Whilst section 2 "protocol description" is fairly good at the logical description of the process - after that they get it wrong; especially the section around the "bit filter" and the way the various card schemes make use of this feature. e.g. they pick up that bank CAP cards have a different bit filter but not "why" and why that makes a card scheme implementation better or worse. Obviously I can't quite remember the exact maths behind the bit masking. it's been a few years.
even after all the work we did, we didn't predict section 4.1, that's something I personally regret that I hadn't designed in better safeguards for the cardholder in a theft situation. I could have used different PINs (it supports multiple PIN) but that might have caused more problems than its worth.
Some parts of the protocol weakness section was off the mark and I think they were using a new CAP card during the tests because it is just wrong.
Now, none of this is their fault because, as far as I know, CAP (Chip Authentication programme) was never publicly released. I have a great deal of respect for LightBlueTouchpaper.
it's no wonder that your report was mis-interpreted; there are so many companies involved from the acquirers, merchant tech firms, reader firms, APACS, the banks, scheme networks, the merchants themselves.
the banking system has more than it's fair share of black magic fairy dust holding it together.
he does great work in this area but often gets quite a bit of it wrong. I used to work on the other side (i.e. for the banks) and have designed one of the largest CAP 2FA systems in the UK. (which hasn't been broken (yet)). I was never a fan of the retail "chip and PIN" (not the same as CAP, which is Chip Authentication programme) because it trained our customers to type their PIN into any old device which could quite easily be skimming details. (there are lots of cases of this from fake chip and PIN readers to hacked petrol pumps)
The piggy back method is quite clever - but also well known and has been done before with other ship technologies and the video on TFA was the first time I'd actually seen it working with EMV. It plays on some social hacking because UK customers are being trained to keep hold of their card and not hand over to the checkout person (although, some supermarkets do breach the merchant acquirer principles by "taking a swipe" -- which I personally hate)
the problem as I see it is that the card should have been sending back a message containing an encoded card counter and other information instead of a binary YES/NO "PIN OK" but the problem has always been that a large proportion of the transactions are under the floor limit or large shops batch up transactions to save on processing fees to the merchant acquirer.
I designed the CAP/EMV check system employed by one of the UK banks eBanking system. These are the little battery operated units that offer 3 types of 'authentication' that can be typed into an ebanking website after inserting a debit card and performing a PIN entry etc. Some debit cards simply have another couple of programs on the chip on the card that can do simple challenge/response type algorithms to encode input data along with the cards cert to produce a 6 to 8 digit number that the user then types into an ebanking website etc.
I was wondering how long it would take for the retail chip and pin system to be broken. the core difference between retail units and the ebanking system is that the user returns an encrypted block (inside 6 to 8 digits) containing the card counter (which you can determine by pressing the menu button on any hand held CAP disconnected 2FA reader). If the card counter is out by a **censored** number then the transaction is stopped and a fraud warning is placed on the card.
Clearly, people can increase their card counter by buggering around putting the card in an out of card readers without doing a transaction and so the odd person gets their card locked down and they just have to ring in for a new one. n (I actually did this by mistake with my own debit card).
the disconnected CAP 2FA systems were a good few years later than "Chip and PIN" and so had the benefit of a bit better understanding. It should be noted that a large UK bank does not do this with their eBanking system and was nearly picked up on an earlier light-blue touchpaper paper but they didn't quite get that far so i think there are some problems looming for some of the handheld 2 factor authentication units as well. we'll wait and see.
Oil deposits in the North sea have been propping up the British economy for decades now.
which has rather annoyed the Scots themselves who have the odd situation where the Scots have elected a nationalist government (who support an independent-from-the-uk scotland) but cannot get independence itself because the English vote is 9 times the size of the Scottish vote. The UK won't let Scotland go because of the oil revenue but since the 1980's Thatcher government has moved as many national assets as it can out of Scotland, e.g. in the last 20 years (coinciding with the rise in strength in independence movement) military assets have been moved from Scotland to England losing over 200,000 jobs (out of a 4.9m pop'n).
