>Could you provide an example of something, here? Because this >really makes no sense. Give an example of something people can do >on a Dell that they can't on a Mac, that is unavailable because of >security restrictions in Mac OS (as opposed to the appropriate >application simply not being ported yet).
The first thing which comes to mind here is Active X. Yes, I know that Active X sucks but there are an increasing number of intranet sites at my workplace using it anyway. You could do something similar to Active X on the Mac OS but Apple just doesn't think it's a good idea to grant a "Trusted" server the ability to execute arbitrary code on your machine as root. They don't seem to want that kind of procedure included in the security model of OS X. I think anyone who really understands security and, in particular that you can't trust the average user to properly evaluate digital certificates, would agree with Apple but it is a fact that people here have been dumping Macs (or buying a Windows PC in addition to their Mac) for the last few years because of the lack of Active X. Apple's switch to Intel processors may reverse this trend but it's too early to tell.
While it's true that their search algorithm is important, the other very important thing which contributed to the success of Google is that they have always offered honest results. They do have sponsored links but they are clearly marked as such. You know that the main search results are not influenced by advertizer money. Other search engines before Google typically did not make it clear when a site had paid for higher rankings.
Google's motto of "Do no evil" is really just a modernized version of "Honesty is the best policy." Any search new search engine needs not only to have a good algorithm but they also need to build trust with users.
Another way that things are slightly better in Australia is that, IIRC, there is a law there that prevents software manufacturers from disclaiming all warranty (particularly for negligence). If you read way down the Windows EULA, there is a reference to a specific Australian law (cited by statute number)and it says that if you sue Microsoft under this law, you agree that your only remedy is replacement of the software. I guess that's another example of having the right idea but not adequate enforcement. At least the idea is in the law. We haven't even gotten that far here in the USA.
The official policy here is that we don't need encryption for network communication as long as it is within our LAN or between us and the hospital which we are associated with. The policy says that being on a switched LAN is good enough to prevent packet sniffing. Our main medical records system uses old fashoned Telnet but also works with SSH. No one is bothering to switch the client software over to SSH because it isn't officially necessary.
Similarly, we do not require encrypted storage of data for machines within our facilities but, if you take a disk or portable outside the complex, the data has to be encrypted or the device has to be locked in a box.
Since no one has pointed it out yet, I should mention that HIPAA stands for the Health Information Portability and Accountability Act. It's the portability part that came first. The accountability part only came after privacy advocates objected. The main purpose of HIPAA was to make it easier to share data among care providers. The medical profession is much more spread out among different specialties and facilities than it ever was in the past.
One of the basic principals of HIPAA is that you can share data with anyone who is directly involved in the care of the patient and anyone who is responsible for billing for that care. I am involved with a clinical laboratory. We take samples from referring physicians, process them and give the results back. Many patients probably don't even realize that they are in our database. It seems to me that this is one of the weaknesses in HIPAA. You ought to have a right to know who has your data.
The principal of medical privacy is there to prevent anyone from avoiding treatment for fear that their information will get out. This not only applies to people with diseases which might have a social stigma but it also applies to a case like that of a criminal on the run. Such a person should not have to avoid medical treatment for fear of being tracked through medical records. This is tantamount to denying medical care. Doctors should not be part of law enforcement (of course that general principal is not absolute when you consider examples like child abuse). I wonder if the level of access by law enforcement to medical data may already be causing some people to avoid, or delay being tested for conditions.
HIPAA needs to to have a number of new provisions. You should be able to find out who has medical records on you, you should be able to get copies and have the original records deleted, or more likely anonymized since many laws require bulk reporting of the occurrence of certain diseases.
One case which I can comment on (up to a point) is one which I was involved in. There was a period, a while back, where we were just beginning to realize the extent of the spyware problem on PCs and we started to install two or three different antispyware applications on each machine. In this process, we discovered that two of our medical transcriptionists had been infected with keylogger trojans which were sending data to an internet marketing company. This, of course, had to be reported as a HIPAA violation. The authorities did nothing as a result of the incident but we started to take security more seriously anyway.
