Their business model is simple: issue an official looking letter containing a "fine" for about £80. If you don't pay up, you get reminders and final warnings and such.
Most people pay up.
However - and I daresay this is where RLP are getting upset - there are two minor problems with this business model:
- Under UK law, private organisations can't issue fines. That privilege is reserved for government bodies. A court of law can issue a fine, your local council can issue a fine but if I issue you a fine, I can't do a damn thing to force you to pay up.
- You can't sue someone in order to punish them. If they've caused you to suffer a loss that can somehow be quantified financially, you can sue them to recover the loss, but punitive damages are more-or-less non-existent. If the amount you're suing someone for is in no way related to the amount of financial loss they actually caused, then there's a very good chance it'll be declared a fine and thrown out of court. RLP would need to demonstrate that their "fine" is a genuine estimate of the costs associated with the incident, and as these letters more often than not include the word "Penalty" or "Fine", they've given themselves an uphill struggle before they've even set foot in a courtroom.
NOTE: IANAL. If you are being sued and you take advice from some anonymous Internet source, you need help.
No they fucking won't. Why haven't you guys learnt anything from history?
Because the sensible, smart IT professionals who understand the pros and cons of Windows, Linux or even OS X on the corporate desktop know damn well that Linux on the desktop is never gonna happen - well, not until a well-known, respected company releases a desktop-friendly version of Linux and all the necessary management tools to go with it and actually follows through with it rather than watching it die quietly on the vine a couple of years later when they discover that using the magic word "Linux" does not automatically guarantee you an army of developers prepared to work for free.
Right now I think the only company even remotely likely to do that is Google, and even then I'm not convinced because they have a tendency to make buggy releases often and change the product regularly - precisely the opposite of what any company that's big enough to have an IT department wants.
The only people who are still predicting the Linux desktop are trolls and people who've never had to give a moment's thought to how they'll manage more than a handful of PCs.
One of the biggest things keeping companies on Microsoft products is inertia.
Major changes are a bad thing because they tend to break things, therefore you want as few major changes as possible. But I'm seeing more and more companies that are using software delivered over the Web - it's not just the well known things like salesforce.com, they're actively being encouraged in all sorts of industries to do more and more over the Internet.
The legacy apps that require Windows are becoming fewer by the year; there's plenty of industries that are remarkably close to being able to drop it altogether. They're not there yet - probably a good couple of years off - but if the current trend continues, the day will come that many IT departments can honestly say "How much do we actually need the latest version of Windows anyway?".
(Note I'm not predicting the Linux desktop - anything that's even remotely close to Active Directory for managing lots of computers is at least five years away).
In Microsoft's eyes, an OEM version of Windows that is not pre-installed on hardware by an OEM and subsequently sold to an enduser is just a pirated as a copy downloaded via Bittorrent and given the Razr1911 corp key.
I've had exactly this conversation with a Microsoft rep - it's quite surreal. By that argument, Dell have to buy full-retail copies of Windows for all their staff or source their PCs from someone else.
Replying to myself but: part of my understanding was the bit about virtual terminals I described earlier; the other part I understand is that keeping all the details you need to put another transaction through at a later date is strictly verboten.
But neither of these seem to be particularly enforced, and the virtual terminal one is the thing that really gets me: payment processors advertising a solution and suggesting you use it in a fashion that by definition breaches PCI-DSS.
Your description isn't far off how it looked to me as an outsider: a set of rules you're meant to comply with but aren't really enforced unless it becomes glaringly obvious that something's gone horribly wrong.
Makes a lot of sense. I've seen plenty of businesses that take cards and it's amazing how many of them seem to totally ignore PCI-DSS.
I can only come up with two possible explanations:
1. My understanding of PCI-DSS is totally wrong. 2. It's not really enforced to any significant extent - it just gives the bank a slightly bigger stick to beat you with if you don't comply.
Disclaimer: I'm not a PCI-DSS expert. The list of rules for accepting payment cards is quite long; there's an entire industry dedicated to making sense of it and applying those rules to businesses. And I'm not part of that industry.
But I have had a quick look at them. AFAICT, the processing firms are actively undermining PCI-DSS in at least a couple of ways. One of the big things they push is a virtual card terminal - basically, log onto their website and process everything that way.
PCI-DSS says this is fine, provided the computer used for this is in a separate VLAN firewalled from everything else on the company network, has no more than the bare minimum software installed and is not used for anything but processing card transactions.
