I always like to retell my best buy experience when the subject comes up simply because it was so frustratingly lame.
I was going to purchase a laptop from them -- I did my research to make sure all of the essential hardware would run with my choice distro, yadda yadda.
I walked into a store and instead of just picking the laptop up, decided to go ask one of their sales droids about it. "Will it run Linux?"
The basic thing I got from him was that it would not. It was way underpowered to run a Linux server. (I had a 400MHz PII that ran RH, and this laptop had at least twice the stats of EVERYTHING the ol' PII had). I explained I didn't want a server but a desktop install. Same thing, he says. Says they all run their Linux servers on Alienware laptops.
Asks why I disliked XP. Performance issues, security issues, MS antics. Guy tries to sell me XP Pro instead. Tells me an alphabet soup of certification credentials to make himself the smarter one...then says Bill Gates had bought out Linux and that in a year we wouldn't even be talking about Linux at all. This was two years ago.
I politely thanked him and said I'd go home to rethink my strategy. I bought a Dell. Now running on Ubuntu Hoary.
So yeah, not sure if that guy still works at that Best Buy but the degree of misinformation to upsell shtuff can get ugly.
MS has recognized Linux's place in the marketplace. They know of Linux's server market growth and its desktop push. Ms recognizes the choices in Open Source software (OO.o vs. MS Office, for example).
MS has not accepted this. Probably will not either. Thus the TCO fudging and other FUDs. If Microsoft accepts the qualities of Linux (and OSS), they wouldn't FUD it. They'd acknowledge its benefits and make THEIR offerings better.
So once you make the distinction between recognition and acceptance, the statement pretty much pans out ok.
With a Microsoft partnership, we now understand how we plan to have the oomph to run Windows Vista when it comes out.
$1 per CPU per hour...the true money-making scheme here is that if you run Linux, they'll charge you the $699 for each processor on behalf of SCO.
So for $50 bucks an hour, you can run a SWING application almost without a performance drop.
With the licensing model, you can run apps with it, but you can't alter any data that passes through without our permission. Want to see the results of your calculations? You'll have to sign an NDA.
Sun Microsystems? Hey weren't they that big dot-com company that wanted programmable toasters? What are they doing these days?
Probably not a typo. There's a common thought that the gentoo folks are pretty "hardcore" about the OS. That whole stage1 compile everything from scratch, configure everything with vi, use magnets to place the linux kernel bits on the HDD, and all that wonderful stuff. A graphical installer almost defeats the purpose of being 1337, after all.
I hear you learn lots about Linux that way. I wouldn't know, I run ubuntu. I'd like to maybe try it one day (or week or month...it's a slow machine) for the experience but for now, mine work relatively well.
So yeah, if the draw is to be difficult, complex, and 1337, then making it easier would make some people NOT switch to gentoo.
Well good day, eh. We were both gonna like show up at your office and personally ask you to come to the Linux meeting thing. The problem was that on the way to your office, we had to stop by for a beer or twenty and we forgot all about why we were there to begin with.
Bob even had a Penguin toque on that he borrowed from that cowboyneal guy. You would have shown up just based on that.
So anyway, thanks, eh. We're probably gonna get canned from our marketing job 'cause you just had to be all pissy about it. Piss off, hoser.
You touched on the idea of a sales-boost. That's definitely interesting. There was an article this week, I believe, on theregister about MS trying to drum up sales of their current Office line even though the next upgrade (Office 12?) will be released next year.
So you're left to wonder -- is IE7 yet another marketing scheme to get people to run XP...and then get them again when astalaVista shows up?
I, too, am quite concerned about the security issues with Firefox. The only real consolation I have is that with open source, the code gets fixed much faster. Sure, that creates the burden of having to patch...on occasion more than once a week, but in the end, I'd rather have a fix to a known bug than no fixes at all.
I guess what I'd like (and from what I've read, it's in the works) is a better way to patch. Instead of having to re-download an entire release, if we could actually just get smaller patches, that'd be great.
Maybe a giant "bug hunt" is in order? You know, send a memo from a higher-up to all the developers about putting security first, gaining users' trust back...we'll call it "trustworthy computing." I bet it would actually work this time.