There is huge mistrust over the figures for oil tax receipts that the UK exchequer cashes in; and each year the UK run Scotland Office (which is based in England!) tries to make a case that the oil isn't worth that much and Scotland could never survive on its own.
I spoke to a drilling engineer in the pub a few months ago and he was telling me that there are huge numbers of corked deep water wells in the north west coast of Scotland that they have found, assessed and are waiting for the right time to exploit.
one amusing story was one place I worked thought it would be a good idea to distribute soft lined metal boxes to each office so that staff could deposit phones into the box (instead of leaving with security who were inundated with phones every morning). This was because there was a suspicion that staff's phones could be intercepted by evil-doers and install bugging software on them; if they were in the box, it would dampen the sound. Except, one small problem was that people who left the phones switched on and put them in the box where causing the boxes to heat up massively in it's own little faraday cage - especially as the phones upped their power to get a signal and where insulated inside the box!!
one of my clients is a life assurance company - the actuaries are saying that the first British woman who will live to 120 years old has just retired this year. i.e. for her 40 years of work she'll have to fund 60 years of retirement. that's news that will be enough to kill anyone off.
it was definitely a turning point - if you scratch the surface of the austerity measures, in particular the defence cuts - (Nimrod, Aircraft carriers, JSF, the dead-duck Chinooks, the stalling of Trident replacement) a lot of the sub-contractors are from the US defence industry. This is probably why Hilary Clinton had a major strop with the UK Government the day after the measures were announced and then tried to drum up support in the UK press.
Instead, the UK government has signed a major allegiance with France (now that's a stick in the eye for the US) and so our new aircraft carriers will be configured for French jets and also the UK will have brigade level integration with France.
Charles Joseph Minard, a french civil servant drew a fantastic line/statistical diagram showing data from Napoleon's March to Russia on the 20th November 1869. This combines many data points and also shows the horrific losses sustained by Napoleon during the winter (and river crossings) and is actually far more complex than examples in TFA.
1. invent new idea 2. write about it on interwebs 3.... 4.... (think about profit and all round cleverness) 5..... 6. errr? 7...... 8. !profit 8a. because lots of slightly older nerds have seen it all before. 8b. and see you for the young whipper-snapper that you are, wee laddie.
one of my family members went out 2 weeks ahead to view the accommodation and it was totally awful. Builders had been living there for months with no furniture and no sanitation and so had been toileting on the floor etc, In the end, my country's, management team went out ahead of the athletes and bought loads of cleaning fluid and protective gear and cleaned it up themselves (with no help from the games organisers).
The reports I'm getting is that so many things have gone terribly wrong and aren't being fully reported by the press. The training pool is full of raw sewage, massive inconsistency with how things are finished and travel chaos -- and that's after a budget over run of many many times the projected costs.
It's just as well that we don't allow a culture like this to build complex computer systems...
you'd love the UK then, personal tax on income is 40% of income over GBP 40k (US equiv $62k) and value-added-tax (a tax on the majority of goods and services that an individual buys) is 17.5% rising to 20% on 01-01-2011 and the average USgallon of petrol (gas) costs the equivalent of $6.87...
I used to work at Glenturret Distillery and pretty much all of the by products were recycled or used in some way. Even the casks were ex-bourbon or ex-Sherry casks. The draff (remainder of the 'mash' process) was picked up by a local farmer twice a day and fed to his cattle (cue corny joke for the tourists about pissed cattle). Very rich in energy apparently.
Distilleries in the past had had explosions from the from the spirit dense air in the still rooms - I can see why the pot ale (which is actually quite a lot of liquid that is left in the still) is useful for butanol. The spirit safe - a locked glass cupboard in the still room had a mechanical chute to "cut" the spirit run - from a wash still (the first distillation) only about 40% of the total volume was taken for the 2nd spirit still. The article didn't say whether the butanol was made from the wash still pot ale or the spirit still. This has quite significant volume ramifications. A wash still based product would have much larger potential volumes than a spirit still product. Often, a wash still is twice the size of a spirit still. On a slow day we used to make molotov cocktails from spirit and got up to all sorts of high jinks.
Hopefully this will provide much needed jobs in rural Scotland.
