The crucial point is that if no porn is available, the boys will just wank off the photos of clothed models and celebrities as they did before the Internet was widely available, and it's hard to find any valid argument why wanking off the photos of clothed people is inherently better than wanking off the photos of nude ones. It certainly didn't do me any good not to have porn available when I most needed it back in the 80ies.
Its hard to find any valid argument why wanking off to any photos is inherently a bad thing. Anyway, before the internet came along, people just passed top-shelf magazines around the playground, no clothed people required.
I'm waiting for the big ISPs' lists of people who have opted out of filtering to be leaked and the press to publish a list of MPs who have asked the ISP to let them watch porn through the internet connection that they put on their expenses...:)
(Also: please will people write to their MPs and tell them to oppose this shit?)
Well, it depends - my machines aren't running any closed source drivers.
But the fact is performance and stability are rubbish because the drivers are generally just reverse engineered from the hardware, which you could just as easily do on mobile as well but the performance and stability problems are much more obvious on low performance device like them.
Not really. The drivers are frequently written by the hardware vendor in an official capacity. For example, my graphics and wifi drivers were written by Intel - the same people who made the graphics and wifi hardware.
Also, I'm going to go with [citation needed] WRT the idea that reverse engineered drivers are unstable - in my experience, a lot of the reverse engineered Linux drivers have been of higher quality than the official Windows drivers from the vendors. Sure, sometimes reverse engineered drivers aren't as good, but I think the door swings both ways on this and you can't just equate "reverse engineered" with "rubbish" and "official" with "excellent".
In fact, its pretty easy to buy PC hardware that is entirely supported by open software, whereas the same is not true for mobile phones.
Which ones outside of perhaps the Lemote Yeelong?
Well, my crappy Acer Travelmate laptop is entirely supported by open drivers (ok, there is closed firmware running on some of the hardware, but I'm talking about stuff running on the CPU that has to be integrated into the OS in such a way as to prevent arbitrary OS upgrades without the vendor's help). I can install Fedora on that machine and it Just Works.
So no, the problem isn't "the device isn't powerful enough"; the problem is "there are no compatible binary drivers available".
Well no actually, many devices aren't powerful enough, but yes the fact that there are a lack of compatible binary drivers is a problem, and equally a problem on desktops, like i said, they're no different.
Sure, a lot of older devices aren't powerful enough. But the only reason a relatively top-end phone bought a year ago can't run the latest Android is because of closed drivers and the vendor's unwillingness to release new drivers compatible with the latest OS (and AFAIK even the Nexus devices require closed drivers for some of the hardware, so to some extent you're still at the mercy of Google).
I'm sure you'll find the vast majority of desktops - just like mobile phones - are not "entirely supported by open software".
Ah, I didn't say anything about the "vast majority" at all (although I wouldn't be surprised if most of the "non-gaming" PCs were entirely supported by open drivers - they tend not to have nVidia card, which are the current main culpret in the desktop world. That said, a lot of nVidia hardware is now supported by open drivers, albeit not as well as by the official closed drivers).
I said that it was relatively easy to get a PC that is entirely supported by open drivers. And it is, so long as you actually pay attention to what hardware you're getting rather than buying the first thing you see in PC World - there are a *lot* of PCs available that match this criteria from a lot of different vendors. Conversely, I think you'd struggle to find *any* mobile phones on the market that require no closed drivers so however carefully you shop around you're always going to be at the mercy of the vendor.
I would *love* to see a market where you can buy a phone and then install one of a variety of distros on it, regularly reinstalling with upgrades for the next 10 years. But we're no where near there yet, and the primary reason phones lose support is because they each require their own custom bunch of binary drivers which may not be compatible with the current OS and require a lot of custom fiddling about by someone interested to get it all working (which means your particular phone has to be popular enough to get the development time from third parties who aren't getting paid to do it).
Apple got there first and people bought into its ecosystem. Android's app selection is essentially equivalent to Apple's, but a lot of people already started with Apple and are now loathe to leave it.
Nahh, there's something more to it than that. I've got a number of customers who are doing fresh deployments of tablets - they've never had tablets or staff phones before. They are all going with iPads - I have not one customer who is deploying android (although a few have staff bringing their own android phones). They haven't bought into the Apple ecosystem, since they've not had any apple stuff before.
(To my mind, this is a little bit nuts because it means they're spending about 3x what they need to for a bunch of tablets which are just going to be used for web stuff; but I don't make the decisions for these people).
On the other hand, my fiancée switched to Android a couple of years back after losing her iPhone 3GS. Her primary motivation was that the Nexus S was half the price of the iPhone 4 (she actually wanted another 3GS but Apple had stopped making them and they were on the second hand market for far more than a brand new iPhone 4!); and that she had already seen that I had numerous free apps on my Android phone that were either identical to, or equivalent to the paid apps that she had on her iPhone. So app replacement wasn't an issue - all her paid iPhone apps were thrown out and replaced with free Android apps.
Windows (but not WP) and Office, SQL Server and Exchange and more of their business software - why isn't that enough? Will they fail if they fail online in the private sector?
They are worried that a lot of this stuff will move out to third parties in the cloud. Are you going to buy Windows for your workstations if all the applications run in whatever browser you like under whatever OS you like? Are you going to buy lots of Windows server licences when you're no longer running many of your own servers? Are you going to buy Exchange when you've moved your corporate email out to gmail?
They are quite right to be worried - this stuff is gradually going that way. Personally I think the idea of running a word processor "in the cloud" is completely bonkers, but the PHBs are making these bonkers decisions and the current buzzword they're listening to is "the cloud".
One of my customers has been convinced by another contractor that they should move all their email, file servers, etc out to cloud services; this sounds completely nuts to me - having hundreds of people accessing services over a relatively slow internet connection instead of a gigabit LAN sounds like a recipe for a terrible user experience. But the contractor has promised them the world for a low low price and the customer won't listen to anyone pointing out the problems they are creating for themselves.
Microsoft's problem is that they have fundamentally failed to innovate and predict the market for many years, and they've then found that some competition has predicted the market and innovated a product that looks like it could do long term harm to MS. So they then try to play catch-up, never quite getting back ahead of the competition because they still can't seem to innovate.
And where they do innovate, they frequently willfully avoid doing what the market wants, either to avoid cannibalising their other products, or to push some corporate agenda - either way, their innovative product turns into something that has innovated in the opposite direction to what the customers want. We've seen this time and time again - for example, everyone loved tabbed browsing on all the non-MS browsers and asked MS to implement it. So MS did a "study" which determined that no one wanted tabbed browsing and therefore they refused to implement it. It was several years before they actually paid attention to what people wanted and implemented it. Similarly Windows 8 - they produced preview releases and got a lot of feedback saying people didn't like the Metro stuff on a desktop and could they please have a way to disable it and go back to the Windows 7 UI. So MS ignored all that feedback and pushed ahead with the release, only to find it doesn't sell well because - guess what - everyone hates the Metro stuff on desktop machines. So now MS are claiming to have listened to the customers and added a start button - they know full well that everyone was asking for the start menu back, but they've willfully ignored the customers in order to push their agenda to get Metro everywhere.
