... Rosoff, lead analyst at research firm Directions On Microsoft, asserts...
I originally had no intention of looking at this article. Then I saw the above snippet in the post and felt compelled to find out what a "Directions on Microsoft" is. They have an About Us page, it turns out. Their first entry is:
Directions on Microsoft is the only INDEPENDENT organization in the world devoted exclusively to tracking Microsoft. We've studied Microsoft since 1992. Nobody knows the company better.
Our team of Microsoft experts provides clear, concise, and actionable analysis of shifts in Microsoft strategy, Microsoft product and technology roadmaps, delivery schedules, organizational changes, marketing initiatives, and licensing and other policies so you can quickly assess how they impact your business.
Thousands of companies worldwide--including corporate purchasers of Microsoft products, system integrators, software vendors, hardware manufacturers, network operators, venture capitalists, and financial analysts--trust Directions on Microsoft for accurate and unbiased Microsoft research and analysis to guide their strategic decisions.
I knew that Microsoft supported, in one way or another, a lot of organizations around the world but this takes the cake. A professional, corporate stalker? The world must be coming to an end sooner than I thought.
I had never heard of "Extended Validation SSL" so I went to Google. Among the hits was something from Thawte, so I went there. It turned out to be a FAQ. This FAQ contained such gems as:
4. Why is High Assurance/Extended Validation SSL being implemented?
Answer:
Improved online identity assurance, and improved browser representation of online identities, will empower users to better protect themselves against malicious and suspicious activity, which has gradually been eroding user confidence in digital security, including online shopping and banking. thawte's commitment to establishing and implementing High Assurance/Extended Validation SSL standards, and to being one of the first to offer compliant product lines, underscores our commitment to enabling a secure digital environment for all.
And:
6. What is the difference between High Assurance/Extended Validation/Enhanced Validation SSL certificates and existing SSL certificates?
Answer:
The online identity assurance process is intended to be more comprehensive and standardized across the entire industry. Whereas currently online identity assurance processes vary from CA to CA, the new standards/processes under discussion by the CA Browser Forum, will have to be adhered to by all CAs if they wish to offer High Assurance/Extended Validation SSL certificates. This will encourage greater confidence in CAs as well as the processes that are used to vet and issue digital certificates. thawte's commitment to establishing and implementing High Assurance/Extended Validation SSL standards, and to being one of the first to offer compliant product lines, underscores our commitment to enabling a secure digital environment for all.
Is it my imagination, or is this new Extended Validation SSL thing, in the end, just a bunch of paperwork? I may simply be missing the point. If someone can point to a better description of this thing that makes sense, please do so.
... Gartner urges managers to consider better process control and governance, managing 'application portfolios' much as they do stock portfolios. Part of this discipline is 'killing development projects early and often.'"
From TFA:
Another management function that Hoyle suggested is to kill development projects early, "and often," he said, "if your failure rate is high." You can improve productivity by 20%, Hoyle advised, "by killing projects when you should: which is early in the lifecycle." For example, a project that has had three baseline adjustments because of scope creep is already in trouble.
Let's hope that the managers who "belong to the Silver Bullet of the Month Club" read the entire article rather than just the/. headlines.
I've solved this in the past by making sure that none of my ideas are ever owned by anybody but me. I produce software and routinely borrow code and ideas from past projects. It's called "experience" and it's a big part of what I bring to the table. In exchange, I don't do work unless I get ownership of the resulting code. Then, I grant whatever license is appropriate for the use of the resulting code.
My company does exactly the opposite, with one clause: Any code we produce under contract is owned by the customer, but we reserve the right to excerpt algorithms or functions for reuse in other code (under contract or not). There are a couple of big advantages to that:
Code ownership matches customer expectations. Very, very few people understand the whole licensing issue, and if you try to explain it to them then they think you're trying to pull one over on them. The vast majority of people expect to own the software they've paid to be produced.
Sales tax. Sales tax should be charged when transferring "property" via a sale. Creating software is creating a "property" under the eyes of the government, owned by the programmer's employer (or the programmer, if self-employed), and if the software is sold to another entity then you have to charge sales tax. Writing software under a Work For Hire type of contract makes you (if effect) a temporary employee of the customer. The customer is the default owner of the created property, sales tax doesn't apply, and that saves a huge amount of time and money for all concerned. (BTW, I'm not a tax guy at all. I'm speaking through the direct experience of going through a Texas sales tax audit that was easily the worst six weeks of my entire life. I learned a lot, but I never want to do that again.)
The summary makes it seem like the Newton technologically outperforms the Q1. Not so. "Winner," in this context, means "a better value." From TFA:
... the Newton has 12 times the battery life of the Q1, so ended up winning the fight with sheer stamina. Add to this the Q1's inflated price and it's a no-brainer...
