"And no, you are not a complete OSS fanatic. If you were, then you wouldn't be promoting the alternative."
There is nothing worse in a fanatic that not realising the flaws, problems and let-downs of that which he is fanatical about.
I recognise them perfectly. I've spent *hundreds*, maybe even *thousands* of hours testing OS programs and changing their code to try to suit my schools. The simple fact is that they are too far from a workable solution at the moment - nothing comes close to the £10 program that we can get from an educational supplier (normally written in VB or Shockwave or some such crap) in terms of *educational* content - and the whole point of my and the school's job (teach kids, and making that teaching possible) comes above everything.
I have a school at the moment, on Firefox, Thunderbird and OpenOffice (on *every* machine, including the kid's), with Linux thin clients (at VAST expense to the school because those machines were supposed to be returned but they saw them working once I'd rebuilt them and they then *paid* to keep them, they are not even capable of booting modern Windows but they are *fine* for what we are going to be using them for and very good value). It uses proprietary, freeware *and* Open-Source software. The OS software is heavily customised for our purposes (the school now recognise the advantage of having an IT Manager who can program too).
When I entered this school, it was MS-only, Office-only (still have all the MS licences to cover the entire site!) and they had already completely rejected an entire Linux-based network that had been bought and installed just a few years previously. That's an *uphill* struggle to get to where they are today, and I've knocked out all of their criticisms of the previous system (which was *shit* because of the installation and poor checking of requirements - that *was* a "Linux is cheaper" shop that installed that). I now have the bursar and principal pushing me to move more and more towards OS for the freedom it gives them - they are tired of vendor hassle whenever they want something which (from their own programming experiences many years ago) they know is a one-line fix. Upgrade the entire SQL server, administrative server, and all administrative desktop OS's just because the program that runs the canteen has been fiddled with by someone who didn't understand the impact? No thanks. Even *with* a free-upgrade license to later versions.
It's a private school, money is basically no object, if I wasn't here they'd be on Windows 7 with Exchange servers quite happily by now... the fact is that they "get" open-source now by my evangelism. And it filters down to the staff and kids ("Why has the Internet program changed, miss?" "Oh, that's because the other one was dangerous and could give us a virus and this one we can stop you playing with the options" "AAWWWW, Miss!!!"). And whenever there is a one-line fix that works around the problems of our ISP, dodgy hardware, staff stupidity, or even hardware failure I make sure to mention it and show them and they "get" the customisability and freedom aspects now.
The entire network fails over to 3G and implements heavy traffic filtering if the normal internet connection goes down. They had that in place within 24 hours of getting a 3G device and this was before people started making devices that *could* failover like that. And when it does happen, things filter back down to the desktop systems to make the users aware. They were willing to *pay* for a backup Internet connection facility (for, let's admit it, something pretty much as non-vital as you can get to their IT operations) and were going to run extra leased lines just to have *some* sort of backup but the ISP couldn't do it. Money wasn't an issue for them.
*They* have implemented a freeze on Vista and 7 deployments, not me. They have approved larger ongoing budgets in order to cope with that freeze and continue working. We actually pay *more* for the systems now than the equivalent MS
In practice - by the time these kids get into management, it's unlikely that anything will even be similar. I grew up on BBC Micros, BBC BASIC and a CP/M word processor in school - and I'm only 30. The entire face of computing changes on a regular basis (e.g. the whole Internet thing becoming popular).
Additionally, you go with whatever makes business sense. If MS makes business sense to you, go with it. If not, then don't. It's quite simple. There are no end of dirty tricks, especially in education, but to say that what the students grow up with determines the future is incorrect. What they grow up with determines what they *fix* in the future.
And I'm a complete OSS fanatic. But I work in education. There, the child matters. I use OSS servers and OSS web apps and OSS utilities and little OSS programs. But the bulk of the desktop in a school is proprietary educational software with *no* free equivalent at all because it takes decades of teaching experience to write a good program, it needs to be kept up to date with all the latest curricula (down to the letter) and not overwhelm the user with curricular choices. The only OSS desktop app I've ever got into schools in a big way was TuxPaint in primary schools (because over here it effectively replaces something called RM Colour Magic that's a heap of shit)... and only because it worked on Windows too.
Education is a *completely* different market and you can't understand it until you've worked in it. Backend? Nobody cares. Whether the desktops actually run Windows / Office, nobody cares. But if something they want to pay £5000 for a site licence for can't run (because it saves the teacher 30 mins a day in the course of their job), that's a dead system to them. Percentage of software that is *required* for my current school to operate for this term, which can run under WINE? About 5%, not including Office (which can be replaced with an equivalent).
Even weirder - on a machine which isn't on a domain, but which has a software firewall, you can open *every* port to a destination machine (e.g. a fileserver) and it *will* access the SMB shares of that fileserver (\\ipaddress\c$ etc.) but takes forever the first time because the broadcasts have been blocked by the firewall. So it doesn't need the broadcasts, or to be on that domain, or to do anything that isn't direct IP with the target machine - but it still takes forever to realise that and just start listing files.
And once you've done it once, that file sharing will run at full speed for the rest of the day. I'm imagining some sort of name resolution etc. issue (but the PC in question can actually use the same machine for DNS and still have the problem) but if it's not *required* to connect to the machine, why does it try anyway and hold everything up? And the firewall only ever reports NetBIOS traffic while that's happening.
Me neither. I've actually owned two mobile ("cell") phones in my entire life (I first got a phone when I turned 18 and I'm now 30). One was a Philips C12 (also called Savvy) back when I was still in Uni many moons ago. It never cost more than about £10/month. It phoned. It texted. It picked up a signal *everywhere*, even when all the expensive crap didn't. It did what I needed at the time. I only ditched it because it didn't have a standardised SIM and the carrier discontinued its service and you couldn't use any other with it.
The other is my current phone, a Nokia 6320 (I think - too many model numbers, and I don't care). My wife bought it for me to replace the above, and she couldn't find anything more basic. It cost a £10/month contract for a year and then I could keep it (and instantly switched it to PAYG). Bluetooth (I use about once a year to backup photos from my Dad's phone). Camera (never really used). FM Radio (never used). GPRS (I use VERY, VERY rarely to check a webpage on the move... with Opera Mini and PAYG it costs me about £0.10p a time). MP3 playback and ringtones (Erm... tested it once I think - then set everything to just ring like a phone). It plays Java apps, it reads SD cards, etc.etc.etc. I don't really care.
But it picked up a signal and I took a phone call on the top of Mount Teide in the Canary Islands (I didn't know it was still switched on and the caller was my parents back in England) when nobody else's waiting on the mountain top could even *find* a carrier. I've never found someone who can pick up a signal which that phone couldn't in my own country, and it often out-performs even the iPhone's etc. at that. It has a keypad that's intuitive and easy to use and it suffers lots of stabbing and abuse and still works.
I'm the IT guy - everyone comes to me asking what to buy and in my back pocket (and which has been sat on, smashed into the ground, run over, etc. more than a few times) is an ancient Nokia that does everything I need and out-performs everyone else's flash new contract phones on all the basics (connectivity, sending a text, making a phone call, getting it to do something in only three or four clicks of a button). When they start showing off and then try and blame the network because they can't send a simple text, I whip it out and show them the four-bar signal and send a text and get a reply in seconds. If I send them a text at that point, even on the same carrier, they might get it when we come back into a populated area about an hour later or something.