To be fair, Apple also does this a lot. But Apple seems to have developed some kind of religious following where even when they do something that utterly pisses everyone off, their followers truely seem to believe that Apple knows best. MS wishes they could command that kind of following, but they just can't.
Will they fail if they don't have an OS on tablets and phones? I don't say they should forget about phones and tables, but they should join Apple and Google and Tizen, and deliver software for business on those platforms. Good solid software, that simply works, that's based on Exchange and whatever else they have.
I imagine MS find the idea of having to pay Apple in order to sell their own software fairly galling. They're falling from a position of dominance where they could dictate how everyone else behaved to a position where they are having to comply with how Apple and Google want them to behave.
MS is a million pound giant who is attempting to walk on thin ice. But whatever they do, they cannot get enough traction (=profit) to sustain their humongous empire
Actually, I think their greed is holding them back. They could have decided to ignore the consumer market and stick to the corporate market (where they've always had an advantage). They could've offered light weight tablets that integrated into existing corporate Windows networks easily. Instead they decided that all the corporate stuff would be reserved for the more expensive Windows Pro tablets, which are completely different hardware with a number of disadvantages for many uses (e.g. it is quite heavy compared to an Arm tablet). So now when corporates want a light weight tablet, there is nothing to set Windows RT apart from iOS and Android.
Rather than producing the device the market wanted, they decided to cripple it in the hope it would push that market to buy a more expensive device. That's where they went wrong.
Have you never noticed that nearly all computer product placement in television shows is by the hand of Microsoft?
They've tried to push Windows 8, Windows Phone and the Surface tablet like this. And they still don't sell nearly as well as Android or iOS devices.
Most devices I see on TV and in movies seem to be Apple. I don't know if this is product placement by Apple, or if the producers just happened to like Apple kit.
The only computer *adverts* I've seen recently have been for Microsoft stuff though (wow, things must be really bad when you have to start promoting your OS by telling everyone it has IE...). That said, I very rarely see any adverts on TV.
I think the success of the iPhone and iPad largely demonstrate that there's no better marketing than personal recommendation - people buy an iPhone because their friends have one and say they like it, they probably buy an iPad for the same reasons, plus the fact that its basically just a bigger version of the phone they are already used to. Same with Android.
When Android entered the phone market (which was rapidly turning into an iPhone-only market), they set themselves apart from the iPhone by: 1. Offering a variety of different hardware, allowing customers to choose what suited them best. 2. Being far cheaper. 3. Offering a much more open ecosystem (probably not a factor for most customers, but it attracts the geek crowd and lots of developers) The tablet market has largely been carried on the back of the phone market - people like the phone they have, so buy a similar tablet. Now, the phone and tablet markets are even more saturated and MS have tried to enter this saturated market with devices that don't really do anything revolutionary to set them apart from the devices that are already saturating the market (in fact, they purposefully priced themselves as a "premium brand", which has made them compeltely uncompetetive).
I think unless they can come up with something revolutionary, they will remain an also-ran in both the table and phone markets. The "revolutionary" stuff is things like active directory integration (which would be a big deal for businesses - ipads and android tableds really don't integrate into a corporate network very well), but they've specifically decided to make that a Windows 8 feature and not allow Windows RT devices to do this. If they stopped artificially segregating features in their products to push people up to a "pro" version and just made something that did what people want, they would probably do a lot better.
Same problem as Windows Phone. I know a few people with Windows phones and they love them... the only thing they lament is the utter lack of apps.
Unfortunately, it seems that "Microsoft" and "Windows" are tainted brands. No-one wants to spend personal money to be reminded of Monday morning 9am at work.
It seems to me that there's nothing _wrong_ with Windows RT - if they had got there first, it may well have been adopted in the same way as the iPad. The problem is, it doesn't really do anything that iOS and Android devices don't already do, so why would people go for a non-mainstream device with the associated lack of support from apps and OS updates?
Add to that the fact that MS chose to set the price point right up there with the iPads - for whatever reason, people will pay Apple's inflated price tag just to get the Apple brand. If they're not interested in brand then they will be comparing on features and price, and Android wins on price grounds hand's down. No one is ever going to pay over the odds to get the MS brand - they never have, and they aren't going to start now.
If MS had priced it down at the Android levels then they might've picked up a portion of the people who don't care about brand, but as it is they decided they wanted to place themselves as a premium brand and priced themselves out of that market.
The *only* reason I can think why someone would specifically want an MS device is because they want something that will integrate into their corporate network, with group policies and stuff... and MS specifically ripped that out of Windows RT in order to push people onto their heavy Windows 8 tablets (which are frequently too heavy compared to the other tablets).
If a single drunk driver is able to stop your production and that production is critical you are doing something wrong to begin with. While the cloud might (and probably will) offer better HA and DR it will not fix a bad design by itself.
The article also states: " I didn't want to create my own internal IT department". I' guessing Andrew Oliver is a PHB.
Honestly, anyone who sees cloud services as the great fix for reliability problems is an idiot, especially reliability problems caused by a once-in-a-lifetime drunk-driver incident. Most of the cloud services seem to have had their fair share of incompetence-related downtime. I wouldn't mind betting that if he'd put all his IT stuff one one of the commercial cloud platforms for the last 2 years, he would've had more downtime than he had running them in his offices.
In any case, shoving stuff in the cloud doesn't absolve you of needing a competent IT admin to handle backups and such, unless you're insane enough to trust *everything* to a cloud operator who, at the end of the day, doesn't actually give too much of a crap about one tiny customer who might've lost all their data.
For example, the Samsung Captivate Glide was stuck with Gingerbread until Samsung released an ICS upgrade because the binary blobs in Gingerbread aren't compatible with ICS and Jellybean.
Which is exactly the same as with desktop Windows and Linux, if you change the driver model and the manufacturer doesn't provide drivers then you're stuck whether it's desktop or mobile. If you don't change the driver model (like ICS->JB) then you're probably fine, again like on the desktop. Mobile is no different.
Well, it depends - my machines aren't running any closed source drivers. In fact, its pretty easy to buy PC hardware that is entirely supported by open software, whereas the same is not true for mobile phones.
However, what you're saying doesn't really take anything away from my original point - you can't just install a brand new Android on any old phone because you're going to need compatible binary drivers which the vendors won't supply. Similarly, a PC that requires binary drivers also isn't very upgradable without the vendor's cooperation - the difference here is that the vendors are more inclined to release updated binary drivers for PC hardware than they are for mobile hardware. This isn't always the case though - I've been stuck unable to upgrade the OS for months on machines because nVidia wouldn't release compatible binary drivers, which is one of the reasons I don't buy nVidia hardware anymore.
TL;DR - there is no difference between PCs and mobiles when it comes to hardware that requires binary drivers - without the vendor's support for the upgraded OS you're screwed.
So no, the problem isn't "the device isn't powerful enough"; the problem is "there are no compatible binary drivers available".
