Re:Every country has a different threshold
on
China Blocks iTunes
·
· Score: 1
And social darwinism rears its ugly head. Given that China is now roaring into a massive economic powerhouse, does that make their politics wise or helpful to its citizens or others? Given that the USA is the richest country in the world, does that make Guantanamo Bay wise or even constitutional? If you want to see an effective Muslim culture, take a look at Kuwait. Taking on Israel means taking on the USA. But Afghanistan has, successfully and bloodily, taken on the British Empire, the Soviet Union, and is now working hard at kicking out their former allies, the USA. So let's leave aside the military comparisons without more thought spent on them, shall we?
Look again at that '99% of your population aren't worth listening to'. It's easy to 'listen to them', and get your own policies back, when you control information to the populace. Every totalitarion regime has shown this, and so have many theocracies and monarchies. Stupid or not, it's a popular approach. So it must be doing something right to be so historically common, even if it breaks down under outside competitive pressture.
Developers who expose the flaws in IT, however, are sometimes despised by IT managers. Many of our complaints and issues are becase we did not instal the authorized tool, or we need something "unsupported". It's not inadvertent: it's deliberate, because we need it for our work. We are the exceptions that "prove the rule". And I've consistently tried to be polite with my notifications, and warnings, and offers of workarounds, and offers to be the testbed for new technologies. But it consistently makes me, and the people I work with, take far more than our percentages of IT help based on numbers of staff.
I sympathize with the results of clueless "newbies" and having to bail them out. But I've often been classed with them. And they often do their clueless behavior because the IT staff can't be bothered to do the work they need: I sympathize with them. Being told that IE7 is "under review" and that Firefox is "not supported" causes people who want tabs with their browsers to get upset, but it's typical in a "highly managed" environment.
Except that I've been that user: as a developer, for departmental needs, I was consistently debugging things before the IT department had gotten to testing them and warned them of the problem and the workarounds. I should not need a 'business case' to explain that they should be using IMAP, not POP, nor have to justify why I spent a day of my _own_ dapartment's time for our internal needs before notifying them that they're facing a support nightmare if they don't change their own practices.
But precisely this has happened in a large organization. It had great tracking of whose pocket the money came from, but wasted huge overhead in providing that tracking, and actively drove out competent people who wanted to work on problems, not forms.
The research departments had their own, in-house personnel, didn't they? Their needs for custom build and special user support often far outweigh the needs of the rest of a large institution, combined. You have to count them, even if they're not in the IT department. IT functions that are transferred wholesale onto an external contract, such as ongoing support for MRI computer equipment, should be counted towards this estimate: that money is coming from someone's pocket.
Oh, simplify that. Anytime a manager is late or misses a meeting, take the cost of employee salaries at that meeting directly out of the manager's salary. And charge double if the manager reschedules at the last minute, and triple if they switch what the meeting is about. (It's been an issue at work lately.)
If they actually do show up, charge make them pay for the coffee and donuts, out of their own pocket, not the company funds.
I'm not certain: I've not actually had occasion to play with it on Linux, so don't know if you have to obtain the codecs separately or whether it's being tacitly supplied from an off-shore repository like the Penguin Liberation Front, which is designed for Mandriva.
If it didn't, OJ would be in jail for murder, and Microsoft would have been keelhauled by the _successful_ prosecutions for monopoly violations. Instead, they got a slap on the wrist which they simply outwaited and ignored.
Microsoft's draconian tactics don't work anymore? You haven't followed the poisoning of the ISO standard for ODF they've been trying to do, outside the OOXML disaster, have you? Hop over to www.groklaw.net and read up.
Because parts of MPEG are patented, and the patent holders refuse to grant permission for Linux applications. You cannot use it without permission from the patent holder, at least in the USA where software patents are valid.
If this has changed and I've not heard about it, I'd love to hear otherwise. It's similar to the issue with playing DVD's. The MPAA and RIAA refuse to allow any Linux applications to play DVD's, due to the weird licensing and protections of their encryption of the DVD's, and their refusal to actually license any such applications.
