I was wondering: given that CFLs are quite a bit more complex than incandescent lights, what sort of environmental impact is there in producing them?
After all, if producing them (end-to-end, from mining/producing the components, etc.) uses 5x the energy or produces 5x the CO2 than the relatively simple incandescent bulb, is it really a net benefit to the environment?
Disclaimer: I've replaced most of my incandescent lights with CFLs but have often wondered about the net benefits.
I purchase software and shareware programs that I find valuable. That being said, and admittedly without knowing what it is you are selling, $5 does NOT seem like the right price point. At that price, I'd make it donate-ware or free-ware. It may seem ridiculous to say this, but I'd be more likely to pay for your software at all, if you charged me more. For shareware, the $19 - $25 range is what I'd consider "worth taking my time to pay for". If I liked your product and saw a way to donate (without a recommended value mentioned) I'd probably send twenty bucks or so.
People tend to equate the value of something with the price being charged. Seriously, if your software is worth paying for at all, charge more for it and add the credibility to it that it deserves. You aren't doing yourself (or even your customers) a favor by charging so little. Those that pay the price will then offset those who would never pay for it at ANY price anyway and you can feel better about taking your valuable time and skill to further enhance your product. Maybe make a free version and a "Pro" version...?
... If nothing else, he should be slapped around...
If he should be "slapped around" then the companies that designed the system, wrote the system, tested the system and installed the system should be criminally liable. But then again, if we held software companies liable for selling shit software, Microsoft would have been out of business a long time ago.
As a programmer, I try to be as careful as possible. I try to keep up with best practices. I try to anticipate what might be passed as input to everything, and *then* I try to remember that I can't anticipate everything and use techniques to reduce or eliminate the impact of bad data. Even so, I still insist that someone else review my code and have someone else test it. When I get reports of some user finding a bug or vulnerability, my first response is "WTF? Why would they ever think to do that?" My next response is to come back down off my high horse and realize that I'd made a mistake and take it as a challenge to fix it.
It wasn't always that way, but I've been doing this stuff for over 20 years and I've come to realize that even the most "trivial" program or portion of code can be enough of a chink in an app's armor to give a miscreant a toe hold.
if I were buying a computer with Linux pre-installed it would just be as a sort of guarantee that there are Linux drivers available
I agree. I'd probably order it so that I'd have the support/license, but the first thing I'd do was re-install it from scratch to eliminate the cruft and crap that I don't want on it and re-partition things my way. One of the most compelling things about Linux IMHO is that you can really streamline and "tailor" a server to do exactly what you want it to, reducing overhead, security threats, complexity and other issues. For instance, I usually don't install any of the GUI components and tend to want to custom-compile my apache and php implementations. I could also take a stock system and do this, but I'd rather not have it installed in the first place and have the system clean to start with - I've had issues in the past where apache would be pre-installed in one location and I compile and install the new one elsewhere without realizing it (stupid me) and the next guy to work on the machine fired up the wrong instance (hilarity ensued *not*).
Of course, if could just be that I'm a control freak - which would explain my disdain for Windows.
Funny, whenever my company orders Dell Poweredge servers with the no OS option, that's all I have do (how you can have a "Linux configuration" when there's no OS shipped with it?).
If I recall correctly, one of the options is for the TCP/IP Offload Engine or something like that. I thought it was strange, too, that you'd have to specify a windows or linux configuration when you want no OS...
Does North Pole, Alaska, have a lot of crimes that are going unsolved?
Well, when I had 2 brand new mountain bikes stolen off my deck (~$1,200.00 worth) they wouldn't even talk to me. When I called to complain about snowmobilers drag racing at breakneck speeds across my lawn and even told them who the kids were, they didn't want to hear about it (When the kids did it to my neighbor the next weekend -- he ran them down on his own sled, took their keys and made their parents go to court to get them back). I can point to at least 3 houses that my kids claim are producing or distributing meth. My son says he could buy pot any time he wanted - he says "everyone knows who to get it from". My neighbor (two houses down) has a habit of drinking too much and "target practicing" in his back yard (contrary to local ordinances about discharging firearms in our neighborhood) - cops don't want to hear about it.
This is contrasted with my wife's friend who was speeding (admittedly) and had the misfortune of being caught simultaneously by on oncoming cop and a cop lying in wait. They *both* wrote him separate tickets at the same time for the same offense (even comparing notes on speeds while standing behind his vehicle). Fortunately, the judge threw one of the tickets out, but you've got to be one stupid, arrogant prick of a cop to think that it's all right to write two tickets for the same offense. It just goes to show that they are more interested in revenue than protecting the public.
But, to answer your question, no, we don't have much crime here - but then we don't need so many cops on the payroll either then.
Heh, I live in North Pole, Alaska. Our cops are the constant but of jokes and curses because they won't spend any time solving crimes, they just want to write tickets.
