Joomla gets more than its fair share of serious compromises (usually XSS), but the difference that I found is:
1) It automatically updates. 2) You can sign up to an email about those updates and perform them manually 3) People don't install ten millions kinds of junk and plugin into it.
But, of course, what keeps it with a better reputation is a) not being stupid, b) fixing things that are broken and c) not as many people using it.
Wordpress would be fine - if you kept it up to date in the same way and didn't use random plugins. That's not what people do.
Meanwhile, in those intervening 13 years between you tinkering with a machine and actually becoming enthusiastic with programming, the rest of us loved it and used it and learned to program on it and it lead us onto other platforms.
For instance, if you totally missed the Spectrum+ with it's hard keyboard, or the +2/+3 with a "real" keyboard, then you missed out on a great machine.
And the point of the "T9-typing", as you put it, was to reduce the amount of time you had to spend actually typing on that keyboard.
He says himself that the equation is vastly oversimplified, and a small change in antivirus detection range changes the answer from 16 to 6%. That means the equation is all-but useless and pointless to try to "predict" anything except, apparently, in hindsight.
I could have plucked any number I liked out of the air and wrote a (reasonable) equation to make it come out with whatever answer I wanted, even basing it on "game theory" (which has very, very, very little relevance here, actually) - I could have done that even before I graduated in mathematics (including Game Theory) over a decade ago.
When enough Mac's exist to make it viable (and market share has little to do with it compared to "number of computers active on the Internet" of that particular model), viruses will target them. Guess what, same for every other platform on the planet. If someone miraculously sells a popular device based on MINIX that millions start buying, eventually someone will write a virus for that platform.
I considered emigrating to America once. Not any more. They don't need to know that information (because my own EU country barely needs to know it!) and I don't need the hassle. I crossed the whole country off my list when I was looking at countries to move to because of the shit you pushed onto the EU after 9/11 - which have had a detrimental effect on the way I travel and assumes I'm a terrorist first and a citizen last. I can't take a fucking drink for my 3-year-old on a plane because of the US enforcing policies about it, nor can I pass through with a laptop without SO MUCH extra hassle, it's hardly worth it.
Hell, my company blacklisted France because of some of their stupid requirements about laptop encryption, so by comparison the US is so far off the list we might as well forget it exists. And the ironic thing? The UK airport security specialists have been dealing with terrorists for DECADES before 9/11 and we warned the US about their stupidly lax policies for years before it and now it's just gone WAY overboard and they've MADE us have the same stupid, worthless procedures.
Tourists are big money, yes, but the biggest income the US would miss is foreign talent. Silicon Valley and similar places rely on the "dream job" of being there to appeal to everyone so they can suck in talent. By making the country appear a totalitarian state before you've even FINISHED BOOKING THE FLIGHT, the US is going to see a drop-off in immigration (of talented people who want to work there, not random joes trying to get in - the numbers might go up but the quality has dropped and will drop more now).
They're basically saying "Hey, come live the dream in our country" followed by "Please remove your shoes and see that man over there because you have a funny name and we think you're a bomber because of that and we'll harass you every time your name comes up."
You cannot live on US talent alone - not for long, anyway. And businesses *ARE* having to make exceptions for the way they do business with you. Before 9/11, people happily carried laptops across the border and didn't worry about it. Since, with all the ridiculous requirements about laptop search, seizure (without evidential status and respect for the laptop and it's contents), suspicion, etc. almost everyone that deals with you from abroad are wiping their laptops before they cross your border, or just refusing to take them at all.
Exceptions mean that it is costing you business, because those exceptions COST TIME AND MONEY. If I ran my own company, I'm not sure I'd ever send a representative to the US at all, given the visa hassle and security charade, even if I *KNEW* they had nothing suspicious. Others on this thread can provide real-world examples of this happening.
The US is slowly painting itself into a corner, which is where it will end up being left to play on its own. There is NOTHING suspicious about a UK person travelling from Kuwait, where they lived for years, to the US. Nothing at all. Unless you have some other information or inclination. But now, almost by default, that person would be marked as a terrorist and interrogated.
Your family jaunt to Disneyland isn't likely to be bothered too much by a one-off interruption. But people doing business there and in other countries regularly are going to keep being pulled to one side and asked questions. And the more time they lose to doing that, the more it costs the businesses involved, and the more they'll raise prices or bother about selling to the US in the first place.
And, as the above poster comments, what's it going to be like in 20 or 30 years times? Hell, they're already just plucking people out of the EU that are of interest to you (and things like the Julian Assange case are still fighting extradition to OTHER EU COUNTRIES on the basis that the US is trying to stick its nose in and pluck him from there instead of going through the proper channels).
The US has pushed its laws across the world. For some reason, the EU capitulates all
If you handle on-disk certificates using a program (e.g. Apache, which reads them from/etc/ssl), there's a potential for arbitrary code execution (literally, the attacker writing what they want to the heap).
Now think about browser's cached certificates, or a browser that might write them to disk and then read them from there rather than the network, or utilities that "do things" with PEM certificates, or basically anything that uses SSL with an on-disk certificate that could come from a malicious source.
No, your browser's SSL session is probably still quite safe, but it's far from being a non-issue from a security standpoint.
Truly, the OpenSSL code is quite hideous. I mean, from what I saw they basically wrap calls to realloc and that was part of the problem because they did it half-assedly.
But even the API is a horrible nightmare to use and documentation is scant. Sure you can find a billion *examples* that have all copied from the examples given in the source distribution (which were third-party contributed) but actually finding out what's necessary or important is almost impossible from the documentation. You literally have to either copy the (pretty much undocumented) example, or roll your own and hope for the best.
I wrote some code using OpenSSL a while back to verify two PEM certificates (one signing the other). God, was that a trek through uncharted territory. In the end, I just made a "broken" certificate chain with fake / broken certificates in every way I could imagine and just kept testing my code until I'd taken account of every problem with the certs that I could reasonably generate myself. Even getting the plain certificate name out of certificate can be an exercise in guesswork.
I'm not at all surprised, to be honest. And that it was something as simple and obvious (and hidden behind deliberate casts that would stop the compiler warnings) is hardly a shock, once you've tried to plough through their code.
Saw this guy once - he balanced stones one of top of the other. Very impressive. Does that mean he could own the worldwide rights to doing that? Does that mean that NOBODY but him can ever make money from that because he was the first?
How about jugglers? Acrobats? Gymnasts? Yo-yo'ers? Trick cyclists? "Hustlers"? Derren Brown? Dancers?
Just because you have an act, doesn't give you exclusive rights over that act for ever and ever and ever. That's NOT what copyright is for. He's basically suing a guy because he wants to be the only person in the world allowed to perform that trick.
