A public bug list is not marketable. it adds no value and only adds liability to the product. now the customer knows you knew of the problem and did not fix it. at the same time, it gives hackers a good starting point. The people maintaining the bug list need to be alert to the fact that it is public.
we use a help desk software and we have lots of entries that are resolved as user error. but you never tell the user the problem was user error. I am a developer or a coder, not a public relations or english specialist. I already look at the legal side of what I am writing in the logs.
I point out the hackers only because they are already doing that with hot fixes and patches. They look at what was fixed and do there own regression testing for related exploits. The public bug lists just makes that worse.
There will be bugs and we know it. You cant escape it. even if you know where they all are, you wont be able to fix them all.
Now, with that said. Security bugs should be fixed, even if they look minor. Im sure history is full of buffer overflow bugs that the devs thought were minor at the time. I knew of a bug in a company product. they thought it took too much work to exploit and too much work to fix that they let it sit. later they had a big rush to fix it because the hackers found a very very easy way to exploit it.
If you wait for the customer to report them, odds are the hackers will be finding them too. and its not up to the customer to test security, they should be able to trust that it is secure./end rant
but what if I lock your barbecue grill shut and you dont see it until you have several guests in town. I deny instant access to use it. now you have to go get tools to break the lock or change your plan for the evening.
As far as ducking from creditors, I was not very clear at all. If you owe lots of bills/child support and leave town, you can prevent them from using your credit report to hunt you down in your new location. I know its a minor thing, but it does get used that way.
My point about asking how often you open credit lines was to see how viable it is to freeze your own credit line all the time and unlocking it when needed.
How often in a year do you open new credit lines? There will be times in your life where you need instant access to get new credit lines, also many times where you are settled and would be better off frozen.
At the same time, this prevents nothing and only complicates the process. Thieves will adjust and unfreeze your account. If they have your identity, they are you. what do you do if you dont remmeber your recurity code, you call and have it reset. but you is them in this case. they still got you.
Now it opens up another way your ex can harras you. They call up as you and freeze your credit line with a code you dont know.
does it also prevent your credit report from getting pulled? that sounds like a nice way to hide from creditors you owe money too.
Dont get me wrong, I like the idea. but nothing is ever simple.
You have to fallow the rules or pay the price, if the computer lets you do it or not. The computer does not determin policy and should not be needed to enforce it.
It just like a double yellow line on the road does not prevent you from passing someone. Its defined as policy/law that you don't cross it, even if it physicaly does not stop you. Is the city/state to blame if you get a ticket? do you have to pay the fine yourself? why is the computer any different?
Now dont get me wrong, some policies are BS and I dont fallow them myself. There should be a real person overseeing it. But it not up to the computer to enforce them.
The first things that you map in a game are things you know. How many people made a map of there house? there school? before moving on to more creative projects.
Does it matter that it was a game that he used instead of drafting software or a pen and paper. what makes him different than a student in a drafting class? For drafting we used autoCAD to map the school. the game was his "free" 3D draft studio.
That alone is not a crime or wrong. I did not read the article any more.
duke nuken 3d did have a simple world designer that was easy to pick up. I had alot of fun with it. That might have been the reason I took drafting classes where we made the same map but to scale this time.
quick, someone go arrest my drafting teacher. he is training terrorists.
First, in games like wow buying and selling gold/items/characters for real cash is against the policies of Blizzard. So technicaly it has no value to the consumer. Its all property of Blizzard.
Second, if you are going to tax me on what I have earned in a virtual world, then you are going to give me tax credits for what I lost along the way. What if Im a bad player that plays alot, but at the end of the day have nothing to show for it? At the end of the year of fees, a person could spend $180.00 for a character thats non sellable. Is that a tax write off?
Third, Is a character worth $1000.00 a finiacial loss when it gets banned? or the subscription lapses? What if every november I cancel my account and then renew it in January? As of dec 31, I dont technicaly have that account.
