Slashdot Mirror


User: 99BottlesOfBeerInMyF

99BottlesOfBeerInMyF's activity in the archive.

Stories
0
Comments
10,115
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,115

  1. Re:Simple: This is all non-sense on Mac OS X Versus Windows Vista · · Score: 1

    Does your comment make any sense? I don't mean "is it correct," I mean, "what is it supposed to be saying?" Please try again, this time with some sensible nouns.

  2. Re:Perfect timing on Why Software Sucks, And Can Something Be Done About It? · · Score: 1

    It probably IS the result of the users telling the programmer how to do things, and they did it that way on paper. No sane programmer would go out of his way to prompt (and test, validate, deal with wrong values, debug all that mess...) for data that he already has.

    Some of the software I work with and help develop has a UI that in 90% of cases requires the user to re-enter the exact same data twice. That is because 90% of the time, this data is identical. A good analogy would be billing and shipping addresses. Usually they are the same, but sometimes they are different. Most online retailers solve this by adding a checkbox to duplicate the data, but since you still need the ability to change this, you still need to validate it etc. It is faster for a developer to copy and paste, change some variable names, and call it good. A developer who cares about the UI and end usability will add the check box, but one who doesn't isn't insane, merely lazy. For the record, the individual who coded our broken UI is not insane or unintelligent. You may well have read some of his books, or attended some of his lectures at a conference. Heck you may have taken CS courses from him when he was a prof at a fairly prestigious university. The point I'm trying to make is that a good programmer and a good UI designer are two different skill sets and most programmers are never taught the latter skill set.

  3. Re:I already talked about this. on Hackers Disagree On How, When To Disclose Bugs · · Score: 1

    What if it's a new car and a wheel keeps falling off? ...ultimately I think the responsible thing to do is release the exploit immediately.

    What if it is an old car and one of the locks sticks sometimes, when it is cold out? The problem I have with your argument is that you're trying to argue in favor of always taking an action based upon a situation that is an extreme. Sometimes it is ideal to release info immediately and sometimes it is not, depending upon many factors. Not all companies need poor press to motivate them. Some of them have huge bounties on bugs because they are really, really, really interested in fixing them as quickly and with as little risk to customers as possible because that is part of their business strategy. You're simply painting with to wide of a brush, IMHO.

  4. Re:This is just a little bit crazy. on Why Software Sucks, And Can Something Be Done About It? · · Score: 1

    What do they think the difference is?

    I've never studied this specifically, but I suspect it is simply that they are uncertain what will happen or what exactly they are doing.

    I can't think of a single instance 'save the changes' that didn't mean 'save the file to disk'...

    Many users don't know or fully understand what a hard disk is, just like they don't know what a heat sink is. They don't think of either type of "saving" as writing a file to a disk because to many a file is an electronic piece of paper. If you follow the metaphor, all changes to that piece of paper should automatically be saved, just like changes to real paper. If a person is deciding to save or throw real paper, they either toss it in the trash or set it on their desktop or in a drawer. The concept of "do you want to not unwrite all the changes you made in the last hour" being equivalent to "saving" is the stumbling point.

    Please note. I'm just speculating here based upon the info in the article. Whether this is a real problem for users or not needs to be determined by user testing. I'm positing reasons, why this might not be a bad thing to test for. As someone who has done some usability testing I can tell you this would be far from the least intuitive usability problem I've seen.

  5. Re:This is just a little bit crazy. on Why Software Sucks, And Can Something Be Done About It? · · Score: 1

    You've never deleted a file over the network have you?

    That is a serious edge case, as I'm sure you know.

  6. Re:You could just stop using Windows... on Voice Over IP Under Threat? · · Score: 1

    How is an OS to know that the file being modified is phone numbers rather than configuration settings?

    Because the first one is called "Phone Numbers.db" and the second is called "Address Book Settings.xml."

    So if every time a user double clicks a file, you would like the OS to inform them that they have run a program?

