Unless it's teamed with another vulnerability, the rootkit still needs to be run by someone, so I wouldn't say that Unix and workalikes have been "plagued" by them. Also, it's impossible (or damn near it) to write one exploit that works on all Unix and Linux platforms. I encountered one on one of my servers that attempted all kinds of entry points for popular *BSD and Linux platforms, and multiple versions. The vulnerability worked for this exploit, but it only got as far as unprivileged user, as its rootkit didn't function properly.
You can avoid the potential of being effected by a flexible rootkit by uninstalling your compiler when you're done doing updates, because some of these rootkits require being built on the target host.
Let's not try and skirt the issue here, though. There is a world of difference between Microsoft and GNU, mainly that it's almost trivial to get foreign code to run on a Windows box. It may require a guru to clean up after, but at least on Linux you'd have to take explicit action to execute malware code. And by explicit, I don't mean, "hey let me click on this attachment", I mean, "hey I'm going to download this attachment and adjust the execute permission". The problem is Windows' shell execute and filetype detection. It needs to be fixed. Microsoft should fix it.
but it seems there's more Linux growth on those two ends (handhelds and servers) than in the middle, on desktops of Joe user.
There has to be some growth between the keyboard and the chair, first. As it turns out, all the pretty colors and primitives on the screen don't convey too much meaningful information, and the desktop PC is still primarily an entertainment device with happens also run a couple useful apps. My users are having a hard time grasping the multi-user design in Windows 2000/XP: "Why can't we install Spyware Trojan Webcalender 2.0 anymore?"
This looks to be the way of the future with multiplayer online gaming. I'll use this information as a warning. From now on, I will treat the physical media as only a convenience feature, and I would treat the item as such. What this means is that absent of a valid, unused registration code, the discs are only worth the cost of the printing, since you'll still have to go out and buy the license anyway.
Perhaps Blizzard is willing to sell you a new code at a discount, since you won't be needing the install media. But I doubt it, since we're talking about Blizzard here. This seems to me to be a stupid policy, since the game is a monthly service you pay for, no? Why don't they just raise the monthly fees and invest in some more infrastructure? Why would the reg codes even matter when you technically can't "pirate" the service?
As a society, we're pretty familiar with using some amazingly deadly tactics against cancer, and yet, you don't see a whole lot of healthy people screaming about their exposure to those deadly glowing, poisonous cancer patients.
The guy's got a point. After all, it's commonly referred to as "chemotherapy", not "radioactive poison therapy".
I unfortunately forgot to include some other points I had, so here's a follow-up:
My take on the anti-trust case is that laws are basically static, and whenever the government attempts to impose specific limitations, it almost always leads to problems in the future. Market conditions aren't static! My comment about Windows Update should illustrate why a specific regulation about bundling is worthless.
A better solution would be to create economic incentive to work around Microsoft by removing some of the legal tools that Microsoft uses to abuse the market. Technically Microsoft didn't break any laws, although they are definitely sleazy. That doesn't mean there isn't a problem. One could argue that Microsoft's business practices are resulting in less economic development, and are therefore bad for the market segment they inhabit, and overall, bad for economy.
The centerpiece of the problem is that the Microsoft EULA contains some really nasty rules. They can enforce their requirements by arbitrarily adjusting OEM pricing. They can enforce their pricing by threatening to withhold licensing entirely. If you don't think Microsoft has absolute control on pricing, consider that their pricing has never gone up or down in the face of demand.
So we see that Microsoft can prevent OEMs from seeking out both competing products or any distributor besides Microsoft. In other words, there's no negotiation with Redmond. I think that's the problem that has to be addressed. Here is a way to do it:
Allow Software Licenses to be Resold If someone other than Microsoft is allowed to (re)sell licenses, it really throws a wrench in Redmond's legal works. It's not actually an arbitrary government regulation, it's a de-regulation. Copyright is upheld in it's purest form, because the seller can't distribute more copies than he has received. An OEM could conceivably strike up a deal with Dell, say, to take advantage of their pricing. If Microsoft attempts to punish Dell, OEMs go to another vendor.
