Oh it gets even better than that. The brain trusts at our place decided to have a monthly enforced password change, but you can't change your password for 20 days after changing it to prevent you from cycling through passwords to get back to your original.
So now, if you think someone shoulder-surfed your password, you might not be able to actually change it!
Assuming Windows, it would be better to write a replacement GINA to capture passwords if you have physical access. Put the new GINA on the system and you're only capturing usernames and passwords and don't have to hunt them from the rest of the stuff typed into the machine.
Having been through the visa process (and I'm not in a 'high demand' country like India), they do it to themselves mainly as far as workload. Part of the problem is that the people they are accountable to (the US voter) are not the people they serve (the immigrant), and INS and US Embassy jobs seem to attract more of its fair share of jobsworths and "little hitler" bureaucrats who just love to mess people around.
Take for example this. The US Embassy in London rejected my APPROVED visa application (it was an extension to a visa, and the INS in the United States had approved it, and all the embassy was required to do was to stick a new visa in my passport) because one of the forms was "out of date". So I downloaded the new, up to date form off their website. I couldn't believe it when I looked at it - it was absolutely identical to the old form, except the date at the bottom was different!
On a previous application, they rejected my application because the company I worked for hadn't filled out the form right (according to them; according to our international assignments department, generally they find a formula that works with the forms - and the forms will be processed OK by the Embassy for about 6 months, and then without warning they start rejecting them. Then they have to to-and-fro in a trial and error process until the Embassy begins accepting the forms again. And about 6 months later, the forms start getting rejected again - rinse and repeat). I had to go to London, sit in the Embassy for 4 hours.
The Embassy itself was quite interesting. You sit in this large square room, and at the end are a bunch of bank teller style windows. There is a delicatessen-style number system. You are given a ticket and wait until your number is called. Of course, prior experience with the Embassy means that you know for sure if you miss your number, they will NOT call it out again and you will be sent away - so it's incredibly difficult to do something like read a book to pass the time just in case you miss the number. There are these 'newspapers' they leave too, I think they were called "Going USA". The first half of this paper is devoted to how great the USA is (land of opportunity etc., it seemed mainly to be stories about people who wanted to immigrate to run gas stations), and how awful your home country is by comparison. The second half of this paper is dedicated to telling you how you will never, ever get a visa! So anyway, my number was called. The question?
"How long have you been working for this company" "3 years so far" "That's fine" (stamp stamp). "You'll get your passport back in about 3 days"
They could have asked me that over the phone rather than incurring the cost of going all the way to London, waiting 4 hours, and then sending me away.
The Embassy is probably even worse now. I've heard that the ones in India will reject your application unless you turn up in a business suit (but that's just hearsay, I can't substantiate that). They have all sorts of petty bureacratic rules they won't tell you - they just reject applications with nothing except a very vague reason, and you have to keep retrying until you satisfy them (and even then, after a few months, forms that were completely satisfactory are suddenly unsatisfactory with more vague reasons for rejection).
Then there's the obvious bias. An Irish friend of mine actually got naturalized as a US citizen. He's a doctor. There was a family in front of him for one of the interviews done by the INS. They got given a real grilling - not in a private interview room, but in front of everyone in the waiting room. When he got there? "Oh, Doctor Smart, yes this is acceptable" >stampstamp. It seemed like if you were a doctor, you weren't subjected to the INS Dehumanization adn Demoralization Programme.
It's not quite as simple as that. I worked as an H1B visa worker for a while (I have since returned home) - there were only about 20 people on the entire planet qualified for the job and they _all_ worked in our department (a highly specialized piece of software). In the bespoke software business, this happens from time to time.
Not only did the company have to spend on the order of $4K or so on the process, I was paid the same salary as my colleagues PLUS an international service allowance; I was around 15-20% more expensive than my colleagues. I'm sure if the company could have trained a US worker in sufficient time they would have because it'd have saved them quite a bit of money.
Also, if the application programmer has to deal with it, it hurts portability. I maintain a Linux port of a multiplatform game. I really don't want to add yet more Linux-specific code because it's the only OS where you have to do all this extra stuff to get a decent memory footprint.
Lots of people edit home movies - with firewire ports coming on many laptops today especially. I'm already down to only 9GB left on my 250GB drive, and I don't have that much footage on it. Raw DV takes up space *fast*.
ACLs are in common use in Linux these days. Fedora Core for example (one of the most popular Linux distros) extensively uses ACLs - they are required for the SElinux policies that are enabled by default on that distribution. RedHat Enterprise Linux 4 also has SElinux (and therefore, requires ACLs) by default, and by extension, so does CentOS and the rest of the RHEL derived distros.