Recently, the weather warmed up and the intersections got particularly slippery. At one intersection in particular there is a down-hill slope before the stop sign. A local cop would sit in a parking lot off to the side and ticket car after car that slid through the intersection for failure to come to a complete stop. Now, was he trying to enforce or encourage public safety? I think not. If he was, he could have put flares out or done something else to make people aware of a potentially dangerous situation until a gravel-truck could have been dispatched. No. Instead he was gleefully writing tickets.
This particularly upsets me because I used to be a cop and saw this mentality a lot. There is a lot of pressure to write tickets for several reasons: First, of course is the income from the fines, but secondly, it's a lot easier to justify your time when you can point to all those traffic citations than to report that you acted as road-crew for 4 hours while waiting for a gravel truck. That being said, some cops are just pricks and get off on that sort of thing - not even thinking about the emotional and financial impact on someone who has a hard enough time keeping mandatory insurance on their vehicle who now has to pay a fine and higher rates for the next 3 years.
I wonder how these people can sleep at night sometimes...
I fully expect to see my login token when I login to my account and would not login if I didn't see it.
I agree. I also like the images being there when I log in. That being said, I have a dozen other accounts that do NOT have this - instead just have either the normal username/password pair or sometimes just username, with password being prompted for on another page, but no pictures (I have no Idea why).
Although I take security very seriously and almost never go to my banking sites when I'm not on my own computer, clicking on my own bookmarks, on a non-IE bowser -- I'd have to admit that I might not notice it was missing either. If you put me in a different place, on a different computer, allowed me to type in my BofA URL, hijacked DNS and sent me instead to your impostor site and just gave me the standard username/password bit and left the Image off, I may not remember that BofA had a sitekey. If ALL my other accounts had one, I'd be alerted, right away to it's being missing. As is is now, when I click on BofA, I often go "Oh yeah, I have to watch for my picture...". I usually don't remember it until AFTER they ask for it.
I don't think SiteKey is flawed on it's own, I just think it would be more effective if 1) more sites used it and 2) you could upload your own picture (so they'd all be the same, or at least recognizably one you took, etc. - If not, I'd NEVER remember what my picture was supposed to be. Without logging in to BofA, I couldn't tell you what the picture is. I've changed it a couple of times. But I'd know it if I saw it:-)
This isn't a new concept. Our mail gateways already participate in something like this with IronPort'sSenderBase reputation filtering. 90%+ of our incoming mail traffic is dropped based on poor reputations scores without looking at anything more than the sender's address. So far, we've never had a false-positive that we know of, and only once, after many customers were made a part of a bot-net and started spamming, did SenderBase throttle traffic to one of the local ISP's. A quick call to their mail admins pointing out the problem and they were able to block those customers from sending mail until they were cleaned up and the reputation score climbed back up again.
It has really taken the load off our mail servers by blocking millions of connections. The rest, we run through SpamAssassin and everything works great!
Just an anecdote, but I've spent far more on TV shows this year on iTunes than I ever did on music.
I'll second that. I buy way more audio-books, TV shows and movies (dollar-wise) than I ever spent on music. I've gladly been paying $35+ a pop for some of the audio books, because I get hours, and hours of entertainment and education from it on my long commutes. I also have very little time to watch TV during "prime-time" and have crappy reception anyway, so it is worth it for me to get season passes to certain shows I'm interested in so that I can watch them commercial-free and on my time. Besides, I don't have the self-control to wait until next week's episode of 24 or Heroes, etc. I wait until the season is over and watch 'em all;-)
If you just look at the numbers, my total number of items (especially music) has really fallen off, but based on the dollar value of my purchases, I'm spending more. That being said, I'd easily buy 3-4 times as many movies if they were $5-$7 a piece... Given the right pricing structure and selection, I thing video content is where it's going.
And for the record, the 640x480 content from iTunes looks just fine on my 48" HD TV, but then again, I'm not the HD-snob, my brother is. If a show is engaging enough, I get so into it I don't notice the resolution anyway - I've even seen that while watching a show on my iPod screen. It's not pleasant, but I've been able to get totally involved in a show on that little screen at times. Great for waiting in line at the DMV or the dentist...
I'll tell you what, Apple. You don't renew your contract with Universal. I'll buy an iPod. I'll buy any conent I like from iTunes (i.e. the content from studios that AREN'T asshats) and I'll pirate Universal content. Zune sales (all three of them) can salve Universal's wounds. So basically, everything is square. I purchase content I can get legally, but pirate content that I can't or has DRM that is too restrictive for me. Everyone (except Universal) will be happy.
I was raised in a 3rd-world country, in the middle of (what Americans would call) a jungle. One use I haven't heard of before, but can see as a practical use for this is lighting. Yeah, it sounds stupid, but a "wind-up" device that cast even modest light into a darkened hut is a real boon. I don't know how bright the screens are, but I'd imagine, with a white background the laptop could provide a decent amount of illumination.