I am a community councillor in my town in Scotland (an unpaid elected voluntary position). I basically listen to the public of my town and then talk directly to the politicians. It works well; myself and my community councillor colleagues have a good working relationship with individuals in local government and the scottish government and we have solved a lot of issues.
I'd amend the GPP's post to say: 1. personal, cordial contact works best - usually through an elected rep, e.g. community councillor 2. a handwritten letter - (with evidence or citations attached) 3. newspaper story 4. through a "recognised" pressure group, e.g. Citizens Advice, RSPCA etc ...
Do any of the museums let you play with the enigma?
I was lucky enough to play with a Kommando 3+reverser dial enigma. The first thing I did was press L L L L L L L L L L L... L which mightly impressed the librarian who looks after the collection of old crypto gear. An enigma will never lightup the same character as the key pressed. This enigma was owned by some organisation that I forget and rarely had a drooling nerd giving it the once over.
The point is that there are lots of hidden away secret caches of old crypto equipment that are kept as momentos from successful operations and never see the light of day. Of course, like the enigma itself, there are crypto units that are not disclosed because they have been cracked and are still in use by the public. The banking system used enigma until the 1950's even though the UK could decrypt messages effectively a decade before. (do you believe that collossus was really shut down?)
Typical german quality though, the woodwork on the case was fabulous and even 70 years later the lid shuts perfectly. The woodwork had inlaid coloured wood in it not unlike an ornate coffee table; I can only suppose that later enigma were a bit more rushed into production. The wee light bulbs had frosted ends so that cold russian front fingers can unscrew and change the bulbs. Although, if a bulb did go then some poor operator would have to carefully unscrew each bulb and test it in a little tester bulb slot. The operator would then have to do the crypto exercise again because the dials would have to be reset. Every key on the keyboard worked with a smooth action, not unlike a well oiled 1970's typewriter but they had quite a large depression so you could never have touch typed on this. I imagine soldiers on the front lines would have been trained for accuracy rather than efficiency so they probably typed with 1 finger and recorded each lit up character with a pencil and pad one at a time.
It was really heavy. Given that this was a Kommando unit then it probably was lugged about in comms vehicle (I wasn't told the back story) but I doubt that these were used in a ditch on a battlefield.
In my excitement, I can't remember of each dial rotated, or parts of the dial rotated on each keypress - there was a solid clunk and the sound of mechanical movement on each keypress; I would imagine that this would rotate the cipher on each keypress to make it harder to crack. The box had different dials in it - presumably from other machines or replacement units. Each had gears on it and neat wiring - and weighed about 2 lbs.
interestingly, I never was able to use it at work - but our local mountain bike group use it all the time and it is popular. The core benefit was that the real time chat-like interface made it easier to setup rides at very short notice, sharing media and googlemaps integration made it pretty useful as well. Although the majority of the waves included "everyone" it is really useful for niche groups to plan trailbuilding activity etc that the rest aren't interested in.
However, as other posters have mentioned - the slowdowns and javascript errors meant that it can be quite painful when a wave has too many replies on it.
sure, the mid and high end markets are different. It's difficult to say which is larger overall.
All I know is that if I went into a big investment bank player to quote for a FIX spec trading system or a life assurance actuarial calc engine with a.NET backbone - I'd be quietly shown the exit and told not to darken their doors again. I might use.NET or LAMP for the presentation tier - but not for the expensive bits.
What planet are you on?.Net is big and getting bigger every year
in terms of 000,000's spent - J2EE massively outweighs.NET. I work in large enterprise systems delivery and the few financial orgs that went for.NET for truly resilient financial systems have moved away..NET is used in places for presentation tier front end for web services but not a lot else.