It needs a new battery because I only get about an hour of talk time out of it now but that's hardly surprising. I'll buy a new battery, it'll cost about what I pay in texts each month, rather than a new phone or contract.
And you know what? I don't even notice. Friends phone, I text a lot, I dial up vendors when I can't use the switchboard at work, I do everything on the damn thing and don't even notice the cost or technology involved. I feel safe if I have it in my pocket because I know I can phone breakdown, or at least get a text to a friend. That's how tech should be - seamless, fit for purpose, not life-changing. I don't want to have to relearn my damn phone's features and menus ever year, I just want something that rings, phones and texts. Everything else is a gimmick. And if you think paying "Only £50 a month" for 24 months is a good deal if they throw in a phone... you run off and do that. Does it not occur to you that they *guarantee* themselves that they will recoup the cost of the phone from you, and more profit, in that time period? Just because the "non-contract" version is even more expensive doesn't mean you're getting a good deal by signing a ludicrous contract.
Keep your gimmicky tat. I'll have a phone that rings, thanks, and costs me next to nothing and ties me into nothing at all.
What you forget is that GPL code is owned by the author, not some magical GPL entity. One author might well want to kick up a fuss, while another may want to deal with it quietly. Others might go to the SFLC, whose policy *is* discretion first (and that's what I believe the earlier articles were referring to).
Whether or not to kick up a stink, demand compensation/removal of the tool, prosecution etc. is in the hands of the copyright holder, not the SFLC (although the holder may choose to hand it over to them for the purposes of dealing with the case).
They aren't perfect by a long shot but yes, this is one of the reasons that the BBC is my main provider of news content. So they damn well should be, though. Why *all* news companies aren't like this, I can't understand. I thought the stereotypical reporter had a reputation for hitting the front page hard with controversial stories that they were "banned" from telling, not regurgitating celebrity crap.
I really don't care if Paris Hilton did X, Y or Z (or all three), I just want a quick summary of interesting things that have happened. I want more details on the ones *I* choose to read. I want them to get updated if the story changes. I want the facts and a couple of in-context quotes from the people involved if they want to say something. I want it online. I want to be able to access and search its archives. I don't need the news-provider to tell me their opinion ("Isn't it terrible? They are ruining the country!") - I have a brain of my own, thanks.
The fact that their entire site (not just the news section) is mostly clean HTML+CSS without all the fancy shit (except possibly on the BBC Schools page where they have interactive games etc.), that iPlayer (although "officially" not supporting Linux or permanent download) actually plays very well with get_iplayer.pl, that it's *always* up and loads super-fast even in the heaviest news scandals, and a million and one other tiny bonuses.
I don't watch the news... haven't for 10 years. I don't buy a paper... haven't for ten years (though I sometimes nick a Metro on the way home - free paper, fair summary of events, available on every London train, and a daily sudoku). I don't subscribe to *any* news outlet or use any other company/organisation to give me news. I get my news from the BBC and random things that catch my eye. The fact that the BBC is the only website that I *expect* to find some well-reported news on is testament to their expertise.
When there's the next big news story and I feel the need to pay attention, BBC News is where you'll find me. If there's no coverage there, I'll be looking on Google (not their News thing) somewhere for it myself.
The idea of the utility-pack is to be run when the OS is still working (e.g. to capture passwords that are still in memory etc.). Bootable devices are another thing entirely. Such "off-line" analysis is much easier to do by just copying the drive in a special device that has no write logic to the source drive at all. You wouldn't risk an entire investigation just because you used a bootable CD to access the hard drive first, you'd access the copy.
I would think even mere insertion of a USB device into a computer could lead to all sorts of problems - what if that USB key had a virus that transferred itself to the PC and then deleted itself from the USB device? The fact that this is a bog-standard set of files means that someone has to put these programs onto a writable USB drive (it's possible it's write-once but I would be dubious of that actually being the case) and then plug it into a computer - exactly the action that companies block by default because of the potential for rogue programs to be introduced and destroy/modify data.
Want to put someone in jail? Put something illegal on that USB drive, plug it into their computer with an autorun script that copies itself over and then deletes itself (and the script) from the USB drive. Then claim that it was a *different* drive you put in and submit a "clean" drive as evidence if they demand to see it.
Not to mention that actually doing *anything* on the original PC is damn stupid anyway but relying on a USB stick to run it? That's got to be asking for trouble. Oh, and disable USB and you've just stopped that attack.
I was always told that *anything* capable of writing to the drive or modifying the data you're trying to access was a no-no... that's why they image the drives through special "read-only" adaptors (apparently harder with SATA nowadays) and then analyse the image. Saving transient information onto a writable USB stick by execution of a program from that stick? Sounds like a recipe for disaster. That's gotta touch your swap or do something to memory in order to execute and proving that happened cleanly and provided a complete accurate copy of the contents of RAM/disk/swap before you plugged it in is probably impossible.
So can video timestamps, and sales records in shops, and tax receipts, and vehicle number plates, and all manner of other things.
If there is *suspicion* that the records have been tampered with, you would be charged with attempting to pervert the course of justice AND your other offences. The fact is though that, 99.99% of the time, people are happy to incriminate themselves, or the courts are willing to believe (on the balance of things) the words of honest people (even if they are before a court - your reputation, manner and appearance mean a lot when it comes to believing what you say - this is why the words of qualified professionals are able to be submitted as evidence). Which is good, or every single bank robber would claim that the CCTV was inaccurate, or the witness didn't really recognise them from the line-up but just guessed.
Law isn't a rigorous scientific discipline except as concerns evidence that may be in doubt. Nobody here questioned that the GPS logs were inaccurate because they were fairly sure (beyond reasonable doubt) that they could be trusted. Otherwise every bloody court case and fine would take decades to resolve.
Timestamps on CCTV submitted from a shop to clear someone's name are the perfect analogy here. The timestamps are believed because the person submitting them *probably* wouldn't have gone to the effort of faking them and, if they did, it would be hoped that this would be known, detected and counteracted. But I can easily set my CCTV system to run an hour late/early and then change it back before the police try to analyse my equipment. That timestamp could easily incriminate / clear a person, but the relevant words here are "beyond reasonable doubt" not "absolutely 100% scientifically impossible".
The facilities are there, in Windows registry and group policy for instance (Software restriction policy, I believe it is called). Some networks might even use those settings, but in general it's FAR FAR too much hassle (especially for a home user). Some software firewalls even work this way already too - I know that pay-for versions of ZoneAlarm come with signature checking of the most popular apps and allow users to black/white list them from accessing the Internet/local network.
The problem is that people would still authorise the same crap as they do now to run because they just click yes when they see a security dialog. And every time that software is updated (as specified by good network practice), you have to update all the signatures again (and query the user again, who gets bored/annoyed and just keeps clicking Yes). And most viruses on home machines are because people *chose* to run a program that they didn't know the origin of, either by downloading, clicking I Agree or turning their security settings off. And viruses still get through program exploits (macro viruses would be one old example - they appear to be Microsoft Word, which would obviously be "allowed" on the whitelist).
Also most "whitelists" can usually be hacked / added to by the virus itself if it gains the permissions of the user (how else would the user authorise it to run?) so they again become useless. There are ways around this but they all annoy the user.
