1. One post was dead-right in saying the OEM's that adopted MS's audio file drm system are SOL. I have a feeling that's only smaller companies though because larger ones generally put their own skin + features on top. This is pretty typical though. The big companies can't resist the lure.
2. I see MS going low, low price for the player. An MP3 player is cheap to make. Maybe USD $5-10? with no screen, add maybe $10? for an lcd and controller. Then they have a convoluted pricing scheme from there.
3. RIAA companies benefit because they get their variable pricing dream come true. Pop-star flavor of the minute, $1.49. Buck Owens songs, $0.75. Maybe even "free" time-out songs. From there you buy credits in blocks of $10 or $20 to ease the a**-raping they'll get for processing the transaction.
If road racing turned to recumbents, such tactics would virtually disappear due to the shelter advantage being reduced to minimal. It would, in essence, become a mass start time trial instead of a road race as we know it today.
There is not a grain of truth in any of this.
1. The UCI has a strong sense of tradition that lead it to quickly ban things that don't look like a bike Lemond, Merckx (sp) Gimondi (keep going back...) rode. Recall that the time trial bars in Lemond's era were a controversy and are strictly limited to time trial efforts. National organizations usually follow the UCI at the national level with regional events offering greater flexibility.
2. Like all competitive events, racing equipment is designed to a specification first. Innovation has a tough time making it through any way. Pick your sport, F1, Nascar, Bicycle racing. They all have detailed equipment specs.
3. Wind resistance is the still there if you are sitting in a canopy or not. It will still be the same style of racing. Relatively flat events usually end in a mass sprint. Hilly events usually end up with a tiny lead group and the rest come straggling in for 1+ hours afterwards. Recumbents would make everything faster on average, but that's about it.
OT What's sad is a competitive amateur (Cycling USA ranked racer) can't go near recumbents for fear of being shunned from the amateur/pro sport. Then you'd see some amazing times. I'm not sure how people would take to racing recumbents as an organized sport, but if Nascar can attract viewers maybe recumbents can if they can simplify some of the race formats.
The way these things usually work out is that plenty of "User #1"s will be shut off accidentally.
I don't know about "plenty" but quite a few. The good news is it will be enough for some of them to switch to another OS. The others will buy a new PC.
User #1: Has auto update on and is a member in good standing anyway. No problems
User #2: Has auto update off and is a member in good standing. No problems because they haven't updated their computer since they bought it.
User #3: Running cracked copy and will have a way around this doomsday scenario pretty soon.
Your user #3 is a minority in the U.S. Microsoft and every successful software company -knows- the key to making popular software is to make it easy enough to crack. So I don't see the Microsoft playing "license enforcer" anywhere except maybe the U.S.
x.509 has a useful niche. PGP has a useful niche. I believe you are confusing tools.
I admin a PKI system inside the company I work for and it's the bees knees. I add public keys to the keychain. If you aren't on the keychain, then you won't have access to some things on the LAN. Simple, discreet control.
Let me be clear: There is a way around *every* security system. Running PGP/PKI systems meaningfully raises the bar.
Declaring x.509 "the winner" sounds like you have a very serious investment in it's success as opposed to the more professional perspective, right tool for the job.
OT Info: As a general warning to all: MS's efforts in x.509 are the usual Embrace, Extend, Extinguish thereby crippling interoperability. Note that they've got Red Hat publicly endorsing their efforts now. http://www.identityblog.com/
I think payment authorization and consumption tracking are two different systems in most stores. If it is approved, send "approved". If fail, send "failure" with no other hook into the transaction.
Payment programming in particular is pretty strict about that kind of thing because of the door you would open to every merchant with a terminal.
Seriously though, I've resigned myself to saying that Windows does the job for many people. But a secure desktop OS it is not. It's not designed like that. In steadily fewer cases, it isn't even the best tool for the job.
Microsoft will repeat the security message in the media until most people believe it. Meanwhile I'll still have plenty of work babysitting their products and buying security software to use on top of their "secure" software.
