We payed millions and didn't get a set of mature tools from the major EDA vendors. How are they expecting to develop the same with no budget?
Sounds as if the bar has been set pretty low. If the major vendors are giving you immature crap, these guys might be able to do better, even with zero budget.
It's sort of like the story of the software monopolist with the multi-billion dollar budget and the zero-budget, GPL operating system which might yet out-compete the monopolist's amazingly expensive OS.
Linus patents the foo_open() method, Linus releases Linux under GPL3, anyone wanting to use a technology that uses the foo_open() method when has to release source and ensure any other patents applying to the derived product are similarly licensed under GPL3.
You're right, I didn't understand that Linus was going to have to patent things. So, the hypothetical patent is going to be the stick? Sorry, don't think that's going to work. A patent is merely a license to sue. Linus (with or without the FSF) isn't going to get far in threatening a corporation with tens of billions of dollars in cash. Especially since that hypothetical corporation with tens of billions of dollars in cash has a far larger patent portfolio than Linus and the FSF put together. I can hear it now:
Linus: Anyone wanting to use a technology that uses my patented foo_open() method has to release source and ensure any other patents applying to the derived product are similarly licensed under GPL3. Hypothetical big corp, giggling : Your patented method is useless without our patented foo-close(), and our many patents on the bar_something() methods. If you pay all our legal expenses and agree to indemnify us, we'll cross-license the two foo methods. You can't have the bar methods. Linus and FSF, in chorus: Ooooooo! You meanie, you! Linus and FSF, walk away, muttering.:
This is all a tempest in a teapot, anyway, since the suit will be laughed out of court with predjudice.
Motion Picture Association of America is planning to begin a legal assault on websites that host BitTorrent trackers for copyrighted movie files.
What do you want to bet that the MPAA is going to put the emphasis on ``begin a legal assault on websites that host BitTorrent trackers'' rather than on ``BitTorrent trackers for copyrighted movie files''?
The shotgun approach would be easier, and have about the same chilling effect, so it would be win-win for the MPAA.
This whole fiasco is a demonstration of why Wikipedia is NOT reliable.
Well, you never know whether you're reading defacement by a troll or a well-reasoned, insightful article. Sort of like Slashdot.
The purpose of an encyclopedia is to give you a brief overview of many subjects, and enough information to dig deeper. I think that Wikipedia is about there, for most things, most of the time. It's not Britannica yet, but it's about 150 years younger, so we should give it another few decades to catch up.
A new article would be like wet cement. You can change it any way that you want. But, as it ages, it becomes harder and harder to change.
That's a sensible idea. Giving ownership of established pages to somebody (anybody!) would do the same thing. The quality of the articles might or might not go up, but the number of troll articles should fall way off.
Here's another idea: why not take a snapshot of the contents, perhaps yearly, and do some proofreading for the troll stuff, then put it up (with no way to change it) as ``Best of Wikipedia 20XX'' or so? That would be plenty current, and would keep little Johnny from looking up ``Nazi'' and getting an article denying the Holocaust. Meanwhile, back at the ranch, the trolls and the scholars and the flamers could keep on doing their respective things to the mutable Wikipedia, in preparation for next year's snapshot.
The suggestion, incidentally, that this has to do with defeating the GPL, is patently absurd...
Whatever the motivation (it may well be exactly what the article claims), this suit, if successful, will defeat the GPL. The GPL gives you back the right to copy and distribute which copyright law has taken away. That's the carrot which the GPL offers you to comply with their conditions. The stick is copyright law, which provides severe penalties for unauthorised copying. If this suit succeeds, the carrot and stick are both gone.
The GPL can be rewritten within this regime to force all use of patented technologies to be released with source and with all other patented technologies in the same product open too.
How? No carrot, no stick, so how are you going to make the GPL anything but a meaningless admonition?
Additionally, with patents requiring details of implementation, we'll see a lot more source code, documentation on proprietary formats, etc.
There's some truth in that, but it may not be as good as you think. Companies will patent ``A method to place a button on a screen.'', they will trademark the look and feel of their button, and they will keep the essential details of their particular implementation of that method a trade secret.
As for:
Somehow, I doubt Microsoft wants:
Unix to enter the public domain
Everything Microsoft did 20 years ago to
enter the public domain
They do want the first, they don't want the second. Unix is already good, and well known, and MS would like nothing better than to use some big chunks of it. The real question is: ``Does MS think that they can keep their code secret enough to make the new system work better than the old for them?'' MS may just decide that the answer is ``Yes.''