    No, I'd like them to be aware before they click that the item they are clicking is an executable or data. The UI should make this 100% crystal clear. Today, this is not the case. Then, it should also make clear (if it is data) what program is handling that data for them (which most OS's do just fine already).

    Haven't you just created the example that you blame Microsoft for (users being too comfortable clicking through menus)?

    What do you mean by menus? I never said how the OS should inform them. Perhaps labeling all executable files in a special way would work. I'm certainly not talking about a pop-up dialogue box though.

    Companies remove free support for products in all industries, all of the time. At some point in time users are moved to newer products for multiple reasons including profits and new features.

    True, however, not all companies have leveraged a monopoly in one market to dominate the market for a second product. A lot of people are trapped using IE6 instead of Firefox or another browser because MS illegally leveraged their OS monopoly to corrupt Web standards and make a lot of Web pages and applications Windows specific. That is their fault and it was a criminal act.

    First of all, there is competition, though limited. MacOS and Linux exist and are in use.

    I don't think you understand economics or monopolies. MS's customers are computer manufacturers and large businesses. If you were made CEO of Dell tomorrow, what choices for the OS component of your computers could you choose that would not get you fired in your first week? The answer is Windows. Apple isn't selling into that market. Linux is an option, but has such a small share on the desktop and is hindered by so many Windows lock-ins (very few commercial games for instance) that is not really an option. Worse, since MS has a trade secret license contract with you that you periodically re-negotiate, if you don't keep them happy they can raise the price and you'll lose that entire chunk of the market. This makes a gradual migration almost impossible. You have no options. You know it and so does MS. Assuming because other OS's exist that there is competition in the market is a mistake.

    Fact of the matter is, if Windows were half as bad as posts on Slashdot make it out to be, MacOS marketshare would be much greater than it is now, and a larger market would exist for Linux OEM systems.

    Read up on monopolies. The reason they are so dangerous is because they allow the monopolist to maintain or grow market share without having as good of a product as potential competitors. They do this by introducing artificial problems with competitors, like the inability to use secret protocols and formats.

    But Windows meets the needs of most consumers...

    "Good enough," is not sufficient for a free market. Our economic system is built upon the assumption that the best product wins. Monopolies allow the market forces to be bypassed so that does not happen. At that point we get all the drawbacks of socialism, but without the ostensible goal of benefitting society. It is the worst of both systems, which is why it is so restricted by law in almost every country in the world.

    MacOS heavily restricts hardware options.

    Apple restricts hardware options primarily because of MS's monopoly. They tried licensing their OS and almost died in the process. You can't directly compete against an entrenched monopolist. Apple has adopted the classic strategy of bypassing MS's monopoly through creating a complete and separate vertical chain of supply including hardware and consumer software. If MS'

  7. Re:This is just a little bit crazy. on Why Software Sucks, And Can Something Be Done About It? · · Score: 5, Insightful

    The word "save" isn't that hard of a word to grasp. People save money. People save possessions. Saving documents is no different. Grade schoolers understand it.

    Part of the problem is that computers intimidate users. They never know if it is going to break when they do something. "Save" is a term that is strongly associated with computers these days. Saving a file and saving changes aren't so much "saving" as they are writing something to a semi-permanent record. They don't fit well with the document/folder metaphor because on paper people save a file or they toss it, they don't save part of a file or undo all the writing they have done in the last hour but keep the file itself and the old work. On the back end saving changes or saving a new file is pretty much the same thing. You write to disk. It is not so in the minds of many users.

    What really cracks me up, though, is that he argues that when deleting documents, there should be *no* confirm.

    It is hard to see what the author is arguing from this brief bit, but he's right that their should not be a dialogue confirmation. Users already have a trash can they can look through and it properly asks for confirmation. When you delete a file, it goes to the trash and you can always take it back out. The huge number of dialogue boxes, particularly on Windows are a classic design flaw.

    If they don't read it, what difference does it make what's included in the dialogue? I've made messages that were very easy, simple to read and understand, only to have them overlooked.

