You can change your password as often as you like, but if you don't use a strong password then you're always going to be at risk of a brute force hack or be a victim of the 'over the shoulder' spy.
A brute force attack shouldn't be that much of a concern with a login password, assuming that the system limits how often and how many times the brute force attack can retry. And presumably, the system would notify the account holder or administrator (or both) as to the unusual number of failed attempts.
Now if you're trying to brute force an intercepted message, that would be different. You'd have as many attempts as you could afford to crack it and all the time in the world to do it. At least until the data contained in the message was no longer useful to know.
I suppose that a password that was "strong" in the sense of "hard to memorize quickly" would be helpful against the "over the shoulder" attack.
Did anyone see "The Messenger"? I know someone here must have, it had Milla Jovovitch as Joan of Arc. In her prison cell, Joan is talking to Dustin Hoffman, who is, I suppose, the Devil or something. She explains that she found a sword in a field, and it must be a sign from God. The Devil -- or at least his advocate -- puts forth a number of theories from the plausible to the ridiculous that would also explain the finding without resorting to a supernatural explanation.
This scene is about all I could think of as this "filmmaker" states that an anachronistic cell phone is the only possible explanation for a woman with her hand to her head, perhaps with an object in it.
But now that I think of it, the Devil arguing against the supernatural is sort of strange, too.
I see, so you think it's OK to limit someone's freedoms because they have more wealth than you? Please explain how that's right or fair.
And an appeal to authority:
And please don't bother with inane utilitarian concepts of "the greater good". You aren't Jeremy Bentham and you're not going to make a more cogent argument than he ever could.
And now you conflate rights and money. It's fine that they are the same to you. Others disagree, and therefore your definition of "moral" will be different from theirs.
I'm going to say this again, and more clearly and forcefully: it is immoral to trample on one person's rights because you think other people will be somehow better off if you do so. The fact of the matter is, those people will not be better off as we all suffer when rights are sacrificed for convenience or good feelings.
You can be as "clear" and "forceful" as you like, but simply stating that it's true because you say so (or Bentham says so) is not gonna convince anyone who doesn't already agree with you.
We can trample rights as you say, and we do it all the time. It is neither moral or immoral, but reflects the fact that in some ways we are subject to the will of the rest of society, like it or not. I suspect you don't like it in many cases. In other cases, you probably are fine with it. Same here.
That's not the only thing wrong here. A properly designed electronic voting machine will randomize the names of the candidates to avoid giving any one of them an advantage from being on the top of the list. If this voting machine had done this, the double picking errors would be random and not affect the result of the election. That the names are not randomized is a much, much bigger flaw in this voting machine than the double picking bug described here.
I'd say that randomizing the list of candidates is a good idea, too. It would somewhat avoid the tendency of favoring a candidate whose name was in some sweet spot in the list due to the ordering of names. However, this should be a political decision, not something decided by the coder of the machine. The coder should merely give the election board the option of randomizing the order of the ballot, either globally or per ballot. But the coder should not force the user to do it this way. There could be perfectly valid reasons not to randomize the order. For one, you could have a long list of candidates. Finding the one you want in a long unsorted list could be frustrating and time consuming.
sounds like it's not a "default" per se, i bet something isn't being cleared from the register after selection so the next menu has a persistence of touch location.
shitty embedded UI programming,
i would guess that rather than being even driven the UI cycles through an input loop that looks like an old basic getkey x loop, (except gettouch x,y) and fails to clear x and y after selecting a language and proceeding to the voting menu
Looks like a Diebold voting machine, in which case it's shitty windows UI programming.
But embedded or not, it still looks shitty. When the person demonstrating the practice of holding down "English" button, the screen switches to the ballot without the finger being lifted off "English". Now the finger is resting on a candidate's name and selecting that candidate and the box gets checked. I can't see why the UI should assume that the user has made a selection on until he lifts his finger in the first place.
Perhaps the person's finger is jittery, and bouncing up and down on the touchscreen. But it's not a difficult matter to "debounce" the input in software. The user hasn't made a selection unless the screen has been touched for a minimum period of time and not touched for a minimum period after that. You'd need to tune the times a little just to make sure the screen didn't appear too unresponsive. You should alter the appearance of the button when pressed vs, depressed an possibly use sound as well. I did this when I was developing the (never produced) Linux version of the iVotronic for ES&S. It just seemed like the reasonable way to code the interface.
