For want of a company, a customer was lost
on
10 Technologies MIA
·
· Score: 1
DragonHawk: "Negative cash flow is bad, m'kay?"
toddestan: "Why don't you stop looking at it from the point of an investor/shareholder, and look at the company from the point of a customer? What isn't there to like about a company that has great prices, fast delivery, and free shipping?"
I am looking at it from the standpoint of a customer. Companies that consistently lose money eventually run out of money and die. A company that doesn't exist does me no good at all. At work, one of the things I always look at when selecting vendors is the corporate health of the vendor. I want the vendor to be around in the future. I want them to make money. If they don't, they die, and I (as the customer) am, at best, severely inconvenienced. If the vendor provided more then just a commodity, things might get very expensive as I look to replace "legacy" stuff.
Hence the Santa Claus analogy. What's not to like about a jolly old elf who flies around giving presents to people who do good? Well, nothing, except for the fact that it isn't realistic. I don't base my personal life or my professional work on such things.
There isn't one. That's the point. As opposed to the endgame for not conserving, which is resource exhaustion.
I find your question so absolutely hilarious that I just had to reply.
(Note that "conservation", in sane circles, does not mean "abandoning everything but solar power", the way some nut-jobs (on both ends of the spectrum) seem to think. It means intelligent management of your resources. "Sustainable resource consumption" would be a better term, but that's doesn't roll of the tongue as well.)
"Most would likely agree that this mission has been more 'eventful' than many in the past. "
No. Anyone who has studied the space program will tell you that every single mission is eventful. The difference is that this flight has had more attention. The astronauts on STS-114 can't break wind without getting mentioned on a news report or weblog. Hell, look at Slashdot here, we've had more coverage for this space flight then I think we've had for any other single event, ever.
Why? Because the last shuttle ended in disaster, and everyone wants to be first to report on this one. Everybody's watching. If this flight goes off without a hitch and STS resumes flight again, the next one will get moderate coverage, the next after minor, and then people will move on to the next big thing.
The same thing happened with Apollo. The Apollo 11 landing broadcast had the biggest audiance of all-time. When Apollo 13 exploded, most people didn't even know we had a mission up there.
Senstationalism gets attention. A larger share of attention means the media can sell more advertisements. Like water and electricity, money follows the path of least resistance.
I've seen this idea -- that slightly higher or lower concentrations of oxygen in our atmosphere would mean huge fireballs or no fire at all, respectively -- put forth before. I'm starting to suspect it's some kind of modern myth. I found nothing on Snopes.com though.
"I imagine that this is only the case in the Microsoft drivers. "
I believe Microsoft generally does not write drivers. The drivers that ship "in the box" with MS Windows are generally written by the hardware OEM. The OEM submits them for WHQL (Windows Hardware Quality Labs) testing. If they get approved, Microsoft may include them with future releases of Windows.
I'm sure there are exceptions to this, but I believe that is how it goes, normally.
"If the President could start an illegal war without Congress' consent..."
Hey, I don't like the war in Iraq, and I think President Bush is a moron, but let's be fair here. Congress voted overwhelmingly to support whatever military action the President might take, and they never revoked that privilege. They never even considered it. They should be held accountable, too.
"If anyone ever pressures me to get one of these, he will get a vigorous refusal, which may include the use of firearms."
I don't disagree with you. But, if this sort of thing becomes "mandatory by law", that reaction will generally mean you either get killed in the shoot-out, or incarcerated -- and doubtless when you are incarcerated, you get implanted involuntarily. So it's death or implantation. Maybe you'll choose death. I might just make that choice as well, if it came right down to it. But I suspect most people won't make that choice, and I'm not just talking about the mindless sheep. Most people value their lives more then their freedom.
Okay, I misunderstood the "Everything was going good for 20 years" comment. In the context of just the TPS, there have been no major disasters in the history of the STS prior to the final flight of Columbia. I was thinking of the STS as a whole. My bad.
That said, I still stand by the rest of my comment. The fact that it problems never resulted in a disaster prior to 2003 does not mean that there were never any serious problems. I see this attitude all the time and it's wrong. People get away with doing stupid things for a while -- years, sometimes. Then, for whatever reason, they stop getting away with it and come to me and say, "Fix it", and won't listen when I point out that it is their behavior that is the problem.