The processing firms push the virtual terminal as a money saver - "don't hire an expensive card machine, use your existing computer" and a way to be more flexible - "accept card payments from anywhere, just take your laptop with you and use that". I can't for the life of me figure out how this squares with the PCI-DSS rules regarding virtual card terminals.
Anyone able to explain? Or are the processing firms actively undermining the rules laid out by Visa & Mastercard regarding how you process card details?
From my understanding of Linux, I see no reason why, given root access, a virus could not be made to work on a Unix based system?
It could. The argument goes that as you hardly ever log in as root on a properly setup Unix system - and you never run something as root unless you're damn sure it's what you want to run - and system files are only writeable as root, Unix is immune.
Which is technically true but overlooks a couple of important issues:
- Local exploits that allow privilege escalation. Hypothetically, a virus could take advantage of such an exploit to infect system files.
- You don't need to be running as root to do something undesirable. You can still run applications automatically at login as a normal user, you can still interfere with user data, you can still send emails to everyone in the address book.
- You don't need to be a virus in the true sense of the word to spread like wildfire.
It is quite possible to buy three computers from the same supplier, with the same model number and the same specifications within a month of each other and find that you wind up with three subtly different pieces of hardware.
There are ways to avoid it - most major suppliers will guarantee that certain ranges won't receive a change to the hardware without a corresponding change in the model number - but those ranges are typically quite a bit dearer.
Like it or not, the iPad has become the gold-standard tablet. Most of these clones appear to have been developed through a very simplistic process: put together a tick-list of every feature on the iPad, the product is ready to sell when 70-80% of those features are met.
The problem is, if you base your product around "75% of what the market leader can do", you'll always be 25% behind them. And when the market leader has the supply chain worked out so tight that your absolute best shot is "75% of what the market leader can do for 90% of the price!", your product doesn't look terribly attractive.
The entire process needs to be re-written. It shouldn't be "let's create a 75% iPad clone", it should be "Here's a rough idea of the form factor, let's build the absolute best device we can with that form factor".
Yeah but that company has the i-factor, this mysterious elixir that makes people get addicted to your meaningless electronic toy products as if they were crack.
Not true.
Apple have learned - and really taken to heart - a few home truths about selling products that most of the rest of the computer industry has sadly missed. The fact of the matter is that people are emotional creatures, and do not buy products for purely logical reasons. (They may invent logical reasons in their own mind after the fact to justify a purchase, but they sure as hell don't base the purchasing decision on it!).
If you make a list of reasons people may buy a product - and attach a greater profitability to each item in the list as you go on - the list goes in roughly this order:
- Product/service - what the product or service is.
- Benefits - how aspects of a product might provide some sort of benefit.
- Results - the immediate result one might expect from the product.
- Value - what value one might place on those results.
- Emotional Value - how that value might have an emotional impact.
Note I said "value", not "price". Raw price on its own is actually a pretty bad selling point. You wouldn't think so, it doesn't make much logical sense - but people aren't all that logical. (They also have a short attention span, so unless you can get emotional value across within about ten or twenty seconds, you're wasting your time).
Now, go take a look at Apple's website - or indeed any of their TV ads. They show you the product and immediately demonstrate a result that people will tie some sort of emotional value to. They don't say "you can do video calls", they show a shot of someone calling their mum with FaceTime. They don't say "we have voice control", they show someone out jogging instructing the phone to play Daft Punk. The prospective customer is already thinking about how they'll use the feature to make their life easier before the advert's even finished playing. Each advert mentions perhaps one feature and assigns emotional value to it.
Most other high-tech companies don't even attempt to do this.
Seriously, it's dangerous. The entire PC industry has spent twenty years concentrating on "Cheaper! Cheaper! Cheaper!", look where it's got us. About the only company in the computer industry that's really making good money is the one that doesn't repeat "Cheaper!" like some sort of mantra. Most of the others are making spectacularly low profits considering their turnover.
I don't see why not. In very basic terms, a contract has three components:
Offer (I offer to let you use this software I wrote)
Consideration (in exchange for which you will do something eg. Give me money, agree not to copy it and give copies away, agree that if you change the source you must also give the source away)
Acceptance (you agree to these terms)
I'm pretty sure acceptance can be inferred from action; it does not require signing a piece of paper. The only difficulty I see is that the contract isn't revealed until after you buy the item, which generally you can't return. I don't know how this would pan out in the real world.
This sort of thing is Sales 101: Appeal to people's emotional side. Adding emotional value to a product sells.
Apple do this by, for instance, showing someone happily video calling a relative. Yeah, they do tell you about the technology on their website but every time they do they immediately explain in plain English why it might interest you - talking about features people actually care about.