Not any more. The progressives are bringing up initiatives in several states to where a person can legally vote even if they are here legally. It's pure insanity, but that's the progressive agenda, pure insanity.
I think Woodrow Wilson is standing outside your window right now, getting ready to force you to learn Spanish.
Err...exactly why is there a choice to vote in Spanish or English?
I mean...is it not a requirement for those coming to this country, to attain citizenship to show on the exams, a proficiency in English??
And you do have to be a citizen of the US in order to vote, don't you?
Knowledge of English is not a prerequisite or requirement to be a citizen of the US. There is not an official language of the US. Perhaps if one became a citizen through immigration and naturalization, then one would have had to have been as proficient as necessary to pass the citizenship exam. There are more ways than that to become a US citizen, however.
I can think of no ethical reason to make it more difficult for citizens to exercise their franchise. If you are holding an election where a substantial portion of the electorate is more proficient in another language, then you should provide ballots in that language.
The real question you should be asking yourself is; why do we (and I mean everyone, rich and poor alike) need to pay so much to a government that simply wastes that money, for the most part.
But is that really true, the government wasting most of it? OK, no organization can be perfect. I accept that. But if there were no government spending on promoting the "general welfare", you might actually be less prosperous than you are now, despite your lower tax burden.
This may seem counterintuitive. Governments, at various levels, can provide roads and an educated populace, to name just a few of the more apparent benefits. These work to increase the value of the people's labors. When you can sell your widgets across the state, the nation and even the world, then you can potentially sell more widgets. When you can hire employees that already know how to read and you don't have to teach them, that's a direct benefit to your business.
But you don't have to believe me or even accept my explanation that taxes collected and spent reasonably actually increase prosperity. Look at data from the World Bank, or the CIA Factbook, or the WTO or wherever you like. Compare the GDP per capita of nations to their effective tax rate. Notice that once your tax rate gets outside the approx. 20-45% range your GDP per capita drops. (There are exceptions to this, of course. Countries with huge resources w.r.t. the size of the population do just fine at any tax rate -- Kuwait's a good example of a country with low tax rate due to their large oil wealth.)
Step One: Study RIAA methods and business practice.
Step Two: Find some old stuff alying around that people seem to like.
Step Three: Claim "Ownership" of aforementioned stuff.
Step Four: PROFIT!!!
You also inadvertently described the Walt Disney Company.
I despise Microsoft... MS Orrifice 07 was the last of the last straws... That IDIOT shit for brains ribbon was REALLY fucking stupid, but what compounded the stupidity of it all was the fact that THEY refused to have the functionality of reverting to menus in the program.
.
So we all have to put up with stupid corporate types, forcing shit software upon us, that panders to people who have shit for brains.
.
Fuck them - dickheads.
.
And you MR Simpleton - you condone that crap?
WTF are you talking about? I began my statement by saying I really wasn't talking about office at all -- since I hadn't used it in a long time -- but rather the general concept of having both a sophisticated interface for experts and a simplified system for beginners and casual users. Chillax, man!
Steeling copper telephone cables for their copper content is a pretty desperate crime - even at the spot price of copper quoted (the thief will be offered far less by the scrap-merchant) - they'd need to pinch an awful lot of it.
There are surely much more lucrative metals to steel than this?
Do the same for scrap metal dealers what they do here for pawnshops. Put a four week hold on all payments. Payment by cheque only, mailed to the name and address of the government ID of the person selling the scrap metal. Discourages 90% of the "disorganized" (i.e. drug addicts and homeless) opportunistic or desperation type theft. The delay also lets the power and telco companies come around and retrieve their stolen goods before they get shipped off or melted down.
Whenever I've sold scrap metal in the US, they've taken down my vehicle and driver's license number and cut me a check. And they're unwilling to buy building materials without some documentation of their provenance. Naturally, some scrap dealers must be rather less ethical and law-abiding than those I've dealt with, because copper guttering still gets ripped off churches.
So, I mess with your package, and I get sprayed with a florescent liquid containing DNA.
I hope they don't try to patent this, as I think there may be prior art.