"We've always done it that way" makes a lousy epitaph.
For that matter, there is a huge difference between "nothing has gone wrong that has caused a major problem" and "nothing has gone wrong that could cause a major problem". One of the Investigation Board's findings was that NASA would routinely ignore potentially serious issues just because they hadn't caused a major problem yet.
"The shuttle should have been a step towards true spaceplanes."
Why?
What's the big deal about spaceplanes, anyway? Why are we so in love with them? Is it just because the idea of a VTOL rocket seems dated, like some bad 1950s sci-fi flick?
An airplane is practical because as long as you're moving forward (going someplace) anyway, you might as well generate lift with all that air you're flying through. It's the simplest, easiest, cheapest way to the solve the problem.
On the STS, I believe the wings don't do anything during launch (except act as targets for debris, apparently). Even if you take off like an airplane, wings loose effectiveness way before you get to space. Once you're in space, they obviously don't do anything. Coming back down is the only time they come into play, and they're not terribly impressive then. STS airflight isn't so much "gliding" as it is "falling out of the sky, gently".
What's the practical benefit of wings on a spacecraft?
Only Apple could generate this much hype over a mouse. And Apple doesn't even have to try. Apple just releases a standard marketing press release. "This is our greatest product ever, and you should buy one. If not two." That's standard business. But then, between half the press going gaa-gaa over it, the other half downplaying it and talking about Apple's "troubled" position in the industry, and all the fanboys and zealots arguing about it on sites like this, you'd think Apple had just invented the original mouse. The only way we could have more Slashdot buzz would be if, I dunno, Microsoft announced they had hired Linus Torvalds to create a new generation of Amiga computers to render the FX in the new new Star Wars sequels.
I think ole Jobs must have amplified his Reality Distortion Field so that it surrounds the entire company.
"Windows installation has never been shy about overwriting LILO (and later GRUB)..."
For a rare change, this isn't Microsoft's fault. To the best of my knowledge, every "install" program for every version of DOS, Windows-as-an-OS, or OS/2 writes a new MBR (Maser Boot Record). The MBR was never, ever intended to contain an OS-specific boot loader. It contains the partition table, and the code to find the active partition and boot the PBR (Partition Boot Record). It has been that way since IBM and Microsoft created the IBM-PC hard disk MBR table format in the 1980's.
It is Linux (or rather, LILO, GRUB, and the like) that are doing something completely non-standard by installing application-specific software into the MBR. Granted, the IBM-PC platform is a collection of hacks and limitations, so doing something non-standard is often the only way to accomplish something, but that doesn't mean you can expect your non-standard approach to work for every situation.
When I install LILO or GRUB, I install it to the PBR of a primary partition, the way the PC spec says to. I usually use the same partition as my root and/or/boot partition for Linux. I may additionally write another instance of the stage one loader to the MBR for my convenience. But I'm not surprised if something else blows it away. If that happens, I set the primary partition to my Linux loader partition. That then boots fine, and I can then re-write my favored MBR.
Now, Microsoft could make things easier by updating their current (or next) installer to detect an existing MBR and offer the opportunity to leave it alone. Of course, questions like that would prolly just confuse the vast majority of their customer base. More importantly, Microsoft has shown over and over again that they're rather anti-social, so I would hardly expect them to go out of their way to support the non-standard behavior of their competition!
" find the best advice I've ever gotten on commenting code is very simple - Comment the why, not the how."
Another one I like is:
"Comments on data are usually much more helpful than on algorithms." -- Rob Pike
I can't count the number of times where I've been reading through some code which has comments like "transform foo for the analysis loop" and "write foo to the instrument buffer" while all the while I'm wondering, "What the hell is 'foo' and where the hell did it come from?"
"generally not worth it to hang out and commit an act of theft of service."
If that's all it is, I'd tend to agree with you. But I've seen descriptions of seeing what other people's terminals (TVs) are doing, including billing information and supposedly "private" Internet sessions. The idea of skimming credit card info or private business dealings off of this isn't inconceivable. As a potential guest at a hotel, I'm a lot more worried then I would be about the hotel ownership's potential loss of profit.
"The system is good enough for it's application."
There is nothing wrong with that attitude in and of itself. The problem is that things almost always get extended beyond their initial application. Cleartext TELNET is good enough for it's original application -- carrying terminal sessions between a handful of computers operated by a group of people who all know each other. TELNET becomes insecure when used on the modern Internet, where your packets might go anywhere, to anyone.