Most devices require closed source binary blobs to drive much of the hardware. So yes, you can install AOSP on any phone so long as you don't mind not having a working cellular radio, wifi, gps, screen, bluetooth,...
So explain how you believe all the custom android versions, ubuntu touch, firefox os run on various devices, or are you suggesting they only run on hardware that has fully open source drivers and no binary blobs?
The custom android versions, such as Cyanogenmod, bundle the binary blobs for popular devices (which were extracted from the official images). Go try and run that stuff on a less popular device and you'll struggle. For example, the Samsung Captivate Glide was stuck with Gingerbread until Samsung released an ICS upgrade because the binary blobs in Gingerbread aren't compatible with ICS and Jellybean. Even now, there are various problems with the third party Captivate Glide firmwares due to bugs in the binary blobs (e.g. the GPS reports an incorrect number of satellites, and this is unfixable because that is handled by a closed source binary blob).
I have no experience of Ubuntu Touch and Firefox OS - I assume they either use the existing Android binary blobs, or only run on an extremely small number of devices.
I tend to think Apple made a poor choice given the pre-existence of lots of.local domains in use (default on Small Business Server 2000 from memory, and supported by http://support.microsoft.com/kb/296250)
I think that both of them made a terrible choice.
Microsoft advised using a domain that (by their own admission) "At the present time, the.local domain name is not registered on the Internet." Not sure how that could ever have struck them as a bright idea. I guess MS was arrogant enough to think the rest of the world would bend to accomodate their de-facto standards rather than bothering to get them properly ratified.
Apple then went along and chose a name that they knew was already widely in use, per official advice from MS. However, Apple did at least get this standardised (RFC 6762) - if MS had bothered to get their advice standardised then this conflict would never have happened. Apple could easilly have picked any number of equally appropriate TLDs, such as.linklocal
However, IMHO IANA should just go ahead and ignore the idiots who have used arbitrary TLDs for their internal networks - doing stuff like having a ".mail" TLD for mail services does make some sense and if thats the direction they want to go then a few idiots who should never have been allowed to configure a network in the first place shouldn't stand in the way of that.
It is that way on Android, you can install vanilla Android from AOSP on just about any device that's powerful enough if the bootloader is not locked by the OEM. Problem - as I understand it - is most devices aren't powerful enough to run the latest version.
Most devices require closed source binary blobs to drive much of the hardware. So yes, you can install AOSP on any phone so long as you don't mind not having a working cellular radio, wifi, gps, screen, bluetooth,...
I.E. We may see sales.example.com/wiki and think of it as a very logical place to put a Wiki site for colaboration for the sales department of our organization. However, your average person who is of the intelligence level of sales is going to see asdfgqwerty.example.com/zxcvbnm and think where do we keep the sales notes. If you set it up at http://notes.sales/ they may actually have a chance to remember that.
I'd hope that the average employee would know who their employer is. i.e. if you're emplyed by Example Ltd. you might expect everything to be under example.com... In any case, all this would usually be linked from a company-wide intranet. Your example of sticking things under http://notes.sales/ increases the complexity, because now your users are going to have to understand that they need to use "notes.sales" when they're inside the company's network and "notes.sales.example.com" when they're outside the network. Good luck trying to get your users to figure out that they need to use the outside-facing name when they are sitting in their office but using 3G instead of the LAN...
This gets even worse with organizations that have domains like wehaveadumbbusinessname.com that can be organized into regions or units and before you know it you have people asking where is the mail web server and the reply is mail.salesandmarkenting.southeastern.wehaveadumbusinessname.com/outlookwebclient sales.mail is going to make your customers (employees) a whole happier and reduce tickets considerably.
This is a pretty bad example - in this example you can simply have mail.sales.businessname.com - everyone knows the name of their employer's website so having *everything* under this makes sense. If you need to divide the network into regions then you still need to do this even when using some random TLD, so that's not going to help you there either.
In the same way that ICANN has refused to grant sex.edu they should refuse a lot of gTLDs like.mail,.local.lan.intranet (from above, I like.here too). They don't work in the same way that.pepsi and.catholic do.
Why? It makes complete sense to have google.mail and yahoo.mail instead of googlemail.com, etc. Your reasoning is that a few idiots who should never have been in charge of a network to begin with have screwed up their own networks and you need to stop progress of the rest of the world in order to protect them from having to deal with their own cluelessness.
Similarly, I can point to a number of networks I've had to deal with, where the clueless contractors who configured them had never heard of RFC1918 and just picked a random unallocated IPv4 network for the whole company. By your argument, IANA should have reserved these network addresses - that makes no sense at all, it harms the rest of the internet to protect the few who didn't know what they were doing.
(FWIW, I'm continually shocked at the level of competence in contractors I have to deal with who claim to be network engineers - a very large proportion of them have absolutely no idea how IP routing works, and that's scary given the complexity of some of the networks they are dealing with.)
it's clear that these tlds are in use in countless large deployments around the world and we should get a reserved list of words that will never be publicly addressable just like we got ip blocks.
RFC1918 IP addresses were allocated because there was a need for private deployments, not because some idiots had decided to use them and to hell with everyone else.
Notably IPv6 does not have an equivalent of RFC1918 networks because after much discussion it has been decided that having non-globally-unique addresses is a recipe for disaster.
The main concern incluse using internal gTLDs for internal use. In the article, they call this a "split brain DNS". When I wrote the IETF Draft, we called it "split horizon DNS". Implementing it requires specific modifications to a DNS server so that it can be both a forwarding server and an authoritative server at the "." level, and there is practically no DNS server out there which implements it. Certainly, the top 4 don't.
I think this is untrue - I'm pretty sure you could use Bind's RPZ functionality to do this. Although why you would is anyone's guess.
However, that doesn't seem to be what the article is talking about. The article is talking about your DNS server being nonauthoritative (and forwarding) at the . level, but authoritative for (for example) "exchange.", "corp.", etc. which is, of course, fully supported in any DNS server because thats how DNS works.
In addition, browser completion into ".com" by default means that any typo will take you outside the company, so it's an idiotic example anyway.
What browsers complete to.com by default? Firefox, at least, just pushes things that don't look like domain names into a google search. It appears that anything that doesn't resolve and doesn't have a dot in it goes to google, everything else results in a normal error page.
And the whole "let's rent domain subdelegations of TLDs instead of selling them was born".
This doesn't seem like a bad move, to be honest. DNS space is a limited resource (there are only so many relatively short and pronouncable combinations of letters), so it seems like a good idea to encourage unused domains to be returned to the pool. If domains were sold, they would never be returned, even after the owner had gone out of business.
So back to Dupont... 400 domains * 1000 registrars * $30 average per year = $12M
Expect legislation protecting trademarks across all TLDs to follow shortly on this whole fiasco.
$30/year sounds like several times too much to me.
why were they using invalid domains in the first place?
Because they could and nobody had warned them that ICANN was eventually going to go for a massive AOLisation of the DNS.