I think you should maybe see a doctor...:P
Actually, that's normal and healthy. You see, when a Mommy and a Daddy love each other very much . . .
We call that economic transaction "wages", not stealing. The criminalization of poverty and the assumption that the poor are all thieves is just astounding.
Very few who were actually competent in the advanced Office features prior to the ribbon liked the change, because it meant that they had to go hunt for options that they knew used to exist. People who were never very familiar with Office loved it, because there were no large menus to get lost in. MS is happy because now your grandmother can probably work out how to use Office and you still will (unhappily) pay for it as well.
It shouldn't come as a surprise that MS is willing to whore themselves out to the lowest common denominator. Office is no longer specialized software... it's for the masses. However, if you want to write a 5 page memo without images or plot a few points on a graph, it allows you to do that with little initial setup. But if you want to write a 300 page Ph.D. thesis or work with an array of more than 65K points, you'll need to explore other options... unless you like the M in S&M.
OK, I haven't used MS Office in a long time -- at least not any recent version. Are you saying that MS removed the old interface and replaced it with one easier to use for beginners? Having an easy-to-use interface for beginners is a great idea. Also great for people who just don't need to use the system -- or even certain parts of it -- often enough for them to be practiced and expert at it. But why the heck would they remove the old interface entirely? Maybe it's the "Design of Everyday Things" talking, but why wouldn't they keep the old one for more sophisticated users. There's nothing wrong with having an easy interface for casual use and an advanced one for the advanced users. It's actually a very good solution in this kind of case.
So You the customer signed a contract with the cell phone company. You agree to a certain amount of minutes at a certain rate plus additional fees should you go over those minutes. You use your phone. You go over the minutes. But when the cell phone company sends you a bill it's stealing? Don't you have the ability to track the amount of minutes as the month goes by? Even if you don't that's not exactly the cell phone companies fault as you signed up to do business with them.
The customer is also probably the citizen of a democracy of some sort. In such a system, the people can participate in making laws when they feel that some actor -- corporate or natural -- is harming them. The cell phone company knew this when deciding to do business in the country. If enough citizens can demand redress for this grievance through their government, it is their right to. Can the phone company complain about this? Well, sure, but as you pointed out, they voluntarily decided to do business in the country.
My wife locks me out every time she accesses our bank account. Our credit union has implemented a new "security" feature where the account number and password remembers the cadence that you enter the information. If the cadence doesn't match, it rejects it. I type a lot faster then she does, so my cadence is never even close to what her's is.
"We got the cadence checking thing to work on login!"
"That's Good!"
"But now we've locked out one half of all our joint-account holders."
Frankly, a lot of his advice is bad. I use the same password for most of the discussion-only forums I visit because there's little reason not to. I have no reason to suspect that the operator of Forum A to know that I also participate in Forum B, and even less reason to suspect that they will use that information to impersonate me on Forum B. There is no confidential info in those profiles, either. And it makes it so much easier to remember (i.e. not write down) the password (singular) for those sites, especially ones I visit infrequently. It's a calculated, informed decision.
An advantage of your approach is that if you post something you later wish you hadn't because it gets you in some kind of trouble, you have some plausible deniabilaty.
Sharing a password with your wife, assuming you trust her, not that big of a deal.
It's a big deal and not a good idea. When your security is broken for whatever reason (trojan, key logger, intrusion, etc...) you don't want to have the extra trouble that a tiny possibility of a doubt exists that maybe, just maybe, your wife did it.
In that case, one probably has a more fundamental problem, one that is not limited to the scope of passwords and online accounts.
was the "with passwords" part actually needed in the title?;)
If a majority or a large minority of the users of a system are using it "wrong," then perhaps we ought to consider if our definition of "right" is right. And if we are right about how it should be used, we ought to consider if the system really is that well designed in the first place. If a system is hard to use in the way considered "proper" to the designer, there may be a design flaw . . .
Slashdot Mirror
You can change your password as often as you like, but if you don't use a strong password then you're always going to be at risk of a brute force hack or be a victim of the 'over the shoulder' spy.
A brute force attack shouldn't be that much of a concern with a login password, assuming that the system limits how often and how many times the brute force attack can retry. And presumably, the system would notify the account holder or administrator (or both) as to the unusual number of failed attempts.