I had previously argued that these computers should use a particular set of secure, internal, non routed IP addresses which are available on our network (we are part of a large university). In the rush to get the new system going, the people who installed the workstations, had used the regular, less secure IP addresses (which don't require proxies to access the internet). It was surprisingly difficult for me to convince people that using these internal IP addresses was necessary because antispyware software will never be able to catch everything. Not to mention the other security benefits of not being directly visible from the internet. I think many people just don't grok the concept.
These computers were eventually moved to the secure IP address range (with proxy access denied as well) and other additional measures were taken to secure them but I don't think that would have happened without the reporting requirement of HIPAA. Still, it's surprising that there wasn't any more reaction from the authorities. My guess is that they were just swamped with similar reports.
I think the thing with HIPAA is that it takes time for it to improve security and privacy. Basically, you can handle it however you want as long as you justify your decisions in writing as being "reasonable." Reasonable security might mean that it would cost so much to do things more securely that it would adversely affect service. There are so many small niche markets for medical information software that your reason for poor security may simply be that you only have two or three vendors who serve your specialty and they all have poor security. Many of these applications were created before security was taken as seriously as it is now and many were designed for isolated LANs but are now being connected to the internet. I hope that the bar will be raised by those people who go the extra mile. Then the standard for "reasonable" will eventually become something which really protects privacy.
This goes to the topic of software warranties. Most medical informatics software come with something like a "statement of HIPAA compliance." which basically says that the vendor has designed the software in a way that it can satisfy HIPAA if you do your part to make it secure. This is fine in itself. The problem is that these applications don't run in isolation. You need an operating system to run them on and they quite often only run on the operating system with one of the worst security track records in the business. They may also depend on other application software. For example, one which I work with uses Microsoft Word and Word Macros to handle reports from the database. It was designed that way in order to allow the integration of third party options like speech-to-text from a variety of vendors. The thing is that Windows and Word don't come with any statement of HIPAA compliance. They follow the common practice in the software industry of disclaiming all warranty including against negligence.
I think the way to get PKI going would be to have various makers of email software integrate it and include it in the account settings by default. A key pair could be created as the email account is created. At a minimal level of security, this could be made very easy to use. You could even make it completely transparent if you reuse the same password as for authentication to the email server.
I realize that this isn't the most robust PKI setup but it would be a lot better than nothing and it could be made tighter as time goes along. Anyone who would go to the extent of downloading the source code for GPG, checksumming it and compiling a clean copy could still do so.
I really wonder why this hasn't been done yet. Why haven't email software makers bundled in GPG or something like it, even if it's turned off by default.
I think the main arguments against against VB are two things. One is the lack of cross-platform development (as others have mentioned). The other has to do with dependence. Using VB or VB.net locks you into Microsoft's upgrade cycle (or gets you stuck behind it) and makes it difficult to deploy your software widely without insisting that the user has just the right version of Windows, MS Office, etc. Your application my conflict with others that have different requirements.
My experience from the sysadmin point of view is that you don't have too much problem supporting one or two applications written in VB but, once you have more than that, you get into trouble trying to satisfy everyone's requirements. Maybe the particular applications I have delt with were just not well written and such programmers would have come out with crap in any language but this is the impression I have of VB.
Way back, Symantec was a development tools company. That's where the name came from. I only used their Think Pascal product for a short time as a student but I understand that it was really good in it's day. As I remember, the editor and debugger were much better than the competition to the point that, even long after the product was discontinued, a lot of programmers developed code in Think Pascal and then compiled it in Code Warrior (to get fat binaries).
I've run into the same problems you have with scientific data but I would rather see these applications improved to more easily utilize databases rather than try to improve spreadsheets to accomodate the scientific applications. Databases offer so much more flexability to do things like view statistics calculated on the fly from raw data stored from multiple experiments.
There are a number of Perl modules which can be used for analysis and graphing of scientific data from databases. Obviously, you don't want to have to write your own program every time you want to process data but maybe it would be feasable to set up a framework for scientific data analysis kind of like the way Catalyst works for setting up web sites. Then you could have some standard applications based on that framework. --Just thinking out loud about one way to make this happen. The important thing is the concept that scientists would really be better served by changing this paradigm.
Now that they came out with something in black, I can finally replace my Pismo.