The answer is "because there are a lot of idiots passing themselves off as network engineers who actually don't have a clue". It's *never* been sane to pick arbitrary unreserved addresses in any network address space and assume they won't ever be used. And frankly I've seen this time and time again, including such crazyness as people picking arbitrary unallocated IPv4 networks to use internally instead of RFC1918 networks, and then being surprised when things start breaking after those networks have been allocated out to a third party.
Oh also, that rfc dates back a little. Things change and I wouldn't be surprised if they created a.example top domain at some point for something like teaching purposes.
example.com and example.org are explicitly registered for this purpose.
It would be nice to reserve some domain names for internal use although, just like internal ip addresses.
That's a really insightful comment. Reserve.private,.internal,.reserved and a few others for internal use. Even better ban them as prefixes so.private-kellogs and.private-audi, etc can never be registered on the internet.
I've always advocated using your own FQDN for internal networks. If you own example.com, then put your internal stuff on internal.example.com - dead easy, job done. This gets even easier with Bind's RPZ functionality - you don't even need the "internal" subdomain; you can just add/replace RRs in your main domain, which is rather useful where you want different servers to handle your internal and external access (e.g. mail.example.com can point at an internal mail server when inside your LAN, and an external mail server for anyone on the internet).
However, a lot of people decide to use random TLDs for this instead - in particular I've got a number of customers, who under the advice of supposidly qualified network engineers set up their networks to operate on the.local TLD. This, of course, now becomes a problem since.local is normally used by mDNS, so we end up with conflicting names and all sorts of problems.
I would guess you're relatively safe using.localnet (since traditionally localhost is localhost.localnet) if you really must use a non-globally-unique domain name, but IMHO it solves a lot of problems in the long run if you just use a proper FQDN for everything (not least because you don't end up with naming conflicts if you merge LANs together at a later date).
Another thing to consider is: if you're basing your security on reverse DNS lookups then you're an idiot, since the attacker can trivially set their reverse DNS to anything, valid or not.
I keep saying that we need a proportional representation system, but the detractors always say that the right wing will get a place of power.
Thats kinda the point isn't it though? The detractors complain that the likes of the BNP will get some representation in government, but IMHO if (say) 1% of the population vote for the BNP then that 1% should get 1% of the say in how the country is run, even if the other 99% find that distasteful. Completely eliminating the opinions of a small proportion of the population because you find them distasteful does not democracy make.
The AV vote would've started us off in the right direction, but that was sunk by the "no to AV" campaign being allowed to lie in their publicity literature with no consequences.
The encryption was not crippled. The problem here is access to keys and it exists with all systems where any intermediary has access to the keys, not just those belonging to Microsoft.
MS have always strongly implied that Skype has end-to-end encryption and it would therefore not be possible to be wiretapped. Correctly implementing end-to-end cryptography would mean that MS wouldn't have the key themselves, and therefore wouldn't be able to hand it over to the NSA - indeed, the communications could only be wiretapped if one of the endpoints themselves leaked the key.
Its now clear that there was never any (robust) end-to-end encryption and that anyone with MS's key can decrypt everything. So MS seems to have implemented a crippled/broken/ill-thought-out encryption system and then misrepresented it as wiretap-proof end-to-end encryption.
Finally, any entity under the direct jurisdiction of the United States, or indeed any other government, can be compelled by force to use those keys to satisfy requests by those governments for information.
Which is why its important that the service provider engineers the protocols so that they _can't_ be coerced into giving up any keys. From the article, it seems that MS worked with the FBI to ensure their protocols were crippled. So the question is - does anyone have the legal authority to force a company like MS to cripple their software to allow snooping, or were MS doing it voluntarilly or under illegal duress?
The take-home from all this largely seems to be: never trust any unauditable software to be secure against governments snooping. Which is, and always has been, obvious. I wonder if there will be a trend towards non-US governments moving away from proprietary US software as a result of all this (like the US is rejecting various Chinese hardware vendors).
I would view this action from them as illegal anyways.
It doesn't matter if the server is in USA or where.. MS is here, in Finland, selling and marketing this service to me. so they should adhere to our laws about our data. They don't(shouldn't) get out of the data protection and privacy responsibilities by outsourcing some of their work to USA - and if they do that is a dangerous precedent because then you could just dump all our laws about it while they go and put a proxy in some Zimbanaomiland - on principal level that's what they're doing.
Unfortunately, the T&Cs you agreed to when you signed up for a service almost certainly had a wiaver in them (in the UK, for example, the Data Protection Act forbids companies from exporting your data to a country that doesn't have similar protections unless you agree to waive that right. So of course they just build the waiver into the T&Cs that no one reads and carry on business as usual).
So to some extent, you can say "its your own fault, you agreed to waive your data protection rights when you signed up". However, when *everyone* is doing this then its hard to find a service that does what you need that doesn't require you to waive those rights. For big companies like MS, Google, Apple, etc. that have a multinational presence, it would be nice to legally require them to keep your data within the country and under the domestic data protection regulations. For small businesses this obviously wouldn't be possible.
I think users don't always realize that a fault is not just obvious by inspecting your software. They don't realize you have identify possible places in hundreds of thousands of lines of code, that you need to step through what happened or that you need to be able to repeat it in order to gather more information and know when you've fixed. Without any experience of code or debugging, reasoning about what is and isn't important just isn't something the user will have done. Worse, it's easy for users to think you're putting up bureaucratic barriers to escape extra work - which creating long mandatory forms with lots of required information will only make worse - or that you don't trust them.
It's the enormous gulf of understanding about the other sides experience of a bug report that's the problem, not stupidity (though there's plenty of that around, too).
I just don't get that. Everyone has to do problem solving as part of their job, everyone knows you need information to solve problems.
If I tell a graphic designer "that's wrong" when I look at their work, they're going to want to know _what_ specifically I think is wrong, same with a sparky, plumber, teacher, etc. Just saying "thats wrong, fix it" is never going to work in any profession, so why do they somehow thing it suddenly will for software? I'm not saying they need to understand how to dig out a debugger and get a stack trace, etc. but when there's an error message on the screen I don't understand how anyone can think its unimportant to include that information when reporting the problem.
Sounds like you might be part of the issue if you have the same users not supplying you with the needed information over and over again. Have you tried communicating what it is you need from them with the obvious disclaimer that you can't identify and fix the problems without that information?
Yes, they just don't learn. This is defnitely a "user doesn't engage brain" problem - no amount of training is going to work if they don't even think something through at all.
It doesn't involve users to be code masters, it just involves them engaging their brain a bit. I frequently get bug reports along the lines of "something broke last week, came up with some error (I don't remember what), but I rebooted it and its fine for now; please fix it so it doesn't happen again".
It seems to me that your program should be logging and reporting its own errors
The software generating the errors is usually some third party thing that is interacting with our software badly, so we don't actually have control of the error-generating side most of the time.
Slashdot Mirror
The crucial point is that if no porn is available, the boys will just wank off the photos of clothed models and celebrities as they did before the Internet was widely available, and it's hard to find any valid argument why wanking off the photos of clothed people is inherently better than wanking off the photos of nude ones. It certainly didn't do me any good not to have porn available when I most needed it back in the 80ies.
