Except when too many people pirate the application/game, then the company doesn't make enough money, and then they have to let people go.
This is a variation on the "lost sale" theory. This is based on the false dichotomy that the only two possibilities are "buy" or "pirate". When it's also possible that people could get another piece of software to do the job or simply do without it. (With games there are plenty of alternative past times which don't involve software at all.) That's before you even consider situations like pirated copies where the software isn't even on sale or people buying then using a pirate copy to get around DRM (even bugs).
So people are concerned about someone (with terrorist connections) MIGHT have worked at the facility?!?? OMG that's a reason to start rounding up everybody with brown skin!
Any IRA members have brown skin? How about many other well known European terrorist groups...
The alternative was to build a fully-customizable, easily-maintainable, more efficient, user-friendlier product themselves for essentially $0, as all of the employees who would build said project were already on salary.
Why? Liability. Rather than ensuring a product is up-to-snuff by their internal standards, by professionals who are more qualified to set those standards, and quickly writing fixes internally, the management preferred to have someone external to blame in case things went wrong. That way they could spend another $1M on consultants to fix the problem later on;-)
Thing is that had they got the on staff people to do it it's in their interest to try and ensure that the software is as robust as possible and as easy to fix as possible in the unlikely event it does break. Since they have to do more work for the same amount of money if it breaks. However it's in the interests of consultants that the system is fragile and difficult to fix. Since when it breaks they get more money. Maybe some of this is used to keep the management well supplied with drugs...
At the end of the day, the government goes to one of the really big 2 or 3 IT companies to develop a system (I'm talking about you, EDS, Capita, etc.), get quoted a crazy amount of money, accept the quote and then watch as the whole thing becomes a disaster and goes many times over budget. Then when the next IT project comes up they go back to exactly the same company. It is true that there are a limited number of huge IT companies to choose from, but many of the IT projects could be done just fine by smaller companies, and wouldn't cost the earth, with the advantage that supporting small businesses is a Good Thing for the economy. However, the government won't use small businesses to do these jobs because doing so is seen as high risk - personally, I don't see how you can get much higher risk than using one of the big companies that seem to have a 100% record of screwing up projects. Hell, for the amount these big companies get paid, you could probably get 4 or 5 small companies doing exactly the same job as each other and then actually roll out the project that looks the most likely to succeed.
Most likely the real reason is that a small company couldn't afford the bidding process, even without whatever "incentives" get unofficially offered. Are these "huge IT companies" actually IT companies or do they just subcontract random bits of the task in hand to small companies?
The problem is when corporations get so big that they have undue influence over the government...
If there was a fair procurement process for government contracts, like there's supposed to be, such that anyone could bid and the best option wins...
Assuming the bidding process is not so complex and expensive that it is a substantial barrier.
This wouldn't be a problem, if one corporation pisses the government money up the wall and does a poor job they lose the contract and it goes to someone better...
Also they'd be lucky they just got booted out and never got another government contract. If said government were serious about doing its job then they'd be sued for the money they wasted and and consequential costs.
Most people don't use "value for money" when they're deciding who to vote for.
With many electoral systems the "winner" need only get a minority of votes. (In some cases a minority even when abstentions are ignored.)
They might use "lowest taxes", or they might use "best services" as criteria (and hence it's these things that politicians tend to cater for in their campaigns) but it is most unusual for a party to assume power on a platform of "We've done some research and we're pretty sure we can provide far more efficient services and deliver tax cuts into the bargain".
Generally there's no mechanism to ensure that politicians actually do when they said they would do should the get elected. Also "tax cuts" can easily translate into reducing one form of tax whilst increasing another.
My own experience of dealing with the public versus private sector is that the private sector will deliver services quicker and better, not necessarily (although usually) cheaper.
Assuming that you are dealing with the private sector directly and there isn't a monopoly/catel situation. Which is what you tend to get when you have governments awarding contracts to private companies.
No, it's not unfortunate. When I give money to a corporation in exchange for a product, my expectations for the money I end there. I get the item I paid for, and they get the money. If they want to spend the money on hookers and blow, I don't give a shit.
Or expensive things for the director's house.