There is no way this can be managed. what if my character is on a server outside the US? What if im outside the US?
But at what point is someone responsible for the network. I bet there is no written law that says what part of a network is responsible for the actions that happen on it.
What if I sell access to someone that commits the crime? am I responsible? What if I sell access to someone that sells access to someone that commits the crime? am I responsible? Is my ISP responsible for my actions? where does the law give them immunity and not myself?
Is selling it the key? what if I gave it away?
What if I connected my network to a free network and made my network free?
that is exactly what they are doing. Blizzard is fighting a loosing battle with wow glider and has to resort to other methods.
WoWSharp fell becuase Blizzard out smarted them. This time Blizzard is getting outsmarted and I threatning leagal fees. If the lawsuit is for more than there profit, then what do you think wow glider will do.
the WoWSharp saga was a fun one to fallow. I saw one of there developers write up what went down in the last moments.
I think he wants more than just his word to back him up.
The best thing he can do is set the manager up with a second monitor so he can see the difference. I am an avid multi monitor user. Friends and family that use my machines have gone to the same set up on there machines. At work, I did the same as this guy and eventual converted the entire department. All but one person (the new guy) now have 2 monitors.
now im up to 4 monitors. I wanted 3, but it was just as easy to do 4 as it was 3. If I had to make a cut, i would drop one. But nobody else is willing to give up there set ups.
If you can't convert others, at the very least mention the advantages now before the audit gets to your monitor. Be proactive at telling your supervisor that its needed before the auditor tells him its not needed.
We grant them human rights, then we expect them to fallow our laws.
Just start handing out tickets to them for jay walking. Or theft, or public urination, or trespassing, or even skipping school. Do we arrest them or call animal control to cage them when there are issues.
I think this is a big can of worms that needs more thought behind it.
I think I might get a chimp and help him use that credit card that you know some moron will eventualy send him. Once the bill collectors come, introduce him to my buddy and say try collecting from a chimp.
Like you mentioned the auto search from the address bar is one, but i would assume the people that know how to change that setting will understand it.
I dont give users much credit sometimes. I had one person in need of help call me. They were trying to access a internal website but were un able to get it to load. After the long conversation that included having here say each key as she pressed them, we finaly realized that she was typing it in a search box and not the address bar.
People get these search bars loaded and confuse them with the address bar. So to get to google, they type google in the search bar.
another thing search sites do is steal the focus. If i start IE and click the adress bar before the page loads, my address will end up in the search box. there are times I have just hit enter instead of retyping it.
In a way, there usage has ben artifitialy inflated because of these search bars and auto focusing forms.
Every thing you do in every game has its costs vs rewards.
The content that is easy to do and is fun, tends not to earn you as much.
The stuff that earns you alot, is either easy to do and not fun. or is hard to do and not fun.
People will give up the fun for short periods of time for larger rewards that they think they will enjoy more later. but in the end, its a never ending cycle.
I can spend 3 hours in the game farming (not doing the fun stuff) to earn 300 gold
or I can spend 3 hour working extra (or overtime) to make $30.00 and purchase 1000 gold.
what is your time worth to you?
What if it took you 3 hours to make 50 gold?
each game and even game server are different, but that was the exact exchange that many world of Warcraft players would face. Recently the market has shifted around, but at one point it was more economical to just purchase the gold.
i introduced the Anarchists cookbook to my highschool and inderectly got a kid kick out of school because of it.
I discovered it and showed it a friend that was a grade behind me. I graduated and went to college. At some point, that friend showed his friend that was in a grade behind him. He left and went to the army. Colimbine happened. His friend printed out a few pages and left them on his desk. Teacher saw it and he nolonger went to school there.
The anoying thing was that the cookbook had some interesting stories, but alot of the stuf failed to work unless you already understood it. I found the news and discovery channel had more detailed information than I ever saw in there.
They never ask for help until they cant get internet to work any more.