Its hard to find any valid argument why wanking off to any photos is inherently a bad thing. Anyway, before the internet came along, people just passed top-shelf magazines around the playground, no clothed people required.
I'm waiting for the big ISPs' lists of people who have opted out of filtering to be leaked and the press to publish a list of MPs who have asked the ISP to let them watch porn through the internet connection that they put on their expenses... :)
(Also: please will people write to their MPs and tell them to oppose this shit?)
Well, it depends - my machines aren't running any closed source drivers.
But the fact is performance and stability are rubbish because the drivers are generally just reverse engineered from the hardware, which you could just as easily do on mobile as well but the performance and stability problems are much more obvious on low performance device like them.
Not really. The drivers are frequently written by the hardware vendor in an official capacity. For example, my graphics and wifi drivers were written by Intel - the same people who made the graphics and wifi hardware.
Also, I'm going to go with [citation needed] WRT the idea that reverse engineered drivers are unstable - in my experience, a lot of the reverse engineered Linux drivers have been of higher quality than the official Windows drivers from the vendors. Sure, sometimes reverse engineered drivers aren't as good, but I think the door swings both ways on this and you can't just equate "reverse engineered" with "rubbish" and "official" with "excellent".
In fact, its pretty easy to buy PC hardware that is entirely supported by open software, whereas the same is not true for mobile phones.
Which ones outside of perhaps the Lemote Yeelong?
Well, my crappy Acer Travelmate laptop is entirely supported by open drivers (ok, there is closed firmware running on some of the hardware, but I'm talking about stuff running on the CPU that has to be integrated into the OS in such a way as to prevent arbitrary OS upgrades without the vendor's help). I can install Fedora on that machine and it Just Works.
So no, the problem isn't "the device isn't powerful enough"; the problem is "there are no compatible binary drivers available".
Well no actually, many devices aren't powerful enough, but yes the fact that there are a lack of compatible binary drivers is a problem, and equally a problem on desktops, like i said, they're no different.
Sure, a lot of older devices aren't powerful enough. But the only reason a relatively top-end phone bought a year ago can't run the latest Android is because of closed drivers and the vendor's unwillingness to release new drivers compatible with the latest OS (and AFAIK even the Nexus devices require closed drivers for some of the hardware, so to some extent you're still at the mercy of Google).
I'm sure you'll find the vast majority of desktops - just like mobile phones - are not "entirely supported by open software".
Ah, I didn't say anything about the "vast majority" at all (although I wouldn't be surprised if most of the "non-gaming" PCs were entirely supported by open drivers - they tend not to have nVidia card, which are the current main culpret in the desktop world. That said, a lot of nVidia hardware is now supported by open drivers, albeit not as well as by the official closed drivers).
I said that it was relatively easy to get a PC that is entirely supported by open drivers. And it is, so long as you actually pay attention to what hardware you're getting rather than buying the first thing you see in PC World - there are a *lot* of PCs available that match this criteria from a lot of different vendors. Conversely, I think you'd struggle to find *any* mobile phones on the market that require no closed drivers so however carefully you shop around you're always going to be at the mercy of the vendor.
I would *love* to see a market where you can buy a phone and then install one of a variety of distros on it, regularly reinstalling with upgrades for the next 10 years. But we're no where near there yet, and the primary reason phones lose support is because they each require their own custom bunch of binary drivers which may not be compatible with the current OS and require a lot of custom fiddling about by someone interested to get it all working (which means your particular phone has to be popular enough to get the development time from third parties who aren't getting paid to do it).
Apple got there first and people bought into its ecosystem. Android's app selection is essentially equivalent to Apple's, but a lot of people already started with Apple and are now loathe to leave it.
Nahh, there's something more to it than that. I've got a number of customers who are doing fresh deployments of tablets - they've never had tablets or staff phones before. They are all going with iPads - I have not one customer who is deploying android (although a few have staff bringing their own android phones). They haven't bought into the Apple ecosystem, since they've not had any apple stuff before.
(To my mind, this is a little bit nuts because it means they're spending about 3x what they need to for a bunch of tablets which are just going to be used for web stuff; but I don't make the decisions for these people).
On the other hand, my fiancée switched to Android a couple of years back after losing her iPhone 3GS. Her primary motivation was that the Nexus S was half the price of the iPhone 4 (she actually wanted another 3GS but Apple had stopped making them and they were on the second hand market for far more than a brand new iPhone 4!); and that she had already seen that I had numerous free apps on my Android phone that were either identical to, or equivalent to the paid apps that she had on her iPhone. So app replacement wasn't an issue - all her paid iPhone apps were thrown out and replaced with free Android apps.
Windows (but not WP) and Office, SQL Server and Exchange and more of their business software - why isn't that enough? Will they fail if they fail online in the private sector?
They are worried that a lot of this stuff will move out to third parties in the cloud. Are you going to buy Windows for your workstations if all the applications run in whatever browser you like under whatever OS you like? Are you going to buy lots of Windows server licences when you're no longer running many of your own servers? Are you going to buy Exchange when you've moved your corporate email out to gmail?
They are quite right to be worried - this stuff is gradually going that way. Personally I think the idea of running a word processor "in the cloud" is completely bonkers, but the PHBs are making these bonkers decisions and the current buzzword they're listening to is "the cloud".
One of my customers has been convinced by another contractor that they should move all their email, file servers, etc out to cloud services; this sounds completely nuts to me - having hundreds of people accessing services over a relatively slow internet connection instead of a gigabit LAN sounds like a recipe for a terrible user experience. But the contractor has promised them the world for a low low price and the customer won't listen to anyone pointing out the problems they are creating for themselves.
Microsoft's problem is that they have fundamentally failed to innovate and predict the market for many years, and they've then found that some competition has predicted the market and innovated a product that looks like it could do long term harm to MS. So they then try to play catch-up, never quite getting back ahead of the competition because they still can't seem to innovate.
And where they do innovate, they frequently willfully avoid doing what the market wants, either to avoid cannibalising their other products, or to push some corporate agenda - either way, their innovative product turns into something that has innovated in the opposite direction to what the customers want. We've seen this time and time again - for example, everyone loved tabbed browsing on all the non-MS browsers and asked MS to implement it. So MS did a "study" which determined that no one wanted tabbed browsing and therefore they refused to implement it. It was several years before they actually paid attention to what people wanted and implemented it. Similarly Windows 8 - they produced preview releases and got a lot of feedback saying people didn't like the Metro stuff on a desktop and could they please have a way to disable it and go back to the Windows 7 UI. So MS ignored all that feedback and pushed ahead with the release, only to find it doesn't sell well because - guess what - everyone hates the Metro stuff on desktop machines. So now MS are claiming to have listened to the customers and added a start button - they know full well that everyone was asking for the start menu back, but they've willfully ignored the customers in order to push their agenda to get Metro everywhere.
To be fair, Apple also does this a lot. But Apple seems to have developed some kind of religious following where even when they do something that utterly pisses everyone off, their followers truely seem to believe that Apple knows best. MS wishes they could command that kind of following, but they just can't.
