. Sure, by definition doing anything while driving is less safe than exclusively driving. But I dispute that it's meaningfully so if done even vaguely responsibly.
Three: my problem with this law is that it's making illegal something everyone is going to do, until we have wireless data links in our heads. More so than drunk-driving penalties, this law is toothless. Almost everyone will get away with it almost all the time, and the social/business pressure to do this illegal act is high and will remain high. The crime won't go away. The law will almost never be enforced. This is an act of futility.
I missed those arguments. That's what I get for reading only 5-rated comments. I guess the cure for that is as close as the "threshold" pull-down. I choose to not cure that defect for the time being.
This is me, glancing at my brilliantly-designed comment. This is me, glancing at the nice Score:2 indicator. This is me, re-reading your reply. This is me, kind of baffled.
This is me, grinning.
I can see how the topic of meddling with DNA to augment/fix people can be a slippery slope, but by itself the question of "is it morally wrong to cure colorblindness" seems to be the same as "is it morally wrong to cure short/far sightedness". We already normalize things like this and it's entirely by individual choice. You can choose to wear your glasses or not and now you'll be able to get your color vision corrected or not.
No, no it isn't a slippery slope. You threw augmenting in, which isn't what this is about at all. It's about fixing that which is broken. There is nothing slippery or slope-like about that. If you can cure diabetes, do. If you can cure blindness, do. If you can cure paraplegia, do. If you can cure mental retardation, do. If you can cure narcolepsy, do.
What is a moral quandary is the process of deciding what is broken. The inability to do that which the vast majority of humans can do... that's broken. So go ahead and fix colour blindness.
All the tangential arguments about homosexuality or baldness or pedophilia or enjoying country & western music... that's hysteria and not related to the core issue.
Sometimes to explain things to the uninformed you have to condense to the point of being easily misunderstood by others in-the-know.
If your explanation is easily misunderstood by the learned, how can it be accurately uderstood by the ignorant?
The consumer will interpret that "syncing" thing as "doing whatever techno-wizardry is necessary to make sure the purchased stuff Just Works (tm)".
Do you put up with that from your auto mechanic? I don't, and it's still dishonest.
It can be uderstood (sic) by the ignorant just fine because the degree of understanding that the ignorant is trying to extract is significantly lower than the learned might try for.
Do I put up with that from my mechanic? Absolutely. I have a long-term relationship with him and he has a pretty good understanding of my level of knowledge and how much detail I care for. He'd never say "rebuild your transmission" when he means "change your wiper blades". But he'd certainly put "plugged vacuum leak" on an invoice knowing that I don't really care if it was a hose, gasket, or other cause. Maybe he just stuck a bolt in the end of a hose that was supposed to be plugged. Maybe he changed a gasket. It's up to me to decide how much detail I want, and I can always ask for more.
You know what... this reminds me of people who can't cope with end-users because they're stuck in some intellectually superior stratosphere. Users boot up their hard drives. No matter how many times you explain that's a computer and the hard drive is a component inside, to them it's a hard drive. Get this: it's not a sin as a computer guy to ask a user to boot up their hard drive. Yes, it's inaccurate. Yes, some literalist might open up the computer and take out the hard drive and do something horrible to it. Yes. But the risk is trivial compared to the benefit of being understood because of your inaccuracies. (I've got users who insist the monitor is the computer.)
Again, I'm convinced this is a bunch of us elitist techno-snobs freaking out about a choice of words that wasn't targeted at us.
Agreed. There are plenty of instances where dumbing-down technical descriptions of what us technology-savvy folk are doing edges into falsehood. Sometimes to explain things to the uninformed you have to condense to the point of being easily misunderstood by others in-the-know.
The consumer will interpret that "syncing" thing as "doing whatever techno-wizardry is necessary to make sure the purchased stuff Just Works (tm)". The technician will basically test for DOA, or make whatever minor adjustments (ie. take off the packing foam) are needed. Syncing. Good enough.
No sign of intent to mislead or defraud. Alarmism.