Now, if he's suing because the guy used his speil, word-for-word, or because the guy took Teller's video and photoshopped his own head over it, then you'd have a copyright case. As it is, he's saying that nobody may copy what actions he performs. That's like a dancer saying you can never dance like he does, ever, without his permission.
And just as stupid. Sorry Teller, I swear I used to think you had a brain in there somewhere. A *copyright* takedown over a magic trick? Damn, the guy had better copied your speil word-for-word or something because you're going to fall flat on your face otherwise, and if you don't, the world will still hate you anyway.
I wonder how they intend to hack my TV when it's not plugged into either Ethernet or wireless networks. Because even if I did have an "Internet TV", it wouldn't be plugged in.
If it was, it would be behind my firewall/router. If they were relying on me to visit a malicious website to "infect" my TV, they'd be sadly disappointed - I can't imagine that many people use their TV like that given that every year or so the requirements change. If you can see a modern Internet site (e.g. Flash, Silverlight, etc.), then chances are that your software is pretty up-to-date and no worse than a PC that was similarly updated.
Of those that don't handle interactive content directly, it's either not a risk (it's pretty hard to crash AND compromise an embedded browser with just a badly formed HTML page or similar), or it goes through some sort of remote proxy (e.g. Opera Mini) that will probably be working to stamp out the problem for you.
Above all that, beyond playing tricks and crashing my browser, I'd be interested to know what incentive they would have to do that? I don't plug credit card numbers into my TV. I watch TV on it. If you're silly enough to plug in things like Facebook, Twitter, etc. passwords into your TV, then maybe they could cause a little havoc ("Guess what John watched last night on the Adult Channel?") but that's about it.
Or is this just a ruse to sell "Antivirus for your TV"?
These devices are pretty passive, unless you make them do something. You're pretty safe while your internal network is clean (and if it isn't, your TV is the least of your worries). To infect would require some kind of active participation (same as any well-managed PC) that, maybe, possibly, it wouldn't be able to handle safely. But, chances are, the havoc it could wreak would be nothing compared to that same user on their laptop.
Of course it's something to think about but I don't think such a big fuss should be made. Hell, people still haven't worked out that a smartphone is yet-another-computer that they have to manage properly, with bad consequences if they don't (run up enormous bills, etc.). But even they aren't that much of a problem. I've never had anyone come to me about fixing their smartphone because of things like this, but I get 2-3 a week about their laptops etc. I've certainly never had anyone ask about their TV unless it was a dumb TV or literally how to wire it to their Internet connection / Wii / whatever.
I think infinitely more dangerous than a TV would be:
- smartphones - gaming consoles with internet access / wireless - smart meters with internet access / wireless - Skype phones - Internet connected printers - etc.
And a lot of those have been running around people's houses (some targetted at non-techy users) for years. Yes, it's almost certainly possible to "attack" my printer / TV / Skype phone. But it's almost certainly not worth the effort to a) discover what model I use, b) link that to an IP address, c) somehow enter my network and intercept communications to it, d) figure out how to do something clever on that device when actions that are much easier to do and hide mean you can compromise similar people anyway.
Worst case scenario is that your TV web browsing is an "insecure" as your laptop web browsing. But with much less potential impact.
Google couldn't use the name Java. So "scrub the J-word" is hardly damning evidence of wanton infringement. In fact, it's their only legal option. Sun basically said that anyone could use the code so long as they DIDN'T call it Java. It's like the IceWeasel / Firefox thing. They have no choice. So not illegal, and not really immoral.
Of course they were circumventing the need to have a Java ME license. That's not the issue, and not illegal. The question is, did they circumvent it properly, or did they get caught on the snags of not doing a proper job of it (i.e. can ANYONE make something Java-like or even use Java code without stepping on things that are IMPOSSIBLE to work around?). This is within the realm of reverse-engineering and IP-skirting. You don't want to pay for their patents, so you work to AVOID them instead. Again, hardly illegal or even immoral.
The GPL thing? They didn't want to use GPL code. Simple as that. Nor do quite a few huge companies. That's their choice. And rather than that just plain infringe GPL code or get the GPL taken down in a court. Again - they didn't want to do something, their only legal avenue was to find an alternative and work around the problem. They can licence their own code under whatever license they want and they can start from ANY licence or licenced code that they choose as a basis to start from. Not illegal, not immoral.
Now, if it were Microsoft? I think they'd avoid the GPL like a plague too. Google didn't make up their own "open" licence though, that's basically useless for anyone trying to contribute, which Microsoft have in the past. And MS have DEFINITELY avoided using certain trademarked names (and tried to enforce trademarks on things like Windows in the past, etc.) and DEFINITELY worked around patents that others owned rather than licence them (their Office suite comes to mind).
The question really is, where's your bias come from?
Please explain, then, why some countries (European and Asian) are able to give 100Mbps UNLIMITED access to the home for vast swathes of people and have been doing so for years.
Are those companies somehow "cheating" on their backend? Are they in bed with Netflix and other large content distributors?
Surely, if you put a 100Mbps line to someone's door, you'd expect them to use 100Mbps at some point. Maybe not today, maybe not next year, but surely before they move up to any other product they will max it out. If all your estimates that you made when you install it are unchanged five or ten years down the road, surely that's naivety?
And if you are properly planning for everyone to expand over time (which, surely, must have been a lesson learned by now), why is the associated amount of backend peering not in place in time? Why aren't your costs reflecting what it would cost you to do that? What, precisely, have you been doing with that percentage of profits that you set aside for future planning?
A lot of UK ISP's have a similar "problem" with BBC iPlayer. My last ISP said it alone consumed 50% of their traffic at peak times (far outweighing anything done by P2P programs by a factor of 5 or 6 - and yet they limited P2P but not iPlayer!) and that had been a growing trend since the day it was introduced.
So why haven't your growth estimates taken into account that people want more data, people buy more data, people will eventually start to use every ounce of the data they have already bought, and all these lovely increases in traffic will have a knock-on effect on all your infrastructure?
And then, why have other countries and their ISP's not struggled similarly when their customers are connected to the same "Internet" as you are? And how have they been able to offer 100Mbps+ services for the last, what? Decade?
I had a parallel port Syquest Sparq drive, used MO disks and stored 1Gb - a sort of expensive contemporary of the ZIP disk at the time.
I defy you to find a working model because a) drivers don't exist for anything much past Windows 95 (even had DOS drivers, which is where I used it), b) they were inherently flaky and failed over time (my personal one went back twice in the first year).
I still have three disks for these - God knows what's on them, because the only drive I still have is a parallel port model and I have no machines with parallel ports any more (I doubt USB ones would work because it used to play all sorts of tricks and drivers to get reasonable speeds).