Yeah, firefox has bugs. I bet it has lots of it. I'm also sure that when they're found, they're fixed a lot faster simply because there's greater access to source code. That's the only rationale I'm hanging on to -- which makes OSS favorable to closed-source when it comes to security.
Now in terms of bug severity, I bet not being tied to the underlying operating system itself would be a distinct advantage.
Today's audience ain't listnin at all they participatin' an havin a ball (uh huh yeah) da audience be as old as yo momma's record playa an as passive as a chronic smokin' Sith Darth Vader (yeah, yeah)
So don't be lookin' at me all clueless and quizzical (what?!?!) like I am wit yo momma, remixing is all too physical. (yeah!!!) A record's an anomaly like Neo in the rain. This post is a hit with props to islandrain! (a wikiwiki wild wild rain)
Though funny, it's also insightful. There are way too many people with insecure wireless routers. They broadcast their SSID, don't use encryption, and don't change the default passwords.
Sadly enough, it's not just home users doing this. You've got businesses ranging from small to large with open AP's.
Oh, and it's not just wireless ones, too, though those aren't as useful. I popped in the IP from a spam e-mail header which landed me to the web interface of a company's router (with the model number and a picture, too!). Default password.
So though I know I'm preaching to the choir here, it really is best to be mindful of your network. Free wifi access may be inversely proportional to your efficiency as a BOFH.:)
Provided Google can somehow use their branding to reflect reliability, security, and stability -- I'd trust them with money. Feed the fear about paypal's insecurities and you've got yourself a deal.
Perhaps a business link through Froogle could prove beneficial, too. You know, "preferred customer" type scenario.
In the end, though, I really do think we should start worrying about the amount of information Google collects. Searches, identity, e-mails, and with this thing, buying trends and other financial information. Yeah, we love 'em...but their capacity for evil is growing and becoming a bit more scary.
From a different standpoint, what about those companies whose business include caching files? They would technically be in possession of quite a bit of these offending things unless they actually take the time to weed those out individually.
An image cache/repository, some places that cache newsgroups, etc. would be subject to such laws. This would indeed be interesting to see how it's ruled.
Italics, no. Velvet rope, hell yeah! Nobody ever crosses the frickin' velvet rope. MS Firewall? Forget about it, just give each user a standard issue velvet rope to wrap around their computers and NOBODY will dare break in.
Adware and spyware? Who needs to buy GIANT when you can buy a velvet rope factory and rid these Internets of vermin forever?
P2P apps sharing copyrighted material? Velvet rope will keep them from doing that. It's red, it's fuzzy, and it's in their way -- NOBODY crosses the velvet rope.
Those misguided folks in Redmond think italics will stop it all. It won't. Hopefully with this post, though, I can get the attention of OSS coders so they can implement this Velvet Rope thing for Linux before MS "innovates" on it.
Code obfuscation isn't really a "feature" per se. I think the main problem is what you've mentioned -- that a lot of folks don't believe in the "Open Source" philosophy and yet use such scripting languages that by their very nature, are "open source." (PERL rants aside)
It's writing code and hoping nobody else can understand, modify, improve, or possibly circumvent it. To be perfectly honest, I don't think code should be more obfuscated than it already is. The simpler and easier to understand, the better.
I did run into a vbscript worm once that did something like rotX itself when transporting (with a random shift, I believe, to try to avoid AV fingerprinting), then decode and execute upon launch. I must say that was pretty neat in a sick sort of way.
Seriously, though -- why do people still pirate MS products when you can have the free (better?) alternative operating system, office suite, e-mail client, yadda yadda?
Is this a statement of "joe sixpack" and his relative ignorance of the alternatives or is this more a shot at OSS -- "we'd rather break laws than use your free (no-good) stuff?" The former seems to be a quest for a Linux marketing department. The latter is one for the usability experts to hammer out with the open source coders.
Either way, there's some truth to be revealed in the answer to why people still pirate Microsoft products.
I've always asserted that how I am with computers is like how some old ladies are with stray cats.
There's room for one more in the house...beside the couch...under the sink...next to the other 486sx boxes. I swear I'll make them all useful. One will be a router, the other for my backups, another for my music, and one where I can learn to setup a LAMP solution...and and...you get the idea.
Of course I've never really gotten around to doing much of anything with them, but it does seem like such a waste to just dispose of them.