Basically, either these schemes stop everything working (and users cry foul every time they want to run something new or update their software) or throw so many "Do you want to allow this?" dialogs at the user that they quickly disable it or just click Yes to everything when they want run their spiffy new download from disreputable sites.
Network admins find it far too much hassle to exercise this level of control because of the problems it can cause (basically, users want to be able to run arbitrary code under their user accounts).
The problem is not viruses, or the whitelist/blacklist, the problem is providing glaring holes in the OS, running as administrator (or making privilege escalation trivial) and running programs that you don't know the origin of. Stop those three things (the easiest of which is just to stop people wanting to run every program they download) and you stop the problem of computer viruses. Whitelists just make that a little trickier, but always provide an avenue to either bypass the whitelist (by the program itself inserting itself into the list, like Windows Firewall allows in some Windows versions) or piss the user off with so many dialogs that they turn the security off / click Yes to everything each time (Windows UAC).
I call bullshit. I think it's just a tech support guy misunderstanding (and it seems a bi-lingual conversation so the chances of that are even higher).
Open-sourcing Skype is very different to allowing Mandriva to add a non-trademarked icon to the Skype software (a bit like bundling Firefox - fine so long as you respect the trademark on the name and/or the logo and their requirements), or put a Mandriva icon onto the package etc. The two are discussed interchangeably and I don't see how they are related.
I think it's more likely a massive misunderstanding on the basis of zero evidence / poor translation. At best, I reckon that Skype for Linux will allow itself to be packaged more easily.
"Would you place your life in the hands of a computer system that had to have no software flaws in any of its components or suffer a hardware malfunction while you were on its watch?"
Yes, quite happily. Provided I knew the software was designed properly. In fact, not only that, but I do it *EVERY SINGLE DAY*. If my car's ABS decides to go loopy, it could easily kill me. Same for traction control. That's controlled by a black-box computer system in every car that's fitted with it. Fuel mixtures, the fuel pump itself, even the traffic lights. The only question is "has the system been engineered to a life-support-system level, rather than knocked up by an amateur?".
If I go to hospital, everything from the life support machines to the blood pressure monitor is a highly engineered computer with professionally tested software. If I go into London, the trains are computer-controlled (some of them, anyway, on the Docklands Light Railway) and travel at stupid speeds. If I travel on an aeroplane, my life is in a computer's hands much more so than the pilots. The fact that professional pilots even *allow* these systems onto their planes reassures me. Computers save and secure my life, silently, all day long. I trust the computers implicitly if they have been engineered to the correct standard (where the failure mode is safe too). Anyone who doesn't trust computers in those situations shouldn't be driving at all (not just in modern cars, but because of the traffic control systems, etc.), should never travel by air, go on a cruise ship, or a million and one other things. Do you expect / rely on your home telephone to contact the emergency services? You just placed your life in the hands of a computer.
Your post is *exactly* what I'm talking about. You rely on a computer to wake you up, get you to work at 70mph+ without dying, do your work, get you back home without dying, cook your dinner without irradiating you (own a microwave?), etc.etc.etc. But one of those computers that *isn't* critical (your home PC) goes wrong and suddenly computers are unrealiable. It's bullshit, and due to inconsiderate thinking you've tarred all these highly-controlled systems with the "My home PC crashes" brush.
This TechRadar article also explains why cars suck at math, too.
The timing belt was manufactured to be a few mm too short. But over the course of several thousand revolutions, those mm add up to a massive error, which causes the pistons to strike metal. Thus the car was a write-off.
It's no fairer to blame the computer than it is the car - some ABSOLUTE PILLOCK didn't design, implement or test their system properly. And *they* caused the 28 deaths, not the computer (and it can't be overstated just how elementary a mistake this is, especially in a military system, and should have been caught by basic code review and testing at every stage).
I hate stories like this because then you get deep mistrust of computerised systems where they *can* be incredibly useful, and without an adequate substitute. Every time a car won't start because the electronic ignition wasn't designed properly, every time a home computer crashes because someone didn't bother to isolate the apps from the OS well enough, every time something like this happens, people distrust "computers" more and more when what they should be distrusting is damn crappy programming.
A computer is as close as you can practically get to being perfect. Short of hardware failure (Intel FDIV bugs, bad RAM, corrupt drives etc.), computers do not make mistakes. If they crash, it's because they've been *told* to crash (the fact that you even *see* a blue screen or kernel panic means that the computer is still just blindly following orders).
There's no excuse for this - it's basic, elementary mathematics and binary manipulation. Some pillock threw a cheap CPU clock and a standard library at a time-critical, life-dependent military problem without even thinking. The programmers should be sacked, the testing teams should be sacked and ANYTHING they've ever created or reviewed should be overhauled to make sure they haven't made even worse mistakes.
Holy crap, is that bit of software still going? I remember seeing that back when I was an undergrad (>10 years ago now) and it was well-established even then. Never used it but "Scientific Word" had a bit of a reputation among some of my older peers.
- I hate writing, and always have and avoid it wherever possible - it hurts my hand and my handwriting is awful. - I was using computers way before anyone else in my school, I even took some of the lessons that I was supposed to be taught in (the teacher found it easier that way). - I went to university to study Mathematics and Computing and had already had five years (at least) of proper exposure to things like Maple, Matlab, etc. (I was doing my A-level projects in Maple when nobody else, including my teachers, had even heard of it) through my brother who attended the same university.
Every single mathematics-based lecture, for three entire years, I hand-wrote notes. It's the only sensible way to do so. There isn't a notation or shorthand that can cope with rapidly sketching down formulae (especially integrals, sums of series, etc.) and diagrams. In some subjects, a simple diagram showing an angle, or a particular piece of geometry is invaluable and could takes hours to reproduce properly on a computer. I know, because for the last ten years, I've worked for tuition centres, state and private schools and I'm often asked to professionally produce an electronic version of their course materials (99% of the time mathematics because that's my speciality).
Don't waste your time, memory, money and brainpower - just take pad and pen, or use a touchscreen/tablet PC if you *insist* on using a computer. When you're taking notes the last thing you want to be doing is taking down the mathematics like it's some kind of gospel. There will be a million books on the subject where you can find the nuts and bolts of the process, but if you lose that "feel" of the mathematics that you can only get by watching someone apply it in front of your eyes, you'll never truly understand it.
The point of a lecture is to demonstrate and explain and give opportunity for questions (yes, ask questions... why does *nobody* ask questions in lectures? It isn't forbidden, just don't waste everyone's time with trivialities!), you learn more in a ten minute lecture on a particular subject than you ever will by studying the materials from that lecture. *Being* there, with the enthusiastic tutor, and the commentary they give, is what makes the mathematics explain itself. Everything else is just paper-based memoranda of that lecture. Someone, somewhere will be selling notes from that lecture. I've taken copies of complete stranger's notes (with their permission) when I missed lectures for reasons beyond my control. Notes are memory-aids only. Wasting an immense amount of time recording them in such a fashion is to focus on the aesthetics of the tool, not the job you're doing with that tool. All you're actually doing is writing the book that your lecturer learned from, you're not learning anything, and doing so at great expense. Your concentration should be on the mathematics happening in front of you, not the paper in your hand or the computer under your fingers.
I often just sat in awe when I was in a lecture and watched the mathematics unfold in front of me, sketching only notes on the specifics.