To a random endpoint that you have absolutely no control over and could be recording every plaintext you ever send over the connection (which could include everything from browser history to email passwords if you neglect to encrypt everything to your FINAL endpoint all the time).
"The indictment, which cited e-mails sent among the men dating back to 2006, didn't say how investigators managed to infiltrate the site or link it to the individuals accused of running it."
For all you know, they packaged up the drugs without wearing gloves and their fingerprints were in a database somewhere, and they then posted them (with a nice local postmark) to a Fed posing as a customer (how would you know? Their customer will be just as anonymous). Somehow you had to get a physical product to someone else - and that's probably the weak-point. Hell, they could have just offered to drop it off on a street corner as a "one-off" delivery and got caught that way, you have no idea.
It's then only a small step and the simple matter of suspecting they may be a vast drug operation in place, finding out anything you can from the drugs collected by similar methods and narrowing down until you can just tap someone's whole Internet connection (Tor provides ANONYMITY, not SECURITY). Which they seem to have because they have emails of these people talking to each other.
Or maybe they just talked their way into an IRC channel or something that these guys used. You have absolutely no idea how they were caught, or whether they were just incredibly thick.
Using a tool badly does not mean the tool is broken.
I work in UK schools, and have done for my entire working career. Mostly I do primary schools (5-10), but I've done the whole range of statutory education.
In one school, I kid you not, as the IT guy, I was selected from the staff to run an in-lunch maths session for those kids who were borderline between passing and failing. Just me, on my own, no teachers, only kids that they were worried about failing. What the hell was *I* teaching them for? They all passed.
I've had to ADD UP for teachers who can't do it without a calculator or laptop (seriously, I had to stop one teacher from going to their laptop in their room to use it as a calculator to add two two-digit numbers). I've had to tell a group of four teachers how long 8 hours and 49 minutes was in minutes because after TEN MINUTES none of them had got the right answer (and it was for a sheet describing how much time they'd spent on a "special needs" child that week!). These people were teaching basic numeracy to children at the time.
I've had to correct everything from newsletters to parent's letters to website notices for basic punctuation, spelling and grammar. I've done it in every school I've ever worked in, even my current one which is an independent (private) school. I've had to tell office staff and teachers where apostrophes go in possessive plurals, because they didn't know.
In one secondary school and sixth form college (so ages 11-18), they printed up thousands of brochures to "sell" the school in which they stated that the equipment in the rooms was "complimentary" to their child's education (when they meant "complementary"). I was the only member of staff to point it out (and I don't teach!) and was told that the English department had checked the proofs "so it must be right". Nobody thought to pick up a dictionary to check.
Just because they are a teacher does *NOT* mean they are infallible, or even have the skills they used to have any more. Teachers are *NOT* given maths tests every year (and, yes, in the UK, it *is* maths with an 's'). They are marking their own children's work and nobody else sees that except (possibly) during an inspection. All anybody else sees in a number that they trust implicitly. Any mistakes discovered will result in a hasty "Oh, that's just a mistake" and then only THAT one checked and changed, even in the face of an inspection.
This is not just one school, one teacher, hell even one country (if some posts I read on educational IT forums are anywhere near true), this is universal. Sure, there are probably places out there that clamp down more than most but still these sorts of things happen all the time.
In one independent school I worked for, they produced "lateral thinking" quizzes. In my early career, I spent a great deal of time converting these quizzes from sketched paper into reprintable, readable, electronic documents. They supplied the question and "answer" and I just had to make nice worksheets and answer sheets.
I corrected literally EVERY OTHER QUESTION as I typed it up and drew the diagrams for them. Nobody complained, or even spotted that I'd done so (i.e. my answers were correct, theirs weren't - and NOBODY WAS CHECKING) and my brother continued to work there for 10+ years still teaching using those same sheets. This was a school that only opened when other schools shut so that pupils in private schools could be pushed through the entrance exams for the private secondaries. The fees were enormous, and on top of private school fees, and the teachers literally could not write questions and correct answers for the simplest of things (and, also, did not notice if someone had tampered with basically EVERY answer they gave).
My bullshit detector is reading zero, here, personally. It'd only raise if someone said they worked in a school that had NEVER employed people like that, or even that they CURRENTLY had no staff like that.
I had all four wisdom teeth removed simultaneously, along with a shed-load of baby/milk teeth that refused to budge aged 18. I required surgery for something else that needed the milk teeth gone (because the adult teeth pushing through would have just wiped out the benefits of the surgery otherwise) and in the process they saw four wisdom teeth that also had to come out (same reason - them pushing through would have altered the position of everything in my mouth).
To do that, they had to break my jaw and clamp it open for over two hours. You can be the big brave man if you want and go local but, you know what, just the boredom and inconvenience and discomfort of sitting there for that time while they fiddled about wasn't worth it. I'm not squeamish - hell, when I had my toenails removed I sat and watched it out of interest (and it would have been far more interesting without some nurse trying to get me to lay down all the time "in case I passed out" - in the end I had to tell them I wasn't moving because it was my body and I was going to *watch* everything they did. And of course I didn't pass out. Why do people pass out just seeing something a bit manky?). But the teeth going was just basic sense - I'm not going to sit there for hours with a dry throat, broken jaw, basically feeling like I'm going to choke all the time while people root around in my mouth and I can't move.
When I came round, my cheeks looked like I had mumps or turned into a hamster, and I was bruised and battered all over the face because of what they needed to do. Admittedly they gave me painkillers, etc. for afterwards but I didn't bother to take them because it didn't hurt (it was sore, but nothing you'd take medication for even on a normal day).
Be the big man, if you like. Hell, 99% of the time a local is just fine, but with any anaesthetic and a properly working response to it, it's nothing to do with pain, but comfort and convenience.
(That said, my ex has a genetic condition where most sufferers of it are immune to the effects of anaesthetics and - over time and because of acclimatisation - almost all painkillers. You have to give the anaesthetist warning and a lot of the time they go for an overly-powerful general to make sure you're really out, even for the simplest of dental work)
When the video shows off nothing but graphical effects, it's unlikely.
Seriously, at some point, the oceans will be as realistic as they can be, the HDR will be spot on, the reflections won't affect performance, the model detail will be high enough for ANYTHING.
Then, what will they do? All their old games will look like junk, and have no redeeming feature beyond their graphics. And, maybe, finally, we can get back to making *games*. You know, things with plots, gameplay, a point, freedom, etc. Sound hit that point a long while ago - you know, I don't think there's much more you *can* do to improve upon a game that has proper 3D sound with real-time effects - so games don't even mention it any more whereas ten or fifteen years ago stereo, or 3D sound, was something to boast about.