The london stock exchange problems with tradelect (see article here) demonstrated that even a well funded and supported closely by top MS engineers and consultants - the system could not scale or perform to enterprise standards. This sent a real message across the financial industry (here in the UK) with many architects shunning MS. I also had to do the same when my client, a large life assurer, is having to spend over £10m to replace a perfectly functioning MS VB6/ASP sales platform because there is no upgrade path to.NET and the windows 2003 systems that it uses will go out of support soon. The last thing we're going to do is give more business to MS - so it is currently being replaced with services on an open source ESB platform (with paid support of course). The IT people here have a hard time explaining to the business why we need to spend so much money to get no new business functionality.
most of the large ukgov departments have outsourced their IT support to companies like HP, Fujitsu, Logica, Capita and so on. Due to the ukgov ineptitude of writing good outsource contracts - an IE upgrade is off plan and so the outsourcer (in a monopoly position at that department) simply charge the earth - even if it is just to roll out an update automatically. Excuses such as testing, and verification of intranet applications simply make the cost even higher
The tragedy is that if you try to "Shop for Ubuntu laptops" from the Dell Ubuntu page that the example from the TFA is linked to - every single option is Microsoft Windows!!! There are NO Ubuntu products for sale! You can't even deselect the operating system.
I bought Dell Nseries laptops for my business in the UK 2 years ago when they were on sale at Dell, mostly XPS M1330N and 1525N - we have no upgrade option at all and cannot replace with Dell. Everytime I ring a Dell account manager, they just say "Windows 7" like some sort of demented zombie and they cannot make any guarantees about whether the chipset will work with Linux. They also send us all the "Dell recommends Windows 7" business marketing - we have never bought a Microsoft product from Dell.
Despite that, we have been very happy with the N-series, especially the XPS M1330N laptops. They are still current and really the only replacements are for those dunked in coffee or left on trains etc.
HitWise have graphs that show the decline in market share following the paywall implementation. It shows that The Telegraph (also a slightly right of centre broadsheet) picked up traffic as the Times declined.
What is interesting is that a week after the paywall, there were still users navigating to the website to be confronted with the paywall page - probably because they were being linked to the site from other sites or were using book marks. As they realise that The Times is paywalled, they are not going back.
Slashdot Mirror
but they don't. here in the UK, they feature people singing in airports or dancing in train stations
sure, this paper "Optimised to Fail: Card Readers for Online Banking"
Whilst section 2 "protocol description" is fairly good at the logical description of the process - after that they get it wrong; especially the section around the "bit filter" and the way the various card schemes make use of this feature. e.g. they pick up that bank CAP cards have a different bit filter but not "why" and why that makes a card scheme implementation better or worse. Obviously I can't quite remember the exact maths behind the bit masking. it's been a few years.
even after all the work we did, we didn't predict section 4.1, that's something I personally regret that I hadn't designed in better safeguards for the cardholder in a theft situation. I could have used different PINs (it supports multiple PIN) but that might have caused more problems than its worth.
Some parts of the protocol weakness section was off the mark and I think they were using a new CAP card during the tests because it is just wrong.
Now, none of this is their fault because, as far as I know, CAP (Chip Authentication programme) was never publicly released. I have a great deal of respect for LightBlueTouchpaper.
it's no wonder that your report was mis-interpreted; there are so many companies involved from the acquirers, merchant tech firms, reader firms, APACS, the banks, scheme networks, the merchants themselves.
the banking system has more than it's fair share of black magic fairy dust holding it together.
he does great work in this area but often gets quite a bit of it wrong. I used to work on the other side (i.e. for the banks) and have designed one of the largest CAP 2FA systems in the UK. (which hasn't been broken (yet)). I was never a fan of the retail "chip and PIN" (not the same as CAP, which is Chip Authentication programme) because it trained our customers to type their PIN into any old device which could quite easily be skimming details. (there are lots of cases of this from fake chip and PIN readers to hacked petrol pumps)
The piggy back method is quite clever - but also well known and has been done before with other ship technologies and the video on TFA was the first time I'd actually seen it working with EMV. It plays on some social hacking because UK customers are being trained to keep hold of their card and not hand over to the checkout person (although, some supermarkets do breach the merchant acquirer principles by "taking a swipe" -- which I personally hate)
the problem as I see it is that the card should have been sending back a message containing an encoded card counter and other information instead of a binary YES/NO "PIN OK" but the problem has always been that a large proportion of the transactions are under the floor limit or large shops batch up transactions to save on processing fees to the merchant acquirer.