Software patents remain a patent in the USA. MPEG is one particular patent that providing or selling MPlayer in a distribution would violate. It's an old problem: I tried to offer the RSA patent owners money to allow me to use PGP at work, and they wouldn't even connect me to anyone who understood what I wanted to pay them for.
MPEG has the patent problem: Getting a commercially supported player, for Linux, remains impossible becuase the patent owners _will not sell_ reasonable licenses for Linux. While sites like 'Penguin Liberation Front' remain very useful for those of us who need casual tool access to play an occasional MPEG, making commercially supportable MPEG players for Linux remains awkward.
Mind you, the 'Penguin Liberation Front' remains a wonderful source of software for anyone outside of the DMCA encumbered and software patent encumbered USA who wnats to play MPEG's, DVD's, or even have access to wired old tools that had odd licenses.
There's also Jeremy Allison: when he disagreed massively with Novell's patent contract with Microsoft, he resigned. Given that he's one of the core Samba developers, and that his work with Samba doubtless has a stack of patentable software material in it, it's a fascinating case.
Oh, I see. This makes a bit more sense to me, but not much. If he can't publish as an employee, because the company owns the work, then your original advice to 'publish' makes little sense. It's trading his concern about software patents for that of being immediately fired, with cause, losing unemployment benefits and job recommendations by a publicly traceable act. That's deadly to a career.
So your advice wasn't for the original poster, it was for a company that dislikes software patents? Then say so, because it can get the original poster fired if he tries it, and you apparently weren't talking to him. That's reasonable to do, but please say so in your messages.
Of _course_ they can intercept Gmail traffic! Much of it is over HTTP, not HTTPS, and communicating among the mail servers it's SMTP. Unless you're encrypting end-to-end, expect your email to be trivially monitored. Even if it were encrypted, passwords are trivial to steal in most environments.
Given that Google's servers are deployed worldwide in various data centers and portable data centers, it would be relatively inexpensive to hire an unappreciated Google employee to plant fiber optic taps in various of their data centers, intercepting the traffic there. And the Chinese have doubtless themselves pulled the stunt that AT&T did for the NSA, permitting backbone Internet taps on their core routers.
Publication does not necessarily prevent patenting. If the poster's employer can demonstrate, quickly, that the employee came up with the patentable idea previously, and demonstrate that to the patent office quickly enough, they can probably still get the patent. There are strange laws about timing of the application and publication of details of patentable technologies: this is what good attorneys are for.
Not exactly. A better question is 'what will having the patent change'? They're great on your resume, and there are plenty of reasons to want even frivolous patents. IBM, for example, has a huge library of patents that they use as defense against intellectual property lawsuits, and to demonstrate their expertise in hardware and software. Patenting the ideas in the software, and releasing it under GPLv3, would allow your company to protect its intellectual property in some fascinating ways.
Software patents are like billy clubs. You don't want to need them, but if you get into a fight and have one handy, it can help you win. And since such billy clubs are legal in the USA, better safe than sorry: the best form of prior art in a patent fight is an earlier patent.
Your post is not, primarily, facts. It's primarily reasoning: that's trickier to correct. Next time split your work into multiple messages, eisier to follow, please.
For example, you wrote: "..., vendors have been reluctant to fix vulnerabilities unless they were publicly known. This is a Bad Thing,... "
There's no trivial way to fix this: Fixing the flaws often requires a complete redesign of a system. In this case, it means using a better RFID system that supports encryption better. But that's actually changing a standard technology, and will drive up the price of the cards and the card readers and the infrastructure to support them on an already existing system. That's very expensive, indeed, and we've seen the same sort of problem with the new US passport id tags.
The solution is actually earilier in the process: in public exposure of the designs themselves, before their release. This will help standardization and modularity considerably. It's an opensource approach to it, rather than merely allowing people to publish the flaws in a closed source technology that a normal person has little or no access to.