As it is, the gaming scenes are currently dominated by rehashes of old-school games that are playable, open, and fun (hell, Minecraft pales in comparison to something like Hunter on the Amiga, etc.). While crap like this sinks billions into graphics and engine development that will eventually stop recouping its costs.
I'm just hoping, beyond hope, that if HL2:Ep3 ever does appear, it will show something NEW. I don't care about graphics - I want something I can play on my laptop. I want something that's *fun* to play and engaging. HL2 managed that. I literally played it through in one hit and then later went back to play through all the released episodes again in one long session (with, I think, only one or two breaks in gameplay - and NOT to play another game).
Seriously, developers, what are you going to do when EVERYONE can play games with ALL this crap in them? It's not as far in the future as you seem to think. And just what will you do then?
If you DO NOT KNOW how to stop your car should a component fail, you're driving without due care and attention. I'm not saying you *won't* hit anything, but if something major like your brakes fail or accelerator jams, then you should know what to do. Depending on the car and the damage you don't care about causing to it, this can be anything from clutch-down, to forcibly out of gear, to handbrake, to clipping kerbs deliberately, to double-de-clutching or just plain switching off the engine (seriously, if you're going to zoom at 100kph out of your control, and you've tried the obvious, fuck what you've heard about losing power-steering - you'll still HAVE steering but in the worse case of steering lock coming on, it's a damn sight better to brake in a straight line with no engine fighting you than careening about the place at speed trying to weave in and out of crap that doesn't know what's happened to you).
If you DO NOT KNOW what to do: Find out. Before you use the car again. Hell, find a "test track" like an empty car park late at night and try it out (GENTLY!) if you want. Be shocked by how ineffective a handbrake can be, and how much it can affect your steering on some cars. See how long it takes a non-powered car to start versus a powered one.
But if you don't do this, really, you're driving a car that you don't know how to drive. Any idiot can press the throttle in a strange car without thinking. But you should KNOW how the car works from a driver's perspective to the point of knowing what to do in an emergency FIRST. For 99% of cars, this isn't a problem - they are pretty much the same.
But if you notice that you're in an auto and you've never driven an auto before - look up what to do with it. If you're in a start/stop electric crap, LOOK UP WHAT TO DO WITH IT. Some of those cars have literally computer-like-resets - hold the button down for 5. During those 5 seconds (less than the recommended 2-second gap between you and the car in front), you're going to need to do something else too. Find out what will work, whether in theory or practice.
I find it quite horrendous that more people "know" you should wait for your car to sink to the bottom of the river and the pressure to equalise before getting out of it (WRONG! Get out of there before it dips below the waterline and you won't have any problems! Once the water pressure is on it, that door won't open until you're already in danger of drowning) than know how to bring an out-of-control car to a stop.
LEARN YOUR CAR. It's doing everything it can to save you all the time, and most of its cost is from safety featurees, and you can't be bothered to learn how to stop it in an emergency?
Some of us have memories. Some of us have been stung. Many times. Some of us still can't believe that people even touch your products.
On a ranking of evil in IT, I'd probably go more for something like:
Microsoft Sony Apple Facebook Google
That's not to say that Google is perfect (far from it), but there's at least options to opt out of most of the evilness without too much inconvenience. Why Facebook is on the list, I don't know - dragging in something from a completely different sector of the industry really just stinks of trying to cover your arse to me. But for years Facebooks privacy and user-choices about letting you do what you wanted with the service were atrocious.
At the top, though, there's a vast gap between companies. Sony and Microsoft are pretty joint and I assure you that Sony gets a lot more flak than MS ever will purely because they cover so many more markets.
But MS is the only company that has a LONG history of doing these things. Hell, they were doing them to me when I was a kid (I had DR DOS!) and some of those other companies were either a) at the peak of their success, b) veering into obscurity (even if they did later recover) or c) didn't exist back then.
And claiming that MS somehow don't *deserve* a lot of the negative press they get, especially amongst consumers, is quite ridiculous. They've always had SOMETHING that stupid and hateful in their product line (they just tripled SQL Server costs, didn't they?) whether it's XBoxes overheating, or Windows ME being a pile of turd, or disabling of RPC1 drives, or horrendous network filesystem performance because of media-scanning, or RDP holes being discovered NOW (when RDP been's around for, what, a decade or more?) etc.
Sony only make a few gaffes a year, at that, and their ever-ongoing prices that induce laughter. MS seem to pull out something every few weeks (MS India failing to keep check on its representatives).
At even at the consumer end, for those people who *don't* keep up with tech news or care how evil a company is, MS still has a terrible reputation. I'm not really surprised. Have you seen the price of Windows / Office to the average consumer in a shop? Have you seen how easy it is for a bunch of innocent kids to break a family PC software setup completely so it's basically unusable, even without admin privileges? Have you looked at the impact to your non-business customers when you enforce new, incompatible file formats and new software paradigms without any guess what to do (Windows 8 springs to mind, which deletes the Start button and replaces it with an invisible "hover" panel in the same area - REALLY obvious to an old granny or a 7-year-old)? Have you seen the mess that IE has made of the Internet?
Microsoft pretty much get what they deserve. Where they are successful, people buy and praise (Kinect seems to have gone down very well, but even then you were screwing over people who want to develop on it for PC for months, etc.). The problem is that your userbase is so large, and you focus on so little of it (e.g. profit-making large business), that you upset the majority of people every time you do something and don't care. Seriously. Go look at Windows Phone again. And look at the reactions to Windows 8. Are you really going to just ignore them?
You've sown the seeds for this DECADES ago with the techs (most of whom will find it difficult to trust you again) and for years now with the average guy. And you wonder why you get more hate than Google?
Meanwhile, all those applications are running in your large corporation while riddled with malware that's difficult to detect, isolate and remove.
Put out a patch and EVERYONE can test, and those for whom it is critical can TELL you what it did to their machines and/or choose to apply it or not.
Meanwhile, every home user is typing in their bank details into a computer that's reading their every move because some obscure application on the other side of the planet "might crash".
And, to be honest, any application that is affected by an external tool that clears a malware infection was either a) infected or b) poorly designed and implemented. That's what an OS is FOR - to isolate programs from each other and the hardware.
"Golf and Sports Turf Management" - I thought you were joking. A BSc in that?!
Excuse me while I die laughing.
Joomla gets more than its fair share of serious compromises (usually XSS), but the difference that I found is:
1) It automatically updates.
2) You can sign up to an email about those updates and perform them manually
3) People don't install ten millions kinds of junk and plugin into it.
But, of course, what keeps it with a better reputation is a) not being stupid, b) fixing things that are broken and c) not as many people using it.