Once you get past the "Flash is EVIL" posts out there, and have browsed through the ming stuff for PHP -- are we anywhere near a GPLed Flash content creator?
I understand it'll eventually piss off the original creators and may break any sort of idea that Macrobe or Adobedia had about porting their stuff to Linux. Talk about vendor lock-in though.
Whether you like it or not, Flash has its uses. Would be nice to have an easy way to create the content without having to fork up that much cash to Adobe/Macromedia. Oh yeah...and all that stuff about software freedom and open formats, too.
Let's get this straight -- writing down passwords is a bad thing. Remembering passwords isn't that difficult in the end if you use a proper scheme. A securityfocus article suggests creating an acronym from the first line of a song. Makes enough sense. Add a bit of 1337 to it by changing some letters to numbers and you can be a bit safer.
Now on the other hand, if you wrote down some sort of hash to a password that you mentally decode to create the REAL password, then it may not be so bad. Still gives someone a place to start, thoguh. In most cases, though, having a physical record of a password just screams "BAD IDEA!"
A government entity sends out an all-staff e-mail saying that in order to conserve space, we are to clean out our e-mail. Trash bin should be cleared out, important documents are to be printed out, filed, and then deleted off the system.
I've always thought that storage was cheap nowadays and that clearing out e-mail boxes was moot. I suppose there's some merit to it as there's definitely space to be reclaimed from the activity...but is it really worth that much considering a couple of hundred bucks would get you another 200GB or so?
Here's the general idea: first be adamantly pissed off when people release bug information publicly (not telling the story that the same folks notified MS about it eons ago only to find Microsoft ignoring them)
Then once enough people catch on to this, create a press-release saying "we're on the ball, we're looking into this, and we're doing all of this because that's what customers want and we do what our customers ask for."
Sounds like standard "Trustworthy Computing" practice to me.
I get hired into a computer lab funded by a grant from Da Foundation. Lovely, really, as I'm not really sure how else the place could have afforded the number of machines we have. We offer MS Office, Internet access, and a bunch of "edutainment" titles. We even have headphones to check out if you wish to hear Arthur or Cat In The Hat...or stream audio from Launch.
We also offer computer classes with Gates-provided propag...er, teaching material.
Fast forward a few years and NT isn't quite as fun anymore. The machines won't be able to take XP, should the place even decide to go that route. Even the newer machines acquired that are running XP have been so bogged down with malware that they perform about as well as the older ones.
So there's your local lab staff, one way or another heralding Microsoft, thanking Lord Bill for his kindness...mentioned at just about every Introduction to the PC class. We teach MS Word and call it "Word Processing" -- then the students ask how they can get such programs on their home computer. That's when philanthropy turns into advertising.
In the end, we've got NT, Office 2000, more adware and spyware than we care to have, a bunch of irate people whose Internet experience crawls, and management that has to go through bureaucracy to get anything done.
Me? I wish the place ran on Linux. That would at least get USB support. Malware wouldn't be a problem. We'd at least get software patches somehow. Unfortunately, I have very little authority. Could't even install anti-spyware onto the machines due to permissions. The best I could do was write an e-mail to my supervisor reminding them that NT support had gone bye-bye, and that they consider installing spybot s&d (possible licensing issues with the others).
So far, that has resulted in nothing. Don't get me wrong -- I'm glad for the funding and the computers. It's just that the place isn't too forward-looking. It looks like the first hit is gone and this druggie needs another fix soon.
I can only wish the place considers rolling their own.:)
They only included anything remotely close to offending code, duh!:) That means initializations for variables i, j, foo, along with// and all/* and */ tags.
And I bet one of the scanning scripts contains a grep of "fuck off" somewhere.
Slashdot Mirror
I always like to retell my best buy experience when the subject comes up simply because it was so frustratingly lame.
I was going to purchase a laptop from them -- I did my research to make sure all of the essential hardware would run with my choice distro, yadda yadda.
I walked into a store and instead of just picking the laptop up, decided to go ask one of their sales droids about it. "Will it run Linux?"
The basic thing I got from him was that it would not. It was way underpowered to run a Linux server. (I had a 400MHz PII that ran RH, and this laptop had at least twice the stats of EVERYTHING the ol' PII had). I explained I didn't want a server but a desktop install. Same thing, he says. Says they all run their Linux servers on Alienware laptops.