*IF* the company's corporation is U.S. based, then nearly all crypto is easily exported these days. Even RSA.
If you make a new cryptographic method in the US, (not PKI/RSA/etc, not AES/DES, not known hashing) then your system will probably require review before export approval. This is not most crypto though.
No, you can't send it to Cuba or other countries declared bad for whatever reason, but you can export crypto from the U.S. to most places in the world easily.
The vendor's spooky "if" scenarios are a pathetic attempt to justify collecting personal information.
OT It will be interesting to see if ebay can lobby the patent office as effectively as the company that makes the crackberry and do a super-suprise review and invalidate net2phone's patent.
There needs to be a name for this because it's kind of like when the gov't is after a bad guy, they'll get audited by the IRS at the same time. This time it's the patent office.
The first user created in Ubuntu has linux user priveleges and all of the security features that come with it. If something attempts to escalate privilege, it won't happen. For example attempting to install software will fail because the user doesn't have the right to do so.
Windows Longwait on the other hand goes straight into admin. Install software? Can do! Good software? Bad software? Some of my users still don't know the difference.
My Linux users don't know anything about sudo and they don't want to know. I know they can't do anything to really screw the PC up.
This one says it all: "The first user defined during installation is automatically granted administrative privileges. Worse yet, the reserved account named Administrator is not required to have a password to log into the machine!"
I know I'm going to have plenty of work when the OS finally releases because this one doesn't look any better than the last.
FYI: if it hasn't been clarified yet, the beta release ships with *everything* AND the kitchen sink. So it's reasonable to assume it will come in bigger than XP, but I'm guessing smaller than their beta release by a long shot.
Another post shows the several steps it takes to delete an icon on your desktop.
Are you sure you want to delete this thing on your desktop?
Yes, because It's my fsking desktop! Not root, not another account, mine!
going to c:\windows and creating a file there or a new folder As a system administrator I can tell you nearly all users don't want to go anywhere near c:\windows. XP solved it enough for these users. OSX and Linux have a security model that Microsoft will only dream about.
So, they've created another complicated system on top of an OS not designed with security from the kernel upward.
My gut feeling is this is another Microsoftie doing damage control.
the optimal number of steps Is one. Just one. On my kde desktop, I right-click the icon, select delete. Apple's desktop is similar.
In both instances, there's a robust security model underneath my desktop that does not require an extra "are you sure?" button on my desktop to work right.
I got into it with a(nother?) Microsoftie on this a few weeks ago.
I predicted there was no clear path with their access control plan. http://slashdot.org/comments.pl?sid=186700&cid=154 07442 The microsoftie claiming just because I had never used it, I shouldn't criticize and masterfully dropped a few personal insults too.
This "excessive prompting" is never complained about with OS X, or within Linux. Uhh, that's because it works right? Clearly you don't use either because you'll find there is no prompting for normal user activity.
Is not "excessive prompting" exactly... Uh, no. Again, if you used either one you'd see they take care of the problem the right way as opposed to Microsoft's cluster fsck.
I'm guessing you are trolling for Microsoft. If not, please switch to linux or OSX and you'll see what everyone is talking about.
I'm not the only one saying there's problems with a system I've never seen:
"excessive prompting for privilege escalation for seemingly common activities. On his blog, Steve Hiskey, the Lead Program Manager for User Account Control in the Windows Security Core group, details what the issues with the excessive prompting are,"
Linux start up: -User- account and password normally required to login. I won't even get into how well other aspects of email attachments and downloads work.
Longwait start up: Go straight to Administrator, no password. It's a system that will be compromised/hosed sooner rather than later.
Any rational person will come to the same conclusion.
You can still find *giant* chunks of concrete in the flood basin in the east end of the san fernando valley. I was honestly surprised to find them there.
FYI if you've never done a linux installation. As I recall, the order of events one or two ways:
1. Reboot after files copied onto drive and bootloader installed. 2. Set root password 3. Create user account, set password 4. Login as user.