I designed the CAP/EMV check system employed by one of the UK banks eBanking system. These are the little battery operated units that offer 3 types of 'authentication' that can be typed into an ebanking website after inserting a debit card and performing a PIN entry etc. Some debit cards simply have another couple of programs on the chip on the card that can do simple challenge/response type algorithms to encode input data along with the cards cert to produce a 6 to 8 digit number that the user then types into an ebanking website etc.
I was wondering how long it would take for the retail chip and pin system to be broken. the core difference between retail units and the ebanking system is that the user returns an encrypted block (inside 6 to 8 digits) containing the card counter (which you can determine by pressing the menu button on any hand held CAP disconnected 2FA reader). If the card counter is out by a **censored** number then the transaction is stopped and a fraud warning is placed on the card.
Clearly, people can increase their card counter by buggering around putting the card in an out of card readers without doing a transaction and so the odd person gets their card locked down and they just have to ring in for a new one. n (I actually did this by mistake with my own debit card).
the disconnected CAP 2FA systems were a good few years later than "Chip and PIN" and so had the benefit of a bit better understanding. It should be noted that a large UK bank does not do this with their eBanking system and was nearly picked up on an earlier light-blue touchpaper paper but they didn't quite get that far so i think there are some problems looming for some of the handheld 2 factor authentication units as well. we'll wait and see.
Oil deposits in the North sea have been propping up the British economy for decades now.
which has rather annoyed the Scots themselves who have the odd situation where the Scots have elected a nationalist government (who support an independent-from-the-uk scotland) but cannot get independence itself because the English vote is 9 times the size of the Scottish vote. The UK won't let Scotland go because of the oil revenue but since the 1980's Thatcher government has moved as many national assets as it can out of Scotland, e.g. in the last 20 years (coinciding with the rise in strength in independence movement) military assets have been moved from Scotland to England losing over 200,000 jobs (out of a 4.9m pop'n).
There is huge mistrust over the figures for oil tax receipts that the UK exchequer cashes in; and each year the UK run Scotland Office (which is based in England!) tries to make a case that the oil isn't worth that much and Scotland could never survive on its own.
I spoke to a drilling engineer in the pub a few months ago and he was telling me that there are huge numbers of corked deep water wells in the north west coast of Scotland that they have found, assessed and are waiting for the right time to exploit.
one amusing story was one place I worked thought it would be a good idea to distribute soft lined metal boxes to each office so that staff could deposit phones into the box (instead of leaving with security who were inundated with phones every morning). This was because there was a suspicion that staff's phones could be intercepted by evil-doers and install bugging software on them; if they were in the box, it would dampen the sound. Except, one small problem was that people who left the phones switched on and put them in the box where causing the boxes to heat up massively in it's own little faraday cage - especially as the phones upped their power to get a signal and where insulated inside the box!!
one of my clients is a life assurance company - the actuaries are saying that the first British woman who will live to 120 years old has just retired this year. i.e. for her 40 years of work she'll have to fund 60 years of retirement. that's news that will be enough to kill anyone off.
it was definitely a turning point - if you scratch the surface of the austerity measures, in particular the defence cuts - (Nimrod, Aircraft carriers, JSF, the dead-duck Chinooks, the stalling of Trident replacement) a lot of the sub-contractors are from the US defence industry. This is probably why Hilary Clinton had a major strop with the UK Government the day after the measures were announced and then tried to drum up support in the UK press.
Instead, the UK government has signed a major allegiance with France (now that's a stick in the eye for the US) and so our new aircraft carriers will be configured for French jets and also the UK will have brigade level integration with France.
prior art:
Charles Joseph Minard, a french civil servant drew a fantastic line/statistical diagram showing data from Napoleon's March to Russia on the 20th November 1869. This combines many data points and also shows the horrific losses sustained by Napoleon during the winter (and river crossings) and is actually far more complex than examples in TFA.
1. invent new idea ... ... (think about profit and all round cleverness) .... .....
2. write about it on interwebs
3.
4.
5.
6. errr?
7.
8. !profit
8a. because lots of slightly older nerds have seen it all before.
