My biggest beef with passwords is the myriad of different "rules" as to what makes a valid password at different sites.
I have a few great passwords... no one is going to get them short of brute forcing (or, God forbid, key logging). However, every site seems to have different (read: REDICULOUS) parameters for passwords:
- must not start with a number - must have both letters and numbers (symbols don't count) - can only be [a-z][A-Z][0-9]
I would love to meet the asshats that come up with these randomly applied "rules" just so I could kick them squarely in the nuts.
I used to only need two passwords for EVERYTHING (one "weak" password for discussion sites (eg - Slashdot) and one "strong" password for the important stuff). Alas, that was too easy. Now I have to maintain around 10 passwords that, IMNSHO, are far weaker that the ones they replaced (not by my choice).
For example, one large credit card company recently changed its password policy. Since my old password didn't "fit" in their new policy, they simply set it to something else without telling me. Mind you, the new password I had to choose is orders of magnitude easier to crack than the old password because they removed a number of possible characters.
Which brings up a point, what's the point in LIMITING the characters that can be used in passwords? How horrible are these designers that their apps choke on '&Dkf*l,@a', but 'b4dp4ass' is OK? What could they be doing that would disallow a number as the first character?
In close, if you have anything to do with the authentication process of a website, before you start throwing on random rules for passwords, do us all a favor and DON'T.
One feature of VoicePulse is the ability to have any caller that does not identify themselves via Caller ID get "telezapper" tones and be intercepted by an automated message asking the person to enter their phone number via touch-tone.
Autodialers don't stand a chance... six months and not a SINGLE telemarketing call.
Verizon offers a similar feature for $6 or $7 a month... which is almost half of my TOTAL monthly VoicePulse bill ($15.44 total).
I used to work for Intuit UK and they were bastards.
Intuit in general are bastards.
Any time you try to import a text transaction file (QFX), the program calls home to see if the organization you downloaded from paid its "Quicken Tax".
When I called tech support because I was getting an error message when trying to import, Intuit told me that "my bank doesn't support Macs", even though I already had the QFX file.
Me: "I don't understand. I have the file, but Quicken won't import it."
Tech: "Your bank doesn't support Macs."
Me: "Why does my bank need to 'support' Macs? I have the text file, but Quicken won't import it."
Think how ridiculous it would be if Excel wouldn't import a CSV file until it called back to MS to verify that author paid an "MS Tax" (insert DRM/Palladium comment here)?
Anyway, I got around the issue by opening the file and changing the "Institution ID" to a bank that has "paid the tax". By simply changing a few characters in the file, Quicken happily imported it.
'Who is accountable for the security of the Linux kernel? Does Red Hat, for example, take responsibility? It cannot, as it does not produce the Linux kernel. It produces one distribution of Linux.'
Who is accountable for the safety of drinking water? Does Evian, for example, take responsibility? It cannot, as it does not produce water. It packages one distribution of water.
Actually, of the three things on the list, I would be most willing to agree with the cube being listed.
For the others:
Newtons - Newtons failed because they were so far ahead of their time. A PDA, before there were such things as "PDAs", that actually allowed you to write the way you know how as opposed to learning a new character set?? Over 10 years later and I STILL don't think you can find this on ANY handheld. Apple had the right idea - let the human dictate to the PDA and not vice-versa, but, just technology hadn't advanced far enough, yet (Eat up Martha).
one-button mouse - Will people just get over this? Please? The general public just doesn't care about one vs. multi button. Personally, I've have a 2 - 4 button trackball (Now with a scroll ring!) on my machine machine for the last 10 years. However, the one button mouse is a godsend when dealing with people that don't work on computers day in and out.
I can't count the number of telephone support calls I've had that sounded like a bad "Who's on first?" routine:
Me: OK, I need you to click the icon with the right mouse button. Them: I did. The icon got dark. Me: It sounds like you didn't click with the right mouse button. Them: How do I know which one is right? Me: It's the mouse button that is on the right side of the mouse. Them: There are no buttons on the right side of the mouse....
as opposed to dealing with Mac users:
Me: With your left hand, press and hold the "Control" key located at the lower left corner of the keyboard. Now, click the mouse on the icon. Them: A little menu appeared.
All orders that shipped in the 10 days prior to the announced price drop are eligible for reimbursement based on the lower rates. Owners have 14 days from the announcement to contact Apple to have their refunds processed.
Since I don't think any mini's were shipped before the 15th (please correct me on that if I am mistaken), all minis should be eligible.
...all of this fru-fru pomp and circumstance is inappropriate when the country is at war...
Do me a favor and call me when ANY ONE of the following ceremonies are cancelled:
- Golden Globes - Acadamy Awards - Grammys
Taking the costs associated with the events related any one ceremony above dwarfs the amount of money spent on the inauguration. At least the inauguration serves a real purpose.
Is there something special we're supposed to be inferring?
