A more important question is "Why were the backup servers accessible from the email servers?"
A good network design has the backup servers isolated from the production servers. Only the ports need for backup should be allowed. Even if using a copy over SSH, it is possible to set it so the backup servers can access production, but block all access from production to the backup servers. I should never be able to gain console/terminal access on the backup servers from production.
Surely, you cannot be serious!! (And no, I will not stop calling you Shirley.)
If you are really from Sirius 9, you are very confused about the ownership of OUR moon.
In fact, I would have to say that you are Siriusly confused.
Remember that there are two groups with similar names, the Cardassians and the Kardashians. One group is vaguely reptilian, have large misshapen heads and an overblown and undeserved sense of superiority. The other group, of course, invaded Bajor.
Fredric Brown wrote a short story in 1949 about this very topic, called "Letter to a Phoenix." In it the character writing the letter talks about the many civilizations of the earth, and how they have destroyed themselves over and over. He also claims that all civilizations can only go so high and then they fade away and die. Only the civilization that is insane enough to kill itself will rise from the ashes and live forever. Here is one of the more memorable quotes.
“The human race will last. Everywhere and forever, for it will never be sane and only insanity is divine. Only the mad destroy themselves and all they have wrought.
And only the phoenix lives forever.”
I realize that the story has a different slant, that other civilizations will die out rather than kill themselves, but this was the first thing that came to my mind when I saw the summary.
I think the big difference is the ability to prevent someone from seeing an ad. A TV advertiser cannot prevent an Irish man from tuning in to BET or Univision. Anyone is free to watch those channels as long as he or she gets the service. I may choose to not watch those channels and therefore not see the ad, but that is my choice, not the advertiser's.
If the facebook tool said that only those people looking at a certain wall could see an ad, but everyone who looked at the wall could see it, it would not be illegal.
You said it!! Can you imagine the bugs in those cookies? I can see it now.
MicroBake: Have a cookie!
Customer: Ooohh! That looks like a nice oatmeal-raisin cookie!
MicroBake: Umm. No. That is a sugar cookie. That is not oatmeal you see, and there are no raisins in it.
In some states, AZ at least, it is actually city specific. For example, in Phoenix it is legal to park facing the wrong way, but in Glendale (a suburb of Phoenix) it is illegal.
As for safety, it really does depend on the local conditions. In the Phoenix area, most of the residential streets are wide enough and have a low traffic volume, so it is easy to tell if it is safe to drive off. Most of the major streets either do not allow parking on the side of the road, or have clearly designated parking spaces that make it almost impossible to park in the opposite direction.
I find it puzzling that Christians in particular seem to be irritated by the idea of a lack of free will.
More than once I've seen a religious person irritated when the notion of determinism came up in a discussion.
What is the connection there?
People become irritated for many reasons. However, one possible reason is because determinism is a subtle attack on them and on their beliefs. They may not be able to articulate the attack, but recognize that it is one. They may not even be able to mount a defence or counter-attack and feel frustrated without understanding why.
Christians are told that they must a) Have faith and b) choose to follow Christ. (Many Christian sects differ on the definition of "follow Christ", but they all state that it must be done.)
If there is no free will, how can one have faith? How can you trust someone to reward you for your actions if your actions are meaningless? People choose to "follow Christ" in hope of a reward. By taking away free will, you are taking away their hope of a reward.
Determinism basically calls people stupid for making the choices they did, as well as takes away their hope of an eternal reward. Is it really surprising that they get irritated?
Isn't it conflictive to believe in an all-knowing and all-powerful deity while at the same believing in freedom of choice?
Not really. If there is an all-knowing and all-powerful deity, there must be a reason why we are here. After all, if this deity already knows who will be rewarded and who will be punished, why aren't we already in Heaven or Hell? If nothing we do makes a difference, why are we made to do anything at all? If you accept an all-powerful, all-knowing deity, then you must accept that there is a reason we are here. One possible reason is that we as individuals are important to this deity, and that we gain something by going through this experience. If we do learn and grow by making choices, it follows that this deity could allow us to make choices, even if the results of the choices were known in advance. Knowing what someone will choose is not taking away their choice.
Some people believe that an all-powerful, all-knowing being is forced to manipulate the out-come of all choices, thus removing free-will. Others believe that the same being is free to choose not to manipulate those choices. Thus, to them, an all-powerful, all-knowing being does not conflict with freedom of choice.