ACLs have been supported in ext2/3 and ReiserFS for years (ext3 generally being the usual filesystem in use by most distros).
It wouldn't cause anything of the sort. Oil companies (actually, note how many oil companies have stopped calling themselves 'oil companies', but 'energy companies' instead) will just start making biodiesel instead. Nothing is tying them to mineral oil. Once it is economically feasable to make biofuels for less expense than oil, energy firms will start doing it to remain competitive. It's inevitable. If they buy the patent, they will be buying it to make use of the patent.
CO2 is in a cycle. Plants take CO2 from the atmosphere to create their biomass, which is then turned into biodiesel. So the CO2 released by burning the biodiesel was actually extracted from the atmosphere in the first place. The upshot: no increase in CO2 because now it's a closed cycle.
No, I actually figured this out independently; I had never seen the bash quote of which you spoke. It's hardly novel or requiring great insight to work out how to socially engineer a bunch of snobs into giving you a useful response rather than a pointless brush-off.
And even with expensive support, often they can't help.
In a previous life, I worked on a project where it was necessary for us to write a complete replacement GINA (the bit that logs you onto Windows - it's a DLL that winlogon.exe loads). We were having problems getting the environment right - but we had a US $40,000 support contract with MS precisely for eventualities such as this.
We ended up speaking to the NT developers themselves. Even they couldn't answer our questions (presumably because the person who wrote the code had since left, and the documentation they had on GINA was no better than the documentation we had - basically, a terse to the point of almost uselessness Windows help file). We ended up reverse engineering the MS GINA. That expensive support contract was essentially worthless to us. However, I was quite gratified to see that when Win2K came out, the GINA documentation had been substantially expanded - I think the developers were intensely embarrassed that we were forced to reverse engineer their GINA to make ours work right, and did something to fix the problem.
I often tell people "Never ascribe to malice that which can adequately be explained by incompetence". Recently, a Samba developer was relating his experiences with interacting with MS developers, and discovering that the entire Network Neighbourhood et al. code in Windows is very poorly documented _within even Microsoft itself_. I suspect MS is not really dragging its heels in the EU antitrust settlement to provide adequate protocol documentation - I believe they are having to read the code to figure out how it works and write the documentation because, just like the GINA documentation back in the NT 4 days, it either inadequate or non-existent (and the people who originally wrote this have long since left the company).
If these incidents with poor documentation of the internal workings of Windows are endemic, it will be an awful long time before MS does 'secure by default'. There is an _awful_ lot of code out there which may be in a condition that no one really knows what it does; Windows is a complex product.
The other poster mentioned clustering. To add to his comment, VMS's clustering in the early 80s still beats most excuses for clustering now. VMS clustering was designed into the OS, not some kludged bolt-on.
Yes. I thought his (paraphrased) "People who say Microsoft is evil is stupid. A company can't be evil, but it might have evil policies" was non sequitur to be honest. That's a bit like saying a mass murderer is not evil, it's just his actions are evil.
What, more marketing driven - like Microsoft Axapta, which you can't tell how it's spelled when someone says it (and it sounds like the noise a toy gun makes), or Intel Viiv which sounds like the noise a spaced out moron makes?
I've been doing Linux since January 1992. But I don't know everything.
I've found the best way to deal with the snobs - and get a useful answer - is this. Don't just ask "I've googled for it already, but I can't find a way of doing foo with bar". All this will yield is "Well google harder" kind of responses.
Instead, say something like "On Windows, it's really easy to do foo with bar, but it's completely impossible under Linux! This is awful!". You will immediately be deluged with indignant responses telling you exactly how to do whatever it was you were trying to accomplish rather than an RTFM brush-off.
Do you really think that this would be rolled out with strong end-to-end cryptography?
Re:Some artists just want to be heard...
on
CRIA Falling Apart?
·
· Score: 1
Doctors have to do additional work to see each patient. Artists on the other hand (and record companies) expect to be paid in perpetuity for one piece of work they might have done years ago.
I live in the Isle of Man. No piffling 35 quid fine for using a mobile behind the wheel here. The fine is ONE THOUSAND POUNDS.
The unintended consequence is when people get a phone call, they pull over to take the call - often pulling over in very dangerous places, like just around a blind bend (thanks to quick reactions, two years ago I just avoided hitting someone who did just this).
It's fast enough and bug-free enough that Oolite (written for OS X and Cocoa) runs quite happily on Linux (although admittedly, we ditched GNUstep AppKit in favour of SDL). Certainly, the Foundation (the base Objective-C class library) is pretty fast.
Oh it gets even better than that. The brain trusts at our place decided to have a monthly enforced password change, but you can't change your password for 20 days after changing it to prevent you from cycling through passwords to get back to your original.