According to most TV reports and newspapers, any of the following should be fine:
Bush is a bad president because this money, which was donated by citizens and corporations explicitly for the inauguration, should go to the tsunami victims
Bush is a bad president because this money, which was donated by citizens and corporations explicitly for the inauguration, should go to the Iraq war
Bush is a bad president because his inauguration total was around $40 mil, while Clinton was a good president because his '93 inauguration was only $33 million.
Comcast won't allow servers, but most DSL providers do
Comcast has a "don't ask, don't tell" policy when it comes to servers. If you are running a small site, they really don't seem to care. Heck, I've seen a number of not-so-small sites running on CHSI home lines. Also, for better or worse, you can relay through their SMTP servers when you are on their network.
Verizon, "doesn't allow servers", but, additionally, actively blocks all incoming port 80 access. Furthermore, you are only allowed to use their SMTP servers if your outgoing email address ends in @verizon.net.
This information is gathered via accounts of these services in the Philly area.
I always thought that this would be a cool and useful service for the VOIP companies. Either make it so you can start recording by sending the right DTMF sequence during a call or choose to have all calls recorded to MP3 and be sent via email after they are complete (no long term storage).
Hmmm.... maybe I should submit a suggestion to VoicePulse.
So long as they keep IE "good enough" for the majority of users, they won't get that many defections.
Someone better tell that to these guys. While it is only one data point, the few large sites that I have seen actual logs to show similar results (>1% / month defection rate).
If you are dealing with a counter, why would you waste HALF of value space for a few error codes? Instead, make (INT_MAX - x) to INT_MAX your error space.
With a few #defines, you wouldn't have to make any major changes to the code logic:
Slashdot Mirror
Rube Goldberg would have been proud of that article.
- Tony
My biggest beef with passwords is the myriad of different "rules" as to what makes a valid password at different sites.
... no one is going to get them short of brute forcing (or, God forbid, key logging). However, every site seems to have different (read: REDICULOUS) parameters for passwords:
I have a few great passwords
- must not start with a number
- must have both letters and numbers (symbols don't count)
- can only be [a-z][A-Z][0-9]
I would love to meet the asshats that come up with these randomly applied "rules" just so I could kick them squarely in the nuts.
I used to only need two passwords for EVERYTHING (one "weak" password for discussion sites (eg - Slashdot) and one "strong" password for the important stuff). Alas, that was too easy. Now I have to maintain around 10 passwords that, IMNSHO, are far weaker that the ones they replaced (not by my choice).
For example, one large credit card company recently changed its password policy. Since my old password didn't "fit" in their new policy, they simply set it to something else without telling me. Mind you, the new password I had to choose is orders of magnitude easier to crack than the old password because they removed a number of possible characters.
Which brings up a point, what's the point in LIMITING the characters that can be used in passwords? How horrible are these designers that their apps choke on '&Dkf*l,@a', but 'b4dp4ass' is OK? What could they be doing that would disallow a number as the first character?
In close, if you have anything to do with the authentication process of a website, before you start throwing on random rules for passwords, do us all a favor and DON'T.
- Tony
One feature of VoicePulse is the ability to have any caller that does not identify themselves via Caller ID get "telezapper" tones and be intercepted by an automated message asking the person to enter their phone number via touch-tone.
... which is almost half of my TOTAL monthly VoicePulse bill ($15.44 total).
Autodialers don't stand a chance... six months and not a SINGLE telemarketing call.
Verizon offers a similar feature for $6 or $7 a month
- Tony
I used to work for Intuit UK and they were bastards.
Intuit in general are bastards.
Any time you try to import a text transaction file (QFX), the program calls home to see if the organization you downloaded from paid its "Quicken Tax".
When I called tech support because I was getting an error message when trying to import, Intuit told me that "my bank doesn't support Macs", even though I already had the QFX file.
Me: "I don't understand. I have the file, but Quicken won't import it."
Tech: "Your bank doesn't support Macs."
Me: "Why does my bank need to 'support' Macs? I have the text file, but Quicken won't import it."
Think how ridiculous it would be if Excel wouldn't import a CSV file until it called back to MS to verify that author paid an "MS Tax" (insert DRM/Palladium comment here)?
Anyway, I got around the issue by opening the file and changing the "Institution ID" to a bank that has "paid the tax". By simply changing a few characters in the file, Quicken happily imported it.
'Who is accountable for the security of the Linux kernel? Does Red Hat, for example, take responsibility? It cannot, as it does not produce the Linux kernel. It produces one distribution of Linux.'
Who is accountable for the safety of drinking water? Does Evian, for example, take responsibility? It cannot, as it does not produce water. It packages one distribution of water.
Now with a scroll ring!
Makes me wish there was a <popeil> tag for the desired effect and notation.
- Tony
They weren't wrong about the cube!
...