This may be closer to reality than you expect. If any of the major botnet controllers was in Georgia, Russia, or China, recent political events may have shut down their careless ISP where they operated from, or they may be being cautious with the increased cyber-monitoring in place there. Spam is not a problem of a few people, it's a problem of an ecological niche: but killing off the largest local members of that niche can leave a temporary void. It takes a bit of time to refill such a void.
It may also be that the folks the original poster spoke to at his ISP don't actually know that their third-party SMTP service tools have recently enabled spam filtering on all their traffic: it's easy to change such a setting for an individual customer by accident when you provide it for others.
I've had 3 different managers lately explaining that their asset databases are actually Excel spreadsheets, and I've been shuddering as they hit the 65,000 entry limit.
> Now I don't know whether to boycott the Olympic Games because of Germany mistreating the Jews, or because it was converted to a festival of commerce. If it goes on like this, I may be soon able to boycott each day of Olympics for a different reason.
Fixed that for you, or at least set the wayback machine to the 1930's. Not to 'Godwin's Law' myself here, but the problem of countries hosting the games to boost their prestige and defuse civil rights abuse is an old one. And the problem of commercialization, given the disasters of the Australia games, isn't exactly new, either.
Nonsense. Almost no one _uses_ the keys that you describe, partly because many password programs will reject them inconsistently, especially as they go through various internationalized "language" settings.
Unfortunately, people are also extremely careless about their passwords, and it's often quite simple to get their passwords from a poorly secured environment, such as a system that uses DES by default (typical htpasswd command in Apache and passwd command in many old UNIX systems), and then use that broken password in more secure environments. This is why many security standards suggest using multiple passwords for multiple uses.
Unfortunately, then people tend to write them down to remember them.
The US has a fine history of torture going right back to before the Declaration of Independence. It's much smaller than many countries, and it was declared to be illegal surprisingly quickly, but there is nothing new about the USA governments torturing prisoners, at local, state, and federal levels.
And social darwinism rears its ugly head. Given that China is now roaring into a massive economic powerhouse, does that make their politics wise or helpful to its citizens or others? Given that the USA is the richest country in the world, does that make Guantanamo Bay wise or even constitutional? If you want to see an effective Muslim culture, take a look at Kuwait. Taking on Israel means taking on the USA. But Afghanistan has, successfully and bloodily, taken on the British Empire, the Soviet Union, and is now working hard at kicking out their former allies, the USA. So let's leave aside the military comparisons without more thought spent on them, shall we?
Look again at that '99% of your population aren't worth listening to'. It's easy to 'listen to them', and get your own policies back, when you control information to the populace. Every totalitarion regime has shown this, and so have many theocracies and monarchies. Stupid or not, it's a popular approach. So it must be doing something right to be so historically common, even if it breaks down under outside competitive pressture.
Developers who expose the flaws in IT, however, are sometimes despised by IT managers. Many of our complaints and issues are becase we did not instal the authorized tool, or we need something "unsupported". It's not inadvertent: it's deliberate, because we need it for our work. We are the exceptions that "prove the rule". And I've consistently tried to be polite with my notifications, and warnings, and offers of workarounds, and offers to be the testbed for new technologies. But it consistently makes me, and the people I work with, take far more than our percentages of IT help based on numbers of staff.
I sympathize with the results of clueless "newbies" and having to bail them out. But I've often been classed with them. And they often do their clueless behavior because the IT staff can't be bothered to do the work they need: I sympathize with them. Being told that IE7 is "under review" and that Firefox is "not supported" causes people who want tabs with their browsers to get upset, but it's typical in a "highly managed" environment.
Except that I've been that user: as a developer, for departmental needs, I was consistently debugging things before the IT department had gotten to testing them and warned them of the problem and the workarounds. I should not need a 'business case' to explain that they should be using IMAP, not POP, nor have to justify why I spent a day of my _own_ dapartment's time for our internal needs before notifying them that they're facing a support nightmare if they don't change their own practices.
But precisely this has happened in a large organization. It had great tracking of whose pocket the money came from, but wasted huge overhead in providing that tracking, and actively drove out competent people who wanted to work on problems, not forms.