Pretty sure that this is a deliberate attempt to make the project have a more appealing name. LAMEAN is likely to be pronounced with a bad Spanish accent, "La MEAN," or pronounced as two words, "LAME AN." I can hear someone saying, "That project was LAME AN' just not worth it."
This is all based on magnonics, which in short - is the use of magnetic spin for binary storage and or logic. This device focuses on the later...
From what I could tell from the article, it appears to focus on both. The device allows them to quickly create and store a pattern. It then allows another pattern to be created and quickly compare the patterns.
It does this by constructing a matrix of magnetic nodes that are effectively interconnected to neighbours (moor?) via spatial magnetic-spin sensitivity, these interconnects form the dynamic logic processing ability of the matrix.
I think that this is somewhat like a (soft) convolutional artificial neural network for image recognition, these are constructed out of a 2d or 3d matrix of nodes with weighted interconnects in a moor-neighbourhood arrangement. The difference here i guess is that a) it's done with magnetic spin (i really have no idea why this is an advantage, maybe i'm all wrong about this) and b) being an application specific piece of hardware each node works in parallel (this is trumped as the primary reason for the speed potential in the article).
... Big disclaimer: I am massively speculating because the use case is not made super clear.
From what I could tell, the advantage of the magnetic spin is that with an 8 terminal node, it can quickly create a matrix of 1,000 bits of data. It can then compare that matrix with a stored matrix. With several nodes working in parallel, it takes the same time to compare 1,000 bits of data as 10,000,000. The potential (and right now, only potential) is that a computing device with this hardware integrated in could compare an image with a stored image much faster than conventional circuits could make the comparison and result in a better matching algorithm.
There's a new version of Siri, coded in Swift, that answers your questions about the future. It was released next December.
A seminar debating the merits of time travel will be held last week. Seating is limited and tickets have been available in two weeks. Get yours yesterday!!
From the article photo, it looks like the 'pump' is actually some sort of monitoring device used to track how much gas/diesel is in the storage tanks. I imagine that gets used by suppliers to anticipate delivery requirements.
I don't know if the same system is used to control the pricing at the customer pumps, and the article doesn't make it clear. I'd guess than since this was published there are going to be some who will be trying it out though.
Depends on the monitoring device. Some of the monitoring devices connect to both the pumps and the tanks so that you can compare how much gas was pumped vs how much gas is left in the tank. Although it is not 100% accurate, if there are leaks or pumps that are way out of calibration, the device might be the first indication that there is a problem. And yes, the major use is to track how many times a tanker needs to come by and fill up the storage tanks.
On systems with Pay-at-the-Pump that take credit/debit cards, the same device connects the pumps to the authorization systems. Sometimes this is over a phone line, but some deal with satellite or internet connection to the authorization centers. These monitoring devices have a lot more control over what is displayed at the pump, and sometimes you can change pricing through the device. The ones that have this kind of control are *supposed* to have better security, but having to type a pin or password each time you connect to it is "really inconvenient."
I LOVE that game!! Don't want to be a trader? Try being a smuggler! Don't like smugglers? Be a Bounty Hunter!! Fighting not your style? Play an Explorer! Maybe intrigue between factions is more your thing. Play a Spy! There are many ways to play Star Traders.
Come to think of it, I play Star Traders on Android, so maybe that is why this new game is only for Windows, OSX, or iPad. The market already has this game (or a better game) on Android.
I have progressive lenses and work on computers all day long. But my first pair were horrible! When I complained to my optometrist, he asked me to demonstrate where I held my book/phone for reading. He explained that my distance was not average, but that he could adjust the focal length to fit. The second pair of lenses was much better.
Remember Knarfling's Universal Law of Individuality. "No one else is me!" Your optometrist usually makes a good guess at making your glasses fit your eyesight, but he is not you and cannot see what you see.
Some people never get used to progressive lenses. Some people cannot live comfortably without them. Only you are you, and only you will know if progressive lenses will work for you. But if you never tell your optometrist about the problem, there is no way he or she can fix it! When you do go back in to explain the issue, be prepared to demonstrate the distance from your eyes to your reading material. It will make a difference.
I don't like receiving my packages unbroken, could we use UPS instead?
ummm.... perhaps I should clarify. While charging "shipping and handling" implies that something will be shipped, I did not actually say that the bridge would be shipped. Only that you would be charged shipping and handling fees at FedEx rates.
I have to agree. I think I understand why they want to do this: Only one code base, less overhead and more profit.