That's not the case with the government. The government isn't selling a product. Taxes aren't voluntary. There's an expectation that tax money will be spent in a way that benefits everybody.
Which was way people in the UK were so upset to discover what MPs were claiming as "expenses". Especially since even the lowest paid MPs are paid more than double the median wage. Unless there is something to specifically stop then then it's best to assume that Canadian MPs are up to much the same thing.
Unfortunately, the corporate world works exactly the same way. Given a choice between a solution that's reasonably priced, and a hideously expensive solution that involves shady consulting companies, 9 out of 10 Fortune 500 companies will pass the buck on to an overpriced consulting firm, which recommends (surprise!) the overpriced consulting solution.
How much of the cost went to wining and dining the executives in the first place;)
The issues are twofold. Firstly, the perceived hassle of migrating to a new system and secondly getting the license from the UK's Department of Health. The latter would have been the showstopper. It's a Boy's Club.
I suspect that the latter is quite common in the field of government contracts. It would certainly account for contractors who have repeatedly demonstrated they cannot do whatever it is on time and within budget not being shown the door.
I understood that there is some battery capacity onboard diesel-electric's - at a minimum for the starter motor - but no where near enough for any significant travel.
But quite possibly enough energy for a car to travel considerable distance. Even just a locomotive considerably larger and more massive than any car.
I'd also be surprised if regenerative breaking is not included on more recent examples too.
The alternative is to connect to connect the traction motors to a bank of fan cooled resistors.
Fortunately just the once. You can thank Windows insane file locking (easy to establish a lock, hard to make sure everyone let go, so the easiest way to overwrite a file is put it in the queue for overwriting at reboot time when you can be sure no-one is messing with it). Linux is so much saner in this aspect.
Ths issue is rather deeper into the internals of WIndows. Since unix type systems will let you delete a file regardless of what might be using/locking it. Maybe Windows uses the filename as a key reference, which may have some other strange consequences since IIRC NTFS supports the equivalent of hard links.
13 patches released at 13:00 of Tuesday 13. Windows sysadmins that day will have to pass below ladders, see a black cats cross in front of them and then break a mirror. But that will be nothing.
It'll only be that time for people in a certain timezone. Indeed in a great many situations, quite possibly the majority, it's "Patch Wednesday" as usual.
A US Company suing a US Company based on what another Company (affiliated/owned) was doing in another country as mandated/authorised by the government of that other country. Forgive me if I'm wrong but I sure as hell would not want to own stock in a US company. Now US companies need to worry about overlapping / contradicting international law?..... Good luck with this mine field! This should be thrown out!
There's going to be a lot of lobbying from large transnational companies to get this thrown out. Since such a case is highly relevent to the way these entities like to be able to do business.
No, ZDNET China is knowingly distributing material that *may* violate copyright. Just like in the SCO vs. Linux former fiasco, a lot has been said, but nothing has been proven yet. Having a company very loudly asserting ownership rights doesn't mean it actually owns anything.
Indeed it may well be that they are trying to draw attention away from their own actions. It certainly wouldn't be the first time that a company which makes a lot of fuss about copyright turns out to be enguaging in copyright violations themselves.
once I buy a car from ford, they have no way of stopping me speeding.
Actually they could, by installing some extra hardware in the car. Which you as the customer would end up paying for.
An ISP through which all traffic is routed can easily prevent most illegal traffic from going through it's system,
This costs the ISP more than simply routing the packets. Much bigger costs than involved with the car example. Since whilst a machine can work out the speed of a vehicle in can't tell the difference between "legal" and "illegal" data. Costs which will be passed on to customers.
or cut off and identify the users.
The other big costs will come when (not if) the ISP gets sued for breach of contract for cutting people off without cause.
I believe the only way forward is for browsers to change the model: associate a certificate SKI with a web site on first visit, warn if that changes. Don't worry about certificate validity, since the hierarchical trust model has been compromised from the root.
Part of the reason that it's broken is too many global "roots" and a lack of hierarchy.
Which is why I sometimes get a little irritated when I'm trying to explain to people who just won't understand that CA-issued certificates are hardly more secure than self-signed certificates. In reality, CA-signed certificates are more dangerous because of the false sense of security people get when they see the friendly "lock" icon without even having to look at the certificate.