Not only would this give Dell incentive to fight for extra profit, but the only conceivable way that Microsoft could get back complete control is by withholding licensing from all OEMs. Obviously that'd put them out of business. It also makes profitable the idea of software license clearing houses, whereby OEMs could be shielded from such Microsoft tactics as minimum-quantity purchasing, or sales-based pre-purchasing, by purchasing from a third party that buys in volume. And this also creates new jobs in both the OEM and second-hand markets for software. Lower-priced second-hand software may also curb illegal copying.
This is my favorite solution because it doesn't really require any new government regulation, and requires only the oversight to make sure Microsoft isn't buying up all the clearing houses. The downside is that Microsoft may use WPA to do an endrun around this. Plus, it doesn't give any single competitor a tailored advantage.
Since MS's opponents cannot beat them in the marketplace, they started to shift their fight into legislating Windows into a product consumers won't want.
Wow, okay I can see why you posted this as AC, as you're going to get unpopular here. Someone's already mentioned this, but I'll build on it: The last competitor to actually engage Microsoft in the "marketplace" was probably Digital. After Microsoft altered Windows 3.x so it would not run on top of competitors' DOS work-alikes, there no longer was a "marketplace" in which to compete, because Microsoft began its policy of punishing wayward OEMs through pricing penalties.
I personally think the whole anti-trust case was a waste of taxpayer money, and forcing Microsoft to unbundle applications is just treating one of the symptoms. I seriously doubt it's going to be constructive, because the problem is that Microsoft has a software delivery channel to almost every commodity hardware PC and server sold. It can be unbundled, but all they have to do is reinstall it through Windows Update.
Think of the advantage you'd have if you could get your software installed on every new PC sold. You'd have a huge advantage in compatibility. You could create proprietary format 'X', then sell authoring tools to your clients, saying: "What our product lacks in features, it makes up for in compatiblity, since it is included with 90 per cent of the new computers sold." And also, "Don't worry about the featureset, because our update software is also included, so your clients can easily update to the newest version."
Aside from services where there is a shared infrastructure (phone, electric), I can't think of another industry where a single company has that advantage. The mantra is that Microsoft's skill is in marketing. I disagree. Microsoft's outstanding achievement is the way they engineered themselves so that they are the de facto software vendor for almost every commodity PC vendor. With that, marketing is a breeze, since they can create the problem and the solution to it. Microsoft could start a new advertising campaign tomorrow that said, "The Holocaust never happened - Oh, and buy Windows!" As long as the OEMs are captive, it wouldn't make a difference.
How can anyone compete with them? It's nearly impossible without endless dumptrucks full of cash. No one is going to want to make that kind of investment, because it's almost guaranteed to fail. Microsoft practically collects a subscription fee from PC sellers, so an investment in the competition is a black hole for funding. The competitor isn't going to be able to survive the battle because they won't be able to get a foothold, and their funding will eventually run out. Meanwhile, Microsoft collects funds annually, and has their pick of the litter, from saturating the media with ads based on falsified studies, to buying a work-alike technology and distributing it through OEM channels. Microsoft's OS sales aren't tied to consumer demand for their product, so they can make only minor changes and use the sales profits to include the work-alike for "free".
This is the Microsoft business model. It's obvious, since there is no other explanation why they have an attention span of a two year old. Redmond largely includes "improvements" to shut out potential competitors, not to meet consumer demand, so they're constantly dropping one technology and moving to another. Microsoft realizes that the key to trapping users is to control their data. Their game plan is to either extend the format, or replace it with their own if the format is protected IP.
There's no other explanation for why Internet Explorer went from browser, to inseparable UI shell component, and now to developer's framework. No one asked for three simultaneously-supported versions of VB. No one asked Microsoft to create it's own brand of Java, only to toss it and let it rot. Likewise, there was no outcry for replacements of popular audio and video codecs, yet Microsoft provided their o
No matter how you slice it, a plain old brute force password cracker (like l0phtcrack) won't be made obsolete by this. It's sort of a trade-off, on one hand the password is longer, on the other hand, the majority of possible characters are going to be from a very short list of 26. Consider these points:
* As some already pointed out, sentences have a regular structure, where certain types of words go in certain places. That's a lot of predictibility. Almost every normal sentence begins with a capital letter... Uh oh.