But it is a stupid idea. The different devices provide different functions and shouldn't look the same or be the same. Servers are different from desktops which are different from tablets which are different from phones.
For those who need a bad car analogy, it is like trying to put the same user interface on bicycles, motorcycles, cars, trucks and trains. No one complains that their car doesn't have handlebars. Or that there is no steering wheel on a their bicycle or motorcycle.
True. I should have said major corporate standards when I said government. But because of the way the payment card industry works, if FEELS like government. Complete with not following its own rules and having rules for the sake of rules.
The 90 day password change is a fixture of compliance regulations. If you deal with PCI, SOX or HIPA, you probably have to force password changes every 90 days. With PCI, you can lose your ability to take credit cards if you can't show that you force password changes at least every 90 days. (There are ways around it, the most common is lying to the auditor, but that is a different story.)
I have my own theory as to why the 90 days became standard, but was told that my theory was all wrong without any explanation as to why it was wrong. Suffice it to say that 90 days is a standard and if anyone really knows why it became a standard, they aren't talking.
If you ask an auditor, they will tell you that if someone does find your password, either through a key logger, finding your post-it or cracking your password database, they will only have a limited time before that password is changed. You don't even have to know that someone got your password if you change your password on a schedule. Of course, it might not take long before they learn the new password, but that concern is usually dismissed.
We are, regrettably, impeded by whacked out sysadmins who insist we must use THEIR idea of a strong password -- which always seems to be different from anyone else's idea of a strong password, and/or that we need to change passwords periodically, and/or that we can't reuse passwords.
I sometimes seems that there is an inverse relationship between the actual need for security and the system administrator's perception of the need for security.
This.
I tried to do something basically like this - I have three password strengths, one for low-security throwaway stuff, another for regular stuff (with suffixing so one compromised site won't affect others unless I am specifically targeted), and a max-security one.
Guess which one I use for banking. It's the mid-tier one, MINUS the special characters and suffix. They have an upper length limit that keeps my max-security password from being used for the one thing it really should have been used for.
The only thing that max-security password secures now is root access to my BSD box (and I have sudo set up with nopw, so I never even use that). Everything else is secured by something that really isn't secure enough.
So in other words, nothing has your max security. if you left your screen open and unattended for a moment, a person wouldn't even need your password to crack your BSD box. I hope your BSD box doesn't have anything important on it. The nopw option of sudo should NEVER be used. It is like putting a huge un-pickable lock on your door and then never locking it because it is too inconvenient to pull your keys out. If you use sudo (which I do use often and I believe it is useful, convenient and CAN be secure), you should make sure your password is complex and you need to type it in when you use sudo. Otherwise, you are reducing your security. Yes, sudo can be restricted by host, but most people do not do that, and what happens when that host dies?
I understand that good passwords can be difficult, but they don't have to be. Once I learned how to create good passwords, it became very easy. Even my low security passwords are fairly complex and will pass most complexity requirements. My work password, which has to be changed every 90 days, is usually between 14-20 characters long, has multiple complex characters, and is easy to remember. Although work allows rotation after 6 passwords, I have not re-used a password in six years. My biggest issue is not remembering the password, it is fat-fingering such a long password. The longer it is, the more likely there will be a fat-finger at some point.
I see that someone has had problems with a sysadmin.
Try to remember that not all sysadmins are BOFH. Some actually agree with you on the need for complex passwords and how often they should be changed. Many of them, however, have to follow outdated and impractical guides forced upon them by government standards in order to comply with HIPA, SOX, or PCI.
There are a couple of things that bother me, though. The first is pattern re-use. P@$$word521 does meet the complexity requirements of many systems. But when you use P@$$word125, P@$$word251, P@$$word215 and then tell everyone that you use P@$$word with the same three numbers and just rotate the numbers, it is not much better than a post-it under the keyboard. Complex passwords do not have to be difficult to remember. Just because someone has difficulty coming up with good passwords does not mean that a hard-to-remember password is actually complex.
The second thing that bothers me is when a sysadmin will force a password policy on you, but won't use it himself. I know one admin that forced a password change every 90 days for all accounts except his. When he left the company, his password history was completely blank. He had used the same password for years. While I think passwords could live longer than 90 days and twice a year would be sufficient for many passwords, if a change is required, it should be required for all users including the sysadmin.
Slashdot Mirror
These will have been my thoughts on the subject.
FTFY
The convention on Time Travel will be held last week. Tickets went on sale next month. Get yours yesterday before they run out!