I cant see MS not spending a grip to make this go their way either.
Agreed, but which way is MS's way?
On the one hand, MS wants copyright protection for their code. On the other hand, MS doesn't want copyright protection for your code.
If code weren't protected by copyright, the GPL would be meaningless. MS could simply copy the Linux kernel and have their NT6. They might not go quite that far, but they'd certainly be cutting and pasting a whole lot more. We could copy any portions of the MS source code that had value to us, too, but where are we going to find it?
Also, MS would fair reasonably well in the patent arena. They have a fairly large stable of patents (nothing compared to IBM, a lot compared to you or the FSF). I could imagine that MS might figure that their stable of bogus patents, combined with the end of the GPL, would outweigh the disadvantage of having to rely on their ``security'' and trade-secrets laws to keep their code safe.
The article implies that the consultant, Aharonian, is doing this on his own initiative, with his own funds. I'm sure that's true, but I wonder where he got that initiative and those funds? Maybe from one of the big software houses? Break out the tinfoil hats!
I have played with Maxima a little bit. I think it is a decent peice of software. It started out as a government research app that was later open sourced. Unfortunately development is slow (if even existent)...
It is being actively developed. While William Schelter was maintaining it (for 19 lonely years), development was very slow indeed. I gather that most of the work was done by him, and some of his graduate students. Since his death in 2001, a number of other people have come on board, and there is a lot of catching up to do.
Some documentation has been rewritten, a great many bugs have been squashed, the package has been ported to several Lisps (yes, it does matter to users), there has been at least one new Emacs mode written for it, it can be used with Texmacs, and so on. Some of the people who are working on it are big names in their spheres, like Richard Fateman, who worked on the original Macsyma.
Version 5.9.1 was released in September '04, and the next big step will be the GREAT SOURCE DOWNCASING. Maxima is so old that most of it is written in all caps. There is a lot to do to bring it into the 21st century, and most of what's being done right now is behind-the-scenes stuff.
As you say, it's decent software now. It's fully usable, with a useful GUI for Windows (developed on Schelter's watch, as I recall). It is probably better for memory intensive work than Maple or Mathematica; that's what initially got me started using it.
Yes, when learning to visualize graphs of complex functions in 3 or more dimensions, let me tell you, there is no substitute for starting your path to learning with pencil and paper.
Amen!
Can't tell if you were serious or sarcastic, but if you were serious, you were right.
The Maxima project isn't Mathematica, but it's not bad, and it's GPL. For general purpose computer algebra packages your choices are Maple, Mathematica, and Maxima, and only Maxima is free or Free.
Having said that, if the kid wants to do math, don't let him near a computer. If he needs a computer or a calculator or anything but some paper and a pencil, it's not math.
The problem is that the spam email usually isn't sent from China. It originates from Brazil, or Argentina, or one of the many, many zombie PCs out there.
Well, an ISP which allowed you to choose to ban email from China, Brazil, Argentina and anyplace else you don't have friends or family, would probably find that it could make a few extra bucks from the service. Or, it could be a setting in the extra-cost spam filter that most ISPs already seem to offer.
... find any fiber optic line that connects China to the rest of the world and go at it with an axe.
My way is more likely to be implemented, because the ISP can charge for it.
Actually, I was thinking that for most of us, blocking all email from Korea and China would be a feature, that we might even pay extra for. I probably wouldn't, because I know people in both places. Of course, I could send them a Gmail invite, and they already use hotmail or yahoo accounts, so maybe I would be interested in a feature like that.
... doesn't that seem to go against the connectiveness that the internet provides?
There are places I don't want to be connected to, at least not by default, at least not constantly. Sewage pipes and spam havens are both on that list
Is there any reason not to ban all mail originating from (or relayed through) addresses in China? I supose that big universities have a lot of students who use email to keep in touch with family in China, but most ISPs could probably do this without any harm to their customers.
If you were willing to put some effort into it, you could combine it with a whitelist, which would allow your Chinese customers to get email from the old country.
Wait a minute... effort, ISP... those two don't go together. Ok, never mind about the whitelist.
I don't understand why cameras with big sensors need to be SLR.
Big sensors cost big bucks. Big lenses cost big bucks. If you're spending big bucks on either, you want the other to be good, and versatile. So, partly because of tradition, and partly because of some very practical considerations, high-end cameras are SLR. Single Lens Reflex designs let someone who's willing and able to use manual controls do so, easily. The SLR design ensures that you see what the film sees. That can be a big deal, if you're willing and able to use manual controls. The SLR design means that you can snap whatever lens you need onto the front[1], and start shooting.