Actually, of the three things on the list, I would be most willing to agree with the cube being listed.
For the others:
Newtons - Newtons failed because they were so far ahead of their time. A PDA, before there were such things as "PDAs", that actually allowed you to write the way you know how as opposed to learning a new character set?? Over 10 years later and I STILL don't think you can find this on ANY handheld. Apple had the right idea - let the human dictate to the PDA and not vice-versa, but, just technology hadn't advanced far enough, yet (Eat up Martha).
one-button mouse - Will people just get over this? Please? The general public just doesn't care about one vs. multi button. Personally, I've have a 2 - 4 button trackball (Now with a scroll ring!) on my machine machine for the last 10 years. However, the one button mouse is a godsend when dealing with people that don't work on computers day in and out.
I can't count the number of telephone support calls I've had that sounded like a bad "Who's on first?" routine:
Me: OK, I need you to click the icon with the right mouse button.
Them: I did. The icon got dark.
Me: It sounds like you didn't click with the right mouse button.
Them: How do I know which one is right?
Me: It's the mouse button that is on the right side of the mouse.
Them: There are no buttons on the right side of the mouse.
as opposed to dealing with Mac users:
Me: With your left hand, press and hold the "Control" key located at the lower left corner of the keyboard. Now, click the mouse on the icon.
Them: A little menu appeared.
- Tony
What I think is in effect:
All orders that shipped in the 10 days prior to the announced price drop are eligible for reimbursement based on the lower rates. Owners have 14 days from the announcement to contact Apple to have their refunds processed.
Since I don't think any mini's were shipped before the 15th (please correct me on that if I am mistaken), all minis should be eligible.
- Tony
Don't use "Domain.dom". There are well-known domains that are reserved explicitly for this purpose.
It's easy to say that, because he is so rich, it's easy for him to donate a lot of money.
Let's put this in perspective...
If Bill Gates had a net worth of $40k, he just pledged to give $60 per year to this charity.
Let's see if the Linux community can match his generosity.
Based on above, I'd be willing to wager that, proportionally and on average, Slashdot users beat his generosity.
- Tony
...who has the following in their welcome Flash movie?
The site is overloaded.
you loose paying customers.
Emphasis is mine. Lack of capitalization and bad spelling is theirs.
...all of this fru-fru pomp and circumstance is inappropriate when the country is at war...
Do me a favor and call me when ANY ONE of the following ceremonies are cancelled:
- Golden Globes
- Acadamy Awards
- Grammys
Taking the costs associated with the events related any one ceremony above dwarfs the amount of money spent on the inauguration. At least the inauguration serves a real purpose.
According to most TV reports and newspapers, any of the following should be fine:
- Tony
but has been totally hobbled by a insane business model and pathetic marketing.
Their business model not-withstanding, how you call their marketing "pathetic" when they've successfully turned their company name into a verb?
- Tony
Comcast won't allow servers, but most DSL providers do
.
Comcast has a "don't ask, don't tell" policy when it comes to servers. If you are running a small site, they really don't seem to care. Heck, I've seen a number of not-so-small sites running on CHSI home lines. Also, for better or worse, you can relay through their SMTP servers when you are on their network.
Verizon, "doesn't allow servers", but, additionally, actively blocks all incoming port 80 access. Furthermore, you are only allowed to use their SMTP servers if your outgoing email address ends in @verizon.net
This information is gathered via accounts of these services in the Philly area.
- Tony
Tellico seems to better about spreading the integration around (Amazon for books, IMDB for movies).
Don't mean to burst your bubble, but, next time you are in IMDB, scroll to the very bottom of the page and read what it says.
- Tony
God created the earth and the things on it with a certain level of ... adaptability
So, what you are saying is God believes in the theory of evolution?
I always thought that this would be a cool and useful service for the VOIP companies. Either make it so you can start recording by sending the right DTMF sequence during a call or choose to have all calls recorded to MP3 and be sent via email after they are complete (no long term storage).
Hmmm.... maybe I should submit a suggestion to VoicePulse.
- Tony
More, importantly, does this mean we can get a live feed from the MacWorld Keynote tomorrow?
=)
- Tony
Match up the landmarks
Already done for you.
- Tony
You can also see the sat photos here, with the difference that I aligned the images so you can toggle between before and after views.
I submitted this link last night, but, of course, it was rejected in favor of the plain, individual sat photos.
- Tony
So long as they keep IE "good enough" for the majority of users, they won't get that many defections.
Someone better tell that to these guys. While it is only one data point, the few large sites that I have seen actual logs to show similar results (>1% / month defection rate).
- Tony
If you are dealing with a counter, why would you waste HALF of value space for a few error codes? Instead, make (INT_MAX - x) to INT_MAX your error space.
With a few #defines, you wouldn't have to make any major changes to the code logic:
if (rv = ERROR_MIN)
- Tony
One World. One People. One Slab of Asphalt.