Do you know what $50 was worth 10 years ago in today's dollars?
According to the Bank of Canada, something that cost $50 in 2000 would now cost $61.42 and something that cost $50 in 1990 would now cost $74.87.
On the other hand, here's food for thought: not everything goes up in price over time. For instance, the price of an entry-level PC. Consumer electronics in general drop in price over time while increased capability rolls out. In theory, software could be one of those categories given the way 20 years ago we didn't have re-usable game engines. In theory, we should be (and possibly are) seeing lots of code re-use and re-used art assets. Who needs to write a convincing simulator for the behaviour of blades of grass for Game 3.0? Sure, the level environments get more detailed, and the textures prettier, but I don't know we're looking at as much new content as we think we are.
No. Diplomats have preconceived notions that predicate on their experience negotiating between assholes with human agendas. You're almost suggesting to assign a psychologist to speak on our behalf. Shadowbearer's list of qualifications has a heavy basis in neutrality. We want that. A person who simply represents us as an average. Let the aliens who dragged themselves all this way decide if they like what we are.
No diplomats "spinning" things to make us look better than we are. I would really prefer to not get caught in a lie or a lie by omission when Kruul shows up.
Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time,
In what strange alternate reality does the web require Java in 2010?
Is Bill Joy President of the United States in your reality?
There are plenty of "web apps" that are actually Java apps, or Java that runs in the middle of a web page. I've got customers in multiple different demographics that have these. Most of them tend to be hosted internally on their Intranet but the point remains. "The web" is the web, be it inside the firewall or out.
Ad hominem much?
Absolutely. It's kind of funny because it was over five years ago that Microsoft "got it" and started reducing the attack surface in their operating systems. Non-essential services were disabled by default for instance.
Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time, and potentially a slew of other plug-ins. Everything from WinZip to the Google Toolbar has a service running in the background to update it periodically, and there's a push for unrelated shit to be bundled with what we try to install. Download managers are becoming increasingly the norm, with Adobe burying their direct link to Reader and Flash one link further from the "Click Here to Download" link the same week they patched an exploit in it.
We need to re-think how we compute. Less is more. Pick a standard such as HTML5 and stick to it. No plugins. (Beyond page-agnostic browser functionality add-ons like Ad-Block Plus.) No background services, no download managers, no web-extending formats. If a stock browser less than three years old can't render it, it isn't the web. If it isn't the web, we don't code for it. JPG, PNG, and a handful of standardized other formats can be direct linked-to.
That's not the panacea... it won't solve it all. But going the way we're going is the wrong direction. Let's try less crap on our machines that might be vulnerable.
roaming profiles are the worst way of a solution to this problem. Ever have to wait like 20 minutes to log in just because MSIE puts it's huge webcache into the profile. Oh no no...
Profiles are great, but don't do them the "roaming" way, because that's the rowing way.
Albanach already hit you with the Cluestick but I'm going to take a swing. Worse than what he pointed out, I'd like to mention that by default IE's cache is NOT in the roaming profile. That means you have to deliberately jack things around to cause what you describe to happen. All that good stuff in C:\docume~1\username\locals~1 doesn't roam. At least not unless you do truly idiotic stuff.
Yes, you can throw a tonne of crap on your desktop and have a slow logon. Yes, you can acquire a few thousand cookies and have a slow logon. Yes, there are a couple other ways in "normal" use to cause slow logon. But what you describe is absolutely, positively, not normal. Just because your admin (or you) broke the feature doesn't mean the feature is broken.
After all, there's no way that their malware tool could have spotted it, or the update could have checksummed the files before patching them.
If they put half as much effort into their anti-malware activities as they do into their DRM regime, the world would be a better place. We'd all have unicorns, and a pot of gold.
Again... the patch did not patch the infected file. It patched the kernel. So how bad is it really that a properly patched kernel won't initialize an infected driver?
You're asking MS to check the MD5 of every file they provide, every time anything anywhere is patched. Further, the MD5 table has to hold every variant of every MS file, any of which could be valid. Further, files could be deliberately replaced by the user for any of a number of completely valid reasons. Not reasonable.