Check out Fredric Brown's short stories on time. The one that applies here is "Hall of Mirrors," but "The End" is also appropriate.
Which USB spec will give me Ludicrous Speed?
A more important question is "Why were the backup servers accessible from the email servers?"
A good network design has the backup servers isolated from the production servers. Only the ports need for backup should be allowed. Even if using a copy over SSH, it is possible to set it so the backup servers can access production, but block all access from production to the backup servers. I should never be able to gain console/terminal access on the backup servers from production.
Surely, you cannot be serious!! (And no, I will not stop calling you Shirley.) If you are really from Sirius 9, you are very confused about the ownership of OUR moon. In fact, I would have to say that you are Siriusly confused.
Remember that there are two groups with similar names, the Cardassians and the Kardashians. One group is vaguely reptilian, have large misshapen heads and an overblown and undeserved sense of superiority. The other group, of course, invaded Bajor.
Fredric Brown wrote a short story in 1949 about this very topic, called "Letter to a Phoenix." In it the character writing the letter talks about the many civilizations of the earth, and how they have destroyed themselves over and over. He also claims that all civilizations can only go so high and then they fade away and die. Only the civilization that is insane enough to kill itself will rise from the ashes and live forever. Here is one of the more memorable quotes.
“The human race will last. Everywhere and forever, for it will never be sane and only insanity is divine. Only the mad destroy themselves and all they have wrought.
And only the phoenix lives forever.”
I realize that the story has a different slant, that other civilizations will die out rather than kill themselves, but this was the first thing that came to my mind when I saw the summary.
If the facebook tool said that only those people looking at a certain wall could see an ad, but everyone who looked at the wall could see it, it would not be illegal.
You said it!! Can you imagine the bugs in those cookies? I can see it now.
MicroBake: Have a cookie!
Customer: Ooohh! That looks like a nice oatmeal-raisin cookie!
MicroBake: Umm. No. That is a sugar cookie. That is not oatmeal you see, and there are no raisins in it.
In some states, AZ at least, it is actually city specific. For example, in Phoenix it is legal to park facing the wrong way, but in Glendale (a suburb of Phoenix) it is illegal.
As for safety, it really does depend on the local conditions. In the Phoenix area, most of the residential streets are wide enough and have a low traffic volume, so it is easy to tell if it is safe to drive off. Most of the major streets either do not allow parking on the side of the road, or have clearly designated parking spaces that make it almost impossible to park in the opposite direction.
I find it puzzling that Christians in particular seem to be irritated by the idea of a lack of free will. More than once I've seen a religious person irritated when the notion of determinism came up in a discussion. What is the connection there?
People become irritated for many reasons. However, one possible reason is because determinism is a subtle attack on them and on their beliefs. They may not be able to articulate the attack, but recognize that it is one. They may not even be able to mount a defence or counter-attack and feel frustrated without understanding why.
Christians are told that they must a) Have faith and b) choose to follow Christ. (Many Christian sects differ on the definition of "follow Christ", but they all state that it must be done.)
If there is no free will, how can one have faith? How can you trust someone to reward you for your actions if your actions are meaningless? People choose to "follow Christ" in hope of a reward. By taking away free will, you are taking away their hope of a reward.
Determinism basically calls people stupid for making the choices they did, as well as takes away their hope of an eternal reward. Is it really surprising that they get irritated?
Isn't it conflictive to believe in an all-knowing and all-powerful deity while at the same believing in freedom of choice?
Not really. If there is an all-knowing and all-powerful deity, there must be a reason why we are here. After all, if this deity already knows who will be rewarded and who will be punished, why aren't we already in Heaven or Hell? If nothing we do makes a difference, why are we made to do anything at all? If you accept an all-powerful, all-knowing deity, then you must accept that there is a reason we are here. One possible reason is that we as individuals are important to this deity, and that we gain something by going through this experience. If we do learn and grow by making choices, it follows that this deity could allow us to make choices, even if the results of the choices were known in advance. Knowing what someone will choose is not taking away their choice.
Some people believe that an all-powerful, all-knowing being is forced to manipulate the out-come of all choices, thus removing free-will. Others believe that the same being is free to choose not to manipulate those choices. Thus, to them, an all-powerful, all-knowing being does not conflict with freedom of choice.
but essentially ran the laser phenomenon in reverse
Are you telling me that reversing the polarity actually WORKS??!!