The same worry applies here. If the original application was handling payment processing for dirty movies, sure, this is prolly good enough. But when you add on Internet access, room service control, billing and payment, and $DEITY knows what else, suddenly the picture (pardon the pun) isn't so rosy.
"I suspect [it is] security in the sense that 'no one can modify this document (even a "single pixel") without it being detected.'"
I assumed right from the get-go that they calculate a hash of the scanned document image to validate integrity and authenticity. The thing that concerns me is, what protects those hashes? Are they just stored on the same disk (or RAID) that the scanned document images themselves are? If so, what keeps the hashes from being modified along with the original cleartext? Is there anything keeping the "bad guys" from modifing the image, generating an updated hash, and storing that to disk? The salesweasel didn't understand my questions, which didn't surprise me. He was at least honest enough to admit that, which was nice. A lot of salesweasels will just keep shoveling bullshit without regards to how far in over their heads they are. But he didn't know of any way he could actually justify the security claims, other then to point me at the DocStar website. I had already been there, and it is extremely shallow in terms of actual product information. So, again, we end up back at, "It's secure because we say so."
There are countermeasures one can put in place against such modification of signatures, but I have seen no evidence (at this point in time) that DocStar actually uses any of them. It could just be more of the same vendor bull, where the only defense is the assumption that nobody will look too closely.
It's rare that one finds actual, technical security details in product information. We just have to take their word for it, when time and time again, vendors demonstrate that their word isn't so good.
Security through obscurity
on
Hacking Hotels 101
·
· Score: 5, Informative
This is a classic case of "security through obscurity". The hotels (or rather, their vendors) are relying on the fact that nobody knows how their system works to keep it secure. They just broadcast everything and figure, "Hey, you need one of our special remotes to do anything, so we're safe".
I think it is important to blame the vendors as well as the hotels. Two days ago I got a sales presentation of a document management system called "DocStar". The sales weasel kept going on and on about security, repeating himself with how it has security "at the level of individual pixels". But whenever I tried to pin him down about how that system is actually secure, he had nothing. As near as I can tell, their whole pitch is "It's secure because we say it is". Right. I'm supposed to take his word for it, when vendors demonstrate over and over, with cases like this, that their security usually amounts to "We hope nobody will ever try to break in".
"Is the world so full of groups of pathetic people that they need this kind of attention? Or has everybody become so self-absorbed and selfish that they need to reminded of others? Or perhaps it's just self-important people trying to promote themselves and have their egos stroked."
I suppose you have a point.
Now somebody hurry up and cut this guy's network feed so he can properly appreciate his stance.;-)
My favorite spacecraft that died before it's time was the Delta Clipper Experimental (DC-X). SSTO. VTOL. Resable. It showed real promise of being practical, cheap, safe, and versatile. Alas, they never got enough funding to continue engineering and trials.
(Before some bonehead chimes in: Yes, I know the DC-XA exploded when it tipped over during landing. Perhaps you missed the word "experimental" in the name. These are scale trials designed to evaluate designs, not production craft. They gave up too soon.)
The shuttle was to help us learn how to make space travel routine.
The problem that many people have is that, apparently, be haven't been learning the lesson very well.
The STS has basically taught us that the STS design is a bad way to design a spacecraft. (Well, that's not really fair to all the dedicated and brilliant people who work in the STS program, but it makes the point I want to make.) Conventional rockets are definitely cheaper and quite likely safer.
But we continue to use the overly-complicated, expensive STS.
I can't help but think that the lives of 14 astronauts (so far) is a very expensive tuition, indeed. Maybe we should study harder.
Slashdot Mirror
DragonHawk: "Negative cash flow is bad, m'kay?"
toddestan: "Why don't you stop looking at it from the point of an investor/shareholder, and look at the company from the point of a customer? What isn't there to like about a company that has great prices, fast delivery, and free shipping?"
I am looking at it from the standpoint of a customer. Companies that consistently lose money eventually run out of money and die. A company that doesn't exist does me no good at all. At work, one of the things I always look at when selecting vendors is the corporate health of the vendor. I want the vendor to be around in the future. I want them to make money. If they don't, they die, and I (as the customer) am, at best, severely inconvenienced. If the vendor provided more then just a commodity, things might get very expensive as I look to replace "legacy" stuff.