The research departments had their own, in-house personnel, didn't they? Their needs for custom build and special user support often far outweigh the needs of the rest of a large institution, combined. You have to count them, even if they're not in the IT department. IT functions that are transferred wholesale onto an external contract, such as ongoing support for MRI computer equipment, should be counted towards this estimate: that money is coming from someone's pocket.
Oh, simplify that. Anytime a manager is late or misses a meeting, take the cost of employee salaries at that meeting directly out of the manager's salary. And charge double if the manager reschedules at the last minute, and triple if they switch what the meeting is about. (It's been an issue at work lately.)
If they actually do show up, charge make them pay for the coffee and donuts, out of their own pocket, not the company funds.
They exist. She's dating me: being the only one, she can be really picky. And believe me, she can do some very, very different stuff.
I'm not certain: I've not actually had occasion to play with it on Linux, so don't know if you have to obtain the codecs separately or whether it's being tacitly supplied from an off-shore repository like the Penguin Liberation Front, which is designed for Mandriva.
If it didn't, OJ would be in jail for murder, and Microsoft would have been keelhauled by the _successful_ prosecutions for monopoly violations. Instead, they got a slap on the wrist which they simply outwaited and ignored.
Microsoft's draconian tactics don't work anymore? You haven't followed the poisoning of the ISO standard for ODF they've been trying to do, outside the OOXML disaster, have you? Hop over to www.groklaw.net and read up.
Because parts of MPEG are patented, and the patent holders refuse to grant permission for Linux applications. You cannot use it without permission from the patent holder, at least in the USA where software patents are valid.
If this has changed and I've not heard about it, I'd love to hear otherwise. It's similar to the issue with playing DVD's. The MPAA and RIAA refuse to allow any Linux applications to play DVD's, due to the weird licensing and protections of their encryption of the DVD's, and their refusal to actually license any such applications.
Software patents remain a patent in the USA. MPEG is one particular patent that providing or selling MPlayer in a distribution would violate. It's an old problem: I tried to offer the RSA patent owners money to allow me to use PGP at work, and they wouldn't even connect me to anyone who understood what I wanted to pay them for.
MPEG has the patent problem: Getting a commercially supported player, for Linux, remains impossible becuase the patent owners _will not sell_ reasonable licenses for Linux. While sites like 'Penguin Liberation Front' remain very useful for those of us who need casual tool access to play an occasional MPEG, making commercially supportable MPEG players for Linux remains awkward.
Mind you, the 'Penguin Liberation Front' remains a wonderful source of software for anyone outside of the DMCA encumbered and software patent encumbered USA who wnats to play MPEG's, DVD's, or even have access to wired old tools that had odd licenses.
There's also Jeremy Allison: when he disagreed massively with Novell's patent contract with Microsoft, he resigned. Given that he's one of the core Samba developers, and that his work with Samba doubtless has a stack of patentable software material in it, it's a fascinating case.
Oh, I see. This makes a bit more sense to me, but not much. If he can't publish as an employee, because the company owns the work, then your original advice to 'publish' makes little sense. It's trading his concern about software patents for that of being immediately fired, with cause, losing unemployment benefits and job recommendations by a publicly traceable act. That's deadly to a career.
So your advice wasn't for the original poster, it was for a company that dislikes software patents? Then say so, because it can get the original poster fired if he tries it, and you apparently weren't talking to him. That's reasonable to do, but please say so in your messages.
Of _course_ they can intercept Gmail traffic! Much of it is over HTTP, not HTTPS, and communicating among the mail servers it's SMTP. Unless you're encrypting end-to-end, expect your email to be trivially monitored. Even if it were encrypted, passwords are trivial to steal in most environments.
Given that Google's servers are deployed worldwide in various data centers and portable data centers, it would be relatively inexpensive to hire an unappreciated Google employee to plant fiber optic taps in various of their data centers, intercepting the traffic there. And the Chinese have doubtless themselves pulled the stunt that AT&T did for the NSA, permitting backbone Internet taps on their core routers.