I have often worked 60 hours a week - and I'm not paid ANY overtime! Yes, I have the choice to NOT work extra hours, but then my job would not get done. And I don't want to hear about "working smarter" or "hiring more people". I'm working as smart as I can and my staff keeps getting cut. We have a 1000+ to 1 computer to technician ratio and "management" thinks that's fine (as long as *they* get fast response). It's bullshit and everyone knows it, but it's reality and it's the job I get paid to do. I could easily get another job, but I like what I'm doing and have decided to stay where I am. I'd be REALLY pissed it some fsking do-gooder tried to tell my employer that I'd be forced to stop working after 40 hours (although overtime would be nice but exempt employees don't get that).
My daughter is saving for college. She works 2, back-to-back, full-time jobs during the summer so that she doesn't have to borrow money to pay for tuition. That's way more than 60 hours a week with NO overtime. She's only 17. I'm not sure if that is legal in my state for someone her age, but they can piss off. It's her choice. She bought her own car, pays her own insurance and manages her social life around her responsibilities. She'd be crushed if she was forced to back off on her hours because some lazy, loser bureaucrat told her she was working too hard. She'd love to be making twice what she's making, but she's only 17 and they don't pay "kids" with few skills much more than minimum wage. So she does what she can and sacrifices her social time to reach her goals. We've talked about what happens when classes starts and she's agreed that studies come first, so she'll quit one of her jobs.
If the workers in China are being mistreated and are FORCED (by their employer) to work more than 40 hours then, yes, I have a problem with that. But if they truly have the option to work AND they get paid overtime for it, let them have it! Has anyone compared their (the "abused Chinese") annual incomes against the other incomes and work hours for others in that area? I'd really like to know. Because if they are working more hours and still making less then there is a problem. However, if they are making proportionally more then SHUT THE FUCK UP and let them work!
I didn't grow up in America. I grew up in a 3rd-world country. The whole mind-set of society there was different back then (and admittedly, much more "primitive"). Where I grew up, you started working in the fields for several hours a day when you turned 7! When you turned 12 you were expected to look for a wife and be working full-time. Turning 12 was the rite-of-passage to adulthood and you got all the responsibilities AND privileges of adulthood. We kids didn't know any different. We looked forward to each phase of life with anticipation. We weren't brought up to expect to "play" until we were 18 and then start our adult life.
Looking back on it from the perspective of a parent raising kids in America, I can see that that culture and those attitudes would never fly here. But I don't see use as being "abused" as kids. I received my first weapon (modified and "safed") when I was 6. I went on my first "hunt" with the men when I was 7 (mostly along to do the "women's work" (read grunt-work) and to learn the ropes) - kind of like an apprenticeship, I guess. When I was 12, I went along as a full-fledged member of the group. There was no "screwing around". I'd been raised my whole life to be responsible. Today, I can't imagine trusting a 12 year old with that kind of responsibility. Of course we don't raise them to be responsible. We raise them to never take responsibility and to expect to have fun until they're "adults".
My point in all this is that it's easy to judge one culture from the perspective of another, and in doing so do great harm to their way of life. There are cases where abuse is really taking place and, when found, it must be dealt with. But c'mon. A 60-hour week, with overtime? I'd take that. At least give me the option.
If they're using civilians as "shields", but those "shields" don't stop the attacks, then why are they still using them as "shields"?
Because people like you, the media and the NASA hackers know that people have such a visceral reaction to civilian, collateral damage. They know that the "if we all just think happy thoughts and eat enough bran, peace will ensue"-types will fight their war for them on the battlefield of popular opinion. Don't you see? Plastering the face of a wounded child on the web or TV is the easy way out. They know we won't bother to think beyond the images.
The terrorists are cowards. They target civilians themselves and then hide behind other civilians when attacked. They have no more political legitimacy than what they are given by "world opinion" and "the press". From what I hear, the Israeli military is attempting to minimize civilian casualties. They've announced the areas that they were going to attack and told the government to evacuate their citizens. Maybe, Israel's actions will save more civilian lives in the future. Once Hezbollah realizes that they aren't getting anywhere by hiding among civilians, but are instead pissing those civilians off and that even the granola-eating, birkenstock-wearing, public are seeing them for the cowards they are they'll stop using those methods. Shyah, and monkies will fly out of my butt!
I wish none of this had happened and that the conflict would end, but I'm not so naive to think that thinking happy thoughts are going to make any difference. Even if it were in my power to force Israel to stop their offensive today - do you think Hezbollah will stop killing civilians? Not going to happen. However, if Hezbollah were to be routed and would stop targeting civilians do I think Israel would stop their offensive? Yes. Absolutely.
It's a complicated, messed up world. The press knows that the naive public will react to pictures of civilians getting injured because it means they don't have to think any further than that. It makes the press' job easy - theey don't have to take the time explaining the whole story while trying to keep people's attention. Shocking pictures and shallow stories sell and get a much bigger bang for the buck. The hackers know that putting a picture of a wounded child on a hacked, NASA web page will be effective because people will stop thinking any further than that picture. They will never stop and say: "WTF? This doesn't make any sense. Why target NASA? Hey wait, why did the submitter feel compelled to link to a mirror of the hacked site? Shouldn't this be a discussion about the security of Apache or the competency of the Sysadmins who secured it, or the vulnerabilities of the portal software that was used on the site?" But no, just putting a picture of an injured child stops most people from thinking critically about the situation.
