I'm just finishing up a project based on a big commercial product. Portions are Open Source, once you pay the initial fee, which ain't small.
The product is so poorly written that it completely boggles my mind. If I weren't under NDA, I could keep the Daily WTF loaded up for weeks. And this is just the portions that they're willing to let me see.
Out of pure spite, next time I have a project that's in this general domain, I'm doing it using FOSS frameworks, and releasing it as FOSS. Fuck 'em. If they're going to sell crap, they don't deserve to be a virtual monopoly in the business. This stuff isn't rocket science...
The Dude: Jesus, man, can you change the station? Cab Driver: Fuck you man! You don't like my fucking music, get your own fucking cab! The Dude: I've had a-- Cab Driver: I pull over and kick your ass out, man! The Dude: --had a rough night, and I hate the fucking Eagles, man
I can't tell you how many times I have people approach me wanting to build "The Next Big Thing."
In the end, it's always "like Facebook, but for Manicurists" or "it's like IMDB for musicians" or "it's Craigslist with built-in Twitter!"
Naturally, they never want to pay anything upfront. It's always an incredibly generous offer of a percentage of the profits down the road (and almost always around 10% because, of course, "the idea is the hard part"). And do they have a promotion plan? Any way of actually earning money with the brilliant idea? Of course not.
Often, just having backups is not enough if there's data corruption. When data gets corrupted, it may not be evident right away. Backing up corrupted and/or zero-length files is more common than you'd think.
Actually, one of the key differences between good companies and poor companies is when there actually is a difference between "bad situation" and "worst-case scenario."
I've worked for some where the two modes are "smooth operation" and "worst-case scenario."
What, if anything, is being done to counter the threat of embedded trojans or related hazards?
There are probably a hundred million PCs in the US, and a very high percentage of them are built from components manufactured overseas. A clever enemy could embed hostile code in any one of a number of places: northbridge/southbridge chipsets, graphics cards, bios, network controllers, maybe even memory controllers. Attacks could be anywhere from stupid brute force deletions, document corruption, or denial of service to sophisticated attacks like stealthy targeted data alteration, network sniffing, etc. Threats could be very hard to detect, and triggering could be done via any one of a number of covert channels (including time-based, network based, or complex schemes with cooperating viruses or worms).
There was a widely celebrated case where US operatives got trojaned equipment into the supply chain of the Soviets and destroyed a gas plant (http://www.msnbc.msn.com/id/4394002). This would be a minor blip compared to the damage that could be done to American business interests if some compromise of even a fraction of one percent of the desktop computer hardware in the country were to be activated. And given the DoD emphasis on COTS products, are there any efforts to vet and/or protect important internal systems?
Maybe a deeper question, since computer assembly, board design, BIOS/EPROM coding, and chip fabrication don't require any particular security clearance, is it even possible to protect against such attacks?
Hey, I paid for Vista too. Twice, so far, WGA has gone fubar on me. I don't know why -- I didn't change hardware or anything. Th first time, while talking to tech support in Bangalore, I went through one of the most frustrating experiences ever with a computer company where the woman was insisting there were options on my screen that didn't exist. I'd read the list of options, and she'd say "No, sir, use the other option" (this dance repeated four times before she transfered me to a department that was not answering their phone). I was unable to get the system working until the next day, when that department re-opened, and someone could give me what he called a "onetime reauthorization code."
The second time, a few weeks later, the problem returned. Tech support walked me through it again. I used the "MGADiag" program that told me I was using a genuine copy, meanwhile WGA popups were calling me a thief and shutting me down. Again, it took hours on the phone to resolve.
So far, it's been OK since that second episode. But I'm out about four hours of phone time, and one evening of no Windows computer. As I said to the tech support people - if I had just been dishonest and gotten a cracked version, I wouldn't have had those problems. Why they were insistent on punishing their legit customers, I don't know.
My Mac OS and Linux machines may have their annoyances too, but they have never called me "thief!"
"Absolute power corrupts absolutely, but a little goes a long way."
Every time I see some petty bureaucrat acting out, or some idiot with some kind of a uniform busting out the authority moves, I see the truth in that demonstrated.