You also typically will not get any warning if the certificate or the CA change.
Yet, some common browsers today make people jump through all sorts of hoops just to accept a self-signed certificate.
Several users have pointed out that Microsoft's "solution" doesn't encode HTML attributes correctly, and doesn't handle several other cases, like embedded XML fragments, or embedded script blocks, which use a different encoding scheme.
This is what I mean when I say Microsoft's attitude to security is still half-assed.
Or rather that's their attitude to standards. With the security issues being one of the consequences.
A certification agencies job is not to assess the financial solidity of a bank, or the honesty of an online shop. Their only job is to make sure that only that bank, or that shop can get a certificate saying that it is indeed that particular bank or that particular shop.
Unless the certifying authority is located physically near to the entity it is ment to be certifying there isn't really much they can do. e.g. entity in India is of little practical use if you want to know about a business anywhere other than India (Possibly Sri Lanka, Pakistan or Bangladesh if located in an appropriate part of India.)
Warnings are needlessly scary, because non-certified SSL is still more secure than no SSL at all (non-certified SSL at least protects against passive listeners).
So, in all logic the warnings should even be more scary for the plain unencrypted http case.
There are also situations where warnings are not generated when they should be. e.g. a signed certificate changing.
Seriously? Who the fuck would read something that long? How can they expect a document that long to have any effect on anything aside from bureaucracy? If the document had only been two or three pages people probably would have read and understood it.
Whoever drafted and approved the document should be shot.
Or maybe their document should be printed out and dropped on them. Which might encourage them to write less or at least get them use duplexing printers:).
Slashdot Mirror
Except when too many people pirate the application/game, then the company doesn't make enough money, and then they have to let people go.
This is a variation on the "lost sale" theory. This is based on the false dichotomy that the only two possibilities are "buy" or "pirate". When it's also possible that people could get another piece of software to do the job or simply do without it. (With games there are plenty of alternative past times which don't involve software at all.)
That's before you even consider situations like pirated copies where the software isn't even on sale or people buying then using a pirate copy to get around DRM (even bugs).
So people are concerned about someone (with terrorist connections) MIGHT have worked at the facility?!?? OMG that's a reason to start rounding up everybody with brown skin!
Any IRA members have brown skin? How about many other well known European terrorist groups...
The alternative was to build a fully-customizable, easily-maintainable, more efficient, user-friendlier product themselves for essentially $0, as all of the employees who would build said project were already on salary. ;-)
Why? Liability. Rather than ensuring a product is up-to-snuff by their internal standards, by professionals who are more qualified to set those standards, and quickly writing fixes internally, the management preferred to have someone external to blame in case things went wrong. That way they could spend another $1M on consultants to fix the problem later on
Thing is that had they got the on staff people to do it it's in their interest to try and ensure that the software is as robust as possible and as easy to fix as possible in the unlikely event it does break. Since they have to do more work for the same amount of money if it breaks.
However it's in the interests of consultants that the system is fragile and difficult to fix. Since when it breaks they get more money. Maybe some of this is used to keep the management well supplied with drugs...
At the end of the day, the government goes to one of the really big 2 or 3 IT companies to develop a system (I'm talking about you, EDS, Capita, etc.), get quoted a crazy amount of money, accept the quote and then watch as the whole thing becomes a disaster and goes many times over budget. Then when the next IT project comes up they go back to exactly the same company. It is true that there are a limited number of huge IT companies to choose from, but many of the IT projects could be done just fine by smaller companies, and wouldn't cost the earth, with the advantage that supporting small businesses is a Good Thing for the economy. However, the government won't use small businesses to do these jobs because doing so is seen as high risk - personally, I don't see how you can get much higher risk than using one of the big companies that seem to have a 100% record of screwing up projects. Hell, for the amount these big companies get paid, you could probably get 4 or 5 small companies doing exactly the same job as each other and then actually roll out the project that looks the most likely to succeed.
Most likely the real reason is that a small company couldn't afford the bidding process, even without whatever "incentives" get unofficially offered. Are these "huge IT companies" actually IT companies or do they just subcontract random bits of the task in hand to small companies?