8b. and see you for the young whipper-snapper that you are, wee laddie.
one of my family members went out 2 weeks ahead to view the accommodation and it was totally awful. Builders had been living there for months with no furniture and no sanitation and so had been toileting on the floor etc, In the end, my country's, management team went out ahead of the athletes and bought loads of cleaning fluid and protective gear and cleaned it up themselves (with no help from the games organisers).
The reports I'm getting is that so many things have gone terribly wrong and aren't being fully reported by the press. The training pool is full of raw sewage, massive inconsistency with how things are finished and travel chaos -- and that's after a budget over run of many many times the projected costs.
It's just as well that we don't allow a culture like this to build complex computer systems...
you'd love the UK then, personal tax on income is 40% of income over GBP 40k (US equiv $62k) and value-added-tax (a tax on the majority of goods and services that an individual buys) is 17.5% rising to 20% on 01-01-2011 and the average USgallon of petrol (gas) costs the equivalent of $6.87...
and Scotland
I used to work at Glenturret Distillery and pretty much all of the by products were recycled or used in some way. Even the casks were ex-bourbon or ex-Sherry casks. The draff (remainder of the 'mash' process) was picked up by a local farmer twice a day and fed to his cattle (cue corny joke for the tourists about pissed cattle). Very rich in energy apparently.
Distilleries in the past had had explosions from the from the spirit dense air in the still rooms - I can see why the pot ale (which is actually quite a lot of liquid that is left in the still) is useful for butanol. The spirit safe - a locked glass cupboard in the still room had a mechanical chute to "cut" the spirit run - from a wash still (the first distillation) only about 40% of the total volume was taken for the 2nd spirit still. The article didn't say whether the butanol was made from the wash still pot ale or the spirit still. This has quite significant volume ramifications. A wash still based product would have much larger potential volumes than a spirit still product. Often, a wash still is twice the size of a spirit still. On a slow day we used to make molotov cocktails from spirit and got up to all sorts of high jinks.
Hopefully this will provide much needed jobs in rural Scotland.
I am a community councillor in my town in Scotland (an unpaid elected voluntary position). I basically listen to the public of my town and then talk directly to the politicians. It works well; myself and my community councillor colleagues have a good working relationship with individuals in local government and the scottish government and we have solved a lot of issues.
I'd amend the GPP's post to say:
...
1. personal, cordial contact works best - usually through an elected rep, e.g. community councillor
2. a handwritten letter - (with evidence or citations attached)
3. newspaper story
4. through a "recognised" pressure group, e.g. Citizens Advice, RSPCA etc
34 written on the side of a cow
...
568. email campaign
I keep my pencils in one of those - but then, I'm actually Scottish.
Do any of the museums let you play with the enigma?
I was lucky enough to play with a Kommando 3+reverser dial enigma. The first thing I did was press L L L L L L L L L L L ... L which mightly impressed the librarian who looks after the collection of old crypto gear. An enigma will never lightup the same character as the key pressed. This enigma was owned by some organisation that I forget and rarely had a drooling nerd giving it the once over.
The point is that there are lots of hidden away secret caches of old crypto equipment that are kept as momentos from successful operations and never see the light of day. Of course, like the enigma itself, there are crypto units that are not disclosed because they have been cracked and are still in use by the public. The banking system used enigma until the 1950's even though the UK could decrypt messages effectively a decade before. (do you believe that collossus was really shut down?)
Typical german quality though, the woodwork on the case was fabulous and even 70 years later the lid shuts perfectly. The woodwork had inlaid coloured wood in it not unlike an ornate coffee table; I can only suppose that later enigma were a bit more rushed into production. The wee light bulbs had frosted ends so that cold russian front fingers can unscrew and change the bulbs. Although, if a bulb did go then some poor operator would have to carefully unscrew each bulb and test it in a little tester bulb slot. The operator would then have to do the crypto exercise again because the dials would have to be reset. Every key on the keyboard worked with a smooth action, not unlike a well oiled 1970's typewriter but they had quite a large depression so you could never have touch typed on this. I imagine soldiers on the front lines would have been trained for accuracy rather than efficiency so they probably typed with 1 finger and recorded each lit up character with a pencil and pad one at a time.