Scribble notes. If you have special needs, ask to video/record the lectures or for the lecturers to provide assistance afterwards (and complain to the highest authorities if they don't let you). Then, study, study, study from your notes, your memory, your skills, and the vast wealth of materials on every subject imaginable. Anyone can find out how to apply equation X to input Y, or read a book on graph theory or calculus, but advanced mathematics is more about the patterns and the art of being able to discover, use and apply that knowledge, not copy from rote from two-year-old notes.
I graduated. Not a great grade but I was hitting a wall in my abilities in even the first year, a wall I've never been able to pass in the years since. Some courses ran like water through my sieve of a brain, and some were just second nature (and still are). But at no point did the actual taking of my notes interfere with
In other news, "nice" is considered dangerous because when you run nice with the command line parameter of a program, it executes the program! And crond. And at. And sudo. And bash. And a million script files.
This isn't shocking, it's stupid. Possibly slightly unexpected if you're a new admin, that's about it.
You second point against is the reason I steer clear on permanent whole-disk encryption on working machines.
Even with expensive servers, perfect RAID cards, BBU's and every other possible protection - sometimes the OS will just flip out and either crash or write crap to your filesystem. If not the OS, then the drive itself will do it. And then you have to do a chkdsk/fsck and with any form of encryption the chances are that you just trashed a whole lot more than a recent file entry and whatever open temporary files you have. Encryption ruining the basic readability of the filesystem and its underlying structure is the main reason I hate encryption products that operate whole-disk (which is the only perfect way to stop things being complete secure against permanent physical theft, I have to admit).
I can see using encryption for backups, I can see using it for any data that leaves the computer (network, tapes, etc.) but on the actual machine itself? I can see working on encrypted containers (with the knowledge that the data never gets written anywhere else in the meantime). But it's always seemed too risky to blanket-apply it to the whole storage device unless you're *really* certain about your backups being perfect and up-to-date all the time.
It's one of those "yeah, should never happen - but if it does, you're screwed" things.
I think you're only looking at the simple case. What about: I find out the intimate details of what you and your client were talking about on the phone and then use those details to dig deeper and find evidence I never would have without that phone call? Then I turn up in court, destroy your case, have nothing but hard evidence and you have no way of knowing that I used your taped conversation to do so (and probably couldn't prove it even if you thought that).
It'd be immoral and illegal but it *would* destroy your case outright and the chances of me getting caught are probably quite low if I'm someone with intelligence and knowledge of legal workings like, say, another lawyer?
The Javascript thing isn't important - that's how the device operates because it's been told to and, in 99% of circumstances it's an internal-only device. My printer offers up a lot worse options. However, exposing that interface to the web is stupid, as are using standardised passwords.
The former is nothing but user-education and/or forcing them into a password from the factory (like a lot of wireless routers comes with WPA keys printed on the bottom of them).
For the latter, a lot of cheap ADSL modems/routers do this, it's hardly a shock. Some of them run telnet on ports 254/255 and the only way to get rid of it is to forward that port to a non-existent IP address. Yes, it's crap security. Yes, they should know better. But, additionally, it's their fault from day one and people have known about this for YEARS.
It would also pick up on *any* external security scanner (e.g. nmap, GRC.com's ShieldsUp!) and any competent person would be testing any new system with something like that anyway. I know I've always scanned whenever I've used a new connection, if only to find what proxy servers / port-blocking / port-forwarding are in place. And yet all my Internet connections have hard-coded DNS, the router acts as nothing more than a passthrough to a real firewall (usually Linux iptables, if only for decent, configurable NAT / port-forwarding) and anything vaguely suspicious on an external scan is investigated (my ISP offer port 139 filtering as default, for example).
If you didn't know about it, test it. If you haven't already disabled it, do so. If you're that worried, change the device. This type of problem has been around for YEARS, and only the bog-standard, password is 'password', home users would ever be hurt by it. I think it's disgusting that they are, but they are not the only ISP / modem / router that has these problems.
And to claim this is new/shocking is quite misleading - most router manufacturers have suffered from this since ADSL became mainstream. Even things like BT's HomeHub have had similar security problems over the years.
And I repeat my original statement: "it's not "costing" the authors anything that they aren't already paying"
Server space - I don't think they've taken on any extra servers. 57,000 purchases in a week = 5 or so a minute, that's not exactly taxing even a single server on top of normal usage.
Hosting fees / Bandwidth - Unless they *seriously* exceeded their bandwidth, I don't think that's a problem either - and to be honest, they probably had more traffic on the game launch day with everyone downloading the demo, etc. Any decent small company can afford gobs of bandwidth nowadays.
Electricity - They probably *don't* pay any extra for this at all for the sale event... in a hosted environment, it'd be fixed-rate. And if they're hosting it themselves, I think the $100,000 should cover the extra $1 or so to count for the extra electricity.
I'm not saying it's "free" for them to do it, but it's so miniscule a percentage of their profit it's not worth talking about, and probably zero cost on top of what they'd need if they hadn't run the sale. It's a different thing entirely to say "I needed to put a server up to do all this" instead of "well, our server got a bit more traffic".
An OS that's been available for customers for a whole day (and that's special pre-orders for certain customers in certain countries)? Why should 2DBoy sign up on MSDN just to get advanced previews of whether their software will work? That's a serious question for a small business. Either give them time, wait for a patch, patch it yourself, try it in every compatibility mode or bitch about how a program that's never seen an operating system that's been out for one day doesn't work.
I would expect more, to be honest, out of 57,000 and you have to take account of that when you run any such event. Personally, I'd have said any *dollar* amount, so it would have gone for at least $1 and made the maths a little easier but if it was *possible* to buy at 1c, I quite expect to see a hefty percentage of people pay that.
The so-called "honesty box" system works on the basis that *enough* people are honest (not that all of them are, or even most of them), whether you've put bunches of flowers in a tub by the side of the road, with a tin for collecting payment, or you're selling a game on the Internet. (The flowers thing is quite common the rural UK - a few pennies and you can take as many flowers as you like because they are effectively surplus, and very few people run off with the tin full of change, either).
I've personally purchased two World of Goo's, one for me, one for a friend, and think it's a great game. On reading this article, I emailled a couple of friends that might be interested. I don't really care if they pay $10, or $1, or 1c, so long as they get the game - it's not "costing" the authors anything that they aren't already paying, and it is with their blessing, and the publicity etc. they are getting more than makes up for it.
The fact is that most games are too expensive, and I've often thought "If that was a little cheaper, I'd buy it" but rarely tell the author. The feedback from knowing what/why people are spending what they do if a phenomenal statistic to have. And I don't think they did bad out of a game that most people already have and most people already paid full-price for, and for which sales are sloping:
(57,000 times $2.03) - 13% (Paypal small-transaction fees) = just over $100,000, before they even make the front page of Slashdot. IN A WEEK. I don't think the authors have suffered. I think a lot of people who couldn't justify the expense now get a great piece of entertainment. The authors get a shedload of easy money from an "old" game, tons of free advertising and lots of useful feedback, a few pirates make themselves legit, some people get that warm glow of supporting and author, some cheapskate people get a "free" game and Paypal make a shedload of money too. I think that's pretty much win-win.
"And no, you are not a complete OSS fanatic. If you were, then you wouldn't be promoting the alternative."
There is nothing worse in a fanatic that not realising the flaws, problems and let-downs of that which he is fanatical about.