* Sentences contain lots of spaces. Words in the English language are predominantly constructed of a very small group of letters; US TV viewers would know the normal suspects as those the contestants guess on the last round of Wheel of Fortune. Repetition is bad.
* Sorry, but sentence punctuation doesn't meet my requirements for possible permutations. Most sentences use only a period, and to a lesser extent, an apostrophe and maybe a comma. There are 29 non-alpha, non-numerical characters on my keyboard.
* My users have more than just a network logon, and not all of those programs accept long passphrases. There's an added possibility for confusion.
* Users are going to do things like forget which letters are capital (oh please - they're still confused by caps-lock), whether there is a comma in some space or not, and very likely lose their place with a long passphrase if they aren't expert typists. This creates frustration, and when users get frustrated, they do things like leave the machine logged on all day (even when they leave the room). And that creates headaches for me, because it's more likely that someone will sit at a logged-on machine than walk into my locked server room, log on as admin, and get a SAM or shadow-file dump off the server.
I like someone else's suggestion, although I don't recall who it was. Make the user type his new, complex password ten times. If I can memorize 20 complex passwords, my users can memorize one.
But maybe he caught a whiff of the stagnant air. I seriously doubt Microsoft is about to collapse, but they've saturated their target markets. They have prevented any competition from getting a successful footing in the OEM market, they hold captive the majority of developers who write click-and-drool stuff for casual users, and they've sort of levelled off their sales in the low-end server market.
That's great, but in their current position, all Microsoft can do is sell upgrades to the stuff that people have already bought. That's probably just fine for keeping the cashflow coming in on a regular basis. It's kind of naive to expect Microsoft to continue expanding, and expect a big jackpot from rising stock value.
I'm not worried. When Microsoft's mistakes hit 'em in the pocketbook, they'll change in a hurry.
...I guess I'm the oddball here. I've never thought of any of these media as permanent storage. In fact, I learned quickly very early on that all are susceptible to wear, damage or degradation. CDR/W and related tech are more a bandwidth-saving item or convenience item than anything else to me. The things that I need to save, I move to newer formats, usually multiple copies if it's important stuff.
I've yet to lose data to media degradation, however I once lost some important accounting data to a hard drive crash, followed by two ZIP disk backups that were killed by "click-death". One in a billion shot, I guess. Well, I didn't exactly lose the data, I had hard copies on paper, apparently the only semi-permanent storage media that's trustworthy.
I hate to rain on your parade, but PC vendors are very accomodating, especially if you tell them that a competitor is offering something that they are not, and said item is a deciding factor in your purchase. I've asked OEMs to apply all the current patches to XP before shipping, and they did.
But hey, I can see your point. If OEMs just did it without asking, they'd greatly decrease initial tech support calls from customers with spyware- or virus-infected computers. And it's alot cheaper to deliver those 150MB on a standard OEM hdd image than for the customer to do it over his dial-up line.
Yeah, you've got a "choice", but the alternative is so unsavory, you probably won't take it. I have personal experience with this. I had to fight with a big name PC vendor to get the OEM licenses removed on an order that cost almost a half-million. Even then, they're reluctant (translation: refused) to include a discount for the price of the software. What's more, this wasn't even so I could install a competing operating system, it was just to save me from having to keep track of hundreds of install keys (which get defaced and removed by our users).
The problem is that the OEMs are given this "choice": Either pre-buy massive amount of OEM licenses, or pay full retail price through some other channel. Buying a full-blown $300 license pretty much guarantees an OEM will be eaten alive by other competition in the sub-$1000 market. Since they've already paid the cost of the OEM licenses up-front, they're always going to find a way to recover the cost.
I'd say a good solution would be to have a middle-man buy the licenses, then dole them out to OEMs. There would be the advantage of volume licensing prices, but without the need to cough up the cash before the host system is sold. But, oh wait, Microsoft's EULA prevents anyone but OEMs from buying OEM licenses. And, oh yeah, reselling licenses is forbidden as well.