The problem is when corporations get so big that they have undue influence over the government...
If there was a fair procurement process for government contracts, like there's supposed to be, such that anyone could bid and the best option wins...
Assuming the bidding process is not so complex and expensive that it is a substantial barrier.
This wouldn't be a problem, if one corporation pisses the government money up the wall and does a poor job they lose the contract and it goes to someone better...
Also they'd be lucky they just got booted out and never got another government contract. If said government were serious about doing its job then they'd be sued for the money they wasted and and consequential costs.
Most people don't use "value for money" when they're deciding who to vote for.
With many electoral systems the "winner" need only get a minority of votes. (In some cases a minority even when abstentions are ignored.)
They might use "lowest taxes", or they might use "best services" as criteria (and hence it's these things that politicians tend to cater for in their campaigns) but it is most unusual for a party to assume power on a platform of "We've done some research and we're pretty sure we can provide far more efficient services and deliver tax cuts into the bargain".
Generally there's no mechanism to ensure that politicians actually do when they said they would do should the get elected. Also "tax cuts" can easily translate into reducing one form of tax whilst increasing another.
My own experience of dealing with the public versus private sector is that the private sector will deliver services quicker and better, not necessarily (although usually) cheaper.
Assuming that you are dealing with the private sector directly and there isn't a monopoly/catel situation. Which is what you tend to get when you have governments awarding contracts to private companies.
No, it's not unfortunate. When I give money to a corporation in exchange for a product, my expectations for the money I end there. I get the item I paid for, and they get the money. If they want to spend the money on hookers and blow, I don't give a shit.
Or expensive things for the director's house.
That's not the case with the government. The government isn't selling a product. Taxes aren't voluntary. There's an expectation that tax money will be spent in a way that benefits everybody.
Which was way people in the UK were so upset to discover what MPs were claiming as "expenses". Especially since even the lowest paid MPs are paid more than double the median wage. Unless there is something to specifically stop then then it's best to assume that Canadian MPs are up to much the same thing.
Unfortunately, the corporate world works exactly the same way. Given a choice between a solution that's reasonably priced, and a hideously expensive solution that involves shady consulting companies, 9 out of 10 Fortune 500 companies will pass the buck on to an overpriced consulting firm, which recommends (surprise!) the overpriced consulting solution.
;)
How much of the cost went to wining and dining the executives in the first place
No-one should use computers for voting. Only a small percentage of the population groks them well enough to audit them.
:)
In any case you can't carry out a non destructive audit. For starters you can't fit the whole thing in an electron microscope
The issues are twofold. Firstly, the perceived hassle of migrating to a new system and secondly getting the license from the UK's Department of Health. The latter would have been the showstopper. It's a Boy's Club.
I suspect that the latter is quite common in the field of government contracts. It would certainly account for contractors who have repeatedly demonstrated they cannot do whatever it is on time and within budget not being shown the door.
in the toyota-style hybrid the engine and traction motors work in parallel through different shafts on a planetary gearset,
How are things done on a multi-engine helicopter? These have been around for a long time.
I understood that there is some battery capacity onboard diesel-electric's - at a minimum for the starter motor - but no where near enough for any significant travel.
But quite possibly enough energy for a car to travel considerable distance. Even just a locomotive considerably larger and more massive than any car.
I'd also be surprised if regenerative breaking is not included on more recent examples too.
The alternative is to connect to connect the traction motors to a bank of fan cooled resistors.
Fortunately just the once. You can thank Windows insane file locking (easy to establish a lock, hard to make sure everyone let go, so the easiest way to overwrite a file is put it in the queue for overwriting at reboot time when you can be sure no-one is messing with it). Linux is so much saner in this aspect.
Ths issue is rather deeper into the internals of WIndows. Since unix type systems will let you delete a file regardless of what might be using/locking it. Maybe Windows uses the filename as a key reference, which may have some other strange consequences since IIRC NTFS supports the equivalent of hard links.
13 patches released at 13:00 of Tuesday 13. Windows sysadmins that day will have to pass below ladders, see a black cats cross in front of them and then break a mirror. But that will be nothing.