Hence the Santa Claus analogy. What's not to like about a jolly old elf who flies around giving presents to people who do good? Well, nothing, except for the fact that it isn't realistic. I don't base my personal life or my professional work on such things.
That's reality.
"What's the conservation endgame?"
There isn't one. That's the point. As opposed to the endgame for not conserving, which is resource exhaustion.
I find your question so absolutely hilarious that I just had to reply.
(Note that "conservation", in sane circles, does not mean "abandoning everything but solar power", the way some nut-jobs (on both ends of the spectrum) seem to think. It means intelligent management of your resources. "Sustainable resource consumption" would be a better term, but that's doesn't roll of the tongue as well.)
"Most would likely agree that this mission has been more 'eventful' than many in the past. "
No. Anyone who has studied the space program will tell you that every single mission is eventful. The difference is that this flight has had more attention. The astronauts on STS-114 can't break wind without getting mentioned on a news report or weblog. Hell, look at Slashdot here, we've had more coverage for this space flight then I think we've had for any other single event, ever.
Why? Because the last shuttle ended in disaster, and everyone wants to be first to report on this one. Everybody's watching. If this flight goes off without a hitch and STS resumes flight again, the next one will get moderate coverage, the next after minor, and then people will move on to the next big thing.
The same thing happened with Apollo. The Apollo 11 landing broadcast had the biggest audiance of all-time. When Apollo 13 exploded, most people didn't even know we had a mission up there.
Senstationalism gets attention. A larger share of attention means the media can sell more advertisements. Like water and electricity, money follows the path of least resistance.
"You don't get what's to like about a company that sold everything at cost and didn't charge for shipping?"
How did this get mod'ed Insightful? (Yah, yah, pretend I'm new here.)
I suppose it's much like Santa Claus. People like the concept, but nobody with a brain thinks they really exist.
Negative cash flow is bad, m'kay?
I've seen this idea -- that slightly higher or lower concentrations of oxygen in our atmosphere would mean huge fireballs or no fire at all, respectively -- put forth before. I'm starting to suspect it's some kind of modern myth. I found nothing on Snopes.com though.
"I imagine that this is only the case in the Microsoft drivers. "
I believe Microsoft generally does not write drivers. The drivers that ship "in the box" with MS Windows are generally written by the hardware OEM. The OEM submits them for WHQL (Windows Hardware Quality Labs) testing. If they get approved, Microsoft may include them with future releases of Windows.
I'm sure there are exceptions to this, but I believe that is how it goes, normally.
"If the President could start an illegal war without Congress' consent..."
Hey, I don't like the war in Iraq, and I think President Bush is a moron, but let's be fair here. Congress voted overwhelmingly to support whatever military action the President might take, and they never revoked that privilege. They never even considered it. They should be held accountable, too.
"If anyone ever pressures me to get one of these, he will get a vigorous refusal, which may include the use of firearms."
I don't disagree with you. But, if this sort of thing becomes "mandatory by law", that reaction will generally mean you either get killed in the shoot-out, or incarcerated -- and doubtless when you are incarcerated, you get implanted involuntarily. So it's death or implantation. Maybe you'll choose death. I might just make that choice as well, if it came right down to it. But I suspect most people won't make that choice, and I'm not just talking about the mindless sheep. Most people value their lives more then their freedom.
To adapt a quote I've seen elsewhere:
Arguing about politics on Slashdot is like running in the Special Olympics. Even if you win, you're still a retard.
Okay, I misunderstood the "Everything was going good for 20 years" comment. In the context of just the TPS, there have been no major disasters in the history of the STS prior to the final flight of Columbia. I was thinking of the STS as a whole. My bad.
That said, I still stand by the rest of my comment. The fact that it problems never resulted in a disaster prior to 2003 does not mean that there were never any serious problems. I see this attitude all the time and it's wrong. People get away with doing stupid things for a while -- years, sometimes. Then, for whatever reason, they stop getting away with it and come to me and say, "Fix it", and won't listen when I point out that it is their behavior that is the problem.
"We've always done it that way" makes a lousy epitaph.
Okay, I misunderstood the "Everything was going good for 20 years" comment. In the context of just the
Everything was going good for 20 years...