Now if you're trying to brute force an intercepted message, that would be different. You'd have as many attempts as you could afford to crack it and all the time in the world to do it. At least until the data contained in the message was no longer useful to know.
I suppose that a password that was "strong" in the sense of "hard to memorize quickly" would be helpful against the "over the shoulder" attack.
Did anyone see "The Messenger"? I know someone here must have, it had Milla Jovovitch as Joan of Arc. In her prison cell, Joan is talking to Dustin Hoffman, who is, I suppose, the Devil or something. She explains that she found a sword in a field, and it must be a sign from God. The Devil -- or at least his advocate -- puts forth a number of theories from the plausible to the ridiculous that would also explain the finding without resorting to a supernatural explanation.
This scene is about all I could think of as this "filmmaker" states that an anachronistic cell phone is the only possible explanation for a woman with her hand to her head, perhaps with an object in it.
But now that I think of it, the Devil arguing against the supernatural is sort of strange, too.
First, this is a strawman:
I see, so you think it's OK to limit someone's freedoms because they have more wealth than you? Please explain how that's right or fair.
And an appeal to authority:
And please don't bother with inane utilitarian concepts of "the greater good". You aren't Jeremy Bentham and you're not going to make a more cogent argument than he ever could.
And now you conflate rights and money. It's fine that they are the same to you. Others disagree, and therefore your definition of "moral" will be different from theirs.
I'm going to say this again, and more clearly and forcefully: it is immoral to trample on one person's rights because you think other people will be somehow better off if you do so. The fact of the matter is, those people will not be better off as we all suffer when rights are sacrificed for convenience or good feelings.
You can be as "clear" and "forceful" as you like, but simply stating that it's true because you say so (or Bentham says so) is not gonna convince anyone who doesn't already agree with you.
We can trample rights as you say, and we do it all the time. It is neither moral or immoral, but reflects the fact that in some ways we are subject to the will of the rest of society, like it or not. I suspect you don't like it in many cases. In other cases, you probably are fine with it. Same here.
That's not the only thing wrong here. A properly designed electronic voting machine will randomize the names of the candidates to avoid giving any one of them an advantage from being on the top of the list. If this voting machine had done this, the double picking errors would be random and not affect the result of the election. That the names are not randomized is a much, much bigger flaw in this voting machine than the double picking bug described here.
I'd say that randomizing the list of candidates is a good idea, too. It would somewhat avoid the tendency of favoring a candidate whose name was in some sweet spot in the list due to the ordering of names. However, this should be a political decision, not something decided by the coder of the machine. The coder should merely give the election board the option of randomizing the order of the ballot, either globally or per ballot. But the coder should not force the user to do it this way. There could be perfectly valid reasons not to randomize the order. For one, you could have a long list of candidates. Finding the one you want in a long unsorted list could be frustrating and time consuming.
sounds like it's not a "default" per se, i bet something isn't being cleared from the register after selection so the next menu has a persistence of touch location. shitty embedded UI programming, i would guess that rather than being even driven the UI cycles through an input loop that looks like an old basic getkey x loop, (except gettouch x,y) and fails to clear x and y after selecting a language and proceeding to the voting menu
Looks like a Diebold voting machine, in which case it's shitty windows UI programming.
But embedded or not, it still looks shitty. When the person demonstrating the practice of holding down "English" button, the screen switches to the ballot without the finger being lifted off "English". Now the finger is resting on a candidate's name and selecting that candidate and the box gets checked. I can't see why the UI should assume that the user has made a selection on until he lifts his finger in the first place.
Perhaps the person's finger is jittery, and bouncing up and down on the touchscreen. But it's not a difficult matter to "debounce" the input in software. The user hasn't made a selection unless the screen has been touched for a minimum period of time and not touched for a minimum period after that. You'd need to tune the times a little just to make sure the screen didn't appear too unresponsive. You should alter the appearance of the button when pressed vs, depressed an possibly use sound as well. I did this when I was developing the (never produced) Linux version of the iVotronic for ES&S. It just seemed like the reasonable way to code the interface.
Not any more. The progressives are bringing up initiatives in several states to where a person can legally vote even if they are here legally. It's pure insanity, but that's the progressive agenda, pure insanity.