Wordpress would be fine - if you kept it up to date in the same way and didn't use random plugins. That's not what people do.
Meanwhile, in those intervening 13 years between you tinkering with a machine and actually becoming enthusiastic with programming, the rest of us loved it and used it and learned to program on it and it lead us onto other platforms.
For instance, if you totally missed the Spectrum+ with it's hard keyboard, or the +2/+3 with a "real" keyboard, then you missed out on a great machine.
And the point of the "T9-typing", as you put it, was to reduce the amount of time you had to spend actually typing on that keyboard.
He says himself that the equation is vastly oversimplified, and a small change in antivirus detection range changes the answer from 16 to 6%. That means the equation is all-but useless and pointless to try to "predict" anything except, apparently, in hindsight.
I could have plucked any number I liked out of the air and wrote a (reasonable) equation to make it come out with whatever answer I wanted, even basing it on "game theory" (which has very, very, very little relevance here, actually) - I could have done that even before I graduated in mathematics (including Game Theory) over a decade ago.
When enough Mac's exist to make it viable (and market share has little to do with it compared to "number of computers active on the Internet" of that particular model), viruses will target them. Guess what, same for every other platform on the planet. If someone miraculously sells a popular device based on MINIX that millions start buying, eventually someone will write a virus for that platform.
Seriously - don't give it the press.
I think you'll find that a coal fire plant consumes a lot more energy than it produces and that this energy intake is in the form of, well, coal.
If it didn't, we wouldn't need the coal, because we'd have just invented perpetual energy.
I considered emigrating to America once. Not any more. They don't need to know that information (because my own EU country barely needs to know it!) and I don't need the hassle. I crossed the whole country off my list when I was looking at countries to move to because of the shit you pushed onto the EU after 9/11 - which have had a detrimental effect on the way I travel and assumes I'm a terrorist first and a citizen last. I can't take a fucking drink for my 3-year-old on a plane because of the US enforcing policies about it, nor can I pass through with a laptop without SO MUCH extra hassle, it's hardly worth it.
Hell, my company blacklisted France because of some of their stupid requirements about laptop encryption, so by comparison the US is so far off the list we might as well forget it exists. And the ironic thing? The UK airport security specialists have been dealing with terrorists for DECADES before 9/11 and we warned the US about their stupidly lax policies for years before it and now it's just gone WAY overboard and they've MADE us have the same stupid, worthless procedures.
Tourists are big money, yes, but the biggest income the US would miss is foreign talent. Silicon Valley and similar places rely on the "dream job" of being there to appeal to everyone so they can suck in talent. By making the country appear a totalitarian state before you've even FINISHED BOOKING THE FLIGHT, the US is going to see a drop-off in immigration (of talented people who want to work there, not random joes trying to get in - the numbers might go up but the quality has dropped and will drop more now).
They're basically saying "Hey, come live the dream in our country" followed by "Please remove your shoes and see that man over there because you have a funny name and we think you're a bomber because of that and we'll harass you every time your name comes up."
You cannot live on US talent alone - not for long, anyway. And businesses *ARE* having to make exceptions for the way they do business with you. Before 9/11, people happily carried laptops across the border and didn't worry about it. Since, with all the ridiculous requirements about laptop search, seizure (without evidential status and respect for the laptop and it's contents), suspicion, etc. almost everyone that deals with you from abroad are wiping their laptops before they cross your border, or just refusing to take them at all.
Exceptions mean that it is costing you business, because those exceptions COST TIME AND MONEY. If I ran my own company, I'm not sure I'd ever send a representative to the US at all, given the visa hassle and security charade, even if I *KNEW* they had nothing suspicious. Others on this thread can provide real-world examples of this happening.
The US is slowly painting itself into a corner, which is where it will end up being left to play on its own. There is NOTHING suspicious about a UK person travelling from Kuwait, where they lived for years, to the US. Nothing at all. Unless you have some other information or inclination. But now, almost by default, that person would be marked as a terrorist and interrogated.
Your family jaunt to Disneyland isn't likely to be bothered too much by a one-off interruption. But people doing business there and in other countries regularly are going to keep being pulled to one side and asked questions. And the more time they lose to doing that, the more it costs the businesses involved, and the more they'll raise prices or bother about selling to the US in the first place.
And, as the above poster comments, what's it going to be like in 20 or 30 years times? Hell, they're already just plucking people out of the EU that are of interest to you (and things like the Julian Assange case are still fighting extradition to OTHER EU COUNTRIES on the basis that the US is trying to stick its nose in and pluck him from there instead of going through the proper channels).
The US has pushed its laws across the world. For some reason, the EU capitulates all
If you handle on-disk certificates using a program (e.g. Apache, which reads them from /etc/ssl), there's a potential for arbitrary code execution (literally, the attacker writing what they want to the heap).
Now think about browser's cached certificates, or a browser that might write them to disk and then read them from there rather than the network, or utilities that "do things" with PEM certificates, or basically anything that uses SSL with an on-disk certificate that could come from a malicious source.
No, your browser's SSL session is probably still quite safe, but it's far from being a non-issue from a security standpoint.
Truly, the OpenSSL code is quite hideous. I mean, from what I saw they basically wrap calls to realloc and that was part of the problem because they did it half-assedly.
But even the API is a horrible nightmare to use and documentation is scant. Sure you can find a billion *examples* that have all copied from the examples given in the source distribution (which were third-party contributed) but actually finding out what's necessary or important is almost impossible from the documentation. You literally have to either copy the (pretty much undocumented) example, or roll your own and hope for the best.
I wrote some code using OpenSSL a while back to verify two PEM certificates (one signing the other). God, was that a trek through uncharted territory. In the end, I just made a "broken" certificate chain with fake / broken certificates in every way I could imagine and just kept testing my code until I'd taken account of every problem with the certs that I could reasonably generate myself. Even getting the plain certificate name out of certificate can be an exercise in guesswork.
I'm not at all surprised, to be honest. And that it was something as simple and obvious (and hidden behind deliberate casts that would stop the compiler warnings) is hardly a shock, once you've tried to plough through their code.
There's an app for that. At least, on Android.
Not quite the same, though.
Saw this guy once - he balanced stones one of top of the other. Very impressive. Does that mean he could own the worldwide rights to doing that? Does that mean that NOBODY but him can ever make money from that because he was the first?
How about jugglers? Acrobats? Gymnasts? Yo-yo'ers? Trick cyclists? "Hustlers"? Derren Brown? Dancers?
Just because you have an act, doesn't give you exclusive rights over that act for ever and ever and ever. That's NOT what copyright is for. He's basically suing a guy because he wants to be the only person in the world allowed to perform that trick.