Trace was great. I've heard Mary Jo is good when she's doing the writing, but I can't stand to watch her acting. I feel like I'm watching a refugee from the Ren Faire imitating MST3K episodes.
I agree that Trace added a lot to the show. I think he and Mike were a great writing team.
What impressed me was how well most of the "low-tech" (e.g., not CGI) special effects held up. I know they did a little cleanup for this release, but, by and large, the models / matt-paintings / fog still make for a very impressive show.
It was also interesting to see all of the actors basically at the peaks of their careers. Most of them subsequently demonstrated that their acting ranges were pretty narrow, but Scott got pretty dead-on performances out of all of them.
The film really is the best of Hollywood dystopian science fiction noir police dramas involving implanted memories.
In both my example and the hotspot's there is no automatic extra cost for the store.
Unless, of course, they have tiered pricing based upon bandwidth used. Or, to extend your analogy, it may be possible that those other channels are pay-per-view:)
Slashdot Mirror
I dunno. I'm still using my four-year-old Treo 650.
It's been to hell and back, several times*.
I'm hoping to make it last five years, and then upgrade to whatever's the best thing in smartphones.
* I even got some great VGA-res pictures of the moon rising over the lake of fire.
Hey hey!
Can't say.
Under f'in NDA.
I'm just finishing up a project based on a big commercial product. Portions are Open Source, once you pay the initial fee, which ain't small.
The product is so poorly written that it completely boggles my mind. If I weren't under NDA, I could keep the Daily WTF loaded up for weeks. And this is just the portions that they're willing to let me see.
Out of pure spite, next time I have a project that's in this general domain, I'm doing it using FOSS frameworks, and releasing it as FOSS. Fuck 'em. If they're going to sell crap, they don't deserve to be a virtual monopoly in the business. This stuff isn't rocket science...
The Dude: Jesus, man, can you change the station?
Cab Driver: Fuck you man! You don't like my fucking music, get your own fucking cab!
The Dude: I've had a--
Cab Driver: I pull over and kick your ass out, man!
The Dude: --had a rough night, and I hate the fucking Eagles, man
Preach it, brother!
I can't tell you how many times I have people approach me wanting to build "The Next Big Thing."
In the end, it's always "like Facebook, but for Manicurists" or "it's like IMDB for musicians" or "it's Craigslist with built-in Twitter!"
Naturally, they never want to pay anything upfront. It's always an incredibly generous offer of a percentage of the profits down the road (and almost always around 10% because, of course, "the idea is the hard part"). And do they have a promotion plan? Any way of actually earning money with the brilliant idea? Of course not.
Feh!
reminds me of my favorite high-compression encryption technique. Just scan the plaintext in binary. Count the 1s and 0s. Save those two numbers.
Of course, decryption is a very time-intensive process...
Often, just having backups is not enough if there's data corruption. When data gets corrupted, it may not be evident right away. Backing up corrupted and/or zero-length files is more common than you'd think.
That's why versioning backups are a Good Thing.
Not a bad idea.
In the past, I've used Duplicity, which is a non-P2P analog of this. It does require more setup (and trust on the part of the space provider).
Actually, one of the key differences between good companies and poor companies is when there actually is a difference between "bad situation" and "worst-case scenario."
I've worked for some where the two modes are "smooth operation" and "worst-case scenario."
How could that possibly be number 37?
Well, they get pretty technical, and the order seems somewhat arbitrary.
For example, Laws 5-9 are all very specific to fetishes simultaneously involving badgers, restraints, and jam.
Well, I think it comes down to a classic application of Angst_Ridden_Hipster's 37th Law of Fetishes:
"Other people's fetishes are weird."
Yes, but large clusters of small, inexpensive radio jammers are hard to take out without a whole lotta HARMs.
Jamming is really, really easy. You can build a decent jammer for small radii with only about $20 of Radio Shack parts.
The best way of jamming the signals will soon be to down the satellite.
No it won't.
Unless you think the best way to interfere with someone's radio is to blow up the transmission tower.
Jamming radio signals is trivially easy.
Blowing up satellites is not.
Oh I have been to Ludlow fair,
...
:)
and left my necktie God knows where.
And carried half way home, or near,
pints and quarts of Ludlow beer.
Then the world seemed none so bad,
and I myself a sterling lad.