This is why America's leaders are elected based on 30-second sound-bites, name recognition and great hair. People never bother to look any deeper than that. It's too much effort and the media is happy to keep it that way.
He also said it worked flawlessly in all the dry-runs. I've been through situations like this before and I've seen other professionals in binds like this before. Here's what you do: You hit the little switch that activates the backup system, grab the other headset, make a joke like "now that you've seen what our top competitor can do... let me show you how our product works!", and pray to God the backup system comes through.
Stuff like this happens all the time. I've even seen it happen to His Steveness(tm). The difference is, Steve ALWAYS has a hot-standby ready to go. I think he even has someone following along on it in the background so that it's sitting at a point in the demo where he needs to take off from (although I can't be sure, it happens so rarely). The point isn't necessarily which software is better. The point is that Steve is the consummate professional when he's doing important presentations and leaves nothing to chance.
After seeing the amount of damage a single screw-up like this can do to a company's reputation, it shouldn't take too long before they realize how important going the extra mile and having redundancy built into the demo is.
The problem with most of these exploits is that they are highly targeted. This means that AV vendors often never get the infected sample until much later - after the damage is done - if ever. Companies are loathe to disclose the fact that they've had a security breach to anyone - even upper-management - let alone outside AV vendors. This means the exploit can be abused for long periods of time with many different targeted victims before it even gets on the AV radar. This whole time, my company might be vulnerable or even compromised, since most of our upper management take the view that "we have AV software - we don't need to spend any more time or money on traffic analysis and network baselining. Just focus on our outward-facing servers with IDS and stop pestering us with internal stuff!". Yes, they are morons.
The myth that you can rely on AV software for comprehensive defense is severely flawed. AV software is almost purely reactive and always behind the eight-ball. It's easy for malware authors to test against popular AV packages and code around it. AV vendors have to actually catch and analyze the malware and then deploy the updated signatures. This gap can be an eternity in the security world.
On OS X, you have the option of creating a "Master Password" that has the ability to unlock any encrypted home directories. It shouldn't be too hard to implement a setting that says a Domain Admin can unlock any encrypted files on computers that are joined to their domain. Something is fishy here. There has to be more broken with this scheme than just the user being able to encrypt their data.
One way MS could "support the iPod" would be to release their own, replacement, OS for it that incorporates support for PlaysForSure(tm). When you connect your iPod to Vista it would ask you if you would like to configure your iPod to use music from MSSuperMusicStore(tm), and would flash your iPod with their OS.
There are already replacement OSes for the iPod running Linux, it wouldn't be difficult for MS to make a WinCE-based OS that supported their DRM, etc. I don't know that Apple would have any chance or recourse then...
Damn you Apple! I want to use your OS! STOP MAKING IT HARD TO SWITCH!!!!!
It's not hard to switch. Apple is a hardware company first and foremost. Buy a MacBook or a Mac Mini and get the best of both worlds.
If you want to stay with your Dell or Gateway box, load SuSe or Ubuntu. Much of the advantages to OS X is the tight integration between hardware and software. You just won't get the same benefit by loading it on to some crappy WallMart box. Contrary to some people's beliefs, you don't have a right to load OS X on any computer you like. It is a proprietary piece of software and buying Apple's hardware is part of the deal. If you don't like it, use OSS on your beige-box.
BTW, this was written on a Dell running SuSe 10.1 -- sitting next to my MacBook Pro dual-booting WinXP and Tiger.
It was their faulty software and clueless tech support that wasted your valuable time. Had you decided to go the illegal route you would not have had this problem. Had you decided to use Linux or OS X you would not have had this problem. Because you chose to be a good little consumer and followed Microsoft's instructions it caused you grief and time.
I think it could be solved by doing two things: 1) have a mechanism in place that does more to ensure the sender is who they say they are, and 2) Go to a whitelist-based system only.
If every ISP blocked outgoing SMTP messages from their users and either 1) forced them to relay mail through their servers or 2) ensured that any user-run mail servers were properly configured with SPF, etc. before allowing them to access outgoing port 25 traffic, it would allow allow much better assurance that the sender was who they said they were.
Then, if any email that was addressed to me had to be checked against my whitelist first, I'd only be getting mail from those users I want to talk to. The real danger would be if one of the users I had in my whitelist became infected by spam-malware that used their address to send spam out to me - but I'd be able to tell right away that they were infected and warn them (or remove them from my whitelist and sent them a live CD:-)
Any lists you signed up for or any businesses that were going to send you email (like order confirmation, etc.) would have to spell out clearly which email address to add to your whitelist in order for you to get your confirmation. If they send you advertisements on that address, remove it from your whitelist.
We are implementing some of this where I work. One twist is that we have a mechanism where any mail you send out to someone automatically gets them added to your whitelist - more to help us quickly build a whitelist for our users than anything else while we are ramping up, but it's a start. Then we have each user create a Spam folder, crank the spam threshold way down, and let the users pick through what makes it through and decide where their discard threshold will be. Eventually, when each user has compiled a complete enough whitelist that they are confident they can operate without the spam safety net, they remove their spam folder.