Will they fail if they don't have an OS on tablets and phones? I don't say they should forget about phones and tables, but they should join Apple and Google and Tizen, and deliver software for business on those platforms. Good solid software, that simply works, that's based on Exchange and whatever else they have.
I imagine MS find the idea of having to pay Apple in order to sell their own software fairly galling. They're falling from a position of dominance where they could dictate how everyone else behaved to a position where they are having to comply with how Apple and Google want them to behave.
MS is a million pound giant who is attempting to walk on thin ice. But whatever they do, they cannot get enough traction (=profit) to sustain their humongous empire
Actually, I think their greed is holding them back. They could have decided to ignore the consumer market and stick to the corporate market (where they've always had an advantage). They could've offered light weight tablets that integrated into existing corporate Windows networks easily. Instead they decided that all the corporate stuff would be reserved for the more expensive Windows Pro tablets, which are completely different hardware with a number of disadvantages for many uses (e.g. it is quite heavy compared to an Arm tablet). So now when corporates want a light weight tablet, there is nothing to set Windows RT apart from iOS and Android.
Rather than producing the device the market wanted, they decided to cripple it in the hope it would push that market to buy a more expensive device. That's where they went wrong.
Have you never noticed that nearly all computer product placement in television shows is by the hand of Microsoft?
They've tried to push Windows 8, Windows Phone and the Surface tablet like this. And they still don't sell nearly as well as Android or iOS devices.
Most devices I see on TV and in movies seem to be Apple. I don't know if this is product placement by Apple, or if the producers just happened to like Apple kit.
The only computer *adverts* I've seen recently have been for Microsoft stuff though (wow, things must be really bad when you have to start promoting your OS by telling everyone it has IE...). That said, I very rarely see any adverts on TV.
I think the success of the iPhone and iPad largely demonstrate that there's no better marketing than personal recommendation - people buy an iPhone because their friends have one and say they like it, they probably buy an iPad for the same reasons, plus the fact that its basically just a bigger version of the phone they are already used to. Same with Android.
When Android entered the phone market (which was rapidly turning into an iPhone-only market), they set themselves apart from the iPhone by:
1. Offering a variety of different hardware, allowing customers to choose what suited them best.
2. Being far cheaper.
3. Offering a much more open ecosystem (probably not a factor for most customers, but it attracts the geek crowd and lots of developers)
The tablet market has largely been carried on the back of the phone market - people like the phone they have, so buy a similar tablet. Now, the phone and tablet markets are even more saturated and MS have tried to enter this saturated market with devices that don't really do anything revolutionary to set them apart from the devices that are already saturating the market (in fact, they purposefully priced themselves as a "premium brand", which has made them compeltely uncompetetive).
I think unless they can come up with something revolutionary, they will remain an also-ran in both the table and phone markets. The "revolutionary" stuff is things like active directory integration (which would be a big deal for businesses - ipads and android tableds really don't integrate into a corporate network very well), but they've specifically decided to make that a Windows 8 feature and not allow Windows RT devices to do this. If they stopped artificially segregating features in their products to push people up to a "pro" version and just made something that did what people want, they would probably do a lot better.
Same problem as Windows Phone. I know a few people with Windows phones and they love them ... the only thing they lament is the utter lack of apps.
Unfortunately, it seems that "Microsoft" and "Windows" are tainted brands. No-one wants to spend personal money to be reminded of Monday morning 9am at work.
It seems to me that there's nothing _wrong_ with Windows RT - if they had got there first, it may well have been adopted in the same way as the iPad. The problem is, it doesn't really do anything that iOS and Android devices don't already do, so why would people go for a non-mainstream device with the associated lack of support from apps and OS updates?
Add to that the fact that MS chose to set the price point right up there with the iPads - for whatever reason, people will pay Apple's inflated price tag just to get the Apple brand. If they're not interested in brand then they will be comparing on features and price, and Android wins on price grounds hand's down. No one is ever going to pay over the odds to get the MS brand - they never have, and they aren't going to start now.
If MS had priced it down at the Android levels then they might've picked up a portion of the people who don't care about brand, but as it is they decided they wanted to place themselves as a premium brand and priced themselves out of that market.
The *only* reason I can think why someone would specifically want an MS device is because they want something that will integrate into their corporate network, with group policies and stuff... and MS specifically ripped that out of Windows RT in order to push people onto their heavy Windows 8 tablets (which are frequently too heavy compared to the other tablets).
What exactly would be illegal ?
AFAIK all the Microsoft ARM devices have mandatory secureboot. Cracking it would likely be a violation of the DMCA.
If a single drunk driver is able to stop your production and that production is critical you are doing something wrong to begin with. While the cloud might (and probably will) offer better HA and DR it will not fix a bad design by itself.
The article also states: " I didn't want to create my own internal IT department". I' guessing Andrew Oliver is a PHB.
Because cloud services have never had extended outages...
Honestly, anyone who sees cloud services as the great fix for reliability problems is an idiot, especially reliability problems caused by a once-in-a-lifetime drunk-driver incident. Most of the cloud services seem to have had their fair share of incompetence-related downtime. I wouldn't mind betting that if he'd put all his IT stuff one one of the commercial cloud platforms for the last 2 years, he would've had more downtime than he had running them in his offices.
In any case, shoving stuff in the cloud doesn't absolve you of needing a competent IT admin to handle backups and such, unless you're insane enough to trust *everything* to a cloud operator who, at the end of the day, doesn't actually give too much of a crap about one tiny customer who might've lost all their data.
For example, the Samsung Captivate Glide was stuck with Gingerbread until Samsung released an ICS upgrade because the binary blobs in Gingerbread aren't compatible with ICS and Jellybean.
Which is exactly the same as with desktop Windows and Linux, if you change the driver model and the manufacturer doesn't provide drivers then you're stuck whether it's desktop or mobile. If you don't change the driver model (like ICS->JB) then you're probably fine, again like on the desktop. Mobile is no different.
Well, it depends - my machines aren't running any closed source drivers. In fact, its pretty easy to buy PC hardware that is entirely supported by open software, whereas the same is not true for mobile phones.
However, what you're saying doesn't really take anything away from my original point - you can't just install a brand new Android on any old phone because you're going to need compatible binary drivers which the vendors won't supply. Similarly, a PC that requires binary drivers also isn't very upgradable without the vendor's cooperation - the difference here is that the vendors are more inclined to release updated binary drivers for PC hardware than they are for mobile hardware. This isn't always the case though - I've been stuck unable to upgrade the OS for months on machines because nVidia wouldn't release compatible binary drivers, which is one of the reasons I don't buy nVidia hardware anymore.
TL;DR - there is no difference between PCs and mobiles when it comes to hardware that requires binary drivers - without the vendor's support for the upgraded OS you're screwed.
So no, the problem isn't "the device isn't powerful enough"; the problem is "there are no compatible binary drivers available".