OR
1. set root password and create user account 2. Reboot 3. Login as user.
At this point, the better distro's forbid logging in as root from a gui desktop manager.
In Longwait they HAD the opportunity to do it right AND they had plenty of other OS to copy, but they didn't. Perfect example of security as an afterthought.
I wish Microsoft would just pay me to promote their OS. Because this is too easy.
Slashdot Mirror
1. One post was dead-right in saying the OEM's that adopted MS's audio file drm system are SOL. I have a feeling that's only smaller companies though because larger ones generally put their own skin + features on top. This is pretty typical though. The big companies can't resist the lure.
2. I see MS going low, low price for the player. An MP3 player is cheap to make. Maybe USD $5-10? with no screen, add maybe $10? for an lcd and controller. Then they have a convoluted pricing scheme from there.
3. RIAA companies benefit because they get their variable pricing dream come true. Pop-star flavor of the minute, $1.49. Buck Owens songs, $0.75. Maybe even "free" time-out songs. From there you buy credits in blocks of $10 or $20 to ease the a**-raping they'll get for processing the transaction.
This is the usual apology after the fact. Americans love this stuff.
/. the more concerned I am it's a big distraction.
Meanwhile plans are afoot for something like WGA. (looks, smells, maybe doesn't quack like wga)
The more minor stories like this get press on
There's no action. Linux on the desktop. Now.
I converted two desktop users last week. How many did you convert?
If road racing turned to recumbents, such tactics would virtually disappear due to the shelter advantage being reduced to minimal. It would, in essence, become a mass start time trial instead of a road race as we know it today.
There is not a grain of truth in any of this.
1. The UCI has a strong sense of tradition that lead it to quickly ban things that don't look like a bike Lemond, Merckx (sp) Gimondi (keep going back...) rode. Recall that the time trial bars in Lemond's era were a controversy and are strictly limited to time trial efforts. National organizations usually follow the UCI at the national level with regional events offering greater flexibility.
2. Like all competitive events, racing equipment is designed to a specification first. Innovation has a tough time making it through any way. Pick your sport, F1, Nascar, Bicycle racing. They all have detailed equipment specs.
3. Wind resistance is the still there if you are sitting in a canopy or not. It will still be the same style of racing. Relatively flat events usually end in a mass sprint. Hilly events usually end up with a tiny lead group and the rest come straggling in for 1+ hours afterwards. Recumbents would make everything faster on average, but that's about it.
OT
What's sad is a competitive amateur (Cycling USA ranked racer) can't go near recumbents for fear of being shunned from the amateur/pro sport. Then you'd see some amazing times. I'm not sure how people would take to racing recumbents as an organized sport, but if Nascar can attract viewers maybe recumbents can if they can simplify some of the race formats.
I agree with you in principal.
In practice though these end-users don't know if or how or why they could be compromised. They will call when their system is -really- slow.
The way these things usually work out is that plenty of "User #1"s will be shut off accidentally.
I don't know about "plenty" but quite a few. The good news is it will be enough for some of them to switch to another OS. The others will buy a new PC.
Good point.
A couple of scenarios I typically see:
User #1: Has auto update on and is a member in good standing anyway. No problems
User #2: Has auto update off and is a member in good standing. No problems because they haven't updated their computer since they bought it.
User #3: Running cracked copy and will have a way around this doomsday scenario pretty soon.
Your user #3 is a minority in the U.S. Microsoft and every successful software company -knows- the key to making popular software is to make it easy enough to crack. So I don't see the Microsoft playing "license enforcer" anywhere except maybe the U.S.
Sensational summary though.
x.509 has a useful niche. PGP has a useful niche. I believe you are confusing tools.
I admin a PKI system inside the company I work for and it's the bees knees. I add public keys to the keychain. If you aren't on the keychain, then you won't have access to some things on the LAN. Simple, discreet control.