So now, if you think someone shoulder-surfed your password, you might not be able to actually change it!
Assuming Windows, it would be better to write a replacement GINA to capture passwords if you have physical access. Put the new GINA on the system and you're only capturing usernames and passwords and don't have to hunt them from the rest of the stuff typed into the machine.
Tech support scripts? Sounds like you were talking to a very short shell script!
Having been through the visa process (and I'm not in a 'high demand' country like India), they do it to themselves mainly as far as workload. Part of the problem is that the people they are accountable to (the US voter) are not the people they serve (the immigrant), and INS and US Embassy jobs seem to attract more of its fair share of jobsworths and "little hitler" bureaucrats who just love to mess people around.
Take for example this. The US Embassy in London rejected my APPROVED visa application (it was an extension to a visa, and the INS in the United States had approved it, and all the embassy was required to do was to stick a new visa in my passport) because one of the forms was "out of date". So I downloaded the new, up to date form off their website. I couldn't believe it when I looked at it - it was absolutely identical to the old form, except the date at the bottom was different!
On a previous application, they rejected my application because the company I worked for hadn't filled out the form right (according to them; according to our international assignments department, generally they find a formula that works with the forms - and the forms will be processed OK by the Embassy for about 6 months, and then without warning they start rejecting them. Then they have to to-and-fro in a trial and error process until the Embassy begins accepting the forms again. And about 6 months later, the forms start getting rejected again - rinse and repeat). I had to go to London, sit in the Embassy for 4 hours.
The Embassy itself was quite interesting. You sit in this large square room, and at the end are a bunch of bank teller style windows. There is a delicatessen-style number system. You are given a ticket and wait until your number is called. Of course, prior experience with the Embassy means that you know for sure if you miss your number, they will NOT call it out again and you will be sent away - so it's incredibly difficult to do something like read a book to pass the time just in case you miss the number. There are these 'newspapers' they leave too, I think they were called "Going USA". The first half of this paper is devoted to how great the USA is (land of opportunity etc., it seemed mainly to be stories about people who wanted to immigrate to run gas stations), and how awful your home country is by comparison. The second half of this paper is dedicated to telling you how you will never, ever get a visa! So anyway, my number was called. The question?
"How long have you been working for this company"
"3 years so far"
"That's fine" (stamp stamp). "You'll get your passport back in about 3 days"
They could have asked me that over the phone rather than incurring the cost of going all the way to London, waiting 4 hours, and then sending me away.
The Embassy is probably even worse now. I've heard that the ones in India will reject your application unless you turn up in a business suit (but that's just hearsay, I can't substantiate that). They have all sorts of petty bureacratic rules they won't tell you - they just reject applications with nothing except a very vague reason, and you have to keep retrying until you satisfy them (and even then, after a few months, forms that were completely satisfactory are suddenly unsatisfactory with more vague reasons for rejection).
Then there's the obvious bias. An Irish friend of mine actually got naturalized as a US citizen. He's a doctor. There was a family in front of him for one of the interviews done by the INS. They got given a real grilling - not in a private interview room, but in front of everyone in the waiting room. When he got there? "Oh, Doctor Smart, yes this is acceptable" >stampstamp. It seemed like if you were a doctor, you weren't subjected to the INS Dehumanization adn Demoralization Programme.
It's not quite as simple as that. I worked as an H1B visa worker for a while (I have since returned home) - there were only about 20 people on the entire planet qualified for the job and they _all_ worked in our department (a highly specialized piece of software). In the bespoke software business, this happens from time to time.
Not only did the company have to spend on the order of $4K or so on the process, I was paid the same salary as my colleagues PLUS an international service allowance; I was around 15-20% more expensive than my colleagues. I'm sure if the company could have trained a US worker in sufficient time they would have because it'd have saved them quite a bit of money.
If it's GPLd, it's Free and definitely _not_ proprietary.
Also, if the application programmer has to deal with it, it hurts portability. I maintain a Linux port of a multiplatform game. I really don't want to add yet more Linux-specific code because it's the only OS where you have to do all this extra stuff to get a decent memory footprint.
Golf carts. No wonder so many golfers are obese these days.
Lots of people edit home movies - with firewire ports coming on many laptops today especially. I'm already down to only 9GB left on my 250GB drive, and I don't have that much footage on it. Raw DV takes up space *fast*.
ACLs are in common use in Linux these days. Fedora Core for example (one of the most popular Linux distros) extensively uses ACLs - they are required for the SElinux policies that are enabled by default on that distribution. RedHat Enterprise Linux 4 also has SElinux (and therefore, requires ACLs) by default, and by extension, so does CentOS and the rest of the RHEL derived distros.