So would it be "LAMEAN" perhaps? :)
Pretty sure that this is a deliberate attempt to make the project have a more appealing name. LAMEAN is likely to be pronounced with a bad Spanish accent, "La MEAN," or pronounced as two words, "LAME AN." I can hear someone saying, "That project was LAME AN' just not worth it."
From what i can quickly gather from the article:
This is all based on magnonics, which in short - is the use of magnetic spin for binary storage and or logic. This device focuses on the later...
From what I could tell from the article, it appears to focus on both. The device allows them to quickly create and store a pattern. It then allows another pattern to be created and quickly compare the patterns.
It does this by constructing a matrix of magnetic nodes that are effectively interconnected to neighbours (moor?) via spatial magnetic-spin sensitivity, these interconnects form the dynamic logic processing ability of the matrix.
I think that this is somewhat like a (soft) convolutional artificial neural network for image recognition, these are constructed out of a 2d or 3d matrix of nodes with weighted interconnects in a moor-neighbourhood arrangement. The difference here i guess is that a) it's done with magnetic spin (i really have no idea why this is an advantage, maybe i'm all wrong about this) and b) being an application specific piece of hardware each node works in parallel (this is trumped as the primary reason for the speed potential in the article).
... Big disclaimer: I am massively speculating because the use case is not made super clear.
From what I could tell, the advantage of the magnetic spin is that with an 8 terminal node, it can quickly create a matrix of 1,000 bits of data. It can then compare that matrix with a stored matrix. With several nodes working in parallel, it takes the same time to compare 1,000 bits of data as 10,000,000. The potential (and right now, only potential) is that a computing device with this hardware integrated in could compare an image with a stored image much faster than conventional circuits could make the comparison and result in a better matching algorithm.
There's a new version of Siri, coded in Swift, that answers your questions about the future. It was released next December.
A seminar debating the merits of time travel will be held last week. Seating is limited and tickets have been available in two weeks. Get yours yesterday!!
From the article photo, it looks like the 'pump' is actually some sort of monitoring device used to track how much gas/diesel is in the storage tanks. I imagine that gets used by suppliers to anticipate delivery requirements.
I don't know if the same system is used to control the pricing at the customer pumps, and the article doesn't make it clear. I'd guess than since this was published there are going to be some who will be trying it out though.
Depends on the monitoring device. Some of the monitoring devices connect to both the pumps and the tanks so that you can compare how much gas was pumped vs how much gas is left in the tank. Although it is not 100% accurate, if there are leaks or pumps that are way out of calibration, the device might be the first indication that there is a problem. And yes, the major use is to track how many times a tanker needs to come by and fill up the storage tanks.
On systems with Pay-at-the-Pump that take credit/debit cards, the same device connects the pumps to the authorization systems. Sometimes this is over a phone line, but some deal with satellite or internet connection to the authorization centers. These monitoring devices have a lot more control over what is displayed at the pump, and sometimes you can change pricing through the device. The ones that have this kind of control are *supposed* to have better security, but having to type a pin or password each time you connect to it is "really inconvenient."
Don't like smugglers? Be a Bounty Hunter!!
Fighting not your style? Play an Explorer!
Maybe intrigue between factions is more your thing. Play a Spy!
There are many ways to play Star Traders.
Come to think of it, I play Star Traders on Android, so maybe that is why this new game is only for Windows, OSX, or iPad. The market already has this game (or a better game) on Android.
I have progressive lenses and work on computers all day long. But my first pair were horrible! When I complained to my optometrist, he asked me to demonstrate where I held my book/phone for reading. He explained that my distance was not average, but that he could adjust the focal length to fit. The second pair of lenses was much better.
Remember Knarfling's Universal Law of Individuality. "No one else is me!" Your optometrist usually makes a good guess at making your glasses fit your eyesight, but he is not you and cannot see what you see.
Some people never get used to progressive lenses. Some people cannot live comfortably without them. Only you are you, and only you will know if progressive lenses will work for you. But if you never tell your optometrist about the problem, there is no way he or she can fix it! When you do go back in to explain the issue, be prepared to demonstrate the distance from your eyes to your reading material. It will make a difference.
I don't like receiving my packages unbroken, could we use UPS instead?
ummm.... perhaps I should clarify. While charging "shipping and handling" implies that something will be shipped, I did not actually say that the bridge would be shipped. Only that you would be charged shipping and handling fees at FedEx rates.
Where is it located and how much are you asking for it?