Tell that to the Challenger crew.
For that matter, there is a huge difference between "nothing has gone wrong that has caused a major problem" and "nothing has gone wrong that could cause a major problem". One of the Investigation Board's findings was that NASA would routinely ignore potentially serious issues just because they hadn't caused a major problem yet.
"The shuttle should have been a step towards true spaceplanes."
Why?
What's the big deal about spaceplanes, anyway? Why are we so in love with them? Is it just because the idea of a VTOL rocket seems dated, like some bad 1950s sci-fi flick?
An airplane is practical because as long as you're moving forward (going someplace) anyway, you might as well generate lift with all that air you're flying through. It's the simplest, easiest, cheapest way to the solve the problem.
On the STS, I believe the wings don't do anything during launch (except act as targets for debris, apparently). Even if you take off like an airplane, wings loose effectiveness way before you get to space. Once you're in space, they obviously don't do anything. Coming back down is the only time they come into play, and they're not terribly impressive then. STS airflight isn't so much "gliding" as it is "falling out of the sky, gently".
What's the practical benefit of wings on a spacecraft?
Only Apple could generate this much hype over a mouse. And Apple doesn't even have to try. Apple just releases a standard marketing press release. "This is our greatest product ever, and you should buy one. If not two." That's standard business. But then, between half the press going gaa-gaa over it, the other half downplaying it and talking about Apple's "troubled" position in the industry, and all the fanboys and zealots arguing about it on sites like this, you'd think Apple had just invented the original mouse. The only way we could have more Slashdot buzz would be if, I dunno, Microsoft announced they had hired Linus Torvalds to create a new generation of Amiga computers to render the FX in the new new Star Wars sequels.
I think ole Jobs must have amplified his Reality Distortion Field so that it surrounds the entire company.
"Windows installation has never been shy about overwriting LILO (and later GRUB)..."
/boot partition for Linux. I may additionally write another instance of the stage one loader to the MBR for my convenience. But I'm not surprised if something else blows it away. If that happens, I set the primary partition to my Linux loader partition. That then boots fine, and I can then re-write my favored MBR.
For a rare change, this isn't Microsoft's fault. To the best of my knowledge, every "install" program for every version of DOS, Windows-as-an-OS, or OS/2 writes a new MBR (Maser Boot Record). The MBR was never, ever intended to contain an OS-specific boot loader. It contains the partition table, and the code to find the active partition and boot the PBR (Partition Boot Record). It has been that way since IBM and Microsoft created the IBM-PC hard disk MBR table format in the 1980's.
It is Linux (or rather, LILO, GRUB, and the like) that are doing something completely non-standard by installing application-specific software into the MBR. Granted, the IBM-PC platform is a collection of hacks and limitations, so doing something non-standard is often the only way to accomplish something, but that doesn't mean you can expect your non-standard approach to work for every situation.
When I install LILO or GRUB, I install it to the PBR of a primary partition, the way the PC spec says to. I usually use the same partition as my root and/or
Now, Microsoft could make things easier by updating their current (or next) installer to detect an existing MBR and offer the opportunity to leave it alone. Of course, questions like that would prolly just confuse the vast majority of their customer base. More importantly, Microsoft has shown over and over again that they're rather anti-social, so I would hardly expect them to go out of their way to support the non-standard behavior of their competition!
"Normal people aren't ambidextrous aardvark afficionados either."
Hey, you better watch it, or the AAAAA (American Association Against Alliteration Abuse) will get you!
(Hey, it was either that, or an "insensitive clod" joke.)
Hot damn. That may well be the funniest AC post I've seen on Slashdot in over a year. There may be hope for us all yet.
We've got a program at work that, once in a great while, aborts with the message, "Call Bob".
Bob hasn't worked there in years.
*sigh*
" find the best advice I've ever gotten on commenting code is very simple - Comment the why, not the how."
Another one I like is:
"Comments on data are usually much more helpful than on algorithms." -- Rob Pike
I can't count the number of times where I've been reading through some code which has comments like "transform foo for the analysis loop" and "write foo to the instrument buffer" while all the while I'm wondering, "What the hell is 'foo' and where the hell did it come from?"
"generally not worth it to hang out and commit an act of theft of service."