ACLs have been supported in ext2/3 and ReiserFS for years (ext3 generally being the usual filesystem in use by most distros).
It wouldn't cause anything of the sort. Oil companies (actually, note how many oil companies have stopped calling themselves 'oil companies', but 'energy companies' instead) will just start making biodiesel instead. Nothing is tying them to mineral oil. Once it is economically feasable to make biofuels for less expense than oil, energy firms will start doing it to remain competitive. It's inevitable. If they buy the patent, they will be buying it to make use of the patent.
This is unlikely. The decomposition of the paper is likely to release lots of methane, which as a greenhouse gas is four times stronger than CO2.
CO2 is in a cycle. Plants take CO2 from the atmosphere to create their biomass, which is then turned into biodiesel. So the CO2 released by burning the biodiesel was actually extracted from the atmosphere in the first place. The upshot: no increase in CO2 because now it's a closed cycle.
No, I actually figured this out independently; I had never seen the bash quote of which you spoke. It's hardly novel or requiring great insight to work out how to socially engineer a bunch of snobs into giving you a useful response rather than a pointless brush-off.
And even with expensive support, often they can't help.
In a previous life, I worked on a project where it was necessary for us to write a complete replacement GINA (the bit that logs you onto Windows - it's a DLL that winlogon.exe loads). We were having problems getting the environment right - but we had a US $40,000 support contract with MS precisely for eventualities such as this.
We ended up speaking to the NT developers themselves. Even they couldn't answer our questions (presumably because the person who wrote the code had since left, and the documentation they had on GINA was no better than the documentation we had - basically, a terse to the point of almost uselessness Windows help file). We ended up reverse engineering the MS GINA. That expensive support contract was essentially worthless to us. However, I was quite gratified to see that when Win2K came out, the GINA documentation had been substantially expanded - I think the developers were intensely embarrassed that we were forced to reverse engineer their GINA to make ours work right, and did something to fix the problem.
I often tell people "Never ascribe to malice that which can adequately be explained by incompetence". Recently, a Samba developer was relating his experiences with interacting with MS developers, and discovering that the entire Network Neighbourhood et al. code in Windows is very poorly documented _within even Microsoft itself_. I suspect MS is not really dragging its heels in the EU antitrust settlement to provide adequate protocol documentation - I believe they are having to read the code to figure out how it works and write the documentation because, just like the GINA documentation back in the NT 4 days, it either inadequate or non-existent (and the people who originally wrote this have long since left the company).
If these incidents with poor documentation of the internal workings of Windows are endemic, it will be an awful long time before MS does 'secure by default'. There is an _awful_ lot of code out there which may be in a condition that no one really knows what it does; Windows is a complex product.
The other poster mentioned clustering. To add to his comment, VMS's clustering in the early 80s still beats most excuses for clustering now. VMS clustering was designed into the OS, not some kludged bolt-on.
Yes. I thought his (paraphrased) "People who say Microsoft is evil is stupid. A company can't be evil, but it might have evil policies" was non sequitur to be honest. That's a bit like saying a mass murderer is not evil, it's just his actions are evil.
What, more marketing driven - like Microsoft Axapta, which you can't tell how it's spelled when someone says it (and it sounds like the noise a toy gun makes), or Intel Viiv which sounds like the noise a spaced out moron makes?
I've been doing Linux since January 1992. But I don't know everything.
I've found the best way to deal with the snobs - and get a useful answer - is this. Don't just ask "I've googled for it already, but I can't find a way of doing foo with bar". All this will yield is "Well google harder" kind of responses.
Instead, say something like "On Windows, it's really easy to do foo with bar, but it's completely impossible under Linux! This is awful!". You will immediately be deluged with indignant responses telling you exactly how to do whatever it was you were trying to accomplish rather than an RTFM brush-off.
Do you really think that this would be rolled out with strong end-to-end cryptography?
Doctors have to do additional work to see each patient. Artists on the other hand (and record companies) expect to be paid in perpetuity for one piece of work they might have done years ago.
I live in the Isle of Man. No piffling 35 quid fine for using a mobile behind the wheel here. The fine is ONE THOUSAND POUNDS.
The unintended consequence is when people get a phone call, they pull over to take the call - often pulling over in very dangerous places, like just around a blind bend (thanks to quick reactions, two years ago I just avoided hitting someone who did just this).
It's fast enough and bug-free enough that Oolite (written for OS X and Cocoa) runs quite happily on Linux (although admittedly, we ditched GNUstep AppKit in favour of SDL). Certainly, the Foundation (the base Objective-C class library) is pretty fast.