For those that don't know, the "Pismo" (PowerBook G3 from 2000) was the last notebook which Apple made in a stylish black case. I've been using one almost every day since I bought it in 2000 and it's been the best computer I've ever owned. It runs Tiger pretty well, but for some applications it's getting to the point where it's not quite fast enough.
I think that this database system will be about as effective against terrorists as region coding in DVDs is against pirates. The average citizen is much more affected by this than terrorists who know to avoid regular, non-anonymous telephones.
As a practical matter, all public key crypto I've ever encountered uses private key crypto too because it's much less computationally intensive. In the case of SSH it works by one computer saying "here's my public key, send me a private key with it." The other computer then generates a random private key, encrypts it and sends it back. That's then used for the actual data transfer. Notice when you choose an alogirthm, you are choosing only symmetric (private) key alogrithims like AES.
Since we are in the process of nitpicking, let me point out that it's much clearer to say "...send me a session key for symmetric encryption with it...." It's a randomly generated temporary key used only for that transaction, not to be confused with a private key for asymmetric encryption.
This is the typical process of "hybrid encryption." Symmetric encryption is inherently stronger than asymetric encryption (even though asymetric algorythms typically use much larger keys). You can't compare two encryption algorythms based just on the size key they use. The idea is to use asymetric encryption (public key encryption) just long enough to exchange a key that can be used for symmetric encryption for the rest of the communication session.
Apple is actually using the concept of CSS in Keynote (which is their competitor to PowerPoint). I don't know if their XML based file format contains actual CSS code but I wouldn't be surprised at all if it does. If you think about how presentation software ought to work, this makes quite a bit of sense.
I know this is just a little comment at the end of the story and not the main topic but the Finder really does need to be rewritten. It has a surprising lack of multithreading, even compared to Mac OS 9. This is most apparent (and most annoying) when you are navigating a slow network volume in the Finder. Quite often, you just can't do anything with but wait for the network to time out.
It makes sense to use the same physical disks for movies and data, just as DVDs are used now but, at this point, I could care less about these new formats for the purpose of playing movies. Like many other people have pointed out, it isn't worth the money to get equipment good enough to show the difference in quality between either of these new formats and DVD.
What I really care about is having higher capacity data disks that are available as a comodity item like CD and DVD media are now. If the choice between Blu-ray and HD-DVD doesn't make that much difference for movies then I hope they consider that it does make a difference for burning data disks on a computer and pick the higher capacity format for that reason. I suppose this shows just how much of a geek I am but still, I wonder if the market for plain computer data storage can make all the difference in the broader market.
My experience has been quite the opposite. We have had many incidents in the last three or four years where we had to have IT staff go around to every computer of a specific type and do a particular procedure to handle a security issue. For example, a while back we had to go around and manually remove the PNP worm from every machine running Windows 2000 on our network. This was before the patch came out on Windows Update. It took about three days to get to every machine and it would have been a lot worse if the percentage of Windows 2000 computers had been higher (it was about 25% at that time). Three days was fast enough that there was hardly any down time for workers. Note that Windows XP was largely unaffected by this worm (at least on our network). Four years ago, when we had around 60% Windows NT, there was an incident where we had to fix every Windows NT computer (I don't remember exactly which virus that was right now) and some computers were down for almost two weeks because there were just too many for our staff to handle. We had some people unable to work for a few days.
We have a staff of several IT professionals and everyone has their own specialty but everyone knows the basics of the other specialties as well. When a major security incident like one of the above happens, we all pitch in to work on that one issue. For example, the Mac specialists are perfectly competent to go around and clean viruses off Windows computers according to a quickly thrown-together procedure.
Conventional wisdom of upper management seems to be that we would be better off upgrading all the Windows users to XP because it's more secure than Windows 2000. There is a lot of truth to that but there is also a down side. If we have 60% Windows XP, which would be the rough figure because we have around 30% Macintosh and you need to figure another 10% for others, including other versions of Windows (which you can never quite get rid of) then we would be set up for an incident like we had when we were mostly Windows NT. If something did happen that affected every install of Windows XP at once, we wouldn't have enough staff to deal with it in a timely fashion.