Now, if he's suing because the guy used his speil, word-for-word, or because the guy took Teller's video and photoshopped his own head over it, then you'd have a copyright case. As it is, he's saying that nobody may copy what actions he performs. That's like a dancer saying you can never dance like he does, ever, without his permission.
And just as stupid. Sorry Teller, I swear I used to think you had a brain in there somewhere. A *copyright* takedown over a magic trick? Damn, the guy had better copied your speil word-for-word or something because you're going to fall flat on your face otherwise, and if you don't, the world will still hate you anyway.
I wonder how they intend to hack my TV when it's not plugged into either Ethernet or wireless networks. Because even if I did have an "Internet TV", it wouldn't be plugged in.
If it was, it would be behind my firewall/router. If they were relying on me to visit a malicious website to "infect" my TV, they'd be sadly disappointed - I can't imagine that many people use their TV like that given that every year or so the requirements change. If you can see a modern Internet site (e.g. Flash, Silverlight, etc.), then chances are that your software is pretty up-to-date and no worse than a PC that was similarly updated.
Of those that don't handle interactive content directly, it's either not a risk (it's pretty hard to crash AND compromise an embedded browser with just a badly formed HTML page or similar), or it goes through some sort of remote proxy (e.g. Opera Mini) that will probably be working to stamp out the problem for you.
Above all that, beyond playing tricks and crashing my browser, I'd be interested to know what incentive they would have to do that? I don't plug credit card numbers into my TV. I watch TV on it. If you're silly enough to plug in things like Facebook, Twitter, etc. passwords into your TV, then maybe they could cause a little havoc ("Guess what John watched last night on the Adult Channel?") but that's about it.
Or is this just a ruse to sell "Antivirus for your TV"?
These devices are pretty passive, unless you make them do something. You're pretty safe while your internal network is clean (and if it isn't, your TV is the least of your worries). To infect would require some kind of active participation (same as any well-managed PC) that, maybe, possibly, it wouldn't be able to handle safely. But, chances are, the havoc it could wreak would be nothing compared to that same user on their laptop.
Of course it's something to think about but I don't think such a big fuss should be made. Hell, people still haven't worked out that a smartphone is yet-another-computer that they have to manage properly, with bad consequences if they don't (run up enormous bills, etc.). But even they aren't that much of a problem. I've never had anyone come to me about fixing their smartphone because of things like this, but I get 2-3 a week about their laptops etc. I've certainly never had anyone ask about their TV unless it was a dumb TV or literally how to wire it to their Internet connection / Wii / whatever.
I think infinitely more dangerous than a TV would be:
- smartphones
- gaming consoles with internet access / wireless
- smart meters with internet access / wireless
- Skype phones
- Internet connected printers
- etc.
And a lot of those have been running around people's houses (some targetted at non-techy users) for years. Yes, it's almost certainly possible to "attack" my printer / TV / Skype phone. But it's almost certainly not worth the effort to a) discover what model I use, b) link that to an IP address, c) somehow enter my network and intercept communications to it, d) figure out how to do something clever on that device when actions that are much easier to do and hide mean you can compromise similar people anyway.
Worst case scenario is that your TV web browsing is an "insecure" as your laptop web browsing. But with much less potential impact.
As the articles on Groklaw themselves comment:
Google couldn't use the name Java. So "scrub the J-word" is hardly damning evidence of wanton infringement. In fact, it's their only legal option. Sun basically said that anyone could use the code so long as they DIDN'T call it Java. It's like the IceWeasel / Firefox thing. They have no choice. So not illegal, and not really immoral.
Of course they were circumventing the need to have a Java ME license. That's not the issue, and not illegal. The question is, did they circumvent it properly, or did they get caught on the snags of not doing a proper job of it (i.e. can ANYONE make something Java-like or even use Java code without stepping on things that are IMPOSSIBLE to work around?). This is within the realm of reverse-engineering and IP-skirting. You don't want to pay for their patents, so you work to AVOID them instead. Again, hardly illegal or even immoral.
The GPL thing? They didn't want to use GPL code. Simple as that. Nor do quite a few huge companies. That's their choice. And rather than that just plain infringe GPL code or get the GPL taken down in a court. Again - they didn't want to do something, their only legal avenue was to find an alternative and work around the problem. They can licence their own code under whatever license they want and they can start from ANY licence or licenced code that they choose as a basis to start from. Not illegal, not immoral.
Now, if it were Microsoft? I think they'd avoid the GPL like a plague too. Google didn't make up their own "open" licence though, that's basically useless for anyone trying to contribute, which Microsoft have in the past. And MS have DEFINITELY avoided using certain trademarked names (and tried to enforce trademarks on things like Windows in the past, etc.) and DEFINITELY worked around patents that others owned rather than licence them (their Office suite comes to mind).
The question really is, where's your bias come from?
Please explain, then, why some countries (European and Asian) are able to give 100Mbps UNLIMITED access to the home for vast swathes of people and have been doing so for years.
Are those companies somehow "cheating" on their backend? Are they in bed with Netflix and other large content distributors?
Surely, if you put a 100Mbps line to someone's door, you'd expect them to use 100Mbps at some point. Maybe not today, maybe not next year, but surely before they move up to any other product they will max it out. If all your estimates that you made when you install it are unchanged five or ten years down the road, surely that's naivety?
And if you are properly planning for everyone to expand over time (which, surely, must have been a lesson learned by now), why is the associated amount of backend peering not in place in time? Why aren't your costs reflecting what it would cost you to do that? What, precisely, have you been doing with that percentage of profits that you set aside for future planning?
A lot of UK ISP's have a similar "problem" with BBC iPlayer. My last ISP said it alone consumed 50% of their traffic at peak times (far outweighing anything done by P2P programs by a factor of 5 or 6 - and yet they limited P2P but not iPlayer!) and that had been a growing trend since the day it was introduced.
So why haven't your growth estimates taken into account that people want more data, people buy more data, people will eventually start to use every ounce of the data they have already bought, and all these lovely increases in traffic will have a knock-on effect on all your infrastructure?
And then, why have other countries and their ISP's not struggled similarly when their customers are connected to the same "Internet" as you are? And how have they been able to offer 100Mbps+ services for the last, what? Decade?
Think an LS120 is hard?
I had a parallel port Syquest Sparq drive, used MO disks and stored 1Gb - a sort of expensive contemporary of the ZIP disk at the time.
I defy you to find a working model because a) drivers don't exist for anything much past Windows 95 (even had DOS drivers, which is where I used it), b) they were inherently flaky and failed over time (my personal one went back twice in the first year).