Most devices require closed source binary blobs to drive much of the hardware. So yes, you can install AOSP on any phone so long as you don't mind not having a working cellular radio, wifi, gps, screen, bluetooth, ...
So explain how you believe all the custom android versions, ubuntu touch, firefox os run on various devices, or are you suggesting they only run on hardware that has fully open source drivers and no binary blobs?
The custom android versions, such as Cyanogenmod, bundle the binary blobs for popular devices (which were extracted from the official images). Go try and run that stuff on a less popular device and you'll struggle. For example, the Samsung Captivate Glide was stuck with Gingerbread until Samsung released an ICS upgrade because the binary blobs in Gingerbread aren't compatible with ICS and Jellybean. Even now, there are various problems with the third party Captivate Glide firmwares due to bugs in the binary blobs (e.g. the GPS reports an incorrect number of satellites, and this is unfixable because that is handled by a closed source binary blob).
I have no experience of Ubuntu Touch and Firefox OS - I assume they either use the existing Android binary blobs, or only run on an extremely small number of devices.
It (.local) was actually official MS advice for a long time http://en.wikipedia.org/wiki/.local#Microsoft_recommendations
I tend to think Apple made a poor choice given the pre-existence of lots of .local domains in use (default on Small Business Server 2000 from memory, and supported by http://support.microsoft.com/kb/296250)
I think that both of them made a terrible choice.
Microsoft advised using a domain that (by their own admission) "At the present time, the .local domain name is not registered on the Internet." Not sure how that could ever have struck them as a bright idea. I guess MS was arrogant enough to think the rest of the world would bend to accomodate their de-facto standards rather than bothering to get them properly ratified.
Apple then went along and chose a name that they knew was already widely in use, per official advice from MS. However, Apple did at least get this standardised (RFC 6762) - if MS had bothered to get their advice standardised then this conflict would never have happened. Apple could easilly have picked any number of equally appropriate TLDs, such as .linklocal
However, IMHO IANA should just go ahead and ignore the idiots who have used arbitrary TLDs for their internal networks - doing stuff like having a ".mail" TLD for mail services does make some sense and if thats the direction they want to go then a few idiots who should never have been allowed to configure a network in the first place shouldn't stand in the way of that.
It is that way on Android, you can install vanilla Android from AOSP on just about any device that's powerful enough if the bootloader is not locked by the OEM. Problem - as I understand it - is most devices aren't powerful enough to run the latest version.
Most devices require closed source binary blobs to drive much of the hardware. So yes, you can install AOSP on any phone so long as you don't mind not having a working cellular radio, wifi, gps, screen, bluetooth, ...
I.E. We may see sales.example.com/wiki and think of it as a very logical place to put a Wiki site for colaboration for the sales department of our organization. However, your average person who is of the intelligence level of sales is going to see asdfgqwerty.example.com/zxcvbnm and think where do we keep the sales notes. If you set it up at http://notes.sales/ they may actually have a chance to remember that.
I'd hope that the average employee would know who their employer is. i.e. if you're emplyed by Example Ltd. you might expect everything to be under example.com... In any case, all this would usually be linked from a company-wide intranet. Your example of sticking things under http://notes.sales/ increases the complexity, because now your users are going to have to understand that they need to use "notes.sales" when they're inside the company's network and "notes.sales.example.com" when they're outside the network. Good luck trying to get your users to figure out that they need to use the outside-facing name when they are sitting in their office but using 3G instead of the LAN...
This gets even worse with organizations that have domains like wehaveadumbbusinessname.com that can be organized into regions or units and before you know it you have people asking where is the mail web server and the reply is mail.salesandmarkenting.southeastern.wehaveadumbusinessname.com/outlookwebclient sales.mail is going to make your customers (employees) a whole happier and reduce tickets considerably.
This is a pretty bad example - in this example you can simply have mail.sales.businessname.com - everyone knows the name of their employer's website so having *everything* under this makes sense. If you need to divide the network into regions then you still need to do this even when using some random TLD, so that's not going to help you there either.
In the same way that ICANN has refused to grant sex.edu they should refuse a lot of gTLDs like .mail, .local .lan .intranet (from above, I like .here too). They don't work in the same way that .pepsi and .catholic do.
Why? It makes complete sense to have google.mail and yahoo.mail instead of googlemail.com, etc. Your reasoning is that a few idiots who should never have been in charge of a network to begin with have screwed up their own networks and you need to stop progress of the rest of the world in order to protect them from having to deal with their own cluelessness.
Similarly, I can point to a number of networks I've had to deal with, where the clueless contractors who configured them had never heard of RFC1918 and just picked a random unallocated IPv4 network for the whole company. By your argument, IANA should have reserved these network addresses - that makes no sense at all, it harms the rest of the internet to protect the few who didn't know what they were doing.
(FWIW, I'm continually shocked at the level of competence in contractors I have to deal with who claim to be network engineers - a very large proportion of them have absolutely no idea how IP routing works, and that's scary given the complexity of some of the networks they are dealing with.)
it's clear that these tlds are in use in countless large deployments around the world and we should get a reserved list of words that will never be publicly addressable just like we got ip blocks.
RFC1918 IP addresses were allocated because there was a need for private deployments, not because some idiots had decided to use them and to hell with everyone else.
Notably IPv6 does not have an equivalent of RFC1918 networks because after much discussion it has been decided that having non-globally-unique addresses is a recipe for disaster.
This is a BS article.
The main concern incluse using internal gTLDs for internal use. In the article, they call this a "split brain DNS". When I wrote the IETF Draft, we called it "split horizon DNS". Implementing it requires specific modifications to a DNS server so that it can be both a forwarding server and an authoritative server at the "." level, and there is practically no DNS server out there which implements it. Certainly, the top 4 don't.
I think this is untrue - I'm pretty sure you could use Bind's RPZ functionality to do this. Although why you would is anyone's guess.
However, that doesn't seem to be what the article is talking about. The article is talking about your DNS server being nonauthoritative (and forwarding) at the . level, but authoritative for (for example) "exchange.", "corp.", etc. which is, of course, fully supported in any DNS server because thats how DNS works.
In addition, browser completion into ".com" by default means that any typo will take you outside the company, so it's an idiotic example anyway.
What browsers complete to .com by default? Firefox, at least, just pushes things that don't look like domain names into a google search. It appears that anything that doesn't resolve and doesn't have a dot in it goes to google, everything else results in a normal error page.
And the whole "let's rent domain subdelegations of TLDs instead of selling them was born".
This doesn't seem like a bad move, to be honest. DNS space is a limited resource (there are only so many relatively short and pronouncable combinations of letters), so it seems like a good idea to encourage unused domains to be returned to the pool. If domains were sold, they would never be returned, even after the owner had gone out of business.
So back to Dupont... 400 domains * 1000 registrars * $30 average per year = $12M
Expect legislation protecting trademarks across all TLDs to follow shortly on this whole fiasco.
$30/year sounds like several times too much to me.
why were they using invalid domains in the first place?
Because they could and nobody had warned them that ICANN was eventually going to go for a massive AOLisation of the DNS.
