In the case of individuals, birthday and Christmas presents from relatives who can't tell Ralink from Realtek.
If the exact make and model of a given item is so important that the slightest mistake means you might as well not bother, why are you asking someone else who can't realistically be expected to understand this to buy it for you?
I keep on hearing this, generally from US based people. I really can't understand it at all. I'm based in the UK, and I know for a fact that most if not all major bank websites work fine with Firefox.
Lloyds TSB: Fine. Doesn't even mention it.
Natwest: Fine. (though you may need a User Agent switch)
HSBC: Fine.
Abbey: It complains about user agent, lets you login anyway then works perfectly.
Exactly, at my university, students who are Computer Science majors are taught how to use Linux in the first few weeks of our Introduction to Computer Science I course. It's not like Linux == Rocket Science..
No, because if it was it would be taught in the first few weeks of the Introduction to Rocket Science I course.
The power to give vast quantities of money to politicians in, ahem, "campaign contributions", in exchange for sympathetic laws. And the power to have these laws adopted worldwide by proxy on account of a number of free trade agreements.
Seems to me the US legal system works something like DNS. One master server is updated, everything else gets the changes sooner or later.
An ID that requires 1000 pounds and a corrupt government employee to fake is still better than one that requires 10 pounds and photoshop to fake. No ID will be perfect, but is that an objection to making them better?
That's the price for a perfect fake. An imperfect fake (when you don't expect them to cross-reference the ID with a database) will ultimately be available far cheaper.
In reality people already need to carry some document that allows them to identify themselves, if only to their banker, even in the UK and USA.
Don't know about the USA, but in the UK I can regularly make cash withdrawals (up to a certain amount, though generally fairly large) and debit card purchases (unlimited) without any ID over and above the relevant bank card.
so what if like me, you already have a full passport with your name and picture in it, and a full driving licence with your name, address and picture in it?
Then, my friend, you have another card with the exact same information. Dontcha just love repeating yourself?
Only now, the Government has written into the legislation that as far as this card is concerned, all sorts of organisations, both public and private, may demand to see it and cross-check details with the centrally-held database at any time.
To be fair, in order for them to become compulsory, they'll have to go back and get legislation passed through both houses.
True, but you're confusing "in theory, according to Government" and "in practice, according to Reality".
Examples:
"As of 1 July 2008, we will only serve alcohol to people who can produce ID, regardless of their apparent age. The only acceptable form of ID is a UK ID card or passport".
"As of 1 July 2008, this company will be taking positive steps to ensure illegal immigrants aren't employed. To that end, anyone applying for a job must show a UK ID card before they will be offered a role".
"In order to combat Identity Theft, as of 1 July 2008, you will be required to show your ID card when paying by debit/credit card".
"In line with Money Laundering Regulations, we will only open a bank account for people who can demonstrate their identity. As of 1 July 2008, we will only accept an ID card issued by an EU member state."
They are ALL the fault of short-term, narrow-minded, incompetent thinking on the part of management of virtually every corporation in existence.
That's as maybe. But I interpreted your original post to lay it entirely at the hands of "incompetent IT managers".
Let me explain that firstly, all the server systems I run are Linux based and running Free software. However, as an IT manager I'm not an island. I have to provide what the business needs. Granted, I have to consider what it will need over the course of the next few years, but at the same time I can't provide a half-assed solution which doesn't work and the only thing in its favour is it's OSS.
My finance director won't let me buy a solution based on evangelism. However, he will on a sound business need. A "sound business need" is simple. It amounts to "The business has a requirement for software which does X, Y and Z and will not pay more than £N to get it".
As often as not, the current situation with OSS is "I can give you a free solution which does X and Y, or a commercial one which does all 3. Alternatively we could pay someone to work on the free solution so it does Z as well. It won't be any cheaper in the short term, but in the long term (>3 years) it should. It will add several months to the length of time it takes to deploy",
Generally, in such cases the "Z" that's missing is something fairly unimportant. However, every so often it isn't. In such cases, I don't have a problem with proprietary software.
Example: We exchange vector drawings in Visio format with an outside company. The outside company doesn't see a problem with this, and will only use Visio. What am I supposed to do? Insist everyone sit tight while we wait 6 months and sponsor development of something like Inkscape? I can tell you now this will cost an awful lot more than 2 copies of Visio, even accounting for future upgrades.