I recognise them perfectly. I've spent *hundreds*, maybe even *thousands* of hours testing OS programs and changing their code to try to suit my schools. The simple fact is that they are too far from a workable solution at the moment - nothing comes close to the £10 program that we can get from an educational supplier (normally written in VB or Shockwave or some such crap) in terms of *educational* content - and the whole point of my and the school's job (teach kids, and making that teaching possible) comes above everything.
I have a school at the moment, on Firefox, Thunderbird and OpenOffice (on *every* machine, including the kid's), with Linux thin clients (at VAST expense to the school because those machines were supposed to be returned but they saw them working once I'd rebuilt them and they then *paid* to keep them, they are not even capable of booting modern Windows but they are *fine* for what we are going to be using them for and very good value). It uses proprietary, freeware *and* Open-Source software. The OS software is heavily customised for our purposes (the school now recognise the advantage of having an IT Manager who can program too).
When I entered this school, it was MS-only, Office-only (still have all the MS licences to cover the entire site!) and they had already completely rejected an entire Linux-based network that had been bought and installed just a few years previously. That's an *uphill* struggle to get to where they are today, and I've knocked out all of their criticisms of the previous system (which was *shit* because of the installation and poor checking of requirements - that *was* a "Linux is cheaper" shop that installed that). I now have the bursar and principal pushing me to move more and more towards OS for the freedom it gives them - they are tired of vendor hassle whenever they want something which (from their own programming experiences many years ago) they know is a one-line fix. Upgrade the entire SQL server, administrative server, and all administrative desktop OS's just because the program that runs the canteen has been fiddled with by someone who didn't understand the impact? No thanks. Even *with* a free-upgrade license to later versions.
It's a private school, money is basically no object, if I wasn't here they'd be on Windows 7 with Exchange servers quite happily by now... the fact is that they "get" open-source now by my evangelism. And it filters down to the staff and kids ("Why has the Internet program changed, miss?" "Oh, that's because the other one was dangerous and could give us a virus and this one we can stop you playing with the options" "AAWWWW, Miss!!!"). And whenever there is a one-line fix that works around the problems of our ISP, dodgy hardware, staff stupidity, or even hardware failure I make sure to mention it and show them and they "get" the customisability and freedom aspects now.
The entire network fails over to 3G and implements heavy traffic filtering if the normal internet connection goes down. They had that in place within 24 hours of getting a 3G device and this was before people started making devices that *could* failover like that. And when it does happen, things filter back down to the desktop systems to make the users aware. They were willing to *pay* for a backup Internet connection facility (for, let's admit it, something pretty much as non-vital as you can get to their IT operations) and were going to run extra leased lines just to have *some* sort of backup but the ISP couldn't do it. Money wasn't an issue for them.
*They* have implemented a freeze on Vista and 7 deployments, not me. They have approved larger ongoing budgets in order to cope with that freeze and continue working. We actually pay *more* for the systems now than the equivalent MS
In theory, you may think you're right.
In practice - by the time these kids get into management, it's unlikely that anything will even be similar. I grew up on BBC Micros, BBC BASIC and a CP/M word processor in school - and I'm only 30. The entire face of computing changes on a regular basis (e.g. the whole Internet thing becoming popular).
Additionally, you go with whatever makes business sense. If MS makes business sense to you, go with it. If not, then don't. It's quite simple. There are no end of dirty tricks, especially in education, but to say that what the students grow up with determines the future is incorrect. What they grow up with determines what they *fix* in the future.
And I'm a complete OSS fanatic. But I work in education. There, the child matters. I use OSS servers and OSS web apps and OSS utilities and little OSS programs. But the bulk of the desktop in a school is proprietary educational software with *no* free equivalent at all because it takes decades of teaching experience to write a good program, it needs to be kept up to date with all the latest curricula (down to the letter) and not overwhelm the user with curricular choices. The only OSS desktop app I've ever got into schools in a big way was TuxPaint in primary schools (because over here it effectively replaces something called RM Colour Magic that's a heap of shit)... and only because it worked on Windows too.
Education is a *completely* different market and you can't understand it until you've worked in it. Backend? Nobody cares. Whether the desktops actually run Windows / Office, nobody cares. But if something they want to pay £5000 for a site licence for can't run (because it saves the teacher 30 mins a day in the course of their job), that's a dead system to them. Percentage of software that is *required* for my current school to operate for this term, which can run under WINE? About 5%, not including Office (which can be replaced with an equivalent).
Even weirder - on a machine which isn't on a domain, but which has a software firewall, you can open *every* port to a destination machine (e.g. a fileserver) and it *will* access the SMB shares of that fileserver (\\ipaddress\c$ etc.) but takes forever the first time because the broadcasts have been blocked by the firewall. So it doesn't need the broadcasts, or to be on that domain, or to do anything that isn't direct IP with the target machine - but it still takes forever to realise that and just start listing files.
And once you've done it once, that file sharing will run at full speed for the rest of the day. I'm imagining some sort of name resolution etc. issue (but the PC in question can actually use the same machine for DNS and still have the problem) but if it's not *required* to connect to the machine, why does it try anyway and hold everything up? And the firewall only ever reports NetBIOS traffic while that's happening.
I once passed a shop offering "Sandwich boxe's". I call it hedge-your-bets punctuation...
Me neither. I've actually owned two mobile ("cell") phones in my entire life (I first got a phone when I turned 18 and I'm now 30). One was a Philips C12 (also called Savvy) back when I was still in Uni many moons ago. It never cost more than about £10/month. It phoned. It texted. It picked up a signal *everywhere*, even when all the expensive crap didn't. It did what I needed at the time. I only ditched it because it didn't have a standardised SIM and the carrier discontinued its service and you couldn't use any other with it.
The other is my current phone, a Nokia 6320 (I think - too many model numbers, and I don't care). My wife bought it for me to replace the above, and she couldn't find anything more basic. It cost a £10/month contract for a year and then I could keep it (and instantly switched it to PAYG). Bluetooth (I use about once a year to backup photos from my Dad's phone). Camera (never really used). FM Radio (never used). GPRS (I use VERY, VERY rarely to check a webpage on the move... with Opera Mini and PAYG it costs me about £0.10p a time). MP3 playback and ringtones (Erm... tested it once I think - then set everything to just ring like a phone). It plays Java apps, it reads SD cards, etc.etc.etc. I don't really care.
But it picked up a signal and I took a phone call on the top of Mount Teide in the Canary Islands (I didn't know it was still switched on and the caller was my parents back in England) when nobody else's waiting on the mountain top could even *find* a carrier. I've never found someone who can pick up a signal which that phone couldn't in my own country, and it often out-performs even the iPhone's etc. at that. It has a keypad that's intuitive and easy to use and it suffers lots of stabbing and abuse and still works.
I'm the IT guy - everyone comes to me asking what to buy and in my back pocket (and which has been sat on, smashed into the ground, run over, etc. more than a few times) is an ancient Nokia that does everything I need and out-performs everyone else's flash new contract phones on all the basics (connectivity, sending a text, making a phone call, getting it to do something in only three or four clicks of a button). When they start showing off and then try and blame the network because they can't send a simple text, I whip it out and show them the four-bar signal and send a text and get a reply in seconds. If I send them a text at that point, even on the same carrier, they might get it when we come back into a populated area about an hour later or something.