If you actually read the article, the Q1 includes much better technology and has a lot of features and capabilities that appeal to the majority of computer users -- Windows users. Since the Q1 would be someone's second (or third, or fourth) computer, it has much more appeal. The MessagePad's handwriting recognition and overall interface may be cleaner, but that's not as impressive to most people as running Microsoft Office on a tiny screen.
The youths will be visiting Internet discussion sites that are open to all, so the government program is no different than asking young people to tell the police if they see a crime while walking down the street....
From the article:
Starting this summer the Hong Kong government plans to have 200,000 youths search Internet discussion sites for illegal copies of copyrighted songs and movies, and report them to the authorities.
Asking someone to report a crime they've happened to see is very different from asking them to actively search for a crime and report it. I would be pretty concerned if the government asked my son to explore dark alleys at 3am, just to figure out if drug deals are going on in that part of town. Asking children to do something like that is a form of indoctrination, making the implication that "ratting" to the government is grand thing to do. If the government needs help like this, they should offer up a bounty on the illegal material let some idle adults collect the prize.
XML is, in part, supposed to make it easier to manipulate data by providing unambiguous definitions. It clarifies the data. So we throw the U.S. Government into the mix and wind up definitions like the following (pulled at random from the 'Definition' column within the niem-1.0beta.xls spreadsheet buried in the download):
Authorized dissemination control portion mark abbreviation(s). Either (a) a single abbreviation or (b) a space-delimited list of abbreviations in the order shown in the CAPCO Register. Exception: For the REL abbreviation, omit the country code trigraph(s) and instead place the trigraph(s) in the releasableTo attribute value.
WTF? This is perhaps a use of the word "Definition" that I am not acquainted with. It reminds me strongly of trying to decode the income tax rules while filling out those yearly forms. Possibly, those that actually understand the above will believe it to be a brilliant explanation. I guess I won't be one of those "lucky" contractors looking to implement NIEM-compliant software. Unless it's a "spook->human" translator.
The title of the article is "Make Vendors Liable for Bugs." Nowhere else in the article does the word "bug" appear. The closest Schneier even comes to talking about software is in this paragraph:
Computer security is no different. For years I have argued in favor of software liabilities. Software vendors are in the best position to improve software security; they have the capability. But, unfortunately, they don't have much interest. Features, schedule and profitability are far more important. Software liabilities will change that. They'll align interest with capability, and they'll improve software security.
Maybe the original, unedited version of the article did talk about bugs. I don't know. But this entire thread is a little OT compared to what article really says.
The more crap like this I read (TFA, not the comments here), the more I believe that Neil Stephenson was spot-on in his portrayal of the U.S. government in Snow Crash: A bunch of extremely anal, misguided people who love rules and regulations and desperately want to be considered powerful but, instead, are merely pathetic.
Now, I know there has to be some smart people in the government, somewhere. Can we find them and promote them?
A couple of months ago I received a message on my home phone from American Express concerning "suspicious activity on my card." The message said really only that, and that I should call some toll-free number that wasn't printed on my card. There was no identifying information at all in the message, and to make matters stranger they were calling about a business card (they called me at home, not at work).
So I called the number. I get a person almost immediately and there is quite a bit of background noise on the line. They ask for my card number. When I didn't tell them and started asking questions (trying to determine if the person really did work for AmEx), the guy got insistent and asked for my social security number. I refused to answer and asked more questions, but never got a good answer.
I eventually hung up on the guy and then looked up AmEx's fraud prevention number in Google and called THAT. It turned out that someone really did hijack the card number from some vendor's database and there were 4-5 bogus purchases. We got the problem cleared up relatively quickly.
The problem, however, is that the AmEx representative did not come across in a professional manner and his conversation with me served only to make me more suspicious. With all the phishing going on, I'm extremely leery of simply providing personal information upon request.
Last I heart, the IT support guy at the BBC who tracks these things did receive the memo on his BlackBerry:
Servic CHECK OUT OUR NEW CARTRIDGE PRICES! rprise Serve ONE-POUND-A-DAY DIET osoft Exchange is now available TO JOIN ME, I'VE HELPED OVER 4000 DO THE SAME.
Please visit http://www.getrichclick.com/ to CONTROL YOUR WEIGHT!! and a list of fixed issues, software updates, and DIPLOMAS FROM PRESTIGIOUS NON-ACCREDITED UNIVERSITIES BASED ON YOUR LIFE EXPERIENCE.
Thank you,
1 bottle of Impulse...$19.95
or
Buy 2 Bottles and receive a 3rd BOTTLE FREE!
Orders shipped the day they are received.
All items are shipped in discreet unmarked packaging.
Your credit card will be discreetly billed.