I should point out that my goal is to handle the broader issue by throwing some thin-client into the mix. It's something that everyone agrees is a good idea but it's a tough sell for almost every single specific case. In other words, everyone thinks it's a great idea to have more people using thin-client but hardly anyone wants to use it themselves instead of a Windows PC or Mac.
"Instead of holding and looking at compasses and bluky-hand-held sonar devices, the divers can processes the information through their tongues, said Dr. Anil Raj, the project's lead scientist.'"
Haven't dogs been doing this for thousands of years?
1% growth now means a lot more than it did in previous years because it is 1% of a much larger base.
For example:
If you start with 1 million and you have 1% growth, that's 10,000 new users but, if you start with 100 million users and have 1% growth, that's 1 million new users.
Funny that you are talking about people calling Bush evil. I really haven't heard too many people do that. I have heard Bush call people evil on many occasions. The most famous example being his coining the term "Axis of Evil." Although I'm not a Christian myself, I'm not totally ignorant of Christian theology. Isn't it a sin for an ordinary mortal (including the President) to judge good and evil? Even if he is right, doesn't that make him a sinner?
Actually, when Bush spoke of promoting scientific advances, he specifically said "Physical Sciences." I think the implication is that he doesn't like Biology so much.
When you get into specific details I would draw the (somewhat picky) detail that what he is really talking about is technology and not Science. In other words, he wants development of things that can readily help the economy. He is not so interested in advancing human knowledge for it's own sake.
I wonder if antother thing which has the record labels worried is that Apple allows independent artists and groups to sign up to sell mucic on the iTunes Store directly, without having to sign up with a Label.
The article quotes Nielsen SoundScan that online download sales are down. I checked their web site and it looks like what they do is track sales of titles which are registered with them. Their registration form specifically asks what Label carries the title. I don't know whether they would accept a registration if you just put "Independent." Maybe there has been a trend for some of more recent smaller artists to market directly without a Label and without registering with a ratings site like Nielsen.
Slashdot Mirror
>Could you provide an example of something, here? Because this
>really makes no sense. Give an example of something people can do
>on a Dell that they can't on a Mac, that is unavailable because of
>security restrictions in Mac OS (as opposed to the appropriate
>application simply not being ported yet).
The first thing which comes to mind here is Active X. Yes, I know that Active X sucks but there are an increasing number of intranet sites at my workplace using it anyway. You could do something similar to Active X on the Mac OS but Apple just doesn't think it's a good idea to grant a "Trusted" server the ability to execute arbitrary code on your machine as root. They don't seem to want that kind of procedure included in the security model of OS X. I think anyone who really understands security and, in particular that you can't trust the average user to properly evaluate digital certificates, would agree with Apple but it is a fact that people here have been dumping Macs (or buying a Windows PC in addition to their Mac) for the last few years because of the lack of Active X. Apple's switch to Intel processors may reverse this trend but it's too early to tell.
While it's true that their search algorithm is important, the other very important thing which contributed to the success of Google is that they have always offered honest results. They do have sponsored links but they are clearly marked as such. You know that the main search results are not influenced by advertizer money. Other search engines before Google typically did not make it clear when a site had paid for higher rankings.
Google's motto of "Do no evil" is really just a modernized version of "Honesty is the best policy." Any search new search engine needs not only to have a good algorithm but they also need to build trust with users.
Now we will have to have awards for the best voice acting in spam VOIP messages.
Another way that things are slightly better in Australia is that, IIRC, there is a law there that prevents software manufacturers from disclaiming all warranty (particularly for negligence). If you read way down the Windows EULA, there is a reference to a specific Australian law (cited by statute number)and it says that if you sue Microsoft under this law, you agree that your only remedy is replacement of the software. I guess that's another example of having the right idea but not adequate enforcement. At least the idea is in the law. We haven't even gotten that far here in the USA.
The official policy here is that we don't need encryption for network communication as long as it is within our LAN or between us and the hospital which we are associated with. The policy says that being on a switched LAN is good enough to prevent packet sniffing. Our main medical records system uses old fashoned Telnet but also works with SSH. No one is bothering to switch the client software over to SSH because it isn't officially necessary.