It'll only be that time for people in a certain timezone. Indeed in a great many situations, quite possibly the majority, it's "Patch Wednesday" as usual.
A US Company suing a US Company based on what another Company (affiliated/owned) was doing in another country as mandated/authorised by the government of that other country. Forgive me if I'm wrong but I sure as hell would not want to own stock in a US company. Now US companies need to worry about overlapping / contradicting international law?..... Good luck with this mine field! This should be thrown out!
There's going to be a lot of lobbying from large transnational companies to get this thrown out. Since such a case is highly relevent to the way these entities like to be able to do business.
No, ZDNET China is knowingly distributing material that *may* violate copyright. Just like in the SCO vs. Linux former fiasco, a lot has been said, but nothing has been proven yet. Having a company very loudly asserting ownership rights doesn't mean it actually owns anything.
Indeed it may well be that they are trying to draw attention away from their own actions. It certainly wouldn't be the first time that a company which makes a lot of fuss about copyright turns out to be enguaging in copyright violations themselves.
once I buy a car from ford, they have no way of stopping me speeding.
Actually they could, by installing some extra hardware in the car. Which you as the customer would end up paying for.
An ISP through which all traffic is routed can easily prevent most illegal traffic from going through it's system,
This costs the ISP more than simply routing the packets. Much bigger costs than involved with the car example. Since whilst a machine can work out the speed of a vehicle in can't tell the difference between "legal" and "illegal" data. Costs which will be passed on to customers.
or cut off and identify the users.
The other big costs will come when (not if) the ISP gets sued for breach of contract for cutting people off without cause.
This just in! The telephone companies do nothing to prevent people from discussing crimes on the phone!
Nor do companies making telephones and fax machines for that matter. Then you have pen, pencil and paper makers together with the postal service.
Spray can manufacturers do nothing to prevent people from doing illegal graffitis!
Not even a warning not to do this on the can.
Sock manufacturers do nothing to keep people from kicking each other's asses!
Or together with shoes they can be used by people meeting up to plan or commit a crime.
I believe the only way forward is for browsers to change the model: associate a certificate SKI with a web site on first visit, warn if that changes. Don't worry about certificate validity, since the hierarchical trust model has been compromised from the root.
Part of the reason that it's broken is too many global "roots" and a lack of hierarchy.
Which is why I sometimes get a little irritated when I'm trying to explain to people who just won't understand that CA-issued certificates are hardly more secure than self-signed certificates. In reality, CA-signed certificates are more dangerous because of the false sense of security people get when they see the friendly "lock" icon without even having to look at the certificate.
You also typically will not get any warning if the certificate or the CA change.
Yet, some common browsers today make people jump through all sorts of hoops just to accept a self-signed certificate.
Together with "warnings" which are misleading.
Several users have pointed out that Microsoft's "solution" doesn't encode HTML attributes correctly, and doesn't handle several other cases, like embedded XML fragments, or embedded script blocks, which use a different encoding scheme.
This is what I mean when I say Microsoft's attitude to security is still half-assed.
Or rather that's their attitude to standards. With the security issues being one of the consequences.
A certification agencies job is not to assess the financial solidity of a bank, or the honesty of an online shop. Their only job is to make sure that only that bank, or that shop can get a certificate saying that it is indeed that particular bank or that particular shop.
Unless the certifying authority is located physically near to the entity it is ment to be certifying there isn't really much they can do. e.g. entity in India is of little practical use if you want to know about a business anywhere other than India (Possibly Sri Lanka, Pakistan or Bangladesh if located in an appropriate part of India.)
Warnings are needlessly scary, because non-certified SSL is still more secure than no SSL at all (non-certified SSL at least protects against passive listeners).
So, in all logic the warnings should even be more scary for the plain unencrypted http case.
There are also situations where warnings are not generated when they should be. e.g. a signed certificate changing.
Seriously? Who the fuck would read something that long? How can they expect a document that long to have any effect on anything aside from bureaucracy? If the document had only been two or three pages people probably would have read and understood it.
:).
Whoever drafted and approved the document should be shot.
Or maybe their document should be printed out and dropped on them. Which might encourage them to write less or at least get them use duplexing printers