So the article basically says that intelligence remains the same overall, but how the intelligence is applied changes wildly as time goes by. Also, that specific applications of intelligence (skill?) in one field does not necessarily translate to another. Both points make sense, but I don't think either one is really news to anyone here. The article actually relates (without saying so) to one of my favorite quotes:
"Civilization advances by increasing the number of things one can do simultaneously."
I wish I could remember who actually said that, and whether I'm remembering it accurately or not. A quick search didn't turn up anything concrete, but I was probably looking in the wrong places.
This is just one more hurdle in the maze of idiocy that FEMA has managed to erect. The tales surrounding this agency's handling of Katrina have taken on an almost surrealistic quality: So much stupidity, too little compassion, and an obsessiveness for correct paperwork that border on the insane.
I live in the United States and pretty much like it here. But this kind of stupid shit, coupled with all the freedom we've given up for the sake of "greater security," makes me want to bitch-slap the entire Federal government.
A person's direct manager can really "manage" a couple of different ways. On one hand, and what you seem to be seeking, is a manager that can actually sit-in for any of the employees. They have the skill set to do the same work. They may (or may not) be better than their employees in that skill set.
On the other hand, other managers manage the politics. They represent their group in high-level meetings, translate technobabble into marketspeak, etc.. They also shield their group from the political maneuverings.
Most managers are a blend of both -- and IMO that's the way it should be. Occasionally, however, you run into a manager that leans too far in one direction. They are a pure political animal with (for example) no technical skills, or they're an uber-engineer that pisses off senior management regularly simply due to their social skills.
If you find yourself with one of these people then probably the best thing to do is find a different person to take the "other half." In your case, find a tech person you can respect and make them a "project manager" and let your current manager become a "people manager." They would have to work together, obviously, to effectively manage a group, and that sometimes poses its own challenges. But if it works, it really works. You get the best of both worlds.
Last but not least, if any manager is a complete asshat then they should be reorg'd onto their own sheet of paper and put in charge of "special projects." They can do little damage at that point.
Actually, you are misreading the patent. In a US patent, each claim stands on its own. If only have to reproduce one of them to infringe on the patent.
I wasn't aware of that. I thought that a patent issued and legally binding as a whole. I can certainly see how the entire thing may be something that could be patented, but some of those early claims are a little too vague. They should probably be left in there, but changed to cite prior art instead.
OK, I like bashing Microsoft just as much as the next guy. But I just skimmed through the application and they're not simply trying to patent "displaying numbers in a box." The application is for dynamically highlighting (or whatever) all numeric elements within a document, even if the numerics are expressed in words (e.g., "one thousand") in any supported language. While possibly of limited use, this does seem to be a unique feature.
Now, whether Microsoft (or anyone) should be allowed to patent such thing... I don't know.
... designing a complex system looks to an outsider like merely writing one line of code after another. It is only when you step back and see how the lines of code merge into a subroutine, and subroutines coalesce into cogent modules, and these modules get connected together to become a useful system that you can see the art.
I think this highlights an important difference when talking about whether programming is an art, a craft, or a science. Specifically, it depends on your point of view.
In your quote you say, "It is only when you step back and see how the lines of code merge...." Only someone with understanding of the code is going to "see" anything. I may be able to appreciate how well you've constructed an algorithm to solve a problem, but my wife certainly won't. It either does the job she wants or it doesn't. Art critics can appreciate all kinds of stuff portrayed as art, but I certainly won't. I hang things on my wall that I like -- it works, for me. I don't "see how the colors merge to form a pony" (or whatever).
When knowledge of a domain is necessary before you can "appreciate" it, I don't think it's really "art." But perhaps we all of have a connotative view of the word that's shading our perceptions.
That's where Rosetta and Universal Binary comes in.
Universal Binaries yes, Rosetta is I think a big "maybe." Rosetta doesn't handle Altivec code, kernel extensions, and a handful of other smaller things. Plus there is always the emulation speed issue. I could be wrong -- and I hope I am -- but I don't think Rosetta is going to be as big a safety net as many hope.
Universal Binaries, OTOH, are way cool. XCode 2.1 builds those with almost no problems (though I'm waiting for version 2.1.1 or 2.2 before actually migrating my code due to other quirks).
Gartner also advised enterprises to continue with purchasing plans for Apple hardware, but warned that managers should "consider delaying software purchases until vendors offer a clear roadmap for upgrades to Intel-compatible versions".
Am I missing something here? If enterprises continue to purchase Apple hardware then they'll eventually purchase an Intel-Inside Mac. If they delayed software purchases then they'll have compatibility problems. Granted, Apple's entire line isn't moving to Intel immediately, but if you're looking 24 months out then this is an issue, for both hardware and software.
That said, I seriously doubt that software manufacturers are going to have difficulty recompiling and tweaking their apps. The software is likely to be ready long before the hardware ships.