I'm not going into the intrinsics of the core itself, but it still supports the old x86 32-bit instruction set and most operating systems should happily run 32-bit and 64-bit code side by side on the same box. Linux, for instance, does so perfectly happily. The only restriction I can think of is (IIRC) all 32 bit applications have to run in the first 4GB of RAM.
Sun faced a similar issue when they upgraded the Sparc to 64 bit. Guess what? It's completely transparent to the user and even today will happily run 32-bit code.
I am sure it is quite within Apple's capabilities to handle this.
Good luck with your new and improved Macintosh. It will be nice to see how many years Apple will give this platform before a complete upgrade is necesarry again. My guess is, not long.
People divulge their passwords/access tokens easily in comparison to spending days/weeks cracking a system.
True, but you don't often see a botnet bribing people in exchange for specific passwords. (I'm excluding phishing at this point and thinking about corporate espionage rather than bank fraud).
If someone's hanging around your offices offering people brown envelopes in exchange for passwords, they've gone to some trouble and they're clearly determined to attack you in particular. There's probably not a great deal IT-wise you can do. I believe there's at least one UK bank which asks the customer a few questions and the staff can't see the correct answers - all they can do is punch them into the computer as given by the customer, which then says "yes" or "no". Bit of a shame that this isn't more common.
But it CAN'T stop virus software completely - all you need is to give a reason to the user to authorise the operation.
You don't even need to do that. If the currently logged in user can delete files they created, build up a contacts list and send email, then software which runs as the currently logged in user can delete files the user created, read their contact list and send email to it.
But even with these changes, a -lot- of serious work is done in Excel.
AOL. I actually turned down a job with a small company when the MD told me how proud he was that he'd been able to make his spreadsheets much more sophisticated by inter-linking cells between files.
I just had this vision of a great big house-of-cards in Excel form, and one card being moved....
Look, sooner or later you WILL move from the software you have.
Agreed.
The issue is whether your management is planning NOW for that inevitable eventuality.
Out here in the real world, we have this great big list of other things to do. "Planning an escape route for every damn application we run" is generally fairly low on the list of priorities.
And the way to do that and minimize the costs and disruption is to start pursuing - over time - a planned OSS migration.
You've lost me there.
Many companies, even if they do some software development in-house, have no desire to rewrite a whole bunch of business applications at every level of the business. Granted, in many cases, it's not necessary. But I guarantee you that if you were to interview every person in any reasonably-sized company over what software they used, sooner or later you'd find something which was Windows only.
Now, if a Free/OSS equivalent doesn't exist, the business has basically 3 choices:
Build a replacement in-house.
Commission someone else to build a replacement
Sponsor a project like Sun did with OpenOffice. Though in order to guarantee that the product meets business needs and is usable in a reasonable timeframe, one or other of the two suggestions above will also have to be used.
That's the easy stuff done. Now the hard stuff.
UK Bank NatWest doesn't always offer web-based banking for business customers. Instead it's done over dialup using their own proprietary software. Chances are there are other banks which do something similar.
Some other company you interact with demands you use a specific piece of software for the interaction. It's Windows-only, they won't open up the protocols their software uses so you can write your own implementation. And they refuse to port it to anything else.
Some chap in Marketing managed to blag Access on his PC. He used it to build a database system. His understanding of databases is minimal, but Access Makes It Easy! And the first you know about it is when some sales chap asks "So how do I get our database to work with OpenOffice?"
The issue remains the same: no matter WHAT the cost of conversion, sooner or later you will have paid more for proprietary licenses than you will for conversion.
Yes, but it's a lot easier to get "£10,000 per annum for the next 5 years" into a budget than it is to get "£35,000 this year and nothing thereafter".
And if you don't convert, sooner or later you will HAVE TO convert.
Most IT managers in business will take one of the following approaches:
"Better the devil you know" "We'll cross that bridge when we get to it".
Systems seldom stop working overnight just because the vendor has stopped supporting them, and any sensible business is well aware where it stands in terms of how long support is guaranteed to be available for. Suggesting converting for conversions' sake when there is no pressing need is an excellent way to be marked out as a crank.
I can't provide references off the top of my head, bu IIRC some estimates suggest that up to 70% of "attacks" come from within - disgruntled or corrupt employees being the most obvious example.