Oh good lord! You should not trust that machine!
Completely understood. For brevity I summarized my actions. My work was done in a PE environment, outside of any root-kitted OS. I compared the binary of the SP3 version of ATAPI.SYS after its install relative to a known stable environment and there were no binary diffs.
I get it that the box in general is never going to be trustworthy again. In my opinion it never was because the end-user had and still has admin rights. Fortunately its role is not one where this is a meaningful threat. It's not on a domain and it doesn't have a business role. The owner uses it for basic web surfing at best, and printing shipping labels from a template that never changes.
I can't justify a nuke & load on it when due to his desires he gets admin rights. The box won't be hardened so this is just going to happen again. The best I could reasonably do was update it and purge anything evident.
It's pretty easy to fault them for not taking a checksum before they patch to ensure that the file isn't modified. If it is, warn the user.
You're both missing what's actually happening here.
1} The "patch code" doesn't choke. The patched kernel does next reboot.
2} The patch doesn't touch the infected file.
The problem appears to be a compromised atapi.sys driver. Is it really reasonable for Microsoft's patch to the kernel to react gracefully to whatever corruption is present in that driver? I know the obvious is that Windows should fail gracefully on any fault, but really... we don't have any clue what's present in that file.
Summary: patch patches the kernel. Kernel tries to initialize a compromised driver. BSOD.
Extra stuff...
I actually encountered such a machine this morning. This was pretty much while folks were realizing what was going on, before we collectively knew WHICH patch was responsible. I backed out the offending patch and got the system back up. I then found the box was WinXP Pro SP2, so I applied SP3. The SP3 install choked while examining the environment, saying that something had a handle on ATAPI.SYS Well, being a tech, I fired up some tools, found a system process had the handle, closed it, and let SP3 continue. I then patched up everything else. Finally, I reinstalled KB977165. Lo and behold, the system worked fine. So in hindsight I can see that yeah, something was funky about that file in particular. Malware or not, something wasn't right about it. For the record, the system in question did have current AV (Norton 360) and was behind a simple NAT router but the user did have admin rights. Zero other signs of infection.
For all we know we're going to find out that this was actually some bull-crap DRM solution.
Hypothetical situation: I moved to 1234 XYZ Street on Thursday of last week, specifically because I'd done my homework and knew that I would have access to the Internet via Verizon who didn't block 4chan. The following day they changed their network and blocked the site. Today's Monday. Shall I move now?
ISPs have no business deciding where my data packets go, or what they contain.
This is not unlike the electric company deciding I can't use electricity I buy from them to recharge my electric shaver. Or my wife's drilldo(TM). Why? Because blah blah religious blah blah sin. If my grow-op is illegal, that's a matter for the police, not the meter-reader.
More to the point... how is it that my digital camera isn't required to keep a log of every image I take with it? Why isn't my camcorder sending samples of everything I tape? Why doesn't every teddy bear come with a GPS tracker and camera built in?
In short, how is it that none of the equipment required to actually make child porn is immune, yet I - who run a web site that has zero upload capacity - am in theory being required to keep its visitor logs?
Bite. Me.
Evidently the person who hacked my server and filled with with kids in bathtubs also made a scheduled task that overwrites the logs every ten seconds. In fact, they skipped the uploading nekkid children. Must not have got to that part yet.
Yeahh... That's probably complete bullshit. I can just see British parents dragging their children through scanners that take pictures of their genitals.
If it is true, I see a precipitous drop in air travel in that country. Screwing with adults and their privacy is one thing, photographing naked children is some next level shit to put it bluntly.
I've half a mind to see what would happen if I simply dropped my pants at a security line. "I have nothing to hide and I'm proud of it." They're taking "naked" pictures of me, transmitting them and storing them to places I have no control over. All of this so I earn the right to pay them for access to their transportation device. Yet if I got naked, I'm pretty sure I'd be shot by security. And I'm not even unusually deformed.