Are there professional grade cameras with interchangable lenses that don't depend on the optical viewfinder?
No. There are rangefinder cameras, but I haven't heard of any digital versions.
Why does every digital camera have a crappy motor-driven zoom? Aren't there others out there that would prefer a normal (no-zoom) lens?
Yes, there are. The manual zooms and fixed-length lenses are for SLRs, and they're bought by pro's and prosumers. Neither group is very cost sensative. Good SLRs are terribly expensive because the target market doesn't care about cost, not because they have to be. Good lenses are terribly expensive because they are terribly hard to make.
[1] You can snap on whatever lens you need, subject to caveats about adapters, some automation features not working, et cetera. But, you can do it.
I wasn't trying to pick on OSX, either. I'm sure it's eminently suited to the purpose. I just don't think that the cost and performance differences come from the OS and hardware choice in this case.
My point is that volunteer labor is only the beginning of the price difference between the two systems. The big, federally-funded bureaucracy and the departmentally-funded state university project have very different ways of doing things, and I'm only surprised that the cost and performance difference wasn't greater. Remember, the Virginia project happened in 90 days. I suspect that the NCSA project took well over a year, and procurement alone probably took more than 90 days.
I suspect that if they had both used lintel, or both used OSX, the cost and performance difference would have been significant. In fact, if the NCSA and Virginia Tech each built a lintel cluster and an OSX cluster, I would expect the cost and performance difference between VT and NCSA to be greater than the cost and performance difference between lintel and OSX.
So, we're agreed that OSX is great for the purpose, and I'm willing to entertain the notion that it is as cost effective as lintel. The VT system shows that's a real possibility. I don't think that the NCSA system is a reasonable comparison. Compare the OSX system to a similar lintel system, made by a similar group with similar goals. You'll probably still be able to make your case.
Virginia Tech's "System X" cluster cost a total of $6M for the asset alone (i.e., not including buildings, infrastructure, etc.), for performance of 12.25 Tflops.
By contrast, NCSA's surprise entry in November 2003's list, Tungsten, achieved 9.82 Tflops for $12M asset cost.
When I looked here, I found this: ``Tungsten entered production mode in Novermber 2003 and has a peak performance of 15.36 teraflops (15.36 trillion calculations per second).''
To me, that looks faster than System X, not slower.
Let's see: NCSA stands for ``National Center for Supercomputing Applications''. ``NCSA is a key partner in the National Science Foundation's TeraGrid project, a $100-million effort to offer researchers remote access...''
Looks as if the NCSA has a huge budget. I'd guess that ``gold-plated everything'' and ``leave no dollars unspent'' are basic specs for everythig they buy.
What can we learn about Virginia Tech? How about this:
System X was conceived in February 2003 by a team of Virginia Tech faculty and administrators and represents what can happen when the academic and IT organizations collaborate.
Working closely with vendor partners, the Terascale Core Team went from drawing board to reality in little more than 90 days! Building renovations, custom racks, and a lot of volunteer labor had to be organized and managed in a very tight timeline.
In addition to the volunteer labor, I'd guess that Virginia Tech had very different design goals, in which price was a factor. NCSA's bureaucracy probably accounted for a lot of those extra $6M they spent. Different designs and goals probably had a lot to do with the rest of the price, but I suspect that a bureaucratic procurement process was the main cause for the higher price of the Xeon system.
Yes, System X and the Apple hardware is pretty neat, but don't use the price/performance ratio of these two systems as a metric for the relative worth of Linux and OSX clusters.
It's unfair and meaningless to compare volunteer labor and academic pricing and scrounging on a limited budget to bureaucratic design, bureaucratic procurement and an unlimited budget.
I always figured that if you can't get your password right in 5 attempts, you need to sober up and talk to a sysadmin.
Most of the systems I've been on limit logon attempts to 3 to 5 failures. I've never seen a big Unix system which allowed unlimited failed logon attempts (though I'm sure someone could point me to one).
Maybe the question we should be asking is: if there are tens of thousands of failed logon attempts for a single userid over a period of days, why isn't someone noticing and taking action? Why blame it on the user?
Get someone to kick you in the nuts everytime you forget your password.
Ooh! Ooh! Pick me! Pick me! I'll do it!
Seriously, plenty of people will help you do it, but you probably won't have a lot of company in this little self-improvement plan. It will probably work for you, too, as long as your plans don't include breeding.