It's working so far. I know there are services out their that send email back to new senders telling them to jump through hoops to be added to a user's whitelist, but I'm not sure how I feel about that. I have a feeling that sort of thing could get gamed, but maybe that's the way to go - just make it too much work for the spammer. All I know is that I HATE SPAM.
Slashdot Mirror
I was wondering: given that CFLs are quite a bit more complex than incandescent lights, what sort of environmental impact is there in producing them?
After all, if producing them (end-to-end, from mining/producing the components, etc.) uses 5x the energy or produces 5x the CO2 than the relatively simple incandescent bulb, is it really a net benefit to the environment?
Disclaimer: I've replaced most of my incandescent lights with CFLs but have often wondered about the net benefits.
I purchase software and shareware programs that I find valuable. That being said, and admittedly without knowing what it is you are selling, $5 does NOT seem like the right price point. At that price, I'd make it donate-ware or free-ware. It may seem ridiculous to say this, but I'd be more likely to pay for your software at all, if you charged me more. For shareware, the $19 - $25 range is what I'd consider "worth taking my time to pay for". If I liked your product and saw a way to donate (without a recommended value mentioned) I'd probably send twenty bucks or so.
People tend to equate the value of something with the price being charged. Seriously, if your software is worth paying for at all, charge more for it and add the credibility to it that it deserves. You aren't doing yourself (or even your customers) a favor by charging so little. Those that pay the price will then offset those who would never pay for it at ANY price anyway and you can feel better about taking your valuable time and skill to further enhance your product. Maybe make a free version and a "Pro" version...?
If he should be "slapped around" then the companies that designed the system, wrote the system, tested the system and installed the system should be criminally liable. But then again, if we held software companies liable for selling shit software, Microsoft would have been out of business a long time ago.
As a programmer, I try to be as careful as possible. I try to keep up with best practices. I try to anticipate what might be passed as input to everything, and *then* I try to remember that I can't anticipate everything and use techniques to reduce or eliminate the impact of bad data. Even so, I still insist that someone else review my code and have someone else test it. When I get reports of some user finding a bug or vulnerability, my first response is "WTF? Why would they ever think to do that?" My next response is to come back down off my high horse and realize that I'd made a mistake and take it as a challenge to fix it.
It wasn't always that way, but I've been doing this stuff for over 20 years and I've come to realize that even the most "trivial" program or portion of code can be enough of a chink in an app's armor to give a miscreant a toe hold.I agree. I'd probably order it so that I'd have the support/license, but the first thing I'd do was re-install it from scratch to eliminate the cruft and crap that I don't want on it and re-partition things my way. One of the most compelling things about Linux IMHO is that you can really streamline and "tailor" a server to do exactly what you want it to, reducing overhead, security threats, complexity and other issues. For instance, I usually don't install any of the GUI components and tend to want to custom-compile my apache and php implementations. I could also take a stock system and do this, but I'd rather not have it installed in the first place and have the system clean to start with - I've had issues in the past where apache would be pre-installed in one location and I compile and install the new one elsewhere without realizing it (stupid me) and the next guy to work on the machine fired up the wrong instance (hilarity ensued *not*).
Of course, if could just be that I'm a control freak - which would explain my disdain for Windows.Well, when I had 2 brand new mountain bikes stolen off my deck (~$1,200.00 worth) they wouldn't even talk to me. When I called to complain about snowmobilers drag racing at breakneck speeds across my lawn and even told them who the kids were, they didn't want to hear about it (When the kids did it to my neighbor the next weekend -- he ran them down on his own sled, took their keys and made their parents go to court to get them back). I can point to at least 3 houses that my kids claim are producing or distributing meth. My son says he could buy pot any time he wanted - he says "everyone knows who to get it from". My neighbor (two houses down) has a habit of drinking too much and "target practicing" in his back yard (contrary to local ordinances about discharging firearms in our neighborhood) - cops don't want to hear about it.
This is contrasted with my wife's friend who was speeding (admittedly) and had the misfortune of being caught simultaneously by on oncoming cop and a cop lying in wait. They *both* wrote him separate tickets at the same time for the same offense (even comparing notes on speeds while standing behind his vehicle). Fortunately, the judge threw one of the tickets out, but you've got to be one stupid, arrogant prick of a cop to think that it's all right to write two tickets for the same offense. It just goes to show that they are more interested in revenue than protecting the public.
But, to answer your question, no, we don't have much crime here - but then we don't need so many cops on the payroll either then.Heh, I live in North Pole, Alaska. Our cops are the constant but of jokes and curses because they won't spend any time solving crimes, they just want to write tickets.
Recently, the weather warmed up and the intersections got particularly slippery. At one intersection in particular there is a down-hill slope before the stop sign. A local cop would sit in a parking lot off to the side and ticket car after car that slid through the intersection for failure to come to a complete stop. Now, was he trying to enforce or encourage public safety? I think not. If he was, he could have put flares out or done something else to make people aware of a potentially dangerous situation until a gravel-truck could have been dispatched. No. Instead he was gleefully writing tickets.