I still have three disks for these - God knows what's on them, because the only drive I still have is a parallel port model and I have no machines with parallel ports any more (I doubt USB ones would work because it used to play all sorts of tricks and drivers to get reasonable speeds).
To a random endpoint that you have absolutely no control over and could be recording every plaintext you ever send over the connection (which could include everything from browser history to email passwords if you neglect to encrypt everything to your FINAL endpoint all the time).
"The indictment, which cited e-mails sent among the men dating back to 2006, didn't say how investigators managed to infiltrate the site or link it to the individuals accused of running it."
For all you know, they packaged up the drugs without wearing gloves and their fingerprints were in a database somewhere, and they then posted them (with a nice local postmark) to a Fed posing as a customer (how would you know? Their customer will be just as anonymous). Somehow you had to get a physical product to someone else - and that's probably the weak-point. Hell, they could have just offered to drop it off on a street corner as a "one-off" delivery and got caught that way, you have no idea.
It's then only a small step and the simple matter of suspecting they may be a vast drug operation in place, finding out anything you can from the drugs collected by similar methods and narrowing down until you can just tap someone's whole Internet connection (Tor provides ANONYMITY, not SECURITY). Which they seem to have because they have emails of these people talking to each other.
Or maybe they just talked their way into an IRC channel or something that these guys used. You have absolutely no idea how they were caught, or whether they were just incredibly thick.
Using a tool badly does not mean the tool is broken.
The reverse classic is obviously
Panda: Eats, shoots and leaves.
Putting commas in without thinking about them can be just as bad as leaving them out. Thus they *are* a vital part of communication.
I work in UK schools, and have done for my entire working career. Mostly I do primary schools (5-10), but I've done the whole range of statutory education.
In one school, I kid you not, as the IT guy, I was selected from the staff to run an in-lunch maths session for those kids who were borderline between passing and failing. Just me, on my own, no teachers, only kids that they were worried about failing. What the hell was *I* teaching them for? They all passed.
I've had to ADD UP for teachers who can't do it without a calculator or laptop (seriously, I had to stop one teacher from going to their laptop in their room to use it as a calculator to add two two-digit numbers). I've had to tell a group of four teachers how long 8 hours and 49 minutes was in minutes because after TEN MINUTES none of them had got the right answer (and it was for a sheet describing how much time they'd spent on a "special needs" child that week!). These people were teaching basic numeracy to children at the time.
I've had to correct everything from newsletters to parent's letters to website notices for basic punctuation, spelling and grammar. I've done it in every school I've ever worked in, even my current one which is an independent (private) school. I've had to tell office staff and teachers where apostrophes go in possessive plurals, because they didn't know.
In one secondary school and sixth form college (so ages 11-18), they printed up thousands of brochures to "sell" the school in which they stated that the equipment in the rooms was "complimentary" to their child's education (when they meant "complementary"). I was the only member of staff to point it out (and I don't teach!) and was told that the English department had checked the proofs "so it must be right". Nobody thought to pick up a dictionary to check.
Just because they are a teacher does *NOT* mean they are infallible, or even have the skills they used to have any more. Teachers are *NOT* given maths tests every year (and, yes, in the UK, it *is* maths with an 's'). They are marking their own children's work and nobody else sees that except (possibly) during an inspection. All anybody else sees in a number that they trust implicitly. Any mistakes discovered will result in a hasty "Oh, that's just a mistake" and then only THAT one checked and changed, even in the face of an inspection.
This is not just one school, one teacher, hell even one country (if some posts I read on educational IT forums are anywhere near true), this is universal. Sure, there are probably places out there that clamp down more than most but still these sorts of things happen all the time.
In one independent school I worked for, they produced "lateral thinking" quizzes. In my early career, I spent a great deal of time converting these quizzes from sketched paper into reprintable, readable, electronic documents. They supplied the question and "answer" and I just had to make nice worksheets and answer sheets.
I corrected literally EVERY OTHER QUESTION as I typed it up and drew the diagrams for them. Nobody complained, or even spotted that I'd done so (i.e. my answers were correct, theirs weren't - and NOBODY WAS CHECKING) and my brother continued to work there for 10+ years still teaching using those same sheets. This was a school that only opened when other schools shut so that pupils in private schools could be pushed through the entrance exams for the private secondaries. The fees were enormous, and on top of private school fees, and the teachers literally could not write questions and correct answers for the simplest of things (and, also, did not notice if someone had tampered with basically EVERY answer they gave).
My bullshit detector is reading zero, here, personally. It'd only raise if someone said they worked in a school that had NEVER employed people like that, or even that they CURRENTLY had no staff like that.
I had all four wisdom teeth removed simultaneously, along with a shed-load of baby/milk teeth that refused to budge aged 18. I required surgery for something else that needed the milk teeth gone (because the adult teeth pushing through would have just wiped out the benefits of the surgery otherwise) and in the process they saw four wisdom teeth that also had to come out (same reason - them pushing through would have altered the position of everything in my mouth).
To do that, they had to break my jaw and clamp it open for over two hours. You can be the big brave man if you want and go local but, you know what, just the boredom and inconvenience and discomfort of sitting there for that time while they fiddled about wasn't worth it. I'm not squeamish - hell, when I had my toenails removed I sat and watched it out of interest (and it would have been far more interesting without some nurse trying to get me to lay down all the time "in case I passed out" - in the end I had to tell them I wasn't moving because it was my body and I was going to *watch* everything they did. And of course I didn't pass out. Why do people pass out just seeing something a bit manky?). But the teeth going was just basic sense - I'm not going to sit there for hours with a dry throat, broken jaw, basically feeling like I'm going to choke all the time while people root around in my mouth and I can't move.
When I came round, my cheeks looked like I had mumps or turned into a hamster, and I was bruised and battered all over the face because of what they needed to do. Admittedly they gave me painkillers, etc. for afterwards but I didn't bother to take them because it didn't hurt (it was sore, but nothing you'd take medication for even on a normal day).
Be the big man, if you like. Hell, 99% of the time a local is just fine, but with any anaesthetic and a properly working response to it, it's nothing to do with pain, but comfort and convenience.
(That said, my ex has a genetic condition where most sufferers of it are immune to the effects of anaesthetics and - over time and because of acclimatisation - almost all painkillers. You have to give the anaesthetist warning and a lot of the time they go for an overly-powerful general to make sure you're really out, even for the simplest of dental work)
When the video shows off nothing but graphical effects, it's unlikely.
Seriously, at some point, the oceans will be as realistic as they can be, the HDR will be spot on, the reflections won't affect performance, the model detail will be high enough for ANYTHING.