I had one machine that A friend needed cleaned up. If i left the explorer shell running, it would lock up after 90 sec. (Once it got logged in). I had to kill the shell imediatly.
I managed to reinstall the network stack and drivers and load fire fox from my usb key. 2 spyware scanners failed to even load and the 3rd counted 7000 infected registry keys before it locked up. The task list of running programs was huge and they were all fighting for cpu and memory.
I got my network stack fixed but could not get to a webpage. So i just gave up. I knew it was a rebuild before I even started. I spent an hour just trying to see how bad it was.
I tell people its like cancer, you never can get it all.
From a support point of view, Deep Freeze is wonderfull once you work out some kinks and user training. You dont have to be constantly fixing things that othat people messed up.
Besides using deep freeze, running every user as a user (non-admin and non-power user) does wonders. You have to install stuff for them and adjust security for some apps.
In a domain, you have some policies that can make things better. Blocking ActiveX and Downloads on non-trusted sites realy do offer lots of protection. Before we went to deep freeze in all of our student computers, running them as users and blocking activex and downloads did protect our machines.
Honeslty once you protect the computer, it no longer a computer issue. Its all policy and enforcement. Possition the monitors in a way that the instructor can see them. Have a way for the instructor to disable internet when they are instructing. the computer can't do it all for you.
I think there were alot of factors that lead to the lack of intrest in this video. I want to spout some garbage about how many people dont like snakes or how over played the dangers on an airplain have been. But the real issue is that they made a move about snakes on an airplain.
A movie about snakes on an airplain? what were they thinking? They are just our of good ideas for movies. Not only is the idea bad, but people that saw it realy were not very excited.
Why do they release information like this. They publicise that they watch them in there chat rooms. if another one ever gets busted using a chat room, they deserve it.
I dont get why you tell the public how you uncovered the master plan when they are part of the public. I dont care if its only part of the information, it still tips them off.
At least the news didnt say the FBI is watching #osama tomarow to record a conversation with the leaders of what ever.
I was working at Radio Shack one summer back in college and I sold a cordless phone to an older lady. It was a display model that had caller ID in the hand set. A few days later she was at the coutner with the phone complaining that she could not remove the numbers from caller id. She gave this long story about how she tried and tried and it just would not work.
I took the phone from her and just as I was going to plug the base in, I saw a plastic sticker over the caller ID with SONY CORP 888 888 8888 on it. I pealed the sticker off and handed it back to her.
or steal the box of ammo that is sitting next to the gun.
The only people that dont have the ammo next to the guns already are parents with kids. And even those that do have kids prabably wont seperate it until they get older or get into it once.
do you keep your cooking stuff in the kitchen, keep your computer stuff near your computer, your tools by the work bentch?
All this will prevent is loading the wrong ammo in the wrong gun. and make the gun owner pay more for the same thing.
If I was selling an operating system, there would be some features that should be standard.
The ability to burn CD's The ablilty to surf the web The ability to listen and watch media files A fire wall Automatic updates
If I was selling an office suite, there would be some features that should be standard.
the ability to save to pdf
I could care less about choise, if you choose to do something else with the product after buy it. I don't care. At the same time, I am not going to gimp my product to force people to decide for themselfs.
I think the whole argument is a buntch of BS. There are so many things that Microsoft has done wrong that they should pay for. Offering a full featured OS is not one of them, thats one of the few things that they do correct.
Bundling software is not the problem, its how it has forced windows on you and the comunity and removed choices. They should be more willing to open up some things as a good citisen, but its there product.
It will tick me off the day that I get an OS and I have to go get all the features it should have.
Slashdot Mirror
A public bug list is not marketable. it adds no value and only adds liability to the product. now the customer knows you knew of the problem and did not fix it. at the same time, it gives hackers a good starting point. The people maintaining the bug list need to be alert to the fact that it is public.
/end rant
we use a help desk software and we have lots of entries that are resolved as user error. but you never tell the user the problem was user error. I am a developer or a coder, not a public relations or english specialist. I already look at the legal side of what I am writing in the logs.