I think Woodrow Wilson is standing outside your window right now, getting ready to force you to learn Spanish.
Err...exactly why is there a choice to vote in Spanish or English?
I mean...is it not a requirement for those coming to this country, to attain citizenship to show on the exams, a proficiency in English??
And you do have to be a citizen of the US in order to vote, don't you?
Knowledge of English is not a prerequisite or requirement to be a citizen of the US. There is not an official language of the US. Perhaps if one became a citizen through immigration and naturalization, then one would have had to have been as proficient as necessary to pass the citizenship exam. There are more ways than that to become a US citizen, however.
I can think of no ethical reason to make it more difficult for citizens to exercise their franchise. If you are holding an election where a substantial portion of the electorate is more proficient in another language, then you should provide ballots in that language.
Seriously. Their names get stupider every release.
Well, what would you prefer? Names of characters from a popular series of movies?
The real question you should be asking yourself is; why do we (and I mean everyone, rich and poor alike) need to pay so much to a government that simply wastes that money, for the most part.
But is that really true, the government wasting most of it? OK, no organization can be perfect. I accept that. But if there were no government spending on promoting the "general welfare", you might actually be less prosperous than you are now, despite your lower tax burden.
This may seem counterintuitive. Governments, at various levels, can provide roads and an educated populace, to name just a few of the more apparent benefits. These work to increase the value of the people's labors. When you can sell your widgets across the state, the nation and even the world, then you can potentially sell more widgets. When you can hire employees that already know how to read and you don't have to teach them, that's a direct benefit to your business.
But you don't have to believe me or even accept my explanation that taxes collected and spent reasonably actually increase prosperity. Look at data from the World Bank, or the CIA Factbook, or the WTO or wherever you like. Compare the GDP per capita of nations to their effective tax rate. Notice that once your tax rate gets outside the approx. 20-45% range your GDP per capita drops. (There are exceptions to this, of course. Countries with huge resources w.r.t. the size of the population do just fine at any tax rate -- Kuwait's a good example of a country with low tax rate due to their large oil wealth.)
Step One: Study RIAA methods and business practice. Step Two: Find some old stuff alying around that people seem to like. Step Three: Claim "Ownership" of aforementioned stuff. Step Four: PROFIT!!!
You also inadvertently described the Walt Disney Company.
.
.
I despise Microsoft... MS Orrifice 07 was the last of the last straws... That IDIOT shit for brains ribbon was REALLY fucking stupid, but what compounded the stupidity of it all was the fact that THEY refused to have the functionality of reverting to menus in the program.
.
So we all have to put up with stupid corporate types, forcing shit software upon us, that panders to people who have shit for brains.
.
Fuck them - dickheads.
.
And you MR Simpleton - you condone that crap?
WTF are you talking about? I began my statement by saying I really wasn't talking about office at all -- since I hadn't used it in a long time -- but rather the general concept of having both a sophisticated interface for experts and a simplified system for beginners and casual users. Chillax, man!
Steeling copper telephone cables for their copper content is a pretty desperate crime - even at the spot price of copper quoted (the thief will be offered far less by the scrap-merchant) - they'd need to pinch an awful lot of it. There are surely much more lucrative metals to steel than this?
Oblig. Onion Link
Do the same for scrap metal dealers what they do here for pawnshops. Put a four week hold on all payments. Payment by cheque only, mailed to the name and address of the government ID of the person selling the scrap metal. Discourages 90% of the "disorganized" (i.e. drug addicts and homeless) opportunistic or desperation type theft. The delay also lets the power and telco companies come around and retrieve their stolen goods before they get shipped off or melted down.
Whenever I've sold scrap metal in the US, they've taken down my vehicle and driver's license number and cut me a check. And they're unwilling to buy building materials without some documentation of their provenance. Naturally, some scrap dealers must be rather less ethical and law-abiding than those I've dealt with, because copper guttering still gets ripped off churches.
I think you should maybe see a doctor... :P
Actually, that's normal and healthy. You see, when a Mommy and a Daddy love each other very much . . .
So they can steal from their employers instead?
We call that economic transaction "wages", not stealing. The criminalization of poverty and the assumption that the poor are all thieves is just astounding.