Asks why I disliked XP. Performance issues, security issues, MS antics. Guy tries to sell me XP Pro instead. Tells me an alphabet soup of certification credentials to make himself the smarter one...then says Bill Gates had bought out Linux and that in a year we wouldn't even be talking about Linux at all. This was two years ago.
I politely thanked him and said I'd go home to rethink my strategy. I bought a Dell. Now running on Ubuntu Hoary.
So yeah, not sure if that guy still works at that Best Buy but the degree of misinformation to upsell shtuff can get ugly.
Recognition vs. Acceptance vs. Surrender
MS has recognized Linux's place in the marketplace. They know of Linux's server market growth and its desktop push. Ms recognizes the choices in Open Source software (OO.o vs. MS Office, for example).
MS has not accepted this. Probably will not either. Thus the TCO fudging and other FUDs. If Microsoft accepts the qualities of Linux (and OSS), they wouldn't FUD it. They'd acknowledge its benefits and make THEIR offerings better.
So once you make the distinction between recognition and acceptance, the statement pretty much pans out ok.
With a Microsoft partnership, we now understand how we plan to have the oomph to run Windows Vista when it comes out.
$1 per CPU per hour...the true money-making scheme here is that if you run Linux, they'll charge you the $699 for each processor on behalf of SCO.
So for $50 bucks an hour, you can run a SWING application almost without a performance drop.
With the licensing model, you can run apps with it, but you can't alter any data that passes through without our permission. Want to see the results of your calculations? You'll have to sign an NDA.
Sun Microsystems? Hey weren't they that big dot-com company that wanted programmable toasters? What are they doing these days?
I just KNEW one of these days, that "I'm Feeling Lucky" button would get them in trouble.
Probably not a typo. There's a common thought that the gentoo folks are pretty "hardcore" about the OS. That whole stage1 compile everything from scratch, configure everything with vi, use magnets to place the linux kernel bits on the HDD, and all that wonderful stuff. A graphical installer almost defeats the purpose of being 1337, after all.
I hear you learn lots about Linux that way. I wouldn't know, I run ubuntu. I'd like to maybe try it one day (or week or month...it's a slow machine) for the experience but for now, mine work relatively well.
So yeah, if the draw is to be difficult, complex, and 1337, then making it easier would make some people NOT switch to gentoo.
Well good day, eh. We were both gonna like show up at your office and personally ask you to come to the Linux meeting thing. The problem was that on the way to your office, we had to stop by for a beer or twenty and we forgot all about why we were there to begin with.
Bob even had a Penguin toque on that he borrowed from that cowboyneal guy. You would have shown up just based on that.
So anyway, thanks, eh. We're probably gonna get canned from our marketing job 'cause you just had to be all pissy about it. Piss off, hoser.
-- Bob and Doug
You touched on the idea of a sales-boost. That's definitely interesting. There was an article this week, I believe, on theregister about MS trying to drum up sales of their current Office line even though the next upgrade (Office 12?) will be released next year.
So you're left to wonder -- is IE7 yet another marketing scheme to get people to run XP...and then get them again when astalaVista shows up?
Trustworthy Computing indeed!
Fsck that.
and in this case, going out with a really hot looking girl that'll cook him dinner, treat him right, and um...runs a heck of a beowulf cluster.
I, too, am quite concerned about the security issues with Firefox. The only real consolation I have is that with open source, the code gets fixed much faster. Sure, that creates the burden of having to patch...on occasion more than once a week, but in the end, I'd rather have a fix to a known bug than no fixes at all.
I guess what I'd like (and from what I've read, it's in the works) is a better way to patch. Instead of having to re-download an entire release, if we could actually just get smaller patches, that'd be great.
Maybe a giant "bug hunt" is in order? You know, send a memo from a higher-up to all the developers about putting security first, gaining users' trust back...we'll call it "trustworthy computing." I bet it would actually work this time.
Yeah, firefox has bugs. I bet it has lots of it. I'm also sure that when they're found, they're fixed a lot faster simply because there's greater access to source code. That's the only rationale I'm hanging on to -- which makes OSS favorable to closed-source when it comes to security.