Then, what will they do? All their old games will look like junk, and have no redeeming feature beyond their graphics. And, maybe, finally, we can get back to making *games*. You know, things with plots, gameplay, a point, freedom, etc. Sound hit that point a long while ago - you know, I don't think there's much more you *can* do to improve upon a game that has proper 3D sound with real-time effects - so games don't even mention it any more whereas ten or fifteen years ago stereo, or 3D sound, was something to boast about.
As it is, the gaming scenes are currently dominated by rehashes of old-school games that are playable, open, and fun (hell, Minecraft pales in comparison to something like Hunter on the Amiga, etc.). While crap like this sinks billions into graphics and engine development that will eventually stop recouping its costs.
I'm just hoping, beyond hope, that if HL2:Ep3 ever does appear, it will show something NEW. I don't care about graphics - I want something I can play on my laptop. I want something that's *fun* to play and engaging. HL2 managed that. I literally played it through in one hit and then later went back to play through all the released episodes again in one long session (with, I think, only one or two breaks in gameplay - and NOT to play another game).
Seriously, developers, what are you going to do when EVERYONE can play games with ALL this crap in them? It's not as far in the future as you seem to think. And just what will you do then?
Like Opera's had for about 3 major versions now?
If you DO NOT KNOW how to stop your car should a component fail, you're driving without due care and attention. I'm not saying you *won't* hit anything, but if something major like your brakes fail or accelerator jams, then you should know what to do. Depending on the car and the damage you don't care about causing to it, this can be anything from clutch-down, to forcibly out of gear, to handbrake, to clipping kerbs deliberately, to double-de-clutching or just plain switching off the engine (seriously, if you're going to zoom at 100kph out of your control, and you've tried the obvious, fuck what you've heard about losing power-steering - you'll still HAVE steering but in the worse case of steering lock coming on, it's a damn sight better to brake in a straight line with no engine fighting you than careening about the place at speed trying to weave in and out of crap that doesn't know what's happened to you).
If you DO NOT KNOW what to do: Find out. Before you use the car again. Hell, find a "test track" like an empty car park late at night and try it out (GENTLY!) if you want. Be shocked by how ineffective a handbrake can be, and how much it can affect your steering on some cars. See how long it takes a non-powered car to start versus a powered one.
But if you don't do this, really, you're driving a car that you don't know how to drive. Any idiot can press the throttle in a strange car without thinking. But you should KNOW how the car works from a driver's perspective to the point of knowing what to do in an emergency FIRST. For 99% of cars, this isn't a problem - they are pretty much the same.
But if you notice that you're in an auto and you've never driven an auto before - look up what to do with it. If you're in a start/stop electric crap, LOOK UP WHAT TO DO WITH IT. Some of those cars have literally computer-like-resets - hold the button down for 5. During those 5 seconds (less than the recommended 2-second gap between you and the car in front), you're going to need to do something else too. Find out what will work, whether in theory or practice.
I find it quite horrendous that more people "know" you should wait for your car to sink to the bottom of the river and the pressure to equalise before getting out of it (WRONG! Get out of there before it dips below the waterline and you won't have any problems! Once the water pressure is on it, that door won't open until you're already in danger of drowning) than know how to bring an out-of-control car to a stop.
LEARN YOUR CAR. It's doing everything it can to save you all the time, and most of its cost is from safety featurees, and you can't be bothered to learn how to stop it in an emergency?
Some of us have memories. Some of us have been stung. Many times. Some of us still can't believe that people even touch your products.
On a ranking of evil in IT, I'd probably go more for something like:
Microsoft
Sony
Apple
Facebook
Google
That's not to say that Google is perfect (far from it), but there's at least options to opt out of most of the evilness without too much inconvenience. Why Facebook is on the list, I don't know - dragging in something from a completely different sector of the industry really just stinks of trying to cover your arse to me. But for years Facebooks privacy and user-choices about letting you do what you wanted with the service were atrocious.
At the top, though, there's a vast gap between companies. Sony and Microsoft are pretty joint and I assure you that Sony gets a lot more flak than MS ever will purely because they cover so many more markets.
But MS is the only company that has a LONG history of doing these things. Hell, they were doing them to me when I was a kid (I had DR DOS!) and some of those other companies were either a) at the peak of their success, b) veering into obscurity (even if they did later recover) or c) didn't exist back then.
And claiming that MS somehow don't *deserve* a lot of the negative press they get, especially amongst consumers, is quite ridiculous. They've always had SOMETHING that stupid and hateful in their product line (they just tripled SQL Server costs, didn't they?) whether it's XBoxes overheating, or Windows ME being a pile of turd, or disabling of RPC1 drives, or horrendous network filesystem performance because of media-scanning, or RDP holes being discovered NOW (when RDP been's around for, what, a decade or more?) etc.
Sony only make a few gaffes a year, at that, and their ever-ongoing prices that induce laughter. MS seem to pull out something every few weeks (MS India failing to keep check on its representatives).
At even at the consumer end, for those people who *don't* keep up with tech news or care how evil a company is, MS still has a terrible reputation. I'm not really surprised. Have you seen the price of Windows / Office to the average consumer in a shop? Have you seen how easy it is for a bunch of innocent kids to break a family PC software setup completely so it's basically unusable, even without admin privileges? Have you looked at the impact to your non-business customers when you enforce new, incompatible file formats and new software paradigms without any guess what to do (Windows 8 springs to mind, which deletes the Start button and replaces it with an invisible "hover" panel in the same area - REALLY obvious to an old granny or a 7-year-old)? Have you seen the mess that IE has made of the Internet?
Microsoft pretty much get what they deserve. Where they are successful, people buy and praise (Kinect seems to have gone down very well, but even then you were screwing over people who want to develop on it for PC for months, etc.). The problem is that your userbase is so large, and you focus on so little of it (e.g. profit-making large business), that you upset the majority of people every time you do something and don't care. Seriously. Go look at Windows Phone again. And look at the reactions to Windows 8. Are you really going to just ignore them?
You've sown the seeds for this DECADES ago with the techs (most of whom will find it difficult to trust you again) and for years now with the average guy. And you wonder why you get more hate than Google?
Meanwhile, all those applications are running in your large corporation while riddled with malware that's difficult to detect, isolate and remove.
Put out a patch and EVERYONE can test, and those for whom it is critical can TELL you what it did to their machines and/or choose to apply it or not.
Meanwhile, every home user is typing in their bank details into a computer that's reading their every move because some obscure application on the other side of the planet "might crash".
And, to be honest, any application that is affected by an external tool that clears a malware infection was either a) infected or b) poorly designed and implemented. That's what an OS is FOR - to isolate programs from each other and the hardware.
"the treatment of individuals"
Really? I don't think you want to walk down this road. How's that Geneva convention application coming along?