It needs a new battery because I only get about an hour of talk time out of it now but that's hardly surprising. I'll buy a new battery, it'll cost about what I pay in texts each month, rather than a new phone or contract.
And you know what? I don't even notice. Friends phone, I text a lot, I dial up vendors when I can't use the switchboard at work, I do everything on the damn thing and don't even notice the cost or technology involved. I feel safe if I have it in my pocket because I know I can phone breakdown, or at least get a text to a friend. That's how tech should be - seamless, fit for purpose, not life-changing. I don't want to have to relearn my damn phone's features and menus ever year, I just want something that rings, phones and texts. Everything else is a gimmick. And if you think paying "Only £50 a month" for 24 months is a good deal if they throw in a phone... you run off and do that. Does it not occur to you that they *guarantee* themselves that they will recoup the cost of the phone from you, and more profit, in that time period? Just because the "non-contract" version is even more expensive doesn't mean you're getting a good deal by signing a ludicrous contract.
Keep your gimmicky tat. I'll have a phone that rings, thanks, and costs me next to nothing and ties me into nothing at all.
What you forget is that GPL code is owned by the author, not some magical GPL entity. One author might well want to kick up a fuss, while another may want to deal with it quietly. Others might go to the SFLC, whose policy *is* discretion first (and that's what I believe the earlier articles were referring to).
Whether or not to kick up a stink, demand compensation/removal of the tool, prosecution etc. is in the hands of the copyright holder, not the SFLC (although the holder may choose to hand it over to them for the purposes of dealing with the case).
They aren't perfect by a long shot but yes, this is one of the reasons that the BBC is my main provider of news content. So they damn well should be, though. Why *all* news companies aren't like this, I can't understand. I thought the stereotypical reporter had a reputation for hitting the front page hard with controversial stories that they were "banned" from telling, not regurgitating celebrity crap.
I really don't care if Paris Hilton did X, Y or Z (or all three), I just want a quick summary of interesting things that have happened. I want more details on the ones *I* choose to read. I want them to get updated if the story changes. I want the facts and a couple of in-context quotes from the people involved if they want to say something. I want it online. I want to be able to access and search its archives. I don't need the news-provider to tell me their opinion ("Isn't it terrible? They are ruining the country!") - I have a brain of my own, thanks.
The fact that their entire site (not just the news section) is mostly clean HTML+CSS without all the fancy shit (except possibly on the BBC Schools page where they have interactive games etc.), that iPlayer (although "officially" not supporting Linux or permanent download) actually plays very well with get_iplayer.pl, that it's *always* up and loads super-fast even in the heaviest news scandals, and a million and one other tiny bonuses.
I don't watch the news... haven't for 10 years. I don't buy a paper... haven't for ten years (though I sometimes nick a Metro on the way home - free paper, fair summary of events, available on every London train, and a daily sudoku). I don't subscribe to *any* news outlet or use any other company/organisation to give me news. I get my news from the BBC and random things that catch my eye. The fact that the BBC is the only website that I *expect* to find some well-reported news on is testament to their expertise.
When there's the next big news story and I feel the need to pay attention, BBC News is where you'll find me. If there's no coverage there, I'll be looking on Google (not their News thing) somewhere for it myself.
The idea of the utility-pack is to be run when the OS is still working (e.g. to capture passwords that are still in memory etc.). Bootable devices are another thing entirely. Such "off-line" analysis is much easier to do by just copying the drive in a special device that has no write logic to the source drive at all. You wouldn't risk an entire investigation just because you used a bootable CD to access the hard drive first, you'd access the copy.
I would think even mere insertion of a USB device into a computer could lead to all sorts of problems - what if that USB key had a virus that transferred itself to the PC and then deleted itself from the USB device? The fact that this is a bog-standard set of files means that someone has to put these programs onto a writable USB drive (it's possible it's write-once but I would be dubious of that actually being the case) and then plug it into a computer - exactly the action that companies block by default because of the potential for rogue programs to be introduced and destroy/modify data.
Want to put someone in jail? Put something illegal on that USB drive, plug it into their computer with an autorun script that copies itself over and then deletes itself (and the script) from the USB drive. Then claim that it was a *different* drive you put in and submit a "clean" drive as evidence if they demand to see it.
Not to mention that actually doing *anything* on the original PC is damn stupid anyway but relying on a USB stick to run it? That's got to be asking for trouble. Oh, and disable USB and you've just stopped that attack.
I was always told that *anything* capable of writing to the drive or modifying the data you're trying to access was a no-no... that's why they image the drives through special "read-only" adaptors (apparently harder with SATA nowadays) and then analyse the image. Saving transient information onto a writable USB stick by execution of a program from that stick? Sounds like a recipe for disaster. That's gotta touch your swap or do something to memory in order to execute and proving that happened cleanly and provided a complete accurate copy of the contents of RAM/disk/swap before you plugged it in is probably impossible.
So can video timestamps, and sales records in shops, and tax receipts, and vehicle number plates, and all manner of other things.
If there is *suspicion* that the records have been tampered with, you would be charged with attempting to pervert the course of justice AND your other offences. The fact is though that, 99.99% of the time, people are happy to incriminate themselves, or the courts are willing to believe (on the balance of things) the words of honest people (even if they are before a court - your reputation, manner and appearance mean a lot when it comes to believing what you say - this is why the words of qualified professionals are able to be submitted as evidence). Which is good, or every single bank robber would claim that the CCTV was inaccurate, or the witness didn't really recognise them from the line-up but just guessed.
Law isn't a rigorous scientific discipline except as concerns evidence that may be in doubt. Nobody here questioned that the GPS logs were inaccurate because they were fairly sure (beyond reasonable doubt) that they could be trusted. Otherwise every bloody court case and fine would take decades to resolve.
Timestamps on CCTV submitted from a shop to clear someone's name are the perfect analogy here. The timestamps are believed because the person submitting them *probably* wouldn't have gone to the effort of faking them and, if they did, it would be hoped that this would be known, detected and counteracted. But I can easily set my CCTV system to run an hour late/early and then change it back before the police try to analyse my equipment. That timestamp could easily incriminate / clear a person, but the relevant words here are "beyond reasonable doubt" not "absolutely 100% scientifically impossible".
The facilities are there, in Windows registry and group policy for instance (Software restriction policy, I believe it is called). Some networks might even use those settings, but in general it's FAR FAR too much hassle (especially for a home user). Some software firewalls even work this way already too - I know that pay-for versions of ZoneAlarm come with signature checking of the most popular apps and allow users to black/white list them from accessing the Internet/local network.
The problem is that people would still authorise the same crap as they do now to run because they just click yes when they see a security dialog. And every time that software is updated (as specified by good network practice), you have to update all the signatures again (and query the user again, who gets bored/annoyed and just keeps clicking Yes). And most viruses on home machines are because people *chose* to run a program that they didn't know the origin of, either by downloading, clicking I Agree or turning their security settings off. And viruses still get through program exploits (macro viruses would be one old example - they appear to be Microsoft Word, which would obviously be "allowed" on the whitelist).
Also most "whitelists" can usually be hacked / added to by the virus itself if it gains the permissions of the user (how else would the user authorise it to run?) so they again become useless. There are ways around this but they all annoy the user.