Let me be clear: There is a way around *every* security system. Running PGP/PKI systems meaningfully raises the bar.
Declaring x.509 "the winner" sounds like you have a very serious investment in it's success as opposed to the more professional perspective, right tool for the job.
OT Info:
As a general warning to all: MS's efforts in x.509 are the usual Embrace, Extend, Extinguish thereby crippling interoperability. Note that they've got Red Hat publicly endorsing their efforts now. http://www.identityblog.com/
Whereas shibboleth http://shibboleth.internet2.edu/ is supposed to be the neutral party.
I think payment authorization and consumption tracking are two different systems in most stores.
If it is approved, send "approved". If fail, send "failure" with no other hook into the transaction.
Payment programming in particular is pretty strict about that kind of thing because of the door you would open to every merchant with a terminal.
Can someone enlighten us on the topic?
I got this: Apache/2.0.52 (Red Hat) Server at celebrities.beta.netscape.com Port 80 attempting to sign up.
I thought netscape/aol had some server software? Sad and quite typical they don't use their product.
Thank dog I've got flash blocker.
Seriously though, I've resigned myself to saying that Windows does the job for many people. But a secure desktop OS it is not. It's not designed like that. In steadily fewer cases, it isn't even the best tool for the job.
Microsoft will repeat the security message in the media until most people believe it. Meanwhile I'll still have plenty of work babysitting their products and buying security software to use on top of their "secure" software.
*IF* the company's corporation is U.S. based, then nearly all crypto is easily exported these days. Even RSA.
If you make a new cryptographic method in the US, (not PKI/RSA/etc, not AES/DES, not known hashing) then your system will probably require review before export approval. This is not most crypto though.
No, you can't send it to Cuba or other countries declared bad for whatever reason, but you can export crypto from the U.S. to most places in the world easily.
The vendor's spooky "if" scenarios are a pathetic attempt to justify collecting personal information.
This is the tactic to "cooperate" with OSS as long as the money flows into MS's coffers.
This strategy would suck the economic oxygen out of OSS.
As a lesson to ./'ers as to why being an individual investor in stocks may not be wise:
The volume of shares went up and the price started going down weeks ago: Many ebay shareholders dumped stock prior to their quarterly report.
This particular bit of bad news appears to have been in the works for some time given the steady slide after the quarterly report.
The individual investor with a few thousand shares is always the last to know.
http://finance.yahoo.com/q/bc?s=EBAY&t=3m
OT
It will be interesting to see if ebay can lobby the patent office as effectively as the company that makes the crackberry and do a super-suprise review and invalidate net2phone's patent.
There needs to be a name for this because it's kind of like when the gov't is after a bad guy, they'll get audited by the IRS at the same time. This time it's the patent office.
Disclaimer: U.S. Patent system is FUBAR'd
You seem to imply that Admin is the default user and nothing is further from the truth.
The default user has *user* privileges. That's it. Users can't screw up their system.
Longwait on the other hand, default user has full privileges.
The facts show otherwise:
The first user created in Ubuntu has linux user priveleges and all of the security features that come with it. If something attempts to escalate privilege, it won't happen. For example attempting to install software will fail because the user doesn't have the right to do so.
Windows Longwait on the other hand goes straight into admin. Install software? Can do! Good software? Bad software? Some of my users still don't know the difference.
My Linux users don't know anything about sudo and they don't want to know. I know they can't do anything to really screw the PC up.
This one says it all:
s ta/page18.html [tomshardware.com]
"The first user defined during installation is automatically granted administrative privileges. Worse yet, the reserved account named Administrator is not required to have a password to log into the machine!"
http://www.tomshardware.com/2006/05/31/windows_vi
I know I'm going to have plenty of work when the OS finally releases because this one doesn't look any better than the last.
FYI: if it hasn't been clarified yet, the beta release ships with *everything* AND the kitchen sink. So it's reasonable to assume it will come in bigger than XP, but I'm guessing smaller than their beta release by a long shot.