This particularly upsets me because I used to be a cop and saw this mentality a lot. There is a lot of pressure to write tickets for several reasons: First, of course is the income from the fines, but secondly, it's a lot easier to justify your time when you can point to all those traffic citations than to report that you acted as road-crew for 4 hours while waiting for a gravel truck. That being said, some cops are just pricks and get off on that sort of thing - not even thinking about the emotional and financial impact on someone who has a hard enough time keeping mandatory insurance on their vehicle who now has to pay a fine and higher rates for the next 3 years.
I wonder how these people can sleep at night sometimes...I agree. I also like the images being there when I log in. That being said, I have a dozen other accounts that do NOT have this - instead just have either the normal username/password pair or sometimes just username, with password being prompted for on another page, but no pictures (I have no Idea why).
Although I take security very seriously and almost never go to my banking sites when I'm not on my own computer, clicking on my own bookmarks, on a non-IE bowser -- I'd have to admit that I might not notice it was missing either. If you put me in a different place, on a different computer, allowed me to type in my BofA URL, hijacked DNS and sent me instead to your impostor site and just gave me the standard username/password bit and left the Image off, I may not remember that BofA had a sitekey. If ALL my other accounts had one, I'd be alerted, right away to it's being missing. As is is now, when I click on BofA, I often go "Oh yeah, I have to watch for my picture...". I usually don't remember it until AFTER they ask for it.
I don't think SiteKey is flawed on it's own, I just think it would be more effective if 1) more sites used it and 2) you could upload your own picture (so they'd all be the same, or at least recognizably one you took, etc. - If not, I'd NEVER remember what my picture was supposed to be. Without logging in to BofA, I couldn't tell you what the picture is. I've changed it a couple of times. But I'd know it if I saw itThis isn't a new concept. Our mail gateways already participate in something like this with IronPort's SenderBase reputation filtering. 90%+ of our incoming mail traffic is dropped based on poor reputations scores without looking at anything more than the sender's address. So far, we've never had a false-positive that we know of, and only once, after many customers were made a part of a bot-net and started spamming, did SenderBase throttle traffic to one of the local ISP's. A quick call to their mail admins pointing out the problem and they were able to block those customers from sending mail until they were cleaned up and the reputation score climbed back up again.
It has really taken the load off our mail servers by blocking millions of connections. The rest, we run through SpamAssassin and everything works great!I'll second that. I buy way more audio-books, TV shows and movies (dollar-wise) than I ever spent on music. I've gladly been paying $35+ a pop for some of the audio books, because I get hours, and hours of entertainment and education from it on my long commutes. I also have very little time to watch TV during "prime-time" and have crappy reception anyway, so it is worth it for me to get season passes to certain shows I'm interested in so that I can watch them commercial-free and on my time. Besides, I don't have the self-control to wait until next week's episode of 24 or Heroes, etc. I wait until the season is over and watch 'em all ;-)
If you just look at the numbers, my total number of items (especially music) has really fallen off, but based on the dollar value of my purchases, I'm spending more. That being said, I'd easily buy 3-4 times as many movies if they were $5-$7 a piece... Given the right pricing structure and selection, I thing video content is where it's going.
And for the record, the 640x480 content from iTunes looks just fine on my 48" HD TV, but then again, I'm not the HD-snob, my brother is. If a show is engaging enough, I get so into it I don't notice the resolution anyway - I've even seen that while watching a show on my iPod screen. It's not pleasant, but I've been able to get totally involved in a show on that little screen at times. Great for waiting in line at the DMV or the dentist...I'll tell you what, Apple. You don't renew your contract with Universal. I'll buy an iPod. I'll buy any conent I like from iTunes (i.e. the content from studios that AREN'T asshats) and I'll pirate Universal content. Zune sales (all three of them) can salve Universal's wounds. So basically, everything is square. I purchase content I can get legally, but pirate content that I can't or has DRM that is too restrictive for me. Everyone (except Universal) will be happy.
I was raised in a 3rd-world country, in the middle of (what Americans would call) a jungle. One use I haven't heard of before, but can see as a practical use for this is lighting. Yeah, it sounds stupid, but a "wind-up" device that cast even modest light into a darkened hut is a real boon. I don't know how bright the screens are, but I'd imagine, with a white background the laptop could provide a decent amount of illumination.
Agreed. -- WTF!
I have often worked 60 hours a week - and I'm not paid ANY overtime! Yes, I have the choice to NOT work extra hours, but then my job would not get done. And I don't want to hear about "working smarter" or "hiring more people". I'm working as smart as I can and my staff keeps getting cut. We have a 1000+ to 1 computer to technician ratio and "management" thinks that's fine (as long as *they* get fast response). It's bullshit and everyone knows it, but it's reality and it's the job I get paid to do. I could easily get another job, but I like what I'm doing and have decided to stay where I am. I'd be REALLY pissed it some fsking do-gooder tried to tell my employer that I'd be forced to stop working after 40 hours (although overtime would be nice but exempt employees don't get that).