Similarly, we do not require encrypted storage of data for machines within our facilities but, if you take a disk or portable outside the complex, the data has to be encrypted or the device has to be locked in a box.
Since no one has pointed it out yet, I should mention that HIPAA stands for the Health Information Portability and Accountability Act. It's the portability part that came first. The accountability part only came after privacy advocates objected. The main purpose of HIPAA was to make it easier to share data among care providers. The medical profession is much more spread out among different specialties and facilities than it ever was in the past.
One of the basic principals of HIPAA is that you can share data with anyone who is directly involved in the care of the patient and anyone who is responsible for billing for that care. I am involved with a clinical laboratory. We take samples from referring physicians, process them and give the results back. Many patients probably don't even realize that they are in our database. It seems to me that this is one of the weaknesses in HIPAA. You ought to have a right to know who has your data.
The principal of medical privacy is there to prevent anyone from avoiding treatment for fear that their information will get out. This not only applies to people with diseases which might have a social stigma but it also applies to a case like that of a criminal on the run. Such a person should not have to avoid medical treatment for fear of being tracked through medical records. This is tantamount to denying medical care. Doctors should not be part of law enforcement (of course that general principal is not absolute when you consider examples like child abuse). I wonder if the level of access by law enforcement to medical data may already be causing some people to avoid, or delay being tested for conditions.
HIPAA needs to to have a number of new provisions. You should be able to find out who has medical records on you, you should be able to get copies and have the original records deleted, or more likely anonymized since many laws require bulk reporting of the occurrence of certain diseases.
One case which I can comment on (up to a point) is one which I was involved in. There was a period, a while back, where we were just beginning to realize the extent of the spyware problem on PCs and we started to install two or three different antispyware applications on each machine. In this process, we discovered that two of our medical transcriptionists had been infected with keylogger trojans which were sending data to an internet marketing company. This, of course, had to be reported as a HIPAA violation. The authorities did nothing as a result of the incident but we started to take security more seriously anyway.
I had previously argued that these computers should use a particular set of secure, internal, non routed IP addresses which are available on our network (we are part of a large university). In the rush to get the new system going, the people who installed the workstations, had used the regular, less secure IP addresses (which don't require proxies to access the internet). It was surprisingly difficult for me to convince people that using these internal IP addresses was necessary because antispyware software will never be able to catch everything. Not to mention the other security benefits of not being directly visible from the internet. I think many people just don't grok the concept.
These computers were eventually moved to the secure IP address range (with proxy access denied as well) and other additional measures were taken to secure them but I don't think that would have happened without the reporting requirement of HIPAA. Still, it's surprising that there wasn't any more reaction from the authorities. My guess is that they were just swamped with similar reports.
I think the thing with HIPAA is that it takes time for it to improve security and privacy. Basically, you can handle it however you want as long as you justify your decisions in writing as being "reasonable." Reasonable security might mean that it would cost so much to do things more securely that it would adversely affect service. There are so many small niche markets for medical information software that your reason for poor security may simply be that you only have two or three vendors who serve your specialty and they all have poor security. Many of these applications were created before security was taken as seriously as it is now and many were designed for isolated LANs but are now being connected to the internet. I hope that the bar will be raised by those people who go the extra mile. Then the standard for "reasonable" will eventually become something which really protects privacy.
This goes to the topic of software warranties. Most medical informatics software come with something like a "statement of HIPAA compliance." which basically says that the vendor has designed the software in a way that it can satisfy HIPAA if you do your part to make it secure. This is fine in itself. The problem is that these applications don't run in isolation. You need an operating system to run them on and they quite often only run on the operating system with one of the worst security track records in the business. They may also depend on other application software. For example, one which I work with uses Microsoft Word and Word Macros to handle reports from the database. It was designed that way in order to allow the integration of third party options like speech-to-text from a variety of vendors. The thing is that Windows and Word don't come with any statement of HIPAA compliance. They follow the common practice in the software industry of disclaiming all warranty including against negligence.
I think the way to get PKI going would be to have various makers of email software integrate it and include it in the account settings by default. A key pair could be created as the email account is created. At a minimal level of security, this could be made very easy to use. You could even make it completely transparent if you reuse the same password as for authentication to the email server.