They call it the Microsoft Tax, but at least the IRS waits until I have the money before they take their cut.
Why don't more developers make native Linux games? Well, it's a bit of a chicken and egg situation. Developers don't want to port unless they are convinced that there is a substantial market for Linux games, and that market will not come into being unless there are more games being released for Linux.
And there's the condensed version of the article. The biggest problem with Linux gaming is Linux users. A number of years ago, pro-MS folks were running around and saying it was a development issue. There wasn't a standard set of APIs for game developers to use. This was, of course, false. There were the standard system calls, C library calls, OpenGL, and SDL. Obviously everything was in place, since the Army Game Project ported over the Unreal engine in a very short amount of time.
The answer has been obvious since Loki went under. Apparently Linux users just don't like to use their systems for playing games. Probably the same goes for Mac users as well. Linux isn't poised to explode onto the PC gaming scene. There's nothing functionally wrong with it with respect to gaming. I know this has been a source of personal insecurity for a lot of Linux users, or they wouldn't be writing these articles every year. Don't be insecure, there's nothing wrong with Linux. Linux users just don't like games.
Fascinating. I just put through a round of spam relay blocks in my firewall filter list, and AOL's MTA's keep ending up in this list. Why don't they worry about their own clientele first.
What kind of crappy ISP delivers messages containing *.SCR, *.CPL, *.COM, *.PIF, *.BAT and so forth to their customers?!
Probably the kind of ISP that realizes it's a security issue related to Windows, and therefore one of the risks best dealt with by the end user. Editing users' e-mail based on a file extension is stupid anyway. That's probably the same kind of thinking that went on at Microsoft's OS development group when they implemented file-type detection; More specifically, that shallow thinking is what is directly responsible for the Windows vulnerabilities based on extension-only file-type detection and the shell's automatic file association helper.
So why not stop there? Windows' shellexec helper also attempts to do something with.zip,.wav,.mid and.mp3 extensions. Would you like your ISP to discard those messages automatically? I send a lot of material between work and home in.zip format. I'd change ISPs if some dunderhead was stupid enough to filter my e-mail based on meaningless extensions.
Jesus, why are we still having this discussion? It's real simple for Microsoft to fix: Make it so any file coming from someplace other than the local filesystems is downloaded to disk only. Or simply give IE and Outlook their own file helper registries, where the default is to just download the file without attempting to open it. People have been setting up their own helper applications in Netscape for years, and no one ever died of exhaustion from the extra work.
I know these comments contain the inevitable PC-to-Mac price comparisons, but are they equivalent? One fellow found out that the RAM price difference is only about $29 (installed) if the identical type of memory is selected.
So my question is this: How about if we compare a Mac Mini to a mini-ITX system? Now we're in about the same price range, with similar limitations on upgrades. Plus it's harder (impossible?) to get a suitably powerful processor in a mITX PC.
Anandtech compared the Mini with a full-size Dell - they'd have to, there's no mini-ITX Dell systems that I'm aware of. I hope there's someone else here who thinks that's just stupid: "Hey guys, guess what? I just did a price comparison between a dual-Opteron system and a high-end laptop. The Opteron box is so much better for the price. Now excuse me while I place it in my laptop bag and take it on a business trip!"
Honestly the best managers are those that SERVE their employees. and that truthfully is your job.
you are not to reign over them, you are to serve them so that they can be more productive and in return generate more money for the company.
What exactly do you mean by "serve"? Attempting to dole out attention equally to everyone is a sure way to create office political battles, especially if you're hand-holding an incompetent/unmotivated/highly-paid employee and your other workers take notice.
Step 1 - if your employees are having trouble meeting their goals, it is your fault as a manager.
That's rather arbitrary. There's a lot of area inbetween. I've yet to meet two people that can agree on what amount of work is fair for a given pay. Some employees just suck. Don't tell me you've never come across someone with such a poor work ethic that you wondered why he still had a job.
Step 2 - you employees are the experts of what they do, not you. Do you listen to them on how their job can be improved?