Why are you upgrading if there is no reason to upgrade? This one still baffles me to no end.
Probably document version compatibility. Or possibly not his choice . . .
Very few who were actually competent in the advanced Office features prior to the ribbon liked the change, because it meant that they had to go hunt for options that they knew used to exist. People who were never very familiar with Office loved it, because there were no large menus to get lost in. MS is happy because now your grandmother can probably work out how to use Office and you still will (unhappily) pay for it as well.
It shouldn't come as a surprise that MS is willing to whore themselves out to the lowest common denominator. Office is no longer specialized software... it's for the masses. However, if you want to write a 5 page memo without images or plot a few points on a graph, it allows you to do that with little initial setup. But if you want to write a 300 page Ph.D. thesis or work with an array of more than 65K points, you'll need to explore other options... unless you like the M in S&M.
OK, I haven't used MS Office in a long time -- at least not any recent version. Are you saying that MS removed the old interface and replaced it with one easier to use for beginners? Having an easy-to-use interface for beginners is a great idea. Also great for people who just don't need to use the system -- or even certain parts of it -- often enough for them to be practiced and expert at it. But why the heck would they remove the old interface entirely? Maybe it's the "Design of Everyday Things" talking, but why wouldn't they keep the old one for more sophisticated users. There's nothing wrong with having an easy interface for casual use and an advanced one for the advanced users. It's actually a very good solution in this kind of case.
a = b a^2 = ab a^2 - b^2 = ab - b^2 (a+b)(a-b) = b(a-b) a + b = b 2b = b 2 = 1
Oops, div by zero error. But still funny.
So You the customer signed a contract with the cell phone company. You agree to a certain amount of minutes at a certain rate plus additional fees should you go over those minutes. You use your phone. You go over the minutes. But when the cell phone company sends you a bill it's stealing? Don't you have the ability to track the amount of minutes as the month goes by? Even if you don't that's not exactly the cell phone companies fault as you signed up to do business with them.
The customer is also probably the citizen of a democracy of some sort. In such a system, the people can participate in making laws when they feel that some actor -- corporate or natural -- is harming them. The cell phone company knew this when deciding to do business in the country. If enough citizens can demand redress for this grievance through their government, it is their right to. Can the phone company complain about this? Well, sure, but as you pointed out, they voluntarily decided to do business in the country.
Now can we please get one-time credit card authorisation?
Amex did this for a while about 10 years ago. I used it and liked it. Then it went away.
How long until making photocopies of your butt becomes a thing of the past?
This is the new Volvo I want!
My wife locks me out every time she accesses our bank account. Our credit union has implemented a new "security" feature where the account number and password remembers the cadence that you enter the information. If the cadence doesn't match, it rejects it. I type a lot faster then she does, so my cadence is never even close to what her's is.
"We got the cadence checking thing to work on login!"
"That's Good!"
"But now we've locked out one half of all our joint-account holders."
"That's bad."
Frankly, a lot of his advice is bad. I use the same password for most of the discussion-only forums I visit because there's little reason not to. I have no reason to suspect that the operator of Forum A to know that I also participate in Forum B, and even less reason to suspect that they will use that information to impersonate me on Forum B. There is no confidential info in those profiles, either. And it makes it so much easier to remember (i.e. not write down) the password (singular) for those sites, especially ones I visit infrequently. It's a calculated, informed decision.
An advantage of your approach is that if you post something you later wish you hadn't because it gets you in some kind of trouble, you have some plausible deniabilaty.
Sharing a password with your wife, assuming you trust her, not that big of a deal.
It's a big deal and not a good idea. When your security is broken for whatever reason (trojan, key logger, intrusion, etc...) you don't want to have the extra trouble that a tiny possibility of a doubt exists that maybe, just maybe, your wife did it.
In that case, one probably has a more fundamental problem, one that is not limited to the scope of passwords and online accounts.
was the "with passwords" part actually needed in the title? ;)
If a majority or a large minority of the users of a system are using it "wrong," then perhaps we ought to consider if our definition of "right" is right. And if we are right about how it should be used, we ought to consider if the system really is that well designed in the first place. If a system is hard to use in the way considered "proper" to the designer, there may be a design flaw . . .