Publication does not necessarily prevent patenting. If the poster's employer can demonstrate, quickly, that the employee came up with the patentable idea previously, and demonstrate that to the patent office quickly enough, they can probably still get the patent. There are strange laws about timing of the application and publication of details of patentable technologies: this is what good attorneys are for.
Not exactly. A better question is 'what will having the patent change'? They're great on your resume, and there are plenty of reasons to want even frivolous patents. IBM, for example, has a huge library of patents that they use as defense against intellectual property lawsuits, and to demonstrate their expertise in hardware and software. Patenting the ideas in the software, and releasing it under GPLv3, would allow your company to protect its intellectual property in some fascinating ways.
Software patents are like billy clubs. You don't want to need them, but if you get into a fight and have one handy, it can help you win. And since such billy clubs are legal in the USA, better safe than sorry: the best form of prior art in a patent fight is an earlier patent.
Your post is not, primarily, facts. It's primarily reasoning: that's trickier to correct. Next time split your work into multiple messages, eisier to follow, please.
For example, you wrote: "..., vendors have been reluctant to fix vulnerabilities unless they were publicly known. This is a Bad Thing, ... "
There's no trivial way to fix this: Fixing the flaws often requires a complete redesign of a system. In this case, it means using a better RFID system that supports encryption better. But that's actually changing a standard technology, and will drive up the price of the cards and the card readers and the infrastructure to support them on an already existing system. That's very expensive, indeed, and we've seen the same sort of problem with the new US passport id tags.
The solution is actually earilier in the process: in public exposure of the designs themselves, before their release. This will help standardization and modularity considerably. It's an opensource approach to it, rather than merely allowing people to publish the flaws in a closed source technology that a normal person has little or no access to.
This may be closer to reality than you expect. If any of the major botnet controllers was in Georgia, Russia, or China, recent political events may have shut down their careless ISP where they operated from, or they may be being cautious with the increased cyber-monitoring in place there. Spam is not a problem of a few people, it's a problem of an ecological niche: but killing off the largest local members of that niche can leave a temporary void. It takes a bit of time to refill such a void.
It may also be that the folks the original poster spoke to at his ISP don't actually know that their third-party SMTP service tools have recently enabled spam filtering on all their traffic: it's easy to change such a setting for an individual customer by accident when you provide it for others.
I've had 3 different managers lately explaining that their asset databases are actually Excel spreadsheets, and I've been shuddering as they hit the 65,000 entry limit.
You mean like this one, in all newer PC's and built directly into Intel and AMD CPU's in their next releases?
http://en.wikipedia.org/wiki/Trusted_Computing
Oh, I hardly _broke_ Godwin's Law. I attempted to follow it. The actual law states:
"As a Usenet discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one."
Slashdot is not Usenet, but much of the style is similar.
> Now I don't know whether to boycott the Olympic Games because of Germany mistreating the Jews, or because it was converted to a festival of commerce. If it goes on like this, I may be soon able to boycott each day of Olympics for a different reason.
Fixed that for you, or at least set the wayback machine to the 1930's. Not to 'Godwin's Law' myself here, but the problem of countries hosting the games to boost their prestige and defuse civil rights abuse is an old one. And the problem of commercialization, given the disasters of the Australia games, isn't exactly new, either.
Nonsense. Almost no one _uses_ the keys that you describe, partly because many password programs will reject them inconsistently, especially as they go through various internationalized "language" settings.
Unfortunately, people are also extremely careless about their passwords, and it's often quite simple to get their passwords from a poorly secured environment, such as a system that uses DES by default (typical htpasswd command in Apache and passwd command in many old UNIX systems), and then use that broken password in more secure environments. This is why many security standards suggest using multiple passwords for multiple uses.
Unfortunately, then people tend to write them down to remember them.
The US has a fine history of torture going right back to before the Declaration of Independence. It's much smaller than many countries, and it was declared to be illegal surprisingly quickly, but there is nothing new about the USA governments torturing prisoners, at local, state, and federal levels.