As for the kids thing, it'd be further interesting to have a nudist family do the same. "Hey, if you're already taking pictures of my son's 'member' and looking at it, you might as well do it right."
Isn't a statistically tiny possibility of being blown up on an airplane better than a statistically guaranteed unpleasant, intrusive, and in fact risky trip past airport security?
You cannot compare our need for oil to our "need" for manufactured goods. The former is a finite resource, you can only get it from a handful of places around the world, the latter will be sourced from literally whoever is cheapest. If China suddenly cut the west's supply of goods off I'm sure one of their cheapest competitors would happily step in to fill the void. Or if it got too expensive then they would be produced in the west.
Too expensive? No, I don't think that's the danger. Too cheap is the danger. The most important asset a country has is its workers. We've seen decades of off-shoring and out-sourcing, resulting in huge proportions of unemployment within many cities. Many Americans are unemployed pretty much because someone else - somewhere - is willing to make a cheaper thing. The global economy is a complicated system, but I'd think it would be better to actually be the cheapest manufacturer, and sell the thing to others in exchange for other things you want. If all the best things are made elsewhere, what do you have left to trade? Wood? Ore? Maybe some corn? Right. Resources. Great.
I could be wrong, but it seems to me that where the jobs are, that's where the prosperity is. At least in the long term.
Slashdot is not the manufacture of the car or the iPad, so bitching here isn't doing anything other than trolling.
Wrong. Many, many people don't have the time or brilliance to explore every ramification of every product. Some people come to places like Slashdot for the purpose of absorbing the opinions and analysis of other people. Slashdot is a good choice in that the variety of responses is wide, and it's reasonable to expect that irrational or misinformed comments will either be moderated or replied to. Point is: posting to places like Slashdot is absolutely more functional than trolling.
Troll? Really? Because I'm not sold on open-source/free software being the best choice in schools or because I think there's no implicit relationship between rack space specs and software vendors?
I only post when I'm shooting for +5 Insightful, so I have to say I'm baffled on this one.
There is no mandate for NZ schools to use Microsoft software. There is a collective agreement (one of many agreements, including one with Apple), and the schools have always been able to choose the software they want.
Standard slashdot bias and hype. FUD FUD FUD
Agreed. Also, the fact that newly constructed schools spec out 4x48 racks doesn't say anything about how many U are typically consumed in a Microsoft solution shows bad editorializing. New construction also likely calls for 2" conduit in each wall for future cabling needs, but it certainly doesn't imply that using MS software would require 2" diameter worth of wires to be pulled to fill those conduits.
I'd applaud the school for using low-to-no-cost solutions in-house were it not for the fact they're basically teaching the kids on platforms they - statistically speaking - will never use in the real world. Monopoly is bad, but denying reality is worse.
Want me to adopt IPv6? Make IPv6 Lite.
In my humble opinion, the problem with IPv6 is that it's too radical a methodology change for most IT folks to be interested in. I wouldn't be surprised at all if a huge number of us are silently, subconsciously "waiting it out", for someone to propose and ratify a less intimidating address-extension protocol.
It's not that I can't handle Hex... it's not that I can't handle colons. It's not that I can't handle learning about tunnels, or brokers, or 6to4 or any of the other immense pile of knowledge surrounding IPv6. It's that I don't WANT to. IPv4 is terribly simple and does its job. IP, mask, gateway. By and large that encompasses just about everything you really need to know about IPv4 as a network admin. Sure, it's tough to have huge routing tables, but that's life. Hardware keeps getting faster and memory cheaper. Deal with it.
Yeah, okay, IPv6 can't - by definition - be the same since it's got to overlay things. But really, if this standard was to have "caught on", it should have changed as little as possible at once. IPv4 machines should simply be a.b.c.d.0.0.0.0.0.0 or something equally obvious. Routers and IP stacks could be written to extend the address space a few more bits, and the same methods as used in IPv4 should have been used to denote subnets. It SHOULD have been a simple task of padding out IPv4 space into IPv6, and software that doesn't grok the full address space just couldn't use it. Imagine adding two more "numbers" to your telephone, so phone "numbers" could include Pi and e. Call me at 1-800-555-5e55. If your phone doesn't have the buttons, you can't dial it. Fine. But the backbone should have been smoothly extended.