The article makes a good point: security has to be designed around the limits of the system. One of the limits of the system is the fallible human memory.
The article said (I read it on paper yesterday) that people can't remember lots of good passwords, and can't even remember one if it changes all the time. Therefore, they choose easy to crack passwords, or write down good passwords.
The article has this quote:
"It is not sensible to force people to change to a unique password every six months. You're inviting disaster," says Allen Gwinn, senior director of technology at the Cox School of Business at Southern Methodist University, who has spoken about security issues at trade shows.
"Better to have a password that's two years old that someone can remember than a password that's just been changed that's been written down that somebody can find," Mr. Gwinn says.
and this one:
"All passwords can be broken within 45 to 60 days," says Carl Herberger, senior director of information security services for SunGard Availability Services. He recommends that companies force employers to change their passwords every month.
The article doesn't take the silly position that the problem is the user, or say that security isn't being taken seriously. It does say that because of the fallible human memory, constant password changes can actually lessen security.
Maybe it's time to give up on the password idea, and go to something else, like a hardware key. Maybe it's time, also, to put airgaps between the internet and computers with sensitive data.
Well, the site is hopelessly slashdotted, so what is OpenCD?
From memory, it is a CD of Open Source programs (like the ones mentioned in the blurb) for Windows. It's a bit like gnuwin, which probably isn't/.'ed yet.
Slashdot Mirror
Sounds as if the bar has been set pretty low. If the major vendors are giving you immature crap, these guys might be able to do better, even with zero budget.
It's sort of like the story of the software monopolist with the multi-billion dollar budget and the zero-budget, GPL operating system which might yet out-compete the monopolist's amazingly expensive OS.
The opposite sex, generally. Fitting in and being accepted. Graduation, maybe, as a distant third.
That's easy, too. It's pr0n, to judge by the large and no doubt representative sample of high schoolers we see here on /.
You're right, I didn't understand that Linus was going to have to patent things. So, the hypothetical patent is going to be the stick? Sorry, don't think that's going to work. A patent is merely a license to sue. Linus (with or without the FSF) isn't going to get far in threatening a corporation with tens of billions of dollars in cash. Especially since that hypothetical corporation with tens of billions of dollars in cash has a far larger patent portfolio than Linus and the FSF put together. I can hear it now:
Linus: Anyone wanting to use a technology that uses my patented foo_open() method has to release source and ensure any other patents applying to the derived product are similarly licensed under GPL3.
Hypothetical big corp, giggling : Your patented method is useless without our patented foo-close(), and our many patents on the bar_something() methods. If you pay all our legal expenses and agree to indemnify us, we'll cross-license the two foo methods. You can't have the bar methods.
Linus and FSF, in chorus: Ooooooo! You meanie, you!
Linus and FSF, walk away, muttering.:
This is all a tempest in a teapot, anyway, since the suit will be laughed out of court with predjudice.
What do you want to bet that the MPAA is going to put the emphasis on ``begin a legal assault on websites that host BitTorrent trackers'' rather than on ``BitTorrent trackers for copyrighted movie files ''?
The shotgun approach would be easier, and have about the same chilling effect, so it would be win-win for the MPAA.
AC, are you advocating cannabalism? I'm shocked. Shocked! I say.
Well, you never know whether you're reading defacement by a troll or a well-reasoned, insightful article. Sort of like Slashdot.
The purpose of an encyclopedia is to give you a brief overview of many subjects, and enough information to dig deeper. I think that Wikipedia is about there, for most things, most of the time. It's not Britannica yet, but it's about 150 years younger, so we should give it another few decades to catch up.
A new article would be like wet cement. You can change it any way that you want. But, as it ages, it becomes harder and harder to change.
That's a sensible idea. Giving ownership of established pages to somebody (anybody!) would do the same thing. The quality of the articles might or might not go up, but the number of troll articles should fall way off.
Here's another idea: why not take a snapshot of the contents, perhaps yearly, and do some proofreading for the troll stuff, then put it up (with no way to change it) as ``Best of Wikipedia 20XX'' or so? That would be plenty current, and would keep little Johnny from looking up ``Nazi'' and getting an article denying the Holocaust. Meanwhile, back at the ranch, the trolls and the scholars and the flamers could keep on doing their respective things to the mutable Wikipedia, in preparation for next year's snapshot.