The answer is "because there are a lot of idiots passing themselves off as network engineers who actually don't have a clue". It's *never* been sane to pick arbitrary unreserved addresses in any network address space and assume they won't ever be used. And frankly I've seen this time and time again, including such crazyness as people picking arbitrary unallocated IPv4 networks to use internally instead of RFC1918 networks, and then being surprised when things start breaking after those networks have been allocated out to a third party.
Oh also, that rfc dates back a little. Things change and I wouldn't be surprised if they created a .example top domain at some point for something like teaching purposes.
example.com and example.org are explicitly registered for this purpose.
It would be nice to reserve some domain names for internal use although, just like internal ip addresses.
That's a really insightful comment. Reserve .private, .internal, .reserved and a few others for internal use. Even better ban them as prefixes so .private-kellogs and .private-audi, etc can never be registered on the internet.
I've always advocated using your own FQDN for internal networks. If you own example.com, then put your internal stuff on internal.example.com - dead easy, job done. This gets even easier with Bind's RPZ functionality - you don't even need the "internal" subdomain; you can just add/replace RRs in your main domain, which is rather useful where you want different servers to handle your internal and external access (e.g. mail.example.com can point at an internal mail server when inside your LAN, and an external mail server for anyone on the internet).
However, a lot of people decide to use random TLDs for this instead - in particular I've got a number of customers, who under the advice of supposidly qualified network engineers set up their networks to operate on the .local TLD. This, of course, now becomes a problem since .local is normally used by mDNS, so we end up with conflicting names and all sorts of problems.
I would guess you're relatively safe using .localnet (since traditionally localhost is localhost.localnet) if you really must use a non-globally-unique domain name, but IMHO it solves a lot of problems in the long run if you just use a proper FQDN for everything (not least because you don't end up with naming conflicts if you merge LANs together at a later date).
Another thing to consider is: if you're basing your security on reverse DNS lookups then you're an idiot, since the attacker can trivially set their reverse DNS to anything, valid or not.
I keep saying that we need a proportional representation system, but the detractors always say that the right wing will get a place of power.
Thats kinda the point isn't it though? The detractors complain that the likes of the BNP will get some representation in government, but IMHO if (say) 1% of the population vote for the BNP then that 1% should get 1% of the say in how the country is run, even if the other 99% find that distasteful. Completely eliminating the opinions of a small proportion of the population because you find them distasteful does not democracy make.
The AV vote would've started us off in the right direction, but that was sunk by the "no to AV" campaign being allowed to lie in their publicity literature with no consequences.
Telstra is currently moving all their customers email hosting to Microsoft.
For our US "allies" - that's Australia's largest ISP.
But who on earth uses their ISP's email services these days?
The encryption was not crippled. The problem here is access to keys and it exists with all systems where any intermediary has access to the keys, not just those belonging to Microsoft.
MS have always strongly implied that Skype has end-to-end encryption and it would therefore not be possible to be wiretapped. Correctly implementing end-to-end cryptography would mean that MS wouldn't have the key themselves, and therefore wouldn't be able to hand it over to the NSA - indeed, the communications could only be wiretapped if one of the endpoints themselves leaked the key.
Its now clear that there was never any (robust) end-to-end encryption and that anyone with MS's key can decrypt everything. So MS seems to have implemented a crippled/broken/ill-thought-out encryption system and then misrepresented it as wiretap-proof end-to-end encryption.
Finally, any entity under the direct jurisdiction of the United States, or indeed any other government, can be compelled by force to use those keys to satisfy requests by those governments for information.
Which is why its important that the service provider engineers the protocols so that they _can't_ be coerced into giving up any keys. From the article, it seems that MS worked with the FBI to ensure their protocols were crippled. So the question is - does anyone have the legal authority to force a company like MS to cripple their software to allow snooping, or were MS doing it voluntarilly or under illegal duress?
The take-home from all this largely seems to be: never trust any unauditable software to be secure against governments snooping. Which is, and always has been, obvious. I wonder if there will be a trend towards non-US governments moving away from proprietary US software as a result of all this (like the US is rejecting various Chinese hardware vendors).
I would view this action from them as illegal anyways.
It doesn't matter if the server is in USA or where.. MS is here, in Finland, selling and marketing this service to me. so they should adhere to our laws about our data. They don't(shouldn't) get out of the data protection and privacy responsibilities by outsourcing some of their work to USA - and if they do that is a dangerous precedent because then you could just dump all our laws about it while they go and put a proxy in some Zimbanaomiland - on principal level that's what they're doing.
Unfortunately, the T&Cs you agreed to when you signed up for a service almost certainly had a wiaver in them (in the UK, for example, the Data Protection Act forbids companies from exporting your data to a country that doesn't have similar protections unless you agree to waive that right. So of course they just build the waiver into the T&Cs that no one reads and carry on business as usual).
So to some extent, you can say "its your own fault, you agreed to waive your data protection rights when you signed up". However, when *everyone* is doing this then its hard to find a service that does what you need that doesn't require you to waive those rights. For big companies like MS, Google, Apple, etc. that have a multinational presence, it would be nice to legally require them to keep your data within the country and under the domestic data protection regulations. For small businesses this obviously wouldn't be possible.
I think users don't always realize that a fault is not just obvious by inspecting your software. They don't realize you have identify possible places in hundreds of thousands of lines of code, that you need to step through what happened or that you need to be able to repeat it in order to gather more information and know when you've fixed. Without any experience of code or debugging, reasoning about what is and isn't important just isn't something the user will have done. Worse, it's easy for users to think you're putting up bureaucratic barriers to escape extra work - which creating long mandatory forms with lots of required information will only make worse - or that you don't trust them.
It's the enormous gulf of understanding about the other sides experience of a bug report that's the problem, not stupidity (though there's plenty of that around, too).
I just don't get that. Everyone has to do problem solving as part of their job, everyone knows you need information to solve problems.
If I tell a graphic designer "that's wrong" when I look at their work, they're going to want to know _what_ specifically I think is wrong, same with a sparky, plumber, teacher, etc. Just saying "thats wrong, fix it" is never going to work in any profession, so why do they somehow thing it suddenly will for software? I'm not saying they need to understand how to dig out a debugger and get a stack trace, etc. but when there's an error message on the screen I don't understand how anyone can think its unimportant to include that information when reporting the problem.
Sounds like you might be part of the issue if you have the same users not supplying you with the needed information over and over again. Have you tried communicating what it is you need from them with the obvious disclaimer that you can't identify and fix the problems without that information?
Yes, they just don't learn. This is defnitely a "user doesn't engage brain" problem - no amount of training is going to work if they don't even think something through at all.
It doesn't involve users to be code masters, it just involves them engaging their brain a bit. I frequently get bug reports along the lines of "something broke last week, came up with some error (I don't remember what), but I rebooted it and its fine for now; please fix it so it doesn't happen again".
It seems to me that your program should be logging and reporting its own errors
The software generating the errors is usually some third party thing that is interacting with our software badly, so we don't actually have control of the error-generating side most of the time.