Another post shows the several steps it takes to delete an icon on your desktop.
Are you sure you want to delete this thing on your desktop?
Yes, because It's my fsking desktop! Not root, not another account, mine!
going to c:\windows and creating a file there or a new folder
As a system administrator I can tell you nearly all users don't want to go anywhere near c:\windows. XP solved it enough for these users. OSX and Linux have a security model that Microsoft will only dream about.
So, they've created another complicated system on top of an OS not designed with security from the kernel upward.
Switch to OSX or Linux. It works right.
My gut feeling is this is another Microsoftie doing damage control.
the optimal number of steps
Is one. Just one. On my kde desktop, I right-click the icon, select delete. Apple's desktop is similar.
In both instances, there's a robust security model underneath my desktop that does not require an extra "are you sure?" button on my desktop to work right.
They've had how many years and an unbelievable amount of people/money thrown at the problem and this is the best they've got?
4 47596
My previous post on the subject covers it pretty well:
http://slashdot.org/comments.pl?sid=187221&cid=15
It's funny that it's moderated 30% Interesting 40% Troll 30% Underrated
Just pay me and I'll promote Longwait.
I got into it with a(nother?) Microsoftie on this a few weeks ago.
4 07442
4 08915
I predicted there was no clear path with their access control plan.
http://slashdot.org/comments.pl?sid=186700&cid=15
The microsoftie claiming just because I had never used it, I shouldn't criticize and masterfully dropped a few personal insults too.
I fired back that I didn't see it happening.
http://slashdot.org/comments.pl?sid=186700&cid=15
Funny how I was right...
Today's Lesson: Run away from Longwait and don't look back.
Unless of course you are like me and are paid to babysit them. I'm confident there will be plenty of work.
Please Microsoft, just pay me to promote Longwait. It will be much easier on you.
You're kidding right?
This "excessive prompting" is never complained about with OS X, or within Linux.
Uhh, that's because it works right? Clearly you don't use either because you'll find there is no prompting for normal user activity.
Is not "excessive prompting" exactly...
Uh, no. Again, if you used either one you'd see they take care of the problem the right way as opposed to Microsoft's cluster fsck.
I'm guessing you are trolling for Microsoft. If not, please switch to linux or OSX and you'll see what everyone is talking about.
I'm not the only one saying there's problems with a system I've never seen:
4 0
"excessive prompting for privilege escalation for seemingly common activities. On his blog, Steve Hiskey, the Lead Program Manager for User Account Control in the Windows Security Core group, details what the issues with the excessive prompting are,"
http://slashdot.org/article.pl?sid=06/06/02/14282
Just pay me to promote Longwait and I'll change my tune.
Linux start up:
-User- account and password normally required to login. I won't even get into how well other aspects of email attachments and downloads work.
Longwait start up:
Go straight to Administrator, no password. It's a system that will be compromised/hosed sooner rather than later.
Any rational person will come to the same conclusion.
Because the guy honestly didn't care.
s
He (him) fsck'd huge parts of the west out of their water rights to get an ROI out of his investments in L.A.
The damn breaking was terrible PR. I believe it only troubled him because of the fear he would be found liable for the damage.
http://en.wikipedia.org/wiki/California_Water_War
You can still find *giant* chunks of concrete in the flood basin in the east end of the san fernando valley. I was honestly surprised to find them there.
Points to the people modding this comment funny.
FYI if you've never done a linux installation. As I recall, the order of events one or two ways:
1. Reboot after files copied onto drive and bootloader installed.
2. Set root password
3. Create user account, set password
4. Login as user.
OR
1. set root password and create user account
2. Reboot
3. Login as user.
At this point, the better distro's forbid logging in as root from a gui desktop manager.
In Longwait they HAD the opportunity to do it right AND they had plenty of other OS to copy, but they didn't. Perfect example of security as an afterthought.
I wish Microsoft would just pay me to promote their OS. Because this is too easy.
Thank you!