My daughter is saving for college. She works 2, back-to-back, full-time jobs during the summer so that she doesn't have to borrow money to pay for tuition. That's way more than 60 hours a week with NO overtime. She's only 17. I'm not sure if that is legal in my state for someone her age, but they can piss off. It's her choice. She bought her own car, pays her own insurance and manages her social life around her responsibilities. She'd be crushed if she was forced to back off on her hours because some lazy, loser bureaucrat told her she was working too hard. She'd love to be making twice what she's making, but she's only 17 and they don't pay "kids" with few skills much more than minimum wage. So she does what she can and sacrifices her social time to reach her goals. We've talked about what happens when classes starts and she's agreed that studies come first, so she'll quit one of her jobs.
If the workers in China are being mistreated and are FORCED (by their employer) to work more than 40 hours then, yes, I have a problem with that. But if they truly have the option to work AND they get paid overtime for it, let them have it! Has anyone compared their (the "abused Chinese") annual incomes against the other incomes and work hours for others in that area? I'd really like to know. Because if they are working more hours and still making less then there is a problem. However, if they are making proportionally more then SHUT THE FUCK UP and let them work!
I didn't grow up in America. I grew up in a 3rd-world country. The whole mind-set of society there was different back then (and admittedly, much more "primitive"). Where I grew up, you started working in the fields for several hours a day when you turned 7! When you turned 12 you were expected to look for a wife and be working full-time. Turning 12 was the rite-of-passage to adulthood and you got all the responsibilities AND privileges of adulthood. We kids didn't know any different. We looked forward to each phase of life with anticipation. We weren't brought up to expect to "play" until we were 18 and then start our adult life.
Looking back on it from the perspective of a parent raising kids in America, I can see that that culture and those attitudes would never fly here. But I don't see use as being "abused" as kids. I received my first weapon (modified and "safed") when I was 6. I went on my first "hunt" with the men when I was 7 (mostly along to do the "women's work" (read grunt-work) and to learn the ropes) - kind of like an apprenticeship, I guess. When I was 12, I went along as a full-fledged member of the group. There was no "screwing around". I'd been raised my whole life to be responsible. Today, I can't imagine trusting a 12 year old with that kind of responsibility. Of course we don't raise them to be responsible. We raise them to never take responsibility and to expect to have fun until they're "adults".
My point in all this is that it's easy to judge one culture from the perspective of another, and in doing so do great harm to their way of life. There are cases where abuse is really taking place and, when found, it must be dealt with. But c'mon. A 60-hour week, with overtime? I'd take that. At least give me the option.
Because people like you, the media and the NASA hackers know that people have such a visceral reaction to civilian, collateral damage. They know that the "if we all just think happy thoughts and eat enough bran, peace will ensue"-types will fight their war for them on the battlefield of popular opinion. Don't you see? Plastering the face of a wounded child on the web or TV is the easy way out. They know we won't bother to think beyond the images.
The terrorists are cowards. They target civilians themselves and then hide behind other civilians when attacked. They have no more political legitimacy than what they are given by "world opinion" and "the press". From what I hear, the Israeli military is attempting to minimize civilian casualties. They've announced the areas that they were going to attack and told the government to evacuate their citizens. Maybe, Israel's actions will save more civilian lives in the future. Once Hezbollah realizes that they aren't getting anywhere by hiding among civilians, but are instead pissing those civilians off and that even the granola-eating, birkenstock-wearing, public are seeing them for the cowards they are they'll stop using those methods. Shyah, and monkies will fly out of my butt!
I wish none of this had happened and that the conflict would end, but I'm not so naive to think that thinking happy thoughts are going to make any difference. Even if it were in my power to force Israel to stop their offensive today - do you think Hezbollah will stop killing civilians? Not going to happen. However, if Hezbollah were to be routed and would stop targeting civilians do I think Israel would stop their offensive? Yes. Absolutely.
It's a complicated, messed up world. The press knows that the naive public will react to pictures of civilians getting injured because it means they don't have to think any further than that. It makes the press' job easy - theey don't have to take the time explaining the whole story while trying to keep people's attention. Shocking pictures and shallow stories sell and get a much bigger bang for the buck. The hackers know that putting a picture of a wounded child on a hacked, NASA web page will be effective because people will stop thinking any further than that picture. They will never stop and say: "WTF? This doesn't make any sense. Why target NASA? Hey wait, why did the submitter feel compelled to link to a mirror of the hacked site? Shouldn't this be a discussion about the security of Apache or the competency of the Sysadmins who secured it, or the vulnerabilities of the portal software that was used on the site?" But no, just putting a picture of an injured child stops most people from thinking critically about the situation.