Naturally, most companies aren't too keen to issue a press release saying "Yeah, this chap we employed walked out the door with a couple of thousand customer records when we sacked him last week", so these estimates are little more than educated guesses. But even so, if there's only the tiniest grain of truth to them it demonstrates how important it is to consider both internal and external security.
That's the whole point of Pastafarianism, to show us how ridicule Creationism really is.
Really? And all this time I've been building a temple to a packet of spaghetti in my lounge! I wondered why I was getting funny looks when I explained.
Start: -5 Saying an existing theory is "only a theory": +10 Stating that the "scientific establishment" is involved in a "conspiracy" to prevent the work receiving the recognition it deserves: +40 Claiming a revolutionary theory but giving no concrete, testable predictions: +50 (though in all fairness, not much in the way of evolution can be tested in any concrete form either).
However, Pastafarianism http://www.venganza.org/ only falls foul of 'saying an existing theory is "only a theory"'.
It therefore follows that the Church of the Flying Spaghetti Monster is rather less crackpot than parts of the Christian church.
And I'm sure Symantec are eternally grateful that Microsoft will be sparing them the trouble of keeping customers' computers virus-free.
I think the main issue here isn't the user interface. It's that as soon as a reasonably sized market in any type of software which is important to the majority of Windows users appears, up pops Microsoft. 3 years later, down goes all the (former) competition.
It has become rather predictable now. If your company produces software to sell to the home market, probably the last thing you want to do is to devise some type of program which everyone will want.
To be a virus, it must be able to spread on its own. And I don't mean simply copying the exe to different directories, I mean attaching itself to other programs without the users knowledge.
And here, folks, is the reason why Unix isn't immune to viruses.
See, the original definition of a computer virus frequently did include "attaches itself to other programs to evade detection". But there hasn't been a mainstream virus which does this in years. Most these days take advantage of lousy mail client security and people clicking on any old attachment they receive and are quite able to find somewhere to hide in the labyrinth that is C:\WINDOWS. By the original definition of a computer virus, they probably don't qualify, but that doesn't stop them from spreading like wildfire and causing all sorts of damage.
There is absolutely no reason whatsoever why a unix equivalent couldn't embed startup code in ~/.xinitrc or ~/.bashrc. Similarly, there is no reason why it couldn't live somewhere reasonably likely to exist but not commonly explored, such as ~/.mozilla.
This is to prevent people from copying the video by taking the raw stream from the monitor cord.
Which, as the MPAA will confirm, has been a major cause of piracy.
</sarcasm>
In the case of individuals, birthday and Christmas presents from relatives who can't tell Ralink from Realtek.
If the exact make and model of a given item is so important that the slightest mistake means you might as well not bother, why are you asking someone else who can't realistically be expected to understand this to buy it for you?
I keep on hearing this, generally from US based people. I really can't understand it at all. I'm based in the UK, and I know for a fact that most if not all major bank websites work fine with Firefox.
Exactly, at my university, students who are Computer Science majors are taught how to use Linux in the first few weeks of our Introduction to Computer Science I course. It's not like Linux == Rocket Science..
No, because if it was it would be taught in the first few weeks of the Introduction to Rocket Science I course.
What power does the RIAA have?
The power to give vast quantities of money to politicians in, ahem, "campaign contributions", in exchange for sympathetic laws. And the power to have these laws adopted worldwide by proxy on account of a number of free trade agreements.
Seems to me the US legal system works something like DNS. One master server is updated, everything else gets the changes sooner or later.
An ID that requires 1000 pounds and a corrupt government employee to fake is still better than one that requires 10 pounds and photoshop to fake. No ID will be perfect, but is that an objection to making them better?
That's the price for a perfect fake. An imperfect fake (when you don't expect them to cross-reference the ID with a database) will ultimately be available far cheaper.
In reality people already need to carry some document that allows them to identify themselves, if only to their banker, even in the UK and USA.
Don't know about the USA, but in the UK I can regularly make cash withdrawals (up to a certain amount, though generally fairly large) and debit card purchases (unlimited) without any ID over and above the relevant bank card.
so what if like me, you already have a full passport with your name and picture in it, and a full driving licence with your name, address and picture in it?
Then, my friend, you have another card with the exact same information. Dontcha just love repeating yourself?
Only now, the Government has written into the legislation that as far as this card is concerned, all sorts of organisations, both public and private, may demand to see it and cross-check details with the centrally-held database at any time.
I'd rather it were a *good* ID
With a few thousand pounds cash in a brown envelope and someone who works in the office issuing these things, any "good" ID rapidly becomes bad.