Microsoft had better offer a instant free upgrade to WP8 for all owners of the Nokia WP7 phones, or they might as well pack it in. Their "Screw the user, unless they have a credit card" attitude back with the Windows Mobile phones are what drove me to Apple in the first place.
They can't. Embedded development invariably involves a certain degree of customising the OS to the hardware, which in this case would be done by Nokia.
That's one of the reasons Linux has taken embedded development by storm - suddenly the amount of customising involved plummets. But it's still not zero.
And that, ladies and gentlemen, is why the iPhone is selling as quick as they can build them and Nokia's Windows phones... aren't. Apple introduce a feature and immediately figure out a way to tell the world how that feature is useful; Microsoft introduce a feature so they can tick a box.
Google needs to start grabbing manufacturers and carriers by the balls like Apple did. Give the manufacturers what they need, but enforce some kind of rollout process. People are pissed, but they can't fight back against an AT&T for being completely feckless. Apple just said, "fuck you carriers, we'll handle the updates so its done right."
Very difficult for the great majority of handset manufacturers. They're following a strict waterfall model - phone hardware gets developed, released, marketed and retired. The software on the phone is developed in the early stages of that process and basically ignored for the rest of it because the development team has moved onto the next thing.
At any given point in time, they could easily have 5 or ten different handsets on the market.
The problem is, when you've got a whacking great business with thousands of staff worldwide, it's fantastically difficult to radically change how it works.
Nokia need to do this, as do RIM. Look how well they're getting on so far.
Something very similar happened to Howard Marks. He was arrested in Spain and deported to the US on drugs charges - even though he never smuggled drugs into the US. (Some of the drugs he did sell wound up in the US, but he claims to have had nothing to do with it).
Slashdot Mirror
This isn't the court system fining people, this is a private organisation issuing rude letters.
Private organisations don't have the ability to fine people under UK law.
They don't sue shoplifters.
Their business model is simple: issue an official looking letter containing a "fine" for about £80. If you don't pay up, you get reminders and final warnings and such.
Most people pay up.
However - and I daresay this is where RLP are getting upset - there are two minor problems with this business model:
- Under UK law, private organisations can't issue fines. That privilege is reserved for government bodies. A court of law can issue a fine, your local council can issue a fine but if I issue you a fine, I can't do a damn thing to force you to pay up.
- You can't sue someone in order to punish them. If they've caused you to suffer a loss that can somehow be quantified financially, you can sue them to recover the loss, but punitive damages are more-or-less non-existent. If the amount you're suing someone for is in no way related to the amount of financial loss they actually caused, then there's a very good chance it'll be declared a fine and thrown out of court. RLP would need to demonstrate that their "fine" is a genuine estimate of the costs associated with the incident, and as these letters more often than not include the word "Penalty" or "Fine", they've given themselves an uphill struggle before they've even set foot in a courtroom.
NOTE: IANAL. If you are being sued and you take advice from some anonymous Internet source, you need help.
No they fucking won't. Why haven't you guys learnt anything from history?
Because the sensible, smart IT professionals who understand the pros and cons of Windows, Linux or even OS X on the corporate desktop know damn well that Linux on the desktop is never gonna happen - well, not until a well-known, respected company releases a desktop-friendly version of Linux and all the necessary management tools to go with it and actually follows through with it rather than watching it die quietly on the vine a couple of years later when they discover that using the magic word "Linux" does not automatically guarantee you an army of developers prepared to work for free.
Right now I think the only company even remotely likely to do that is Google, and even then I'm not convinced because they have a tendency to make buggy releases often and change the product regularly - precisely the opposite of what any company that's big enough to have an IT department wants.
The only people who are still predicting the Linux desktop are trolls and people who've never had to give a moment's thought to how they'll manage more than a handful of PCs.
One of the biggest things keeping companies on Microsoft products is inertia.
Major changes are a bad thing because they tend to break things, therefore you want as few major changes as possible. But I'm seeing more and more companies that are using software delivered over the Web - it's not just the well known things like salesforce.com, they're actively being encouraged in all sorts of industries to do more and more over the Internet.
The legacy apps that require Windows are becoming fewer by the year; there's plenty of industries that are remarkably close to being able to drop it altogether. They're not there yet - probably a good couple of years off - but if the current trend continues, the day will come that many IT departments can honestly say "How much do we actually need the latest version of Windows anyway?".
(Note I'm not predicting the Linux desktop - anything that's even remotely close to Active Directory for managing lots of computers is at least five years away).