That's what IPv6 SHOULD have done. Add more address space and nothing else.
We could have MANY rovers instead of wasting money on the Shuttle. The hurry to get men in space without exploring it first or developing robotic tech we absolutely require anyway bleeds vital resources from unmanned programs whose missions can last for years.
You're probably already aware, but all of this exploration comes from public funding, which is tied to public opinion.
Tell me a kid who grows up thinking "some day I'm going to drive a robot on Mars" is going to approve of space-spending in the same degree that a kid who grows up thinking "some day I'm going to mars to drive a robot".
Manned space flight is fantastic. As in the stuff of fantasy. Only it's within our grasp.
What is interesting is that unlike basically every other technology we've invented, space-flight doesn't seem to get cheaper over time. You'd think nearly 40 years after landing on the moon, we'd be able to do it cheaper. Problem is what we're complicating the process, of course. The Apollo capsules were simple machines. Today, we'd load them up with intricate gear and triply-redundant equipment, all of which would require orders of magnitude more testing than the legacy stuff, driving the price astronomically high.
My advice? Stop worrying so much about safety. There are plenty of qualified volunteers who would leap at a chance of making it alive. Simplify the gear, spend the money on the actual sensor and science packages, and get some boots back on the moon, and then Mars.
Do it to inspire.
We have a tendency to anthropomorphize our gadgets, especially gadgets that move around and do stuff. How many times have we read about "the plucky rover" or "the rover that wouldn't quit" or "the rover that slept with my now-ex-girlfriend, the whore" ?
They're machines. They were designed to do a job for a specific period of time with the expectation that we'd continue to use them until they finally broke down. Spirit has pretty much broken down. It's been a great run and we've gotten a shit-ton of data from it, but it's time to hit the Off switch and release the staff to other projects ... like prepping for the next rover mission.
I hear the point you're trying to make, but it's not as black & white as you paint it to be. The real-world costs of getting a new rover to Mars is very high. The cost of paying a team of appropriately trained specialists for a few days or even weeks to potentially extend the useful lifespan of the existing rover is much lower. You and I aren't qualified to know the statistical odds of success, or the relative costs associated. Your words "it's time" are words we have no business speaking at this time.
I know no one reads the articles, as that would get in the way of the knee-jerking we all love to do. But the article makes it quite clear: the kindle includes a text-to-speech application, but no way for visually impaired folks to navigate. Therefore, the Kindle is not the right choice of e-book reader for institutions such as colleges and universities to promote. It is the Kindle that is unusable by the blind, not the e-books themselves.
Fair enough. New rule: educational institutions that purchase e-books are hereby granted permission to print a physical copy for each purchased license, for purposes of providing access to people unable to operate the e-book reader chosen by that institution. Make it law. Make it part of the mandatory licensing scheme, impose it on publishers, make it clear this MUST be permitted. Move on.
Seriously, what if (for instance) the ideal device that pandered to everyone's needs cost twice as much as the Kindle? Make the right purchase for the majority of circumstances and make additional/different purchases for the special cases. Don't sweat that one size doesn't fit all.
Not that I'm a proponent of e-book readers in schools at this stage of the technology's development and price-point, but my point stands alone.
If a 'Loss of Signal' can interrupt a POP session, wouldn't it also interrupt a file upload? Couldn't they just POP into the server on Earth once a day to grab their emails to be stored in a simple mbox or some such?
No. I could be wrong, but while something like FTP supports resume commands, I don't believe POP3 does. As far as I know, if you get 99% done RETR for a given e-mail and your socket drops, you have to RETR it again, from byte 0.
I also assume that there's some latency issues involved with all of this. A straight RPC over HTTP connection to the Exchange server would obsolete all of this, but it's a really chatty protocol. I imagine they fell back to fundamentals for a good reason.