To be fair, in order for them to become compulsory, they'll have to go back and get legislation passed through both houses.
True, but you're confusing "in theory, according to Government" and "in practice, according to Reality".
Examples:
"As of 1 July 2008, we will only serve alcohol to people who can produce ID, regardless of their apparent age. The only acceptable form of ID is a UK ID card or passport".
"As of 1 July 2008, this company will be taking positive steps to ensure illegal immigrants aren't employed. To that end, anyone applying for a job must show a UK ID card before they will be offered a role".
"In order to combat Identity Theft, as of 1 July 2008, you will be required to show your ID card when paying by debit/credit card".
"In line with Money Laundering Regulations, we will only open a bank account for people who can demonstrate their identity. As of 1 July 2008, we will only accept an ID card issued by an EU member state."
You mean like Google?
Yes, but when was the last time you saw an ad in Skype?
And the last time I checked, Skype didn't directly sell anything like this,
They are ALL the fault of short-term, narrow-minded, incompetent thinking on the part of management of virtually every corporation in existence.
That's as maybe. But I interpreted your original post to lay it entirely at the hands of "incompetent IT managers".
Let me explain that firstly, all the server systems I run are Linux based and running Free software. However, as an IT manager I'm not an island. I have to provide what the business needs. Granted, I have to consider what it will need over the course of the next few years, but at the same time I can't provide a half-assed solution which doesn't work and the only thing in its favour is it's OSS.
My finance director won't let me buy a solution based on evangelism. However, he will on a sound business need. A "sound business need" is simple. It amounts to "The business has a requirement for software which does X, Y and Z and will not pay more than £N to get it".
As often as not, the current situation with OSS is "I can give you a free solution which does X and Y, or a commercial one which does all 3. Alternatively we could pay someone to work on the free solution so it does Z as well. It won't be any cheaper in the short term, but in the long term (>3 years) it should. It will add several months to the length of time it takes to deploy",
Generally, in such cases the "Z" that's missing is something fairly unimportant. However, every so often it isn't. In such cases, I don't have a problem with proprietary software.
Example: We exchange vector drawings in Visio format with an outside company. The outside company doesn't see a problem with this, and will only use Visio. What am I supposed to do? Insist everyone sit tight while we wait 6 months and sponsor development of something like Inkscape? I can tell you now this will cost an awful lot more than 2 copies of Visio, even accounting for future upgrades.
I'm not going into the intrinsics of the core itself, but it still supports the old x86 32-bit instruction set and most operating systems should happily run 32-bit and 64-bit code side by side on the same box. Linux, for instance, does so perfectly happily. The only restriction I can think of is (IIRC) all 32 bit applications have to run in the first 4GB of RAM.
Sun faced a similar issue when they upgraded the Sparc to 64 bit. Guess what? It's completely transparent to the user and even today will happily run 32-bit code.
I am sure it is quite within Apple's capabilities to handle this.
Good luck with your new and improved Macintosh. It will be nice to see how many years Apple will give this platform before a complete upgrade is necesarry again. My guess is, not long.
Or they could just ship systems based on chips which support EM64T.
People divulge their passwords/access tokens easily in comparison to spending days/weeks cracking a system.
True, but you don't often see a botnet bribing people in exchange for specific passwords. (I'm excluding phishing at this point and thinking about corporate espionage rather than bank fraud).
If someone's hanging around your offices offering people brown envelopes in exchange for passwords, they've gone to some trouble and they're clearly determined to attack you in particular. There's probably not a great deal IT-wise you can do. I believe there's at least one UK bank which asks the customer a few questions and the staff can't see the correct answers - all they can do is punch them into the computer as given by the customer, which then says "yes" or "no". Bit of a shame that this isn't more common.
But it CAN'T stop virus software completely - all you need is to give a reason to the user to authorise the operation.
You don't even need to do that. If the currently logged in user can delete files they created, build up a contacts list and send email, then software which runs as the currently logged in user can delete files the user created, read their contact list and send email to it.
But even with these changes, a -lot- of serious work is done in Excel.
AOL. I actually turned down a job with a small company when the MD told me how proud he was that he'd been able to make his spreadsheets much more sophisticated by inter-linking cells between files.
I just had this vision of a great big house-of-cards in Excel form, and one card being moved....
First sensible reply I've seen all this thread.