This is why America's leaders are elected based on 30-second sound-bites, name recognition and great hair. People never bother to look any deeper than that. It's too much effort and the media is happy to keep it that way.He also said it worked flawlessly in all the dry-runs. I've been through situations like this before and I've seen other professionals in binds like this before. Here's what you do: You hit the little switch that activates the backup system, grab the other headset, make a joke like "now that you've seen what our top competitor can do... let me show you how our product works!", and pray to God the backup system comes through.
Stuff like this happens all the time. I've even seen it happen to His Steveness(tm). The difference is, Steve ALWAYS has a hot-standby ready to go. I think he even has someone following along on it in the background so that it's sitting at a point in the demo where he needs to take off from (although I can't be sure, it happens so rarely). The point isn't necessarily which software is better. The point is that Steve is the consummate professional when he's doing important presentations and leaves nothing to chance.
After seeing the amount of damage a single screw-up like this can do to a company's reputation, it shouldn't take too long before they realize how important going the extra mile and having redundancy built into the demo is.
The problem with most of these exploits is that they are highly targeted. This means that AV vendors often never get the infected sample until much later - after the damage is done - if ever. Companies are loathe to disclose the fact that they've had a security breach to anyone - even upper-management - let alone outside AV vendors. This means the exploit can be abused for long periods of time with many different targeted victims before it even gets on the AV radar. This whole time, my company might be vulnerable or even compromised, since most of our upper management take the view that "we have AV software - we don't need to spend any more time or money on traffic analysis and network baselining. Just focus on our outward-facing servers with IDS and stop pestering us with internal stuff!". Yes, they are morons.
The myth that you can rely on AV software for comprehensive defense is severely flawed. AV software is almost purely reactive and always behind the eight-ball. It's easy for malware authors to test against popular AV packages and code around it. AV vendors have to actually catch and analyze the malware and then deploy the updated signatures. This gap can be an eternity in the security world.
On OS X, you have the option of creating a "Master Password" that has the ability to unlock any encrypted home directories. It shouldn't be too hard to implement a setting that says a Domain Admin can unlock any encrypted files on computers that are joined to their domain. Something is fishy here. There has to be more broken with this scheme than just the user being able to encrypt their data.
One way MS could "support the iPod" would be to release their own, replacement, OS for it that incorporates support for PlaysForSure(tm). When you connect your iPod to Vista it would ask you if you would like to configure your iPod to use music from MSSuperMusicStore(tm), and would flash your iPod with their OS.
There are already replacement OSes for the iPod running Linux, it wouldn't be difficult for MS to make a WinCE-based OS that supported their DRM, etc. I don't know that Apple would have any chance or recourse then...
It's not hard to switch. Apple is a hardware company first and foremost. Buy a MacBook or a Mac Mini and get the best of both worlds.
If you want to stay with your Dell or Gateway box, load SuSe or Ubuntu. Much of the advantages to OS X is the tight integration between hardware and software. You just won't get the same benefit by loading it on to some crappy WallMart box. Contrary to some people's beliefs, you don't have a right to load OS X on any computer you like. It is a proprietary piece of software and buying Apple's hardware is part of the deal. If you don't like it, use OSS on your beige-box.
BTW, this was written on a Dell running SuSe 10.1 -- sitting next to my MacBook Pro dual-booting WinXP and Tiger.
Send Microsoft a bill for your time.
It was their faulty software and clueless tech support that wasted your valuable time. Had you decided to go the illegal route you would not have had this problem. Had you decided to use Linux or OS X you would not have had this problem. Because you chose to be a good little consumer and followed Microsoft's instructions it caused you grief and time.
Send them a bill.
I believe all of those are available for OS X. So there IS and alternative to Windows.
LAME.
If every ISP blocked outgoing SMTP messages from their users and either 1) forced them to relay mail through their servers or 2) ensured that any user-run mail servers were properly configured with SPF, etc. before allowing them to access outgoing port 25 traffic, it would allow allow much better assurance that the sender was who they said they were.
Then, if any email that was addressed to me had to be checked against my whitelist first, I'd only be getting mail from those users I want to talk to. The real danger would be if one of the users I had in my whitelist became infected by spam-malware that used their address to send spam out to me - but I'd be able to tell right away that they were infected and warn them (or remove them from my whitelist and sent them a live CD :-)
Any lists you signed up for or any businesses that were going to send you email (like order confirmation, etc.) would have to spell out clearly which email address to add to your whitelist in order for you to get your confirmation. If they send you advertisements on that address, remove it from your whitelist.
We are implementing some of this where I work. One twist is that we have a mechanism where any mail you send out to someone automatically gets them added to your whitelist - more to help us quickly build a whitelist for our users than anything else while we are ramping up, but it's a start. Then we have each user create a Spam folder, crank the spam threshold way down, and let the users pick through what makes it through and decide where their discard threshold will be. Eventually, when each user has compiled a complete enough whitelist that they are confident they can operate without the spam safety net, they remove their spam folder.
It's working so far. I know there are services out their that send email back to new senders telling them to jump through hoops to be added to a user's whitelist, but I'm not sure how I feel about that. I have a feeling that sort of thing could get gamed, but maybe that's the way to go - just make it too much work for the spammer. All I know is that I HATE SPAM.