Whatever the motivation (it may well be exactly what the article claims), this suit, if successful, will defeat the GPL. The GPL gives you back the right to copy and distribute which copyright law has taken away. That's the carrot which the GPL offers you to comply with their conditions. The stick is copyright law, which provides severe penalties for unauthorised copying. If this suit succeeds, the carrot and stick are both gone.
The GPL can be rewritten within this regime to force all use of patented technologies to be released with source and with all other patented technologies in the same product open too.
How? No carrot, no stick, so how are you going to make the GPL anything but a meaningless admonition?
Additionally, with patents requiring details of implementation, we'll see a lot more source code, documentation on proprietary formats, etc.
There's some truth in that, but it may not be as good as you think. Companies will patent ``A method to place a button on a screen.'', they will trademark the look and feel of their button, and they will keep the essential details of their particular implementation of that method a trade secret.
As for:
They do want the first, they don't want the second. Unix is already good, and well known, and MS would like nothing better than to use some big chunks of it. The real question is: ``Does MS think that they can keep their code secret enough to make the new system work better than the old for them?'' MS may just decide that the answer is ``Yes.''Agreed, but which way is MS's way?
On the one hand, MS wants copyright protection for their code. On the other hand, MS doesn't want copyright protection for your code.
If code weren't protected by copyright, the GPL would be meaningless. MS could simply copy the Linux kernel and have their NT6. They might not go quite that far, but they'd certainly be cutting and pasting a whole lot more. We could copy any portions of the MS source code that had value to us, too, but where are we going to find it?
Also, MS would fair reasonably well in the patent arena. They have a fairly large stable of patents (nothing compared to IBM, a lot compared to you or the FSF). I could imagine that MS might figure that their stable of bogus patents, combined with the end of the GPL, would outweigh the disadvantage of having to rely on their ``security'' and trade-secrets laws to keep their code safe.
The article implies that the consultant, Aharonian, is doing this on his own initiative, with his own funds. I'm sure that's true, but I wonder where he got that initiative and those funds? Maybe from one of the big software houses? Break out the tinfoil hats!
Apart from, like, selling out to them, I mean.
Well, imagine Hannibal Lecter, and Microsoft. And a bottle of Chianti.
No, I guess you're right.
It is being actively developed. While William Schelter was maintaining it (for 19 lonely years), development was very slow indeed. I gather that most of the work was done by him, and some of his graduate students. Since his death in 2001, a number of other people have come on board, and there is a lot of catching up to do.
Some documentation has been rewritten, a great many bugs have been squashed, the package has been ported to several Lisps (yes, it does matter to users), there has been at least one new Emacs mode written for it, it can be used with Texmacs, and so on. Some of the people who are working on it are big names in their spheres, like Richard Fateman, who worked on the original Macsyma.
Version 5.9.1 was released in September '04, and the next big step will be the GREAT SOURCE DOWNCASING. Maxima is so old that most of it is written in all caps. There is a lot to do to bring it into the 21st century, and most of what's being done right now is behind-the-scenes stuff.
As you say, it's decent software now. It's fully usable, with a useful GUI for Windows (developed on Schelter's watch, as I recall). It is probably better for memory intensive work than Maple or Mathematica; that's what initially got me started using it.
Amen!
Can't tell if you were serious or sarcastic, but if you were serious, you were right.
Having said that, if the kid wants to do math, don't let him near a computer. If he needs a computer or a calculator or anything but some paper and a pencil, it's not math.
I have Mozilla doing spam filtering, and it works, sort of. Just like SpamPal, it requires that I waste my bandwidth downloading the junk to classify.
I might be willing to pay a bit for a feature which let me ban email from certain countries, so it never gets downloaded at all.
Well, an ISP which allowed you to choose to ban email from China, Brazil, Argentina and anyplace else you don't have friends or family, would probably find that it could make a few extra bucks from the service. Or, it could be a setting in the extra-cost spam filter that most ISPs already seem to offer.
My way is more likely to be implemented, because the ISP can charge for it.
There are places I don't want to be connected to, at least not by default, at least not constantly. Sewage pipes and spam havens are both on that list
If you were willing to put some effort into it, you could combine it with a whitelist, which would allow your Chinese customers to get email from the old country.
Wait a minute ... effort, ISP ... those two don't go together. Ok, never mind about the whitelist.
Big sensors cost big bucks. Big lenses cost big bucks. If you're spending big bucks on either, you want the other to be good, and versatile. So, partly because of tradition, and partly because of some very practical considerations, high-end cameras are SLR. Single Lens Reflex designs let someone who's willing and able to use manual controls do so, easily. The SLR design ensures that you see what the film sees. That can be a big deal, if you're willing and able to use manual controls. The SLR design means that you can snap whatever lens you need onto the front[1], and start shooting.