Basically, either these schemes stop everything working (and users cry foul every time they want to run something new or update their software) or throw so many "Do you want to allow this?" dialogs at the user that they quickly disable it or just click Yes to everything when they want run their spiffy new download from disreputable sites.
Network admins find it far too much hassle to exercise this level of control because of the problems it can cause (basically, users want to be able to run arbitrary code under their user accounts).
The problem is not viruses, or the whitelist/blacklist, the problem is providing glaring holes in the OS, running as administrator (or making privilege escalation trivial) and running programs that you don't know the origin of. Stop those three things (the easiest of which is just to stop people wanting to run every program they download) and you stop the problem of computer viruses. Whitelists just make that a little trickier, but always provide an avenue to either bypass the whitelist (by the program itself inserting itself into the list, like Windows Firewall allows in some Windows versions) or piss the user off with so many dialogs that they turn the security off / click Yes to everything each time (Windows UAC).
I call bullshit. I think it's just a tech support guy misunderstanding (and it seems a bi-lingual conversation so the chances of that are even higher).
Open-sourcing Skype is very different to allowing Mandriva to add a non-trademarked icon to the Skype software (a bit like bundling Firefox - fine so long as you respect the trademark on the name and/or the logo and their requirements), or put a Mandriva icon onto the package etc. The two are discussed interchangeably and I don't see how they are related.
I think it's more likely a massive misunderstanding on the basis of zero evidence / poor translation. At best, I reckon that Skype for Linux will allow itself to be packaged more easily.
"Would you place your life in the hands of a computer system that had to have no software flaws in any of its components or suffer a hardware malfunction while you were on its watch?"
Yes, quite happily. Provided I knew the software was designed properly. In fact, not only that, but I do it *EVERY SINGLE DAY*. If my car's ABS decides to go loopy, it could easily kill me. Same for traction control. That's controlled by a black-box computer system in every car that's fitted with it. Fuel mixtures, the fuel pump itself, even the traffic lights. The only question is "has the system been engineered to a life-support-system level, rather than knocked up by an amateur?".
If I go to hospital, everything from the life support machines to the blood pressure monitor is a highly engineered computer with professionally tested software. If I go into London, the trains are computer-controlled (some of them, anyway, on the Docklands Light Railway) and travel at stupid speeds. If I travel on an aeroplane, my life is in a computer's hands much more so than the pilots. The fact that professional pilots even *allow* these systems onto their planes reassures me. Computers save and secure my life, silently, all day long. I trust the computers implicitly if they have been engineered to the correct standard (where the failure mode is safe too). Anyone who doesn't trust computers in those situations shouldn't be driving at all (not just in modern cars, but because of the traffic control systems, etc.), should never travel by air, go on a cruise ship, or a million and one other things. Do you expect / rely on your home telephone to contact the emergency services? You just placed your life in the hands of a computer.
Your post is *exactly* what I'm talking about. You rely on a computer to wake you up, get you to work at 70mph+ without dying, do your work, get you back home without dying, cook your dinner without irradiating you (own a microwave?), etc.etc.etc. But one of those computers that *isn't* critical (your home PC) goes wrong and suddenly computers are unrealiable. It's bullshit, and due to inconsiderate thinking you've tarred all these highly-controlled systems with the "My home PC crashes" brush.
This TechRadar article also explains why cars suck at math, too.
The timing belt was manufactured to be a few mm too short. But over the course of several thousand revolutions, those mm add up to a massive error, which causes the pistons to strike metal. Thus the car was a write-off.
It's no fairer to blame the computer than it is the car - some ABSOLUTE PILLOCK didn't design, implement or test their system properly. And *they* caused the 28 deaths, not the computer (and it can't be overstated just how elementary a mistake this is, especially in a military system, and should have been caught by basic code review and testing at every stage).
I hate stories like this because then you get deep mistrust of computerised systems where they *can* be incredibly useful, and without an adequate substitute. Every time a car won't start because the electronic ignition wasn't designed properly, every time a home computer crashes because someone didn't bother to isolate the apps from the OS well enough, every time something like this happens, people distrust "computers" more and more when what they should be distrusting is damn crappy programming.
A computer is as close as you can practically get to being perfect. Short of hardware failure (Intel FDIV bugs, bad RAM, corrupt drives etc.), computers do not make mistakes. If they crash, it's because they've been *told* to crash (the fact that you even *see* a blue screen or kernel panic means that the computer is still just blindly following orders).
There's no excuse for this - it's basic, elementary mathematics and binary manipulation. Some pillock threw a cheap CPU clock and a standard library at a time-critical, life-dependent military problem without even thinking. The programmers should be sacked, the testing teams should be sacked and ANYTHING they've ever created or reviewed should be overhauled to make sure they haven't made even worse mistakes.
"I'm using the new release right now; it's crashed once but only once in several hours of use"
When did crashes stop being an embarrassing programming mistake and become a metric?
Holy crap, is that bit of software still going? I remember seeing that back when I was an undergrad (>10 years ago now) and it was well-established even then. Never used it but "Scientific Word" had a bit of a reputation among some of my older peers.
- I hate writing, and always have and avoid it wherever possible - it hurts my hand and my handwriting is awful.
- I was using computers way before anyone else in my school, I even took some of the lessons that I was supposed to be taught in (the teacher found it easier that way).
- I went to university to study Mathematics and Computing and had already had five years (at least) of proper exposure to things like Maple, Matlab, etc. (I was doing my A-level projects in Maple when nobody else, including my teachers, had even heard of it) through my brother who attended the same university.
Every single mathematics-based lecture, for three entire years, I hand-wrote notes. It's the only sensible way to do so. There isn't a notation or shorthand that can cope with rapidly sketching down formulae (especially integrals, sums of series, etc.) and diagrams. In some subjects, a simple diagram showing an angle, or a particular piece of geometry is invaluable and could takes hours to reproduce properly on a computer. I know, because for the last ten years, I've worked for tuition centres, state and private schools and I'm often asked to professionally produce an electronic version of their course materials (99% of the time mathematics because that's my speciality).
Don't waste your time, memory, money and brainpower - just take pad and pen, or use a touchscreen/tablet PC if you *insist* on using a computer. When you're taking notes the last thing you want to be doing is taking down the mathematics like it's some kind of gospel. There will be a million books on the subject where you can find the nuts and bolts of the process, but if you lose that "feel" of the mathematics that you can only get by watching someone apply it in front of your eyes, you'll never truly understand it.
The point of a lecture is to demonstrate and explain and give opportunity for questions (yes, ask questions... why does *nobody* ask questions in lectures? It isn't forbidden, just don't waste everyone's time with trivialities!), you learn more in a ten minute lecture on a particular subject than you ever will by studying the materials from that lecture. *Being* there, with the enthusiastic tutor, and the commentary they give, is what makes the mathematics explain itself. Everything else is just paper-based memoranda of that lecture. Someone, somewhere will be selling notes from that lecture. I've taken copies of complete stranger's notes (with their permission) when I missed lectures for reasons beyond my control. Notes are memory-aids only. Wasting an immense amount of time recording them in such a fashion is to focus on the aesthetics of the tool, not the job you're doing with that tool. All you're actually doing is writing the book that your lecturer learned from, you're not learning anything, and doing so at great expense. Your concentration should be on the mathematics happening in front of you, not the paper in your hand or the computer under your fingers.
I often just sat in awe when I was in a lecture and watched the mathematics unfold in front of me, sketching only notes on the specifics.