We can discuss where it is later. The bridge is only $1,000 US dollars, but I do require shipping and handling in advance. (FedEx Rates, of course.)
But it is a stupid idea. The different devices provide different functions and shouldn't look the same or be the same. Servers are different from desktops which are different from tablets which are different from phones.
For those who need a bad car analogy, it is like trying to put the same user interface on bicycles, motorcycles, cars, trucks and trains. No one complains that their car doesn't have handlebars. Or that there is no steering wheel on a their bicycle or motorcycle.
True. I should have said major corporate standards when I said government. But because of the way the payment card industry works, if FEELS like government. Complete with not following its own rules and having rules for the sake of rules.
The 90 day password change is a fixture of compliance regulations. If you deal with PCI, SOX or HIPA, you probably have to force password changes every 90 days. With PCI, you can lose your ability to take credit cards if you can't show that you force password changes at least every 90 days. (There are ways around it, the most common is lying to the auditor, but that is a different story.)
I have my own theory as to why the 90 days became standard, but was told that my theory was all wrong without any explanation as to why it was wrong. Suffice it to say that 90 days is a standard and if anyone really knows why it became a standard, they aren't talking.
If you ask an auditor, they will tell you that if someone does find your password, either through a key logger, finding your post-it or cracking your password database, they will only have a limited time before that password is changed. You don't even have to know that someone got your password if you change your password on a schedule. Of course, it might not take long before they learn the new password, but that concern is usually dismissed.
We are, regrettably, impeded by whacked out sysadmins who insist we must use THEIR idea of a strong password -- which always seems to be different from anyone else's idea of a strong password, and/or that we need to change passwords periodically, and/or that we can't reuse passwords.
I sometimes seems that there is an inverse relationship between the actual need for security and the system administrator's perception of the need for security.
This.
I tried to do something basically like this - I have three password strengths, one for low-security throwaway stuff, another for regular stuff (with suffixing so one compromised site won't affect others unless I am specifically targeted), and a max-security one.
Guess which one I use for banking. It's the mid-tier one, MINUS the special characters and suffix. They have an upper length limit that keeps my max-security password from being used for the one thing it really should have been used for.
The only thing that max-security password secures now is root access to my BSD box (and I have sudo set up with nopw, so I never even use that). Everything else is secured by something that really isn't secure enough.
So in other words, nothing has your max security. if you left your screen open and unattended for a moment, a person wouldn't even need your password to crack your BSD box. I hope your BSD box doesn't have anything important on it. The nopw option of sudo should NEVER be used. It is like putting a huge un-pickable lock on your door and then never locking it because it is too inconvenient to pull your keys out. If you use sudo (which I do use often and I believe it is useful, convenient and CAN be secure), you should make sure your password is complex and you need to type it in when you use sudo. Otherwise, you are reducing your security. Yes, sudo can be restricted by host, but most people do not do that, and what happens when that host dies?
I understand that good passwords can be difficult, but they don't have to be. Once I learned how to create good passwords, it became very easy. Even my low security passwords are fairly complex and will pass most complexity requirements. My work password, which has to be changed every 90 days, is usually between 14-20 characters long, has multiple complex characters, and is easy to remember. Although work allows rotation after 6 passwords, I have not re-used a password in six years. My biggest issue is not remembering the password, it is fat-fingering such a long password. The longer it is, the more likely there will be a fat-finger at some point.
I see that someone has had problems with a sysadmin.
Try to remember that not all sysadmins are BOFH. Some actually agree with you on the need for complex passwords and how often they should be changed. Many of them, however, have to follow outdated and impractical guides forced upon them by government standards in order to comply with HIPA, SOX, or PCI.
There are a couple of things that bother me, though. The first is pattern re-use. P@$$word521 does meet the complexity requirements of many systems. But when you use P@$$word125, P@$$word251, P@$$word215 and then tell everyone that you use P@$$word with the same three numbers and just rotate the numbers, it is not much better than a post-it under the keyboard. Complex passwords do not have to be difficult to remember. Just because someone has difficulty coming up with good passwords does not mean that a hard-to-remember password is actually complex.
The second thing that bothers me is when a sysadmin will force a password policy on you, but won't use it himself. I know one admin that forced a password change every 90 days for all accounts except his. When he left the company, his password history was completely blank. He had used the same password for years. While I think passwords could live longer than 90 days and twice a year would be sufficient for many passwords, if a change is required, it should be required for all users including the sysadmin.
Just my little rant.