Are there professional grade cameras with interchangable lenses that don't depend on the optical viewfinder?
No. There are rangefinder cameras, but I haven't heard of any digital versions.
Why does every digital camera have a crappy motor-driven zoom? Aren't there others out there that would prefer a normal (no-zoom) lens?
Yes, there are. The manual zooms and fixed-length lenses are for SLRs, and they're bought by pro's and prosumers. Neither group is very cost sensative. Good SLRs are terribly expensive because the target market doesn't care about cost, not because they have to be. Good lenses are terribly expensive because they are terribly hard to make.
[1] You can snap on whatever lens you need, subject to caveats about adapters, some automation features not working, et cetera. But, you can do it.
My point is that volunteer labor is only the beginning of the price difference between the two systems. The big, federally-funded bureaucracy and the departmentally-funded state university project have very different ways of doing things, and I'm only surprised that the cost and performance difference wasn't greater. Remember, the Virginia project happened in 90 days. I suspect that the NCSA project took well over a year, and procurement alone probably took more than 90 days.
I suspect that if they had both used lintel, or both used OSX, the cost and performance difference would have been significant. In fact, if the NCSA and Virginia Tech each built a lintel cluster and an OSX cluster, I would expect the cost and performance difference between VT and NCSA to be greater than the cost and performance difference between lintel and OSX.
So, we're agreed that OSX is great for the purpose, and I'm willing to entertain the notion that it is as cost effective as lintel. The VT system shows that's a real possibility. I don't think that the NCSA system is a reasonable comparison. Compare the OSX system to a similar lintel system, made by a similar group with similar goals. You'll probably still be able to make your case.
By contrast, NCSA's surprise entry in November 2003's list, Tungsten, achieved 9.82 Tflops for $12M asset cost.
When I looked here, I found this: ``Tungsten entered production mode in Novermber 2003 and has a peak performance of 15.36 teraflops (15.36 trillion calculations per second).''
To me, that looks faster than System X, not slower.
Let's see: NCSA stands for ``National Center for Supercomputing Applications''. ``NCSA is a key partner in the National Science Foundation's TeraGrid project, a $100-million effort to offer researchers remote access ...''
Looks as if the NCSA has a huge budget. I'd guess that ``gold-plated everything'' and ``leave no dollars unspent'' are basic specs for everythig they buy.
What can we learn about Virginia Tech? How about this:
In addition to the volunteer labor, I'd guess that Virginia Tech had very different design goals, in which price was a factor. NCSA's bureaucracy probably accounted for a lot of those extra $6M they spent. Different designs and goals probably had a lot to do with the rest of the price, but I suspect that a bureaucratic procurement process was the main cause for the higher price of the Xeon system.Yes, System X and the Apple hardware is pretty neat, but don't use the price/performance ratio of these two systems as a metric for the relative worth of Linux and OSX clusters.
It's unfair and meaningless to compare volunteer labor and academic pricing and scrounging on a limited budget to bureaucratic design, bureaucratic procurement and an unlimited budget.
Now it's Istanbul, not Constantinople
Been a long time gone, Constantinople
Most of the systems I've been on limit logon attempts to 3 to 5 failures. I've never seen a big Unix system which allowed unlimited failed logon attempts (though I'm sure someone could point me to one).
Maybe the question we should be asking is: if there are tens of thousands of failed logon attempts for a single userid over a period of days, why isn't someone noticing and taking action? Why blame it on the user?
Ooh! Ooh! Pick me! Pick me! I'll do it!
Seriously, plenty of people will help you do it, but you probably won't have a lot of company in this little self-improvement plan. It will probably work for you, too, as long as your plans don't include breeding.
The article said (I read it on paper yesterday) that people can't remember lots of good passwords, and can't even remember one if it changes all the time. Therefore, they choose easy to crack passwords, or write down good passwords.
The article has this quote:
and this one:The article doesn't take the silly position that the problem is the user, or say that security isn't being taken seriously. It does say that because of the fallible human memory, constant password changes can actually lessen security.
Maybe it's time to give up on the password idea, and go to something else, like a hardware key. Maybe it's time, also, to put airgaps between the internet and computers with sensitive data.
linky
linky
and version 2.0
From memory, it is a CD of Open Source programs (like the ones mentioned in the blurb) for Windows. It's a bit like gnuwin, which probably isn't /.'ed yet.