That's a tough one. Many managers can't tell the difference between wisedom and BS, and I've met some workers that can pile it high. Leaving the work goals and estimates entirely up to your employees is just asking for trouble, in my opinion. They're going to attempt to engineer the situation to their own [maximum] benefit. It's just human nature. I'd "trust but verify". It also depends on the type of work. You can throw extra drywall hangers on a job to speed up a building project, but you can't throw extra teachers in a classroom to speed up learning.
Slashdot Mirror
Unless it's teamed with another vulnerability, the rootkit still needs to be run by someone, so I wouldn't say that Unix and workalikes have been "plagued" by them. Also, it's impossible (or damn near it) to write one exploit that works on all Unix and Linux platforms. I encountered one on one of my servers that attempted all kinds of entry points for popular *BSD and Linux platforms, and multiple versions. The vulnerability worked for this exploit, but it only got as far as unprivileged user, as its rootkit didn't function properly.
You can avoid the potential of being effected by a flexible rootkit by uninstalling your compiler when you're done doing updates, because some of these rootkits require being built on the target host.
Let's not try and skirt the issue here, though. There is a world of difference between Microsoft and GNU, mainly that it's almost trivial to get foreign code to run on a Windows box. It may require a guru to clean up after, but at least on Linux you'd have to take explicit action to execute malware code. And by explicit, I don't mean, "hey let me click on this attachment", I mean, "hey I'm going to download this attachment and adjust the execute permission". The problem is Windows' shell execute and filetype detection. It needs to be fixed. Microsoft should fix it.
"...which happens to..."
:-/
sorry about all the typos.
but it seems there's more Linux growth on those two ends (handhelds and servers) than in the middle, on desktops of Joe user.
There has to be some growth between the keyboard and the chair, first. As it turns out, all the pretty colors and primitives on the screen don't convey too much meaningful information, and the desktop PC is still primarily an entertainment device with happens also run a couple useful apps. My users are having a hard time grasping the multi-user design in Windows 2000/XP: "Why can't we install Spyware Trojan Webcalender 2.0 anymore?"
Was it IBM hardware though?
Yes, but a 256MB memory upgrade would be the difference between dismal and dandy. It's not like PC100 is expensive.
Where do you think these come from in quantities large enough to launch a rocket?
Hint: It's not derived from soy crops, geothermal power, tidal action generators, solar panels or windmills.
This looks to be the way of the future with multiplayer online gaming. I'll use this information as a warning. From now on, I will treat the physical media as only a convenience feature, and I would treat the item as such. What this means is that absent of a valid, unused registration code, the discs are only worth the cost of the printing, since you'll still have to go out and buy the license anyway.
Perhaps Blizzard is willing to sell you a new code at a discount, since you won't be needing the install media. But I doubt it, since we're talking about Blizzard here. This seems to me to be a stupid policy, since the game is a monthly service you pay for, no? Why don't they just raise the monthly fees and invest in some more infrastructure? Why would the reg codes even matter when you technically can't "pirate" the service?
You know it's going to be ruined, it's the Hollywood way. All the previews I've seen are just special effects and catchphrases in the voice-over.
Some of us have other sources, and saw a high-quality version long before it appeared here. :o)
I unfortunately forgot to include some other points I had, so here's a follow-up:
My take on the anti-trust case is that laws are basically static, and whenever the government attempts to impose specific limitations, it almost always leads to problems in the future. Market conditions aren't static! My comment about Windows Update should illustrate why a specific regulation about bundling is worthless.
A better solution would be to create economic incentive to work around Microsoft by removing some of the legal tools that Microsoft uses to abuse the market. Technically Microsoft didn't break any laws, although they are definitely sleazy. That doesn't mean there isn't a problem. One could argue that Microsoft's business practices are resulting in less economic development, and are therefore bad for the market segment they inhabit, and overall, bad for economy.
The centerpiece of the problem is that the Microsoft EULA contains some really nasty rules. They can enforce their requirements by arbitrarily adjusting OEM pricing. They can enforce their pricing by threatening to withhold licensing entirely. If you don't think Microsoft has absolute control on pricing, consider that their pricing has never gone up or down in the face of demand.