Scribble notes. If you have special needs, ask to video/record the lectures or for the lecturers to provide assistance afterwards (and complain to the highest authorities if they don't let you). Then, study, study, study from your notes, your memory, your skills, and the vast wealth of materials on every subject imaginable. Anyone can find out how to apply equation X to input Y, or read a book on graph theory or calculus, but advanced mathematics is more about the patterns and the art of being able to discover, use and apply that knowledge, not copy from rote from two-year-old notes.
I graduated. Not a great grade but I was hitting a wall in my abilities in even the first year, a wall I've never been able to pass in the years since. Some courses ran like water through my sieve of a brain, and some were just second nature (and still are). But at no point did the actual taking of my notes interfere with
In other news, "nice" is considered dangerous because when you run nice with the command line parameter of a program, it executes the program! And crond. And at. And sudo. And bash. And a million script files.
This isn't shocking, it's stupid. Possibly slightly unexpected if you're a new admin, that's about it.
You second point against is the reason I steer clear on permanent whole-disk encryption on working machines.
Even with expensive servers, perfect RAID cards, BBU's and every other possible protection - sometimes the OS will just flip out and either crash or write crap to your filesystem. If not the OS, then the drive itself will do it. And then you have to do a chkdsk/fsck and with any form of encryption the chances are that you just trashed a whole lot more than a recent file entry and whatever open temporary files you have. Encryption ruining the basic readability of the filesystem and its underlying structure is the main reason I hate encryption products that operate whole-disk (which is the only perfect way to stop things being complete secure against permanent physical theft, I have to admit).
I can see using encryption for backups, I can see using it for any data that leaves the computer (network, tapes, etc.) but on the actual machine itself? I can see working on encrypted containers (with the knowledge that the data never gets written anywhere else in the meantime). But it's always seemed too risky to blanket-apply it to the whole storage device unless you're *really* certain about your backups being perfect and up-to-date all the time.
It's one of those "yeah, should never happen - but if it does, you're screwed" things.
I think you're only looking at the simple case. What about: I find out the intimate details of what you and your client were talking about on the phone and then use those details to dig deeper and find evidence I never would have without that phone call? Then I turn up in court, destroy your case, have nothing but hard evidence and you have no way of knowing that I used your taped conversation to do so (and probably couldn't prove it even if you thought that).
It'd be immoral and illegal but it *would* destroy your case outright and the chances of me getting caught are probably quite low if I'm someone with intelligence and knowledge of legal workings like, say, another lawyer?
The Javascript thing isn't important - that's how the device operates because it's been told to and, in 99% of circumstances it's an internal-only device. My printer offers up a lot worse options. However, exposing that interface to the web is stupid, as are using standardised passwords.
The former is nothing but user-education and/or forcing them into a password from the factory (like a lot of wireless routers comes with WPA keys printed on the bottom of them).
For the latter, a lot of cheap ADSL modems/routers do this, it's hardly a shock. Some of them run telnet on ports 254/255 and the only way to get rid of it is to forward that port to a non-existent IP address. Yes, it's crap security. Yes, they should know better. But, additionally, it's their fault from day one and people have known about this for YEARS.
It would also pick up on *any* external security scanner (e.g. nmap, GRC.com's ShieldsUp!) and any competent person would be testing any new system with something like that anyway. I know I've always scanned whenever I've used a new connection, if only to find what proxy servers / port-blocking / port-forwarding are in place. And yet all my Internet connections have hard-coded DNS, the router acts as nothing more than a passthrough to a real firewall (usually Linux iptables, if only for decent, configurable NAT / port-forwarding) and anything vaguely suspicious on an external scan is investigated (my ISP offer port 139 filtering as default, for example).
If you didn't know about it, test it. If you haven't already disabled it, do so. If you're that worried, change the device. This type of problem has been around for YEARS, and only the bog-standard, password is 'password', home users would ever be hurt by it. I think it's disgusting that they are, but they are not the only ISP / modem / router that has these problems.
And to claim this is new/shocking is quite misleading - most router manufacturers have suffered from this since ADSL became mainstream. Even things like BT's HomeHub have had similar security problems over the years.
And I repeat my original statement: "it's not "costing" the authors anything that they aren't already paying"
Server space - I don't think they've taken on any extra servers. 57,000 purchases in a week = 5 or so a minute, that's not exactly taxing even a single server on top of normal usage.
Hosting fees / Bandwidth - Unless they *seriously* exceeded their bandwidth, I don't think that's a problem either - and to be honest, they probably had more traffic on the game launch day with everyone downloading the demo, etc. Any decent small company can afford gobs of bandwidth nowadays.
Electricity - They probably *don't* pay any extra for this at all for the sale event... in a hosted environment, it'd be fixed-rate. And if they're hosting it themselves, I think the $100,000 should cover the extra $1 or so to count for the extra electricity.
I'm not saying it's "free" for them to do it, but it's so miniscule a percentage of their profit it's not worth talking about, and probably zero cost on top of what they'd need if they hadn't run the sale. It's a different thing entirely to say "I needed to put a server up to do all this" instead of "well, our server got a bit more traffic".
An OS that's been available for customers for a whole day (and that's special pre-orders for certain customers in certain countries)? Why should 2DBoy sign up on MSDN just to get advanced previews of whether their software will work? That's a serious question for a small business. Either give them time, wait for a patch, patch it yourself, try it in every compatibility mode or bitch about how a program that's never seen an operating system that's been out for one day doesn't work.
Why is that at all surprising?
I would expect more, to be honest, out of 57,000 and you have to take account of that when you run any such event. Personally, I'd have said any *dollar* amount, so it would have gone for at least $1 and made the maths a little easier but if it was *possible* to buy at 1c, I quite expect to see a hefty percentage of people pay that.
The so-called "honesty box" system works on the basis that *enough* people are honest (not that all of them are, or even most of them), whether you've put bunches of flowers in a tub by the side of the road, with a tin for collecting payment, or you're selling a game on the Internet. (The flowers thing is quite common the rural UK - a few pennies and you can take as many flowers as you like because they are effectively surplus, and very few people run off with the tin full of change, either).
I've personally purchased two World of Goo's, one for me, one for a friend, and think it's a great game. On reading this article, I emailled a couple of friends that might be interested. I don't really care if they pay $10, or $1, or 1c, so long as they get the game - it's not "costing" the authors anything that they aren't already paying, and it is with their blessing, and the publicity etc. they are getting more than makes up for it.
The fact is that most games are too expensive, and I've often thought "If that was a little cheaper, I'd buy it" but rarely tell the author. The feedback from knowing what/why people are spending what they do if a phenomenal statistic to have. And I don't think they did bad out of a game that most people already have and most people already paid full-price for, and for which sales are sloping:
(57,000 times $2.03) - 13% (Paypal small-transaction fees) = just over $100,000, before they even make the front page of Slashdot. IN A WEEK. I don't think the authors have suffered. I think a lot of people who couldn't justify the expense now get a great piece of entertainment. The authors get a shedload of easy money from an "old" game, tons of free advertising and lots of useful feedback, a few pirates make themselves legit, some people get that warm glow of supporting and author, some cheapskate people get a "free" game and Paypal make a shedload of money too. I think that's pretty much win-win.
You managed to stay in the queue long enough to make it outside the M25?