In Microsoft's eyes, an OEM version of Windows that is not pre-installed on hardware by an OEM and subsequently sold to an enduser is just a pirated as a copy downloaded via Bittorrent and given the Razr1911 corp key.
I've had exactly this conversation with a Microsoft rep - it's quite surreal. By that argument, Dell have to buy full-retail copies of Windows for all their staff or source their PCs from someone else.
Replying to myself but: part of my understanding was the bit about virtual terminals I described earlier; the other part I understand is that keeping all the details you need to put another transaction through at a later date is strictly verboten.
But neither of these seem to be particularly enforced, and the virtual terminal one is the thing that really gets me: payment processors advertising a solution and suggesting you use it in a fashion that by definition breaches PCI-DSS.
Thanks for your insight.
Your description isn't far off how it looked to me as an outsider: a set of rules you're meant to comply with but aren't really enforced unless it becomes glaringly obvious that something's gone horribly wrong.
Makes a lot of sense. I've seen plenty of businesses that take cards and it's amazing how many of them seem to totally ignore PCI-DSS.
I can only come up with two possible explanations:
1. My understanding of PCI-DSS is totally wrong.
2. It's not really enforced to any significant extent - it just gives the bank a slightly bigger stick to beat you with if you don't comply.
Disclaimer: I'm not a PCI-DSS expert. The list of rules for accepting payment cards is quite long; there's an entire industry dedicated to making sense of it and applying those rules to businesses. And I'm not part of that industry.
But I have had a quick look at them. AFAICT, the processing firms are actively undermining PCI-DSS in at least a couple of ways. One of the big things they push is a virtual card terminal - basically, log onto their website and process everything that way.
PCI-DSS says this is fine, provided the computer used for this is in a separate VLAN firewalled from everything else on the company network, has no more than the bare minimum software installed and is not used for anything but processing card transactions.
The processing firms push the virtual terminal as a money saver - "don't hire an expensive card machine, use your existing computer" and a way to be more flexible - "accept card payments from anywhere, just take your laptop with you and use that". I can't for the life of me figure out how this squares with the PCI-DSS rules regarding virtual card terminals.
Anyone able to explain? Or are the processing firms actively undermining the rules laid out by Visa & Mastercard regarding how you process card details?
It certainly does if there's a kernel update.
Unlikely, I grant you. But not by any stretch of the imagination impossible.
From my understanding of Linux, I see no reason why, given root access, a virus could not be made to work on a Unix based system?
It could. The argument goes that as you hardly ever log in as root on a properly setup Unix system - and you never run something as root unless you're damn sure it's what you want to run - and system files are only writeable as root, Unix is immune.
Which is technically true but overlooks a couple of important issues:
- Local exploits that allow privilege escalation. Hypothetically, a virus could take advantage of such an exploit to infect system files.
- You don't need to be running as root to do something undesirable. You can still run applications automatically at login as a normal user, you can still interfere with user data, you can still send emails to everyone in the address book.
- You don't need to be a virus in the true sense of the word to spread like wildfire.
No, but if he requires ongoing support, that may well be subject to running a particular version.
Don't you believe it.
It is quite possible to buy three computers from the same supplier, with the same model number and the same specifications within a month of each other and find that you wind up with three subtly different pieces of hardware.
There are ways to avoid it - most major suppliers will guarantee that certain ranges won't receive a change to the hardware without a corresponding change in the model number - but those ranges are typically quite a bit dearer.
Manufacturers/vendors, and those who would tell manufacturers what to make.
Consumers aren't fixated on price; if they were Apple wouldn't have enough cash sloshing around to buy Belgium.
If you want to beat Apple, make a better product.
I don't think it's as simple as that.
Like it or not, the iPad has become the gold-standard tablet. Most of these clones appear to have been developed through a very simplistic process: put together a tick-list of every feature on the iPad, the product is ready to sell when 70-80% of those features are met.
The problem is, if you base your product around "75% of what the market leader can do", you'll always be 25% behind them. And when the market leader has the supply chain worked out so tight that your absolute best shot is "75% of what the market leader can do for 90% of the price!", your product doesn't look terribly attractive.
The entire process needs to be re-written. It shouldn't be "let's create a 75% iPad clone", it should be "Here's a rough idea of the form factor, let's build the absolute best device we can with that form factor".
Yeah but that company has the i-factor, this mysterious elixir that makes people get addicted to your meaningless electronic toy products as if they were crack.
Not true.
Apple have learned - and really taken to heart - a few home truths about selling products that most of the rest of the computer industry has sadly missed. The fact of the matter is that people are emotional creatures, and do not buy products for purely logical reasons. (They may invent logical reasons in their own mind after the fact to justify a purchase, but they sure as hell don't base the purchasing decision on it!).