    Many dialogue boxes don't even give the user a choice and most users simply click "OK' over and over again until it is a conditioned response. Worse than the number of dialogues is Window's penchant for keeping the buttons the same, which facilitates this behavior. Is it so hard to have it say, "Do you really want to throw this file away, (Throw it away)(Don't throw it away)." With such a message the user must read at least the button, at which point they know what action is being taken because the button is itself an action, not "OK."

    Next, the author mentions that error messages need to state *why* something failed. Wait a second... I thought he was just arguing for simpler error messages, but now he wants to know specifically what happened?

    Messages need to be fewer and clearer, not necessarily simpler. Adding more information in a dialogue is just fine, so long as it is properly constructed.

    There are some rather atrocious error messages out there, but it'd be safe to say that there are more end users out there that don't read things carefully.

    Yeah, and dogs salivate when you run the can opener. If you build a system that operant conditions people, you bloody well shouldn't expect them not to be conditioned, especially when they're just trying to get things done and don't care about using the computer at all. It is a tool, and a badly designed one in many ways.

  8. User Centered Not User Designed on Why Software Sucks, And Can Something Be Done About It? · · Score: 4, Insightful

    RANT: Designing good, easy to use software is not as hard as many people to think, although writing it is harder than what most people do now. User's are not good at designing software, but only the user knows what they want to do and how they want to do it. This should be the beginning of the UI design. "What does the user need to do, and how can they do it most effectively." This should be almost completely divorced from how the program goes about providing the functionality. Usually, the UI should be up and running before the back end is really started. Most software today is designed the other way around. "We can make software that does this and this and this, now how can we let the user get to those features." The term "user centered" is in contrast to feature or engineering centered. Users should not be designing it, but you do need their input and testing to see what works and what doesn't. Follow the basic rules of UI development and you can miss many obvious problems, but at some point you need users to show you what you missed.

  9. Re:Typical FUD - To support OOXML 'fully'... on Dark Corners of the OpenXML Standard · · Score: 1

    First, this is NOT why Microsoft has produced the format. It has produced the format so that it can claim that it uses an 'open' standard so that it doesn't find itself forced into support for ODF.

    Which is pretty much what I said.

    ...presume that Microsoft would actually make a new version of word's file format dependent upon a construct already marked 'deprecated' from word 95? Come on, you and I can both come up with crazy paranoia ideas that are better than that one ;)

    This is just one of many possibilities. Last I heard they still had both patent encumbrance, and a license that only allowed the current version of the spec to be used, theoretically meaning they could legally stop any other word processor that implemented OpenXML v1, v2, and v3, from providing backwards compatibility with v1 and v2 (when and if such versions are released). More likely, they will try to glom on some proprietary encryption as part of a "secure document" scheme and then sue the DMCA to make interoperability illegal. They have lots of options. The point being, this is not actually an open standard and they have many ways to prevent users from getting the same benefits OpenDocument will provide.

  10. Re:MIcrosoft sucks. on Dark Corners of the OpenXML Standard · · Score: 1

    A pilot knows that he's drinking at the time that he's doing it, and knows that it's against the law to do so while flying.

    And so you think MS, after having been convicted of it multiple, and with more lawyers than god on retainer don't know when they're illegally leveraging their monopoly. For $10K a year they can e-mail me and I'll let them know. It isn't rocket science. It is naive to think MS is ignorant. They know exactly what they're doing and have built their business model upon the assumption that it will be more profitable to break the law and pay fines and settlements and bribes to politicians, than it is is to not break the law in the first place. So far, they've been completely right.

    So while a company is engaging in normal business activity, some judge years later can rule that the company had a monopoly years ago, and rule that those normal business activies were therefore illegal.

    In the US and EU 70% of a market is the point at which the courts first look. If you have 70% of a market, you just ask your lawyer. It is pretty obvious by your influence on the market if you have a monopoly. Further, the courts basically did nothing to MS the first time they were convicted. So what is their excuse for all the new and continuing violations since then? Did they forget they were a monopoly?