All these people saying "SYMANTEC ARE THE SUX0RZ! NORTON'S RUBBISH" and SAV corporate isn't actually that bad.
Though I've seen one laptop in the company with Norton AntiVirus and that was quite enough for me. Eurggh.
Agreed.
The issue is whether your management is planning NOW for that inevitable eventuality.
Out here in the real world, we have this great big list of other things to do. "Planning an escape route for every damn application we run" is generally fairly low on the list of priorities.
And the way to do that and minimize the costs and disruption is to start pursuing - over time - a planned OSS migration.
You've lost me there.
Many companies, even if they do some software development in-house, have no desire to rewrite a whole bunch of business applications at every level of the business. Granted, in many cases, it's not necessary. But I guarantee you that if you were to interview every person in any reasonably-sized company over what software they used, sooner or later you'd find something which was Windows only.
Now, if a Free/OSS equivalent doesn't exist, the business has basically 3 choices:
That's the easy stuff done. Now the hard stuff.
The issue remains the same: no matter WHAT the cost of conversion, sooner or later you will have paid more for proprietary licenses than you will for conversion.
Yes, but it's a lot easier to get "£10,000 per annum for the next 5 years" into a budget than it is to get "£35,000 this year and nothing thereafter".
And if you don't convert, sooner or later you will HAVE TO convert.
Most IT managers in business will take one of the following approaches:
"Better the devil you know"
"We'll cross that bridge when we get to it".
Systems seldom stop working overnight just because the vendor has stopped supporting them, and any sensible business is well aware where it stands in terms of how long support is guaranteed to be available for. Suggesting converting for conversions' sake when there is no pressing need is an excellent way to be marked out as a crank.
It's worse than that.
I can't provide references off the top of my head, bu IIRC some estimates suggest that up to 70% of "attacks" come from within - disgruntled or corrupt employees being the most obvious example.
Naturally, most companies aren't too keen to issue a press release saying "Yeah, this chap we employed walked out the door with a couple of thousand customer records when we sacked him last week", so these estimates are little more than educated guesses. But even so, if there's only the tiniest grain of truth to them it demonstrates how important it is to consider both internal and external security.
It's not. But making such a big song and dance and claiming "evidence" which directly contradicts evolution and favours creationism seems more so.
That's the whole point of Pastafarianism, to show us how ridicule Creationism really is.
Really? And all this time I've been building a temple to a packet of spaghetti in my lounge! I wondered why I was getting funny looks when I explained.
Quite interesting to apply this to Creationism:
Start: -5
Saying an existing theory is "only a theory": +10
Stating that the "scientific establishment" is involved in a "conspiracy" to prevent the work receiving the recognition it deserves: +40
Claiming a revolutionary theory but giving no concrete, testable predictions: +50 (though in all fairness, not much in the way of evolution can be tested in any concrete form either).
However, Pastafarianism http://www.venganza.org/ only falls foul of 'saying an existing theory is "only a theory"'.
It therefore follows that the Church of the Flying Spaghetti Monster is rather less crackpot than parts of the Christian church.
I know.
And I'm sure Symantec are eternally grateful that Microsoft will be sparing them the trouble of keeping customers' computers virus-free.
I think the main issue here isn't the user interface. It's that as soon as a reasonably sized market in any type of software which is important to the majority of Windows users appears, up pops Microsoft. 3 years later, down goes all the (former) competition.
It has become rather predictable now. If your company produces software to sell to the home market, probably the last thing you want to do is to devise some type of program which everyone will want.
To be a virus, it must be able to spread on its own. And I don't mean simply copying the exe to different directories, I mean attaching itself to other programs without the users knowledge.
And here, folks, is the reason why Unix isn't immune to viruses.
See, the original definition of a computer virus frequently did include "attaches itself to other programs to evade detection". But there hasn't been a mainstream virus which does this in years. Most these days take advantage of lousy mail client security and people clicking on any old attachment they receive and are quite able to find somewhere to hide in the labyrinth that is C:\WINDOWS. By the original definition of a computer virus, they probably don't qualify, but that doesn't stop them from spreading like wildfire and causing all sorts of damage.
There is absolutely no reason whatsoever why a unix equivalent couldn't embed startup code in ~/.xinitrc or ~/.bashrc. Similarly, there is no reason why it couldn't live somewhere reasonably likely to exist but not commonly explored, such as ~/.mozilla.