So we see that Microsoft can prevent OEMs from seeking out both competing products or any distributor besides Microsoft. In other words, there's no negotiation with Redmond. I think that's the problem that has to be addressed. Here is a way to do it:
Allow Software Licenses to be Resold
If someone other than Microsoft is allowed to (re)sell licenses, it really throws a wrench in Redmond's legal works. It's not actually an arbitrary government regulation, it's a de-regulation. Copyright is upheld in it's purest form, because the seller can't distribute more copies than he has received. An OEM could conceivably strike up a deal with Dell, say, to take advantage of their pricing. If Microsoft attempts to punish Dell, OEMs go to another vendor.
Not only would this give Dell incentive to fight for extra profit, but the only conceivable way that Microsoft could get back complete control is by withholding licensing from all OEMs. Obviously that'd put them out of business. It also makes profitable the idea of software license clearing houses, whereby OEMs could be shielded from such Microsoft tactics as minimum-quantity purchasing, or sales-based pre-purchasing, by purchasing from a third party that buys in volume. And this also creates new jobs in both the OEM and second-hand markets for software. Lower-priced second-hand software may also curb illegal copying.
This is my favorite solution because it doesn't really require any new government regulation, and requires only the oversight to make sure Microsoft isn't buying up all the clearing houses. The downside is that Microsoft may use WPA to do an endrun around this. Plus, it doesn't give any single competitor a tailored advantage.
Wow, okay I can see why you posted this as AC, as you're going to get unpopular here. Someone's already mentioned this, but I'll build on it: The last competitor to actually engage Microsoft in the "marketplace" was probably Digital. After Microsoft altered Windows 3.x so it would not run on top of competitors' DOS work-alikes, there no longer was a "marketplace" in which to compete, because Microsoft began its policy of punishing wayward OEMs through pricing penalties.
I personally think the whole anti-trust case was a waste of taxpayer money, and forcing Microsoft to unbundle applications is just treating one of the symptoms. I seriously doubt it's going to be constructive, because the problem is that Microsoft has a software delivery channel to almost every commodity hardware PC and server sold. It can be unbundled, but all they have to do is reinstall it through Windows Update.
Think of the advantage you'd have if you could get your software installed on every new PC sold. You'd have a huge advantage in compatibility. You could create proprietary format 'X', then sell authoring tools to your clients, saying: "What our product lacks in features, it makes up for in compatiblity, since it is included with 90 per cent of the new computers sold." And also, "Don't worry about the featureset, because our update software is also included, so your clients can easily update to the newest version."
Aside from services where there is a shared infrastructure (phone, electric), I can't think of another industry where a single company has that advantage. The mantra is that Microsoft's skill is in marketing. I disagree. Microsoft's outstanding achievement is the way they engineered themselves so that they are the de facto software vendor for almost every commodity PC vendor. With that, marketing is a breeze, since they can create the problem and the solution to it. Microsoft could start a new advertising campaign tomorrow that said, "The Holocaust never happened - Oh, and buy Windows!" As long as the OEMs are captive, it wouldn't make a difference.
How can anyone compete with them? It's nearly impossible without endless dumptrucks full of cash. No one is going to want to make that kind of investment, because it's almost guaranteed to fail. Microsoft practically collects a subscription fee from PC sellers, so an investment in the competition is a black hole for funding. The competitor isn't going to be able to survive the battle because they won't be able to get a foothold, and their funding will eventually run out. Meanwhile, Microsoft collects funds annually, and has their pick of the litter, from saturating the media with ads based on falsified studies, to buying a work-alike technology and distributing it through OEM channels. Microsoft's OS sales aren't tied to consumer demand for their product, so they can make only minor changes and use the sales profits to include the work-alike for "free".
This is the Microsoft business model. It's obvious, since there is no other explanation why they have an attention span of a two year old. Redmond largely includes "improvements" to shut out potential competitors, not to meet consumer demand, so they're constantly dropping one technology and moving to another. Microsoft realizes that the key to trapping users is to control their data. Their game plan is to either extend the format, or replace it with their own if the format is protected IP.