If that's all it is, I'd tend to agree with you. But I've seen descriptions of seeing what other people's terminals (TVs) are doing, including billing information and supposedly "private" Internet sessions. The idea of skimming credit card info or private business dealings off of this isn't inconceivable. As a potential guest at a hotel, I'm a lot more worried then I would be about the hotel ownership's potential loss of profit.
"The system is good enough for it's application."
There is nothing wrong with that attitude in and of itself. The problem is that things almost always get extended beyond their initial application. Cleartext TELNET is good enough for it's original application -- carrying terminal sessions between a handful of computers operated by a group of people who all know each other. TELNET becomes insecure when used on the modern Internet, where your packets might go anywhere, to anyone.
The same worry applies here. If the original application was handling payment processing for dirty movies, sure, this is prolly good enough. But when you add on Internet access, room service control, billing and payment, and $DEITY knows what else, suddenly the picture (pardon the pun) isn't so rosy.
"I suspect [it is] security in the sense that 'no one can modify this document (even a "single pixel") without it being detected.'"
I assumed right from the get-go that they calculate a hash of the scanned document image to validate integrity and authenticity. The thing that concerns me is, what protects those hashes? Are they just stored on the same disk (or RAID) that the scanned document images themselves are? If so, what keeps the hashes from being modified along with the original cleartext? Is there anything keeping the "bad guys" from modifing the image, generating an updated hash, and storing that to disk? The salesweasel didn't understand my questions, which didn't surprise me. He was at least honest enough to admit that, which was nice. A lot of salesweasels will just keep shoveling bullshit without regards to how far in over their heads they are. But he didn't know of any way he could actually justify the security claims, other then to point me at the DocStar website. I had already been there, and it is extremely shallow in terms of actual product information. So, again, we end up back at, "It's secure because we say so."
There are countermeasures one can put in place against such modification of signatures, but I have seen no evidence (at this point in time) that DocStar actually uses any of them. It could just be more of the same vendor bull, where the only defense is the assumption that nobody will look too closely.
It's rare that one finds actual, technical security details in product information. We just have to take their word for it, when time and time again, vendors demonstrate that their word isn't so good.
This is a classic case of "security through obscurity". The hotels (or rather, their vendors) are relying on the fact that nobody knows how their system works to keep it secure. They just broadcast everything and figure, "Hey, you need one of our special remotes to do anything, so we're safe".
I think it is important to blame the vendors as well as the hotels. Two days ago I got a sales presentation of a document management system called "DocStar". The sales weasel kept going on and on about security, repeating himself with how it has security "at the level of individual pixels". But whenever I tried to pin him down about how that system is actually secure, he had nothing. As near as I can tell, their whole pitch is "It's secure because we say it is". Right. I'm supposed to take his word for it, when vendors demonstrate over and over, with cases like this, that their security usually amounts to "We hope nobody will ever try to break in".
Gag.
"Is the world so full of groups of pathetic people that they need this kind of attention? Or has everybody become so self-absorbed and selfish that they need to reminded of others? Or perhaps it's just self-important people trying to promote themselves and have their egos stroked."
;-)
I suppose you have a point.
Now somebody hurry up and cut this guy's network feed so he can properly appreciate his stance.
My favorite spacecraft that died before it's time was the Delta Clipper Experimental (DC-X). SSTO. VTOL. Resable. It showed real promise of being practical, cheap, safe, and versatile. Alas, they never got enough funding to continue engineering and trials.
I can't find a single "best" link, so a Google search is the best bet for learning about this very interesting design:
http://www.google.com/search?q=DC-X+delta+clipper
(Before some bonehead chimes in: Yes, I know the DC-XA exploded when it tipped over during landing. Perhaps you missed the word "experimental" in the name. These are scale trials designed to evaluate designs, not production craft. They gave up too soon.)
The shuttle was to help us learn how to make space travel routine.
The problem that many people have is that, apparently, be haven't been learning the lesson very well.
The STS has basically taught us that the STS design is a bad way to design a spacecraft. (Well, that's not really fair to all the dedicated and brilliant people who work in the STS program, but it makes the point I want to make.) Conventional rockets are definitely cheaper and quite likely safer.
But we continue to use the overly-complicated, expensive STS.
I can't help but think that the lives of 14 astronauts (so far) is a very expensive tuition, indeed. Maybe we should study harder.