Now in terms of bug severity, I bet not being tied to the underlying operating system itself would be a distinct advantage.
Today's audience ain't listnin at all
they participatin' an havin a ball (uh huh yeah)
da audience be as old as yo momma's record playa
an as passive as a chronic smokin' Sith Darth Vader (yeah, yeah)
So don't be lookin' at me all clueless and quizzical (what?!?!)
like I am wit yo momma, remixing is all too physical. (yeah!!!)
A record's an anomaly like Neo in the rain.
This post is a hit with props to islandrain! (a wikiwiki wild wild rain)
Though funny, it's also insightful. There are way too many people with insecure wireless routers. They broadcast their SSID, don't use encryption, and don't change the default passwords.
:)
Sadly enough, it's not just home users doing this. You've got businesses ranging from small to large with open AP's.
Oh, and it's not just wireless ones, too, though those aren't as useful. I popped in the IP from a spam e-mail header which landed me to the web interface of a company's router (with the model number and a picture, too!). Default password.
So though I know I'm preaching to the choir here, it really is best to be mindful of your network. Free wifi access may be inversely proportional to your efficiency as a BOFH.
Provided Google can somehow use their branding to reflect reliability, security, and stability -- I'd trust them with money. Feed the fear about paypal's insecurities and you've got yourself a deal.
Perhaps a business link through Froogle could prove beneficial, too. You know, "preferred customer" type scenario.
In the end, though, I really do think we should start worrying about the amount of information Google collects. Searches, identity, e-mails, and with this thing, buying trends and other financial information. Yeah, we love 'em...but their capacity for evil is growing and becoming a bit more scary.
From a different standpoint, what about those companies whose business include caching files? They would technically be in possession of quite a bit of these offending things unless they actually take the time to weed those out individually.
An image cache/repository, some places that cache newsgroups, etc. would be subject to such laws. This would indeed be interesting to see how it's ruled.
Italics, no. Velvet rope, hell yeah! Nobody ever crosses the frickin' velvet rope. MS Firewall? Forget about it, just give each user a standard issue velvet rope to wrap around their computers and NOBODY will dare break in.
Adware and spyware? Who needs to buy GIANT when you can buy a velvet rope factory and rid these Internets of vermin forever?
P2P apps sharing copyrighted material? Velvet rope will keep them from doing that. It's red, it's fuzzy, and it's in their way -- NOBODY crosses the velvet rope.
Those misguided folks in Redmond think italics will stop it all. It won't. Hopefully with this post, though, I can get the attention of OSS coders so they can implement this Velvet Rope thing for Linux before MS "innovates" on it.
Code obfuscation isn't really a "feature" per se. I think the main problem is what you've mentioned -- that a lot of folks don't believe in the "Open Source" philosophy and yet use such scripting languages that by their very nature, are "open source." (PERL rants aside)
It's writing code and hoping nobody else can understand, modify, improve, or possibly circumvent it. To be perfectly honest, I don't think code should be more obfuscated than it already is. The simpler and easier to understand, the better.
I did run into a vbscript worm once that did something like rotX itself when transporting (with a random shift, I believe, to try to avoid AV fingerprinting), then decode and execute upon launch. I must say that was pretty neat in a sick sort of way.
Goorgle -- Dental hygenist search engine.
Smithsoogle -- the library digitization project gone insane.
Google Bitches -- Like friendster but for pimps.
Google Jobs -- nope, not what you think...it's actually Steve Jobs since his soul seems to be up for sale lately.
Google.gov -- DHS meets Patriot Act meets all your data. Pledge your allegiance, boys, and come to grips with the fact that we're all screwed.
...and about as good for you, too.
Seriously, though -- why do people still pirate MS products when you can have the free (better?) alternative operating system, office suite, e-mail client, yadda yadda?
Is this a statement of "joe sixpack" and his relative ignorance of the alternatives or is this more a shot at OSS -- "we'd rather break laws than use your free (no-good) stuff?" The former seems to be a quest for a Linux marketing department. The latter is one for the usability experts to hammer out with the open source coders.
Either way, there's some truth to be revealed in the answer to why people still pirate Microsoft products.