I realize that this isn't the most robust PKI setup but it would be a lot better than nothing and it could be made tighter as time goes along. Anyone who would go to the extent of downloading the source code for GPG, checksumming it and compiling a clean copy could still do so.
I really wonder why this hasn't been done yet. Why haven't email software makers bundled in GPG or something like it, even if it's turned off by default.
I think the main arguments against against VB are two things. One is the lack of cross-platform development (as others have mentioned). The other has to do with dependence. Using VB or VB.net locks you into Microsoft's upgrade cycle (or gets you stuck behind it) and makes it difficult to deploy your software widely without insisting that the user has just the right version of Windows, MS Office, etc. Your application my conflict with others that have different requirements.
My experience from the sysadmin point of view is that you don't have too much problem supporting one or two applications written in VB but, once you have more than that, you get into trouble trying to satisfy everyone's requirements. Maybe the particular applications I have delt with were just not well written and such programmers would have come out with crap in any language but this is the impression I have of VB.
Way back, Symantec was a development tools company. That's where the name came from. I only used their Think Pascal product for a short time as a student but I understand that it was really good in it's day. As I remember, the editor and debugger were much better than the competition to the point that, even long after the product was discontinued, a lot of programmers developed code in Think Pascal and then compiled it in Code Warrior (to get fat binaries).
I've run into the same problems you have with scientific data but I would rather see these applications improved to more easily utilize databases rather than try to improve spreadsheets to accomodate the scientific applications. Databases offer so much more flexability to do things like view statistics calculated on the fly from raw data stored from multiple experiments.
There are a number of Perl modules which can be used for analysis and graphing of scientific data from databases. Obviously, you don't want to have to write your own program every time you want to process data but maybe it would be feasable to set up a framework for scientific data analysis kind of like the way Catalyst works for setting up web sites. Then you could have some standard applications based on that framework. --Just thinking out loud about one way to make this happen. The important thing is the concept that scientists would really be better served by changing this paradigm.
Now that they came out with something in black, I can finally replace my Pismo.
For those that don't know, the "Pismo" (PowerBook G3 from 2000) was the last notebook which Apple made in a stylish black case. I've been using one almost every day since I bought it in 2000 and it's been the best computer I've ever owned. It runs Tiger pretty well, but for some applications it's getting to the point where it's not quite fast enough.
I think that this database system will be about as effective against terrorists as region coding in DVDs is against pirates. The average citizen is much more affected by this than terrorists who know to avoid regular, non-anonymous telephones.
As a practical matter, all public key crypto I've ever encountered uses private key crypto too because it's much less computationally intensive. In the case of SSH it works by one computer saying "here's my public key, send me a private key with it." The other computer then generates a random private key, encrypts it and sends it back. That's then used for the actual data transfer. Notice when you choose an alogirthm, you are choosing only symmetric (private) key alogrithims like AES.
Since we are in the process of nitpicking, let me point out that it's much clearer to say "...send me a session key for symmetric encryption with it...." It's a randomly generated temporary key used only for that transaction, not to be confused with a private key for asymmetric encryption.
This is the typical process of "hybrid encryption." Symmetric encryption is inherently stronger than asymetric encryption (even though asymetric algorythms typically use much larger keys). You can't compare two encryption algorythms based just on the size key they use. The idea is to use asymetric encryption (public key encryption) just long enough to exchange a key that can be used for symmetric encryption for the rest of the communication session.
Apple is actually using the concept of CSS in Keynote (which is their competitor to PowerPoint). I don't know if their XML based file format contains actual CSS code but I wouldn't be surprised at all if it does. If you think about how presentation software ought to work, this makes quite a bit of sense.
I know this is just a little comment at the end of the story and not the main topic but the Finder really does need to be rewritten. It has a surprising lack of multithreading, even compared to Mac OS 9. This is most apparent (and most annoying) when you are navigating a slow network volume in the Finder. Quite often, you just can't do anything with but wait for the network to time out.
You mean switch to the Solaris Kernel?
I have heard all kinds of speculation about that since Ave Tevanian announced his departure. The Mach microkernel was his project.