It was really heavy. Given that this was a Kommando unit then it probably was lugged about in comms vehicle (I wasn't told the back story) but I doubt that these were used in a ditch on a battlefield.
In my excitement, I can't remember of each dial rotated, or parts of the dial rotated on each keypress - there was a solid clunk and the sound of mechanical movement on each keypress; I would imagine that this would rotate the cipher on each keypress to make it harder to crack. The box had different dials in it - presumably from other machines or replacement units. Each had gears on it and neat wiring - and weighed about 2 lbs.
interestingly, I never was able to use it at work - but our local mountain bike group use it all the time and it is popular. The core benefit was that the real time chat-like interface made it easier to setup rides at very short notice, sharing media and googlemaps integration made it pretty useful as well. Although the majority of the waves included "everyone" it is really useful for niche groups to plan trailbuilding activity etc that the rest aren't interested in.
However, as other posters have mentioned - the slowdowns and javascript errors meant that it can be quite painful when a wave has too many replies on it.
sure, the mid and high end markets are different. It's difficult to say which is larger overall.
All I know is that if I went into a big investment bank player to quote for a FIX spec trading system or a life assurance actuarial calc engine with a .NET backbone - I'd be quietly shown the exit and told not to darken their doors again. I might use .NET or LAMP for the presentation tier - but not for the expensive bits.
What planet are you on? .Net is big and getting bigger every year
in terms of 000,000's spent - J2EE massively outweighs .NET. I work in large enterprise systems delivery and the few financial orgs that went for .NET for truly resilient financial systems have moved away. .NET is used in places for presentation tier front end for web services but not a lot else.
The london stock exchange problems with tradelect (see article here) demonstrated that even a well funded and supported closely by top MS engineers and consultants - the system could not scale or perform to enterprise standards. This sent a real message across the financial industry (here in the UK) with many architects shunning MS. I also had to do the same when my client, a large life assurer, is having to spend over £10m to replace a perfectly functioning MS VB6/ASP sales platform because there is no upgrade path to .NET and the windows 2003 systems that it uses will go out of support soon. The last thing we're going to do is give more business to MS - so it is currently being replaced with services on an open source ESB platform (with paid support of course). The IT people here have a hard time explaining to the business why we need to spend so much money to get no new business functionality.
most of the large ukgov departments have outsourced their IT support to companies like HP, Fujitsu, Logica, Capita and so on. Due to the ukgov ineptitude of writing good outsource contracts - an IE upgrade is off plan and so the outsourcer (in a monopoly position at that department) simply charge the earth - even if it is just to roll out an update automatically. Excuses such as testing, and verification of intranet applications simply make the cost even higher
- The official languages of Belgium are Dutch and French (and German...), not Flemish and Walloon
french - but with differences, well 17 for one.
The tragedy is that if you try to "Shop for Ubuntu laptops" from the Dell Ubuntu page that the example from the TFA is linked to - every single option is Microsoft Windows!!! There are NO Ubuntu products for sale! You can't even deselect the operating system.
I bought Dell Nseries laptops for my business in the UK 2 years ago when they were on sale at Dell, mostly XPS M1330N and 1525N - we have no upgrade option at all and cannot replace with Dell. Everytime I ring a Dell account manager, they just say "Windows 7" like some sort of demented zombie and they cannot make any guarantees about whether the chipset will work with Linux. They also send us all the "Dell recommends Windows 7" business marketing - we have never bought a Microsoft product from Dell.
Despite that, we have been very happy with the N-series, especially the XPS M1330N laptops. They are still current and really the only replacements are for those dunked in coffee or left on trains etc.
DELL - ARE YOU LISTENING? THIS IS A PISSTAKE.
HitWise have graphs that show the decline in market share following the paywall implementation. It shows that The Telegraph (also a slightly right of centre broadsheet) picked up traffic as the Times declined.
What is interesting is that a week after the paywall, there were still users navigating to the website to be confronted with the paywall page - probably because they were being linked to the site from other sites or were using book marks. As they realise that The Times is paywalled, they are not going back.
on slashdot, in 2007 I posted this about Shell Chip & PIN garages skimming cards. It's not really new.