I point out the hackers only because they are already doing that with hot fixes and patches. They look at what was fixed and do there own regression testing for related exploits. The public bug lists just makes that worse.
There will be bugs and we know it. You cant escape it. even if you know where they all are, you wont be able to fix them all.
Now, with that said. Security bugs should be fixed, even if they look minor. Im sure history is full of buffer overflow bugs that the devs thought were minor at the time. I knew of a bug in a company product. they thought it took too much work to exploit and too much work to fix that they let it sit. later they had a big rush to fix it because the hackers found a very very easy way to exploit it.
If you wait for the customer to report them, odds are the hackers will be finding them too. and its not up to the customer to test security, they should be able to trust that it is secure.
but what if I lock your barbecue grill shut and you dont see it until you have several guests in town. I deny instant access to use it. now you have to go get tools to break the lock or change your plan for the evening.
As far as ducking from creditors, I was not very clear at all. If you owe lots of bills/child support and leave town, you can prevent them from using your credit report to hunt you down in your new location. I know its a minor thing, but it does get used that way.
My point about asking how often you open credit lines was to see how viable it is to freeze your own credit line all the time and unlocking it when needed.
I was thinking this exact same thing.
How often in a year do you open new credit lines? There will be times in your life where you need instant access to get new credit lines, also many times where you are settled and would be better off frozen.
At the same time, this prevents nothing and only complicates the process. Thieves will adjust and unfreeze your account. If they have your identity, they are you. what do you do if you dont remmeber your recurity code, you call and have it reset. but you is them in this case. they still got you.
Now it opens up another way your ex can harras you. They call up as you and freeze your credit line with a code you dont know.
does it also prevent your credit report from getting pulled? that sounds like a nice way to hide from creditors you owe money too.
Dont get me wrong, I like the idea. but nothing is ever simple.
Wait, did anyone else miss the part where this guy broke the law by making that fake ID and is admiting it very very openly.
I could care less if I had to take it down, if he got his just punishment. Take it down and mail it to the feds.
ok, thats it. im placing an english disclaimer in my sig.
I fight this issue over and over.
You have to fallow the rules or pay the price, if the computer lets you do it or not. The computer does not determin policy and should not be needed to enforce it.
It just like a double yellow line on the road does not prevent you from passing someone. Its defined as policy/law that you don't cross it, even if it physicaly does not stop you. Is the city/state to blame if you get a ticket? do you have to pay the fine yourself? why is the computer any different?
Now dont get me wrong, some policies are BS and I dont fallow them myself. There should be a real person overseeing it. But it not up to the computer to enforce them.
The first things that you map in a game are things you know. How many people made a map of there house? there school? before moving on to more creative projects.
Does it matter that it was a game that he used instead of drafting software or a pen and paper. what makes him different than a student in a drafting class? For drafting we used autoCAD to map the school. the game was his "free" 3D draft studio.
That alone is not a crime or wrong. I did not read the article any more.
duke nuken 3d did have a simple world designer that was easy to pick up. I had alot of fun with it. That might have been the reason I took drafting classes where we made the same map but to scale this time.
quick, someone go arrest my drafting teacher. he is training terrorists.
I see 2 huge holes in this.
First, in games like wow buying and selling gold/items/characters for real cash is against the policies of Blizzard. So technicaly it has no value to the consumer. Its all property of Blizzard.
Second, if you are going to tax me on what I have earned in a virtual world, then you are going to give me tax credits for what I lost along the way. What if Im a bad player that plays alot, but at the end of the day have nothing to show for it? At the end of the year of fees, a person could spend $180.00 for a character thats non sellable. Is that a tax write off?
Third, Is a character worth $1000.00 a finiacial loss when it gets banned? or the subscription lapses? What if every november I cancel my account and then renew it in January? As of dec 31, I dont technicaly have that account.
There is no way this can be managed. what if my character is on a server outside the US? What if im outside the US?