There's no other explanation for why Internet Explorer went from browser, to inseparable UI shell component, and now to developer's framework. No one asked for three simultaneously-supported versions of VB. No one asked Microsoft to create it's own brand of Java, only to toss it and let it rot. Likewise, there was no outcry for replacements of popular audio and video codecs, yet Microsoft provided their o
No matter how you slice it, a plain old brute force password cracker (like l0phtcrack) won't be made obsolete by this. It's sort of a trade-off, on one hand the password is longer, on the other hand, the majority of possible characters are going to be from a very short list of 26. Consider these points:
* As some already pointed out, sentences have a regular structure, where certain types of words go in certain places. That's a lot of predictibility. Almost every normal sentence begins with a capital letter... Uh oh.
* Sentences contain lots of spaces. Words in the English language are predominantly constructed of a very small group of letters; US TV viewers would know the normal suspects as those the contestants guess on the last round of Wheel of Fortune. Repetition is bad.
* Sorry, but sentence punctuation doesn't meet my requirements for possible permutations. Most sentences use only a period, and to a lesser extent, an apostrophe and maybe a comma. There are 29 non-alpha, non-numerical characters on my keyboard.
* My users have more than just a network logon, and not all of those programs accept long passphrases. There's an added possibility for confusion.
* Users are going to do things like forget which letters are capital (oh please - they're still confused by caps-lock), whether there is a comma in some space or not, and very likely lose their place with a long passphrase if they aren't expert typists. This creates frustration, and when users get frustrated, they do things like leave the machine logged on all day (even when they leave the room). And that creates headaches for me, because it's more likely that someone will sit at a logged-on machine than walk into my locked server room, log on as admin, and get a SAM or shadow-file dump off the server.
I like someone else's suggestion, although I don't recall who it was. Make the user type his new, complex password ten times. If I can memorize 20 complex passwords, my users can memorize one.
But maybe he caught a whiff of the stagnant air. I seriously doubt Microsoft is about to collapse, but they've saturated their target markets. They have prevented any competition from getting a successful footing in the OEM market, they hold captive the majority of developers who write click-and-drool stuff for casual users, and they've sort of levelled off their sales in the low-end server market.
That's great, but in their current position, all Microsoft can do is sell upgrades to the stuff that people have already bought. That's probably just fine for keeping the cashflow coming in on a regular basis. It's kind of naive to expect Microsoft to continue expanding, and expect a big jackpot from rising stock value.
I'm not worried. When Microsoft's mistakes hit 'em in the pocketbook, they'll change in a hurry.
...I guess I'm the oddball here. I've never thought of any of these media as permanent storage. In fact, I learned quickly very early on that all are susceptible to wear, damage or degradation. CDR/W and related tech are more a bandwidth-saving item or convenience item than anything else to me. The things that I need to save, I move to newer formats, usually multiple copies if it's important stuff.
I've yet to lose data to media degradation, however I once lost some important accounting data to a hard drive crash, followed by two ZIP disk backups that were killed by "click-death". One in a billion shot, I guess. Well, I didn't exactly lose the data, I had hard copies on paper, apparently the only semi-permanent storage media that's trustworthy.
I hate to rain on your parade, but PC vendors are very accomodating, especially if you tell them that a competitor is offering something that they are not, and said item is a deciding factor in your purchase. I've asked OEMs to apply all the current patches to XP before shipping, and they did.
But hey, I can see your point. If OEMs just did it without asking, they'd greatly decrease initial tech support calls from customers with spyware- or virus-infected computers. And it's alot cheaper to deliver those 150MB on a standard OEM hdd image than for the customer to do it over his dial-up line.
Yeah, you've got a "choice", but the alternative is so unsavory, you probably won't take it. I have personal experience with this. I had to fight with a big name PC vendor to get the OEM licenses removed on an order that cost almost a half-million. Even then, they're reluctant (translation: refused) to include a discount for the price of the software. What's more, this wasn't even so I could install a competing operating system, it was just to save me from having to keep track of hundreds of install keys (which get defaced and removed by our users).