And down in lovely muck I've lain, happy -
till I woke up again.
Those lines from Housman seem to find their way into the comments of many a piece of code I've written. Probably just coincidence
What, if anything, is being done to counter the threat of embedded trojans or related hazards?
There are probably a hundred million PCs in the US, and a very high percentage of them are built from components manufactured overseas. A clever enemy could embed hostile code in any one of a number of places: northbridge/southbridge chipsets, graphics cards, bios, network controllers, maybe even memory controllers. Attacks could be anywhere from stupid brute force deletions, document corruption, or denial of service to sophisticated attacks like stealthy targeted data alteration, network sniffing, etc. Threats could be very hard to detect, and triggering could be done via any one of a number of covert channels (including time-based, network based, or complex schemes with cooperating viruses or worms).
There was a widely celebrated case where US operatives got trojaned equipment into the supply chain of the Soviets and destroyed a gas plant (http://www.msnbc.msn.com/id/4394002). This would be a minor blip compared to the damage that could be done to American business interests if some compromise of even a fraction of one percent of the desktop computer hardware in the country were to be activated. And given the DoD emphasis on COTS products, are there any efforts to vet and/or protect important internal systems?
Maybe a deeper question, since computer assembly, board design, BIOS/EPROM coding, and chip fabrication don't require any particular security clearance, is it even possible to protect against such attacks?
Hey, I paid for Vista too. Twice, so far, WGA has gone fubar on me. I don't know why -- I didn't change hardware or anything. Th first time, while talking to tech support in Bangalore, I went through one of the most frustrating experiences ever with a computer company where the woman was insisting there were options on my screen that didn't exist. I'd read the list of options, and she'd say "No, sir, use the other option" (this dance repeated four times before she transfered me to a department that was not answering their phone). I was unable to get the system working until the next day, when that department re-opened, and someone could give me what he called a "onetime reauthorization code."
The second time, a few weeks later, the problem returned. Tech support walked me through it again. I used the "MGADiag" program that told me I was using a genuine copy, meanwhile WGA popups were calling me a thief and shutting me down. Again, it took hours on the phone to resolve.
So far, it's been OK since that second episode. But I'm out about four hours of phone time, and one evening of no Windows computer. As I said to the tech support people - if I had just been dishonest and gotten a cracked version, I wouldn't have had those problems. Why they were insistent on punishing their legit customers, I don't know.
My Mac OS and Linux machines may have their annoyances too, but they have never called me "thief!"
Never attribute to dishonesty what can be attributed to incompetence.
I prefer to state it:
Never attribute to malevolence or incompetence that which can be attributed to malevolence and incompetence.
Mine are named "Access Denied" and "network unavailable".
I don't see much in the way of unexpected traffic.
Only if you have a good UPS or your own generator. :)
As my wife likes to posit:
"Absolute power corrupts absolutely, but a little goes a long way."
Every time I see some petty bureaucrat acting out, or some idiot with some kind of a uniform busting out the authority moves, I see the truth in that demonstrated.
Trace was great. I've heard Mary Jo is good when she's doing the writing, but I can't stand to watch her acting. I feel like I'm watching a refugee from the Ren Faire imitating MST3K episodes.
I agree that Trace added a lot to the show. I think he and Mike were a great writing team.
Uh, 5-10 Megawatts?
This will free us from dependence on foreign oil how?
Did I miss a couple orders of magnitude somewhere?
What impressed me was how well most of the "low-tech" (e.g., not CGI) special effects held up. I know they did a little cleanup for this release, but, by and large, the models / matt-paintings / fog still make for a very impressive show.
It was also interesting to see all of the actors basically at the peaks of their careers. Most of them subsequently demonstrated that their acting ranges were pretty narrow, but Scott got pretty dead-on performances out of all of them.
The film really is the best of Hollywood dystopian science fiction noir police dramas involving implanted memories.
I still have a RocketMail magnet somewhere in the house, from one of those awful Internet Meetups from the mid-late '90s.
In both my example and the hotspot's there is no automatic extra cost for the store.
:)
Unless, of course, they have tiered pricing based upon bandwidth used. Or, to extend your analogy, it may be possible that those other channels are pay-per-view