But at what point is someone responsible for the network. I bet there is no written law that says what part of a network is responsible for the actions that happen on it.
What if I sell access to someone that commits the crime? am I responsible?
What if I sell access to someone that sells access to someone that commits the crime? am I responsible?
Is my ISP responsible for my actions? where does the law give them immunity and not myself?
Is selling it the key? what if I gave it away?
What if I connected my network to a free network and made my network free?
that is exactly what they are doing. Blizzard is fighting a loosing battle with wow glider and has to resort to other methods.
WoWSharp fell becuase Blizzard out smarted them. This time Blizzard is getting outsmarted and I threatning leagal fees. If the lawsuit is for more than there profit, then what do you think wow glider will do.
the WoWSharp saga was a fun one to fallow. I saw one of there developers write up what went down in the last moments.
forums.worldofwarcraft.com
www.badanatomy.com - guild website
slashdot.org
wait 10 min and do it again
I think he wants more than just his word to back him up.
The best thing he can do is set the manager up with a second monitor so he can see the difference. I am an avid multi monitor user. Friends and family that use my machines have gone to the same set up on there machines. At work, I did the same as this guy and eventual converted the entire department. All but one person (the new guy) now have 2 monitors.
now im up to 4 monitors. I wanted 3, but it was just as easy to do 4 as it was 3. If I had to make a cut, i would drop one. But nobody else is willing to give up there set ups.
If you can't convert others, at the very least mention the advantages now before the audit gets to your monitor. Be proactive at telling your supervisor that its needed before the auditor tells him its not needed.
We grant them human rights, then we expect them to fallow our laws.
Just start handing out tickets to them for jay walking. Or theft, or public urination, or trespassing, or even skipping school. Do we arrest them or call animal control to cage them when there are issues.
I think this is a big can of worms that needs more thought behind it.
I think I might get a chimp and help him use that credit card that you know some moron will eventualy send him. Once the bill collectors come, introduce him to my buddy and say try collecting from a chimp.
I several reasons for this.
Like you mentioned the auto search from the address bar is one, but i would assume the people that know how to change that setting will understand it.
I dont give users much credit sometimes. I had one person in need of help call me. They were trying to access a internal website but were un able to get it to load. After the long conversation that included having here say each key as she pressed them, we finaly realized that she was typing it in a search box and not the address bar.
People get these search bars loaded and confuse them with the address bar. So to get to google, they type google in the search bar.
another thing search sites do is steal the focus. If i start IE and click the adress bar before the page loads, my address will end up in the search box. there are times I have just hit enter instead of retyping it.
In a way, there usage has ben artifitialy inflated because of these search bars and auto focusing forms.
Every thing you do in every game has its costs vs rewards.
The content that is easy to do and is fun, tends not to earn you as much.
The stuff that earns you alot, is either easy to do and not fun. or is hard to do and not fun.
People will give up the fun for short periods of time for larger rewards that they think they will enjoy more later. but in the end, its a never ending cycle.
I can spend 3 hours in the game farming (not doing the fun stuff) to earn 300 gold
or I can spend 3 hour working extra (or overtime) to make $30.00 and purchase 1000 gold.
what is your time worth to you?
What if it took you 3 hours to make 50 gold?
each game and even game server are different, but that was the exact exchange that many world of Warcraft players would face. Recently the market has shifted around, but at one point it was more economical to just purchase the gold.
The officers did act professionaly. the guy was just stubborn. How many times do you get shocked before you wise up? what should the cops do?
Oh, im sorry I zaped you 3 times already and you still won't move. I guess I should just let you go so you get your way. Have a nice day.
i introduced the Anarchists cookbook to my highschool and inderectly got a kid kick out of school because of it.
I discovered it and showed it a friend that was a grade behind me. I graduated and went to college. At some point, that friend showed his friend that was in a grade behind him. He left and went to the army. Colimbine happened. His friend printed out a few pages and left them on his desk. Teacher saw it and he nolonger went to school there.