Eighty-four percent did not know that phishing describes faked e-mail scams.
...
A quarter said they knew what "spyware" was, although almost one in 10 of those thought it was a computer program that kept an eye on unfaithful partners.
...
A surprising 16% had never heard of the term "spam" to describe unsolicited e-mail, even though 76% were worried about junk e-mails.
OK, this seems a bit fishy. Given how long spam has been around, and since it actually has been called "spam" for almost that entire time, I have to wonder who participated in the survey. Elementary school kids and people who think AOL is the Internet?
A sentence or two past that one in Hitchhiker's Guide is (IMO) one of the funniest quotes in the entire series:
Even light, which travels so fast that it takes most races thousands of years to realize that it travels at all, takes time to journey between the stars.
Slashdot Mirror
I originally had no intention of looking at this article. Then I saw the above snippet in the post and felt compelled to find out what a "Directions on Microsoft" is. They have an About Us page, it turns out. Their first entry is:
I knew that Microsoft supported, in one way or another, a lot of organizations around the world but this takes the cake. A professional, corporate stalker? The world must be coming to an end sooner than I thought.
For those that like details, here is more specific information on the patch: About the security content of AirPort Update 2006-001 and Security Update 2006-005.
My company does exactly the opposite, with one clause: Any code we produce under contract is owned by the customer, but we reserve the right to excerpt algorithms or functions for reuse in other code (under contract or not). There are a couple of big advantages to that:
Now, I know there has to be some smart people in the government, somewhere. Can we find them and promote them?
A couple of months ago I received a message on my home phone from American Express concerning "suspicious activity on my card." The message said really only that, and that I should call some toll-free number that wasn't printed on my card. There was no identifying information at all in the message, and to make matters stranger they were calling about a business card (they called me at home, not at work).
So I called the number. I get a person almost immediately and there is quite a bit of background noise on the line. They ask for my card number. When I didn't tell them and started asking questions (trying to determine if the person really did work for AmEx), the guy got insistent and asked for my social security number. I refused to answer and asked more questions, but never got a good answer.
I eventually hung up on the guy and then looked up AmEx's fraud prevention number in Google and called THAT. It turned out that someone really did hijack the card number from some vendor's database and there were 4-5 bogus purchases. We got the problem cleared up relatively quickly.
The problem, however, is that the AmEx representative did not come across in a professional manner and his conversation with me served only to make me more suspicious. With all the phishing going on, I'm extremely leery of simply providing personal information upon request.
SLASHDOT, FRONT PAGE! RUN IT!
What? The bug was fixed in a later version?
It's a slow news day. RUN IT!
I live in the United States and pretty much like it here. But this kind of stupid shit, coupled with all the freedom we've given up for the sake of "greater security," makes me want to bitch-slap the entire Federal government.
On the other hand, other managers manage the politics. They represent their group in high-level meetings, translate technobabble into marketspeak, etc.. They also shield their group from the political maneuverings.
Most managers are a blend of both -- and IMO that's the way it should be. Occasionally, however, you run into a manager that leans too far in one direction. They are a pure political animal with (for example) no technical skills, or they're an uber-engineer that pisses off senior management regularly simply due to their social skills.
If you find yourself with one of these people then probably the best thing to do is find a different person to take the "other half." In your case, find a tech person you can respect and make them a "project manager" and let your current manager become a "people manager." They would have to work together, obviously, to effectively manage a group, and that sometimes poses its own challenges. But if it works, it really works. You get the best of both worlds.
Last but not least, if any manager is a complete asshat then they should be reorg'd onto their own sheet of paper and put in charge of "special projects." They can do little damage at that point.
Now, whether Microsoft (or anyone) should be allowed to patent such thing... I don't know.
In your quote you say, "It is only when you step back and see how the lines of code merge...." Only someone with understanding of the code is going to "see" anything. I may be able to appreciate how well you've constructed an algorithm to solve a problem, but my wife certainly won't. It either does the job she wants or it doesn't. Art critics can appreciate all kinds of stuff portrayed as art, but I certainly won't. I hang things on my wall that I like -- it works, for me. I don't "see how the colors merge to form a pony" (or whatever).
When knowledge of a domain is necessary before you can "appreciate" it, I don't think it's really "art." But perhaps we all of have a connotative view of the word that's shading our perceptions.
Universal Binaries, OTOH, are way cool. XCode 2.1 builds those with almost no problems (though I'm waiting for version 2.1.1 or 2.2 before actually migrating my code due to other quirks).
That said, I seriously doubt that software manufacturers are going to have difficulty recompiling and tweaking their apps. The software is likely to be ready long before the hardware ships.
Someone with points spend them on the parent, please. That is probably one of the best analogies I've read in a long, long while.