It makes sense to use the same physical disks for movies and data, just as DVDs are used now but, at this point, I could care less about these new formats for the purpose of playing movies. Like many other people have pointed out, it isn't worth the money to get equipment good enough to show the difference in quality between either of these new formats and DVD.
What I really care about is having higher capacity data disks that are available as a comodity item like CD and DVD media are now. If the choice between Blu-ray and HD-DVD doesn't make that much difference for movies then I hope they consider that it does make a difference for burning data disks on a computer and pick the higher capacity format for that reason. I suppose this shows just how much of a geek I am but still, I wonder if the market for plain computer data storage can make all the difference in the broader market.
My experience has been quite the opposite. We have had many incidents in the last three or four years where we had to have IT staff go around to every computer of a specific type and do a particular procedure to handle a security issue. For example, a while back we had to go around and manually remove the PNP worm from every machine running Windows 2000 on our network. This was before the patch came out on Windows Update. It took about three days to get to every machine and it would have been a lot worse if the percentage of Windows 2000 computers had been higher (it was about 25% at that time). Three days was fast enough that there was hardly any down time for workers. Note that Windows XP was largely unaffected by this worm (at least on our network). Four years ago, when we had around 60% Windows NT, there was an incident where we had to fix every Windows NT computer (I don't remember exactly which virus that was right now) and some computers were down for almost two weeks because there were just too many for our staff to handle. We had some people unable to work for a few days.
We have a staff of several IT professionals and everyone has their own specialty but everyone knows the basics of the other specialties as well. When a major security incident like one of the above happens, we all pitch in to work on that one issue. For example, the Mac specialists are perfectly competent to go around and clean viruses off Windows computers according to a quickly thrown-together procedure.
Conventional wisdom of upper management seems to be that we would be better off upgrading all the Windows users to XP because it's more secure than Windows 2000. There is a lot of truth to that but there is also a down side. If we have 60% Windows XP, which would be the rough figure because we have around 30% Macintosh and you need to figure another 10% for others, including other versions of Windows (which you can never quite get rid of) then we would be set up for an incident like we had when we were mostly Windows NT. If something did happen that affected every install of Windows XP at once, we wouldn't have enough staff to deal with it in a timely fashion.
I should point out that my goal is to handle the broader issue by throwing some thin-client into the mix. It's something that everyone agrees is a good idea but it's a tough sell for almost every single specific case. In other words, everyone thinks it's a great idea to have more people using thin-client but hardly anyone wants to use it themselves instead of a Windows PC or Mac.
"Instead of holding and looking at compasses and bluky-hand-held sonar devices, the divers can processes the information through their tongues, said Dr. Anil Raj, the project's lead scientist.'"
Haven't dogs been doing this for thousands of years?
1% growth now means a lot more than it did in previous years because it is 1% of a much larger base.
For example:
If you start with 1 million and you have 1% growth, that's 10,000 new users but, if you start with 100 million users and have 1% growth, that's 1 million new users.
Funny that you are talking about people calling Bush evil. I really haven't heard too many people do that. I have heard Bush call people evil on many occasions. The most famous example being his coining the term "Axis of Evil." Although I'm not a Christian myself, I'm not totally ignorant of Christian theology. Isn't it a sin for an ordinary mortal (including the President) to judge good and evil? Even if he is right, doesn't that make him a sinner?
Actually, when Bush spoke of promoting scientific advances, he specifically said "Physical Sciences." I think the implication is that he doesn't like Biology so much.
When you get into specific details I would draw the (somewhat picky) detail that what he is really talking about is technology and not Science. In other words, he wants development of things that can readily help the economy. He is not so interested in advancing human knowledge for it's own sake.
I wonder if antother thing which has the record labels worried is that Apple allows independent artists and groups to sign up to sell mucic on the iTunes Store directly, without having to sign up with a Label.
The article quotes Nielsen SoundScan that online download sales are down. I checked their web site and it looks like what they do is track sales of titles which are registered with them. Their registration form specifically asks what Label carries the title. I don't know whether they would accept a registration if you just put "Independent." Maybe there has been a trend for some of more recent smaller artists to market directly without a Label and without registering with a ratings site like Nielsen.