(said in a monotone) Just for the sake of subversion, it may be using bitkeeper to keep the source safe so if cvs isn't working, try rcs, you git!
I've always asserted that how I am with computers is like how some old ladies are with stray cats.
There's room for one more in the house...beside the couch...under the sink...next to the other 486sx boxes. I swear I'll make them all useful. One will be a router, the other for my backups, another for my music, and one where I can learn to setup a LAMP solution...and and...you get the idea.
Of course I've never really gotten around to doing much of anything with them, but it does seem like such a waste to just dispose of them.
Once you get past the "Flash is EVIL" posts out there, and have browsed through the ming stuff for PHP -- are we anywhere near a GPLed Flash content creator?
I understand it'll eventually piss off the original creators and may break any sort of idea that Macrobe or Adobedia had about porting their stuff to Linux. Talk about vendor lock-in though.
Whether you like it or not, Flash has its uses. Would be nice to have an easy way to create the content without having to fork up that much cash to Adobe/Macromedia. Oh yeah...and all that stuff about software freedom and open formats, too.
Let's get this straight -- writing down passwords is a bad thing. Remembering passwords isn't that difficult in the end if you use a proper scheme. A securityfocus article suggests creating an acronym from the first line of a song. Makes enough sense. Add a bit of 1337 to it by changing some letters to numbers and you can be a bit safer.
Now on the other hand, if you wrote down some sort of hash to a password that you mentally decode to create the REAL password, then it may not be so bad. Still gives someone a place to start, thoguh. In most cases, though, having a physical record of a password just screams "BAD IDEA!"
A government entity sends out an all-staff e-mail saying that in order to conserve space, we are to clean out our e-mail. Trash bin should be cleared out, important documents are to be printed out, filed, and then deleted off the system.
:)
I've always thought that storage was cheap nowadays and that clearing out e-mail boxes was moot. I suppose there's some merit to it as there's definitely space to be reclaimed from the activity...but is it really worth that much considering a couple of hundred bucks would get you another 200GB or so?
Conspiracy theory, anyone?
Here's the general idea: first be adamantly pissed off when people release bug information publicly (not telling the story that the same folks notified MS about it eons ago only to find Microsoft ignoring them)
Then once enough people catch on to this, create a press-release saying "we're on the ball, we're looking into this, and we're doing all of this because that's what customers want and we do what our customers ask for."
Sounds like standard "Trustworthy Computing" practice to me.
My Story:
:)
I get hired into a computer lab funded by a grant from Da Foundation. Lovely, really, as I'm not really sure how else the place could have afforded the number of machines we have. We offer MS Office, Internet access, and a bunch of "edutainment" titles. We even have headphones to check out if you wish to hear Arthur or Cat In The Hat...or stream audio from Launch.
We also offer computer classes with Gates-provided propag...er, teaching material.
Fast forward a few years and NT isn't quite as fun anymore. The machines won't be able to take XP, should the place even decide to go that route. Even the newer machines acquired that are running XP have been so bogged down with malware that they perform about as well as the older ones.
So there's your local lab staff, one way or another heralding Microsoft, thanking Lord Bill for his kindness...mentioned at just about every Introduction to the PC class. We teach MS Word and call it "Word Processing" -- then the students ask how they can get such programs on their home computer. That's when philanthropy turns into advertising.
In the end, we've got NT, Office 2000, more adware and spyware than we care to have, a bunch of irate people whose Internet experience crawls, and management that has to go through bureaucracy to get anything done.
Me? I wish the place ran on Linux. That would at least get USB support. Malware wouldn't be a problem. We'd at least get software patches somehow. Unfortunately, I have very little authority. Could't even install anti-spyware onto the machines due to permissions. The best I could do was write an e-mail to my supervisor reminding them that NT support had gone bye-bye, and that they consider installing spybot s&d (possible licensing issues with the others).
So far, that has resulted in nothing. Don't get me wrong -- I'm glad for the funding and the computers. It's just that the place isn't too forward-looking. It looks like the first hit is gone and this druggie needs another fix soon.
I can only wish the place considers rolling their own.
They only included anything remotely close to offending code, duh! :) That means initializations for variables i, j, foo, along with // and all /* and */ tags.
And I bet one of the scanning scripts contains a grep of "fuck off" somewhere.