If you make a list of reasons people may buy a product - and attach a greater profitability to each item in the list as you go on - the list goes in roughly this order:
- Product/service - what the product or service is.
- Benefits - how aspects of a product might provide some sort of benefit.
- Results - the immediate result one might expect from the product.
- Value - what value one might place on those results.
- Emotional Value - how that value might have an emotional impact.
Note I said "value", not "price". Raw price on its own is actually a pretty bad selling point. You wouldn't think so, it doesn't make much logical sense - but people aren't all that logical. (They also have a short attention span, so unless you can get emotional value across within about ten or twenty seconds, you're wasting your time).
Now, go take a look at Apple's website - or indeed any of their TV ads. They show you the product and immediately demonstrate a result that people will tie some sort of emotional value to. They don't say "you can do video calls", they show a shot of someone calling their mum with FaceTime. They don't say "we have voice control", they show someone out jogging instructing the phone to play Daft Punk. The prospective customer is already thinking about how they'll use the feature to make their life easier before the advert's even finished playing. Each advert mentions perhaps one feature and assigns emotional value to it.
Most other high-tech companies don't even attempt to do this.
Lose the fixation on price.
Seriously, it's dangerous. The entire PC industry has spent twenty years concentrating on "Cheaper! Cheaper! Cheaper!", look where it's got us. About the only company in the computer industry that's really making good money is the one that doesn't repeat "Cheaper!" like some sort of mantra. Most of the others are making spectacularly low profits considering their turnover.
I don't see why not. In very basic terms, a contract has three components:
Offer (I offer to let you use this software I wrote)
Consideration (in exchange for which you will do something eg. Give me money, agree not to copy it and give copies away, agree that if you change the source you must also give the source away)
Acceptance (you agree to these terms)
I'm pretty sure acceptance can be inferred from action; it does not require signing a piece of paper. The only difficulty I see is that the contract isn't revealed until after you buy the item, which generally you can't return. I don't know how this would pan out in the real world.
Usual IANAL caveats apply.
You know what the odd thing is?
This sort of thing is Sales 101: Appeal to people's emotional side. Adding emotional value to a product sells.
Apple do this by, for instance, showing someone happily video calling a relative. Yeah, they do tell you about the technology on their website but every time they do they immediately explain in plain English why it might interest you - talking about features people actually care about.
Most technology companies are terrible at this.
Microsoft had better offer a instant free upgrade to WP8 for all owners of the Nokia WP7 phones, or they might as well pack it in. Their "Screw the user, unless they have a credit card" attitude back with the Windows Mobile phones are what drove me to Apple in the first place.
They can't. Embedded development invariably involves a certain degree of customising the OS to the hardware, which in this case would be done by Nokia.
That's one of the reasons Linux has taken embedded development by storm - suddenly the amount of customising involved plummets. But it's still not zero.
And that, ladies and gentlemen, is why the iPhone is selling as quick as they can build them and Nokia's Windows phones... aren't. Apple introduce a feature and immediately figure out a way to tell the world how that feature is useful; Microsoft introduce a feature so they can tick a box.
Google needs to start grabbing manufacturers and carriers by the balls like Apple did. Give the manufacturers what they need, but enforce some kind of rollout process. People are pissed, but they can't fight back against an AT&T for being completely feckless. Apple just said, "fuck you carriers, we'll handle the updates so its done right."
Very difficult for the great majority of handset manufacturers. They're following a strict waterfall model - phone hardware gets developed, released, marketed and retired. The software on the phone is developed in the early stages of that process and basically ignored for the rest of it because the development team has moved onto the next thing.
At any given point in time, they could easily have 5 or ten different handsets on the market.
The problem is, when you've got a whacking great business with thousands of staff worldwide, it's fantastically difficult to radically change how it works.
Nokia need to do this, as do RIM. Look how well they're getting on so far.
I imagine Nokia own a fair few patents. Wouldn't surprise me if they hold stock in other businesses.
Sooner or later, the value of that will be far greater than the value of their shares - and when that happens, the asset strippers will move in.
Something very similar happened to Howard Marks. He was arrested in Spain and deported to the US on drugs charges - even though he never smuggled drugs into the US. (Some of the drugs he did sell wound up in the US, but he claims to have had nothing to do with it).
64K? We had 32K, and most of that was reserved for other things so we couldn't actually use it.
And as for floppy disks! We used to dream of floppy disks! We had to plug our dad's cassette player into the computer to load software!