The anoying thing was that the cookbook had some interesting stories, but alot of the stuf failed to work unless you already understood it. I found the news and discovery channel had more detailed information than I ever saw in there.
They never ask for help until they cant get internet to work any more.
I had one machine that A friend needed cleaned up. If i left the explorer shell running, it would lock up after 90 sec. (Once it got logged in). I had to kill the shell imediatly.
I managed to reinstall the network stack and drivers and load fire fox from my usb key. 2 spyware scanners failed to even load and the 3rd counted 7000 infected registry keys before it locked up. The task list of running programs was huge and they were all fighting for cpu and memory.
I got my network stack fixed but could not get to a webpage. So i just gave up. I knew it was a rebuild before I even started. I spent an hour just trying to see how bad it was.
I tell people its like cancer, you never can get it all.
It depends on teh solution you are lookig for.
From a support point of view, Deep Freeze is wonderfull once you work out some kinks and user training. You dont have to be constantly fixing things that othat people messed up.
Besides using deep freeze, running every user as a user (non-admin and non-power user) does wonders. You have to install stuff for them and adjust security for some apps.
In a domain, you have some policies that can make things better. Blocking ActiveX and Downloads on non-trusted sites realy do offer lots of protection. Before we went to deep freeze in all of our student computers, running them as users and blocking activex and downloads did protect our machines.
Honeslty once you protect the computer, it no longer a computer issue. Its all policy and enforcement. Possition the monitors in a way that the instructor can see them. Have a way for the instructor to disable internet when they are instructing. the computer can't do it all for you.
I think there were alot of factors that lead to the lack of intrest in this video. I want to spout some garbage about how many people dont like snakes or how over played the dangers on an airplain have been. But the real issue is that they made a move about snakes on an airplain.
A movie about snakes on an airplain? what were they thinking? They are just our of good ideas for movies. Not only is the idea bad, but people that saw it realy were not very excited.
Why do they release information like this. They publicise that they watch them in there chat rooms. if another one ever gets busted using a chat room, they deserve it.
I dont get why you tell the public how you uncovered the master plan when they are part of the public. I dont care if its only part of the information, it still tips them off.
At least the news didnt say the FBI is watching #osama tomarow to record a conversation with the leaders of what ever.
I was working at Radio Shack one summer back in college and I sold a cordless phone to an older lady. It was a display model that had caller ID in the hand set. A few days later she was at the coutner with the phone complaining that she could not remove the numbers from caller id. She gave this long story about how she tried and tried and it just would not work.
I took the phone from her and just as I was going to plug the base in, I saw a plastic sticker over the caller ID with SONY CORP 888 888 8888 on it. I pealed the sticker off and handed it back to her.
or steal the box of ammo that is sitting next to the gun.
The only people that dont have the ammo next to the guns already are parents with kids.
And even those that do have kids prabably wont seperate it until they get older or get into it once.
do you keep your cooking stuff in the kitchen, keep your computer stuff near your computer, your tools by the work bentch?
All this will prevent is loading the wrong ammo in the wrong gun. and make the gun owner pay more for the same thing.
If I was selling an operating system, there would be some features that should be standard.
The ability to burn CD's
The ablilty to surf the web
The ability to listen and watch media files
A fire wall
Automatic updates
If I was selling an office suite, there would be some features that should be standard.
the ability to save to pdf
I could care less about choise, if you choose to do something else with the product after buy it. I don't care. At the same time, I am not going to gimp my product to force people to decide for themselfs.
I think the whole argument is a buntch of BS. There are so many things that Microsoft has done wrong that they should pay for. Offering a full featured OS is not one of them, thats one of the few things that they do correct.
Bundling software is not the problem, its how it has forced windows on you and the comunity and removed choices. They should be more willing to open up some things as a good citisen, but its there product.
It will tick me off the day that I get an OS and I have to go get all the features it should have.