The problem is that the OEMs are given this "choice": Either pre-buy massive amount of OEM licenses, or pay full retail price through some other channel. Buying a full-blown $300 license pretty much guarantees an OEM will be eaten alive by other competition in the sub-$1000 market. Since they've already paid the cost of the OEM licenses up-front, they're always going to find a way to recover the cost.
I'd say a good solution would be to have a middle-man buy the licenses, then dole them out to OEMs. There would be the advantage of volume licensing prices, but without the need to cough up the cash before the host system is sold. But, oh wait, Microsoft's EULA prevents anyone but OEMs from buying OEM licenses. And, oh yeah, reselling licenses is forbidden as well.
They call it the Microsoft Tax, but at least the IRS waits until I have the money before they take their cut.
The answer has been obvious since Loki went under. Apparently Linux users just don't like to use their systems for playing games. Probably the same goes for Mac users as well. Linux isn't poised to explode onto the PC gaming scene. There's nothing functionally wrong with it with respect to gaming.
I know this has been a source of personal insecurity for a lot of Linux users, or they wouldn't be writing these articles every year. Don't be insecure, there's nothing wrong with Linux. Linux users just don't like games.
Are those 3rd person shooters? Those can stay on the game consoles.
Fascinating. I just put through a round of spam relay blocks in my firewall filter list, and AOL's MTA's keep ending up in this list. Why don't they worry about their own clientele first.
Probably the kind of ISP that realizes it's a security issue related to Windows, and therefore one of the risks best dealt with by the end user. Editing users' e-mail based on a file extension is stupid anyway. That's probably the same kind of thinking that went on at Microsoft's OS development group when they implemented file-type detection; More specifically, that shallow thinking is what is directly responsible for the Windows vulnerabilities based on extension-only file-type detection and the shell's automatic file association helper.
So why not stop there? Windows' shellexec helper also attempts to do something with
Jesus, why are we still having this discussion? It's real simple for Microsoft to fix: Make it so any file coming from someplace other than the local filesystems is downloaded to disk only. Or simply give IE and Outlook their own file helper registries, where the default is to just download the file without attempting to open it. People have been setting up their own helper applications in Netscape for years, and no one ever died of exhaustion from the extra work.
Also, he's also not a raging authoritarian-socialist, so I predict he'll get the same treatment when he steps down as did ESR.
Russ Nelson, as in, Russ "The Angry Economist" Nelson? Well how can you go wrong with that choice?
Ha ha, I'm making a stupid pun!
I know these comments contain the inevitable PC-to-Mac price comparisons, but are they equivalent? One fellow found out that the RAM price difference is only about $29 (installed) if the identical type of memory is selected.
So my question is this: How about if we compare a Mac Mini to a mini-ITX system? Now we're in about the same price range, with similar limitations on upgrades. Plus it's harder (impossible?) to get a suitably powerful processor in a mITX PC.
Anandtech compared the Mini with a full-size Dell - they'd have to, there's no mini-ITX Dell systems that I'm aware of. I hope there's someone else here who thinks that's just stupid: "Hey guys, guess what? I just did a price comparison between a dual-Opteron system and a high-end laptop. The Opteron box is so much better for the price. Now excuse me while I place it in my laptop bag and take it on a business trip!"
What exactly do you mean by "serve"? Attempting to dole out attention equally to everyone is a sure way to create office political battles, especially if you're hand-holding an incompetent/unmotivated/highly-paid employee and your other workers take notice.
That's rather arbitrary. There's a lot of area inbetween. I've yet to meet two people that can agree on what amount of work is fair for a given pay. Some employees just suck. Don't tell me you've never come across someone with such a poor work ethic that you wondered why he still had a job.
That's a tough one. Many managers can't tell the difference between wisedom and BS, and I've met some workers that can pile it high. Leaving the work goals and estimates entirely up to your employees is just asking for trouble, in my opinion. They're going to attempt to engineer the situation to their own [maximum] benefit. It's just human nature. I'd "trust but verify". It also depends on the type of work. You can throw extra drywall hangers on a job to speed up a building project, but you can't throw extra teachers in a classroom to speed up learning.