    's best to engage in normal business practice, and if some judge rules in the future that it was illegal because he declares that you had a monopoly at the time, then deal with it at that point. And doing that would not be "evil".

    Hey guess what, monopolies are rarely punished for antitrust violations except for practices after they have been found by the courts to be a monopoly. I have no problem with a company saying, "hey we didn't know" and then changing their business practices the first time. After that however, they have no excuse. MS has a monopoly and since they were declared to have one they have not stopped bundling and tying to other markets. That is knowingly breaking the law for profit. I have zero sympathy.

    IBM was selling and heavily advertising OS/2 throughout the 90's.

    And their market share among OEMs was what again? Oh, less than 1%. Nice try, but no dice.

    MS subsidized Apple, and many said that part of the motivation was to ensure that MS did NOT have a monopoly

    Umm, MS lost a patent violation lawsuit. They bought some shares of Apple as part of the settlement, but the money was less than 1% of the liquid assets Apple had on hand. If you consider that "bailing them out" you're on crack.

    ...everyone (certainly Mac advocates) assumed that Mac OS and Windows were competitors...

    If the economists, lawyers, and financial advisors working for MS thought that I hope they were all fired. You're only a competitor if you sell to the same people. MS sold to computer vendors. Apple sold to retailers and individuals who were buying computers. Anyone who thinks Sony and Ford are in the same market because Sony sells car radios to car manufacturers, needs to go back to school.

    MS didn't imagine that a judge would rule that Mac OS isn't even in the same market

    Are you kidding? They were IBM partners and the talk of the 80s was IBM's antitrust issues. Your belief in MS's ignorance is a big stretch, and irrelevant.

    Take Apple or Google, for other examples. Is it really so unimaginable that a judge could rule in the future that Apple or Google have monopolies *today* in mp3 players or online music (in the case of Apple) or web search advertising (in the case of Google)?

    In the case of Apple, no they are being investigated right now, as I'm sure Apple expected they would be. Depending upon quite how much influence they have in that market, they may well be forbidden from tying iTunes, ITMS, and iPods. They play by the same rules. Google has way to small of a chunk of the search market to be declared a monopoly, something like 40

  11. Re:You could just stop using Windows... on Voice Over IP Under Threat? · · Score: 2, Interesting

    Or, it would only require a user to run certain software, which is the reason a lot of people get malware/spyware on their computers in the first place.

    Yeah, trojans are a problem, although all the studies I've seen by number of infections put malware without user interaction in the lead.

    This would not stop if there were no holes. It would only stop if there was a way to ensure that people didn't run software they download AND that any software provided to them was legitimate.

    OS's don't need to prevent software from running, just have mechanisms to determine trust levels (signing) and provide granular controls based upon those trust levels, while keeping the user informed about what is happening. The problem with trojans isn't that people double click on things, it's that when they do so the OS doesn't tell them if they ran a program or opened a file, and if a program how trustworthy is it and what is it doing, and giving them the option to stop it from doing things they don't want it to do. The average user never, ever, ever installs a program that they want to have access to their e-mail addresses and phone numbers. Why then can a user click on something called nakedpic.jpg and have a program silently access and modify that list? There is no technical reason and there are even OS's in use today that will stop exactly that.

    The problem is that many people get annoyed at those prompts to the point that they turn them off (if that's an option) or they ignore them.

    This is called poor UI design. If there are so many prompts that users get annoyed, you've messed up your design. The example I gave above will show a prompt that will never be seen by 99% of users. If the user can ignore a prompt it was poorly designed, like almost all prompts on Windows. People can ignore prompts because most of them are useless and they almost all have the same two options (OK)(Cancel). A proper dialogue would say something like, "The program 'nakedpic.jg.exe' would like to read and modify your phone numbers (Stop it from changing my phone numbers)(Let it change my phone numbers once)(Always let it change my phone numbers)(advanced Options)." So the user has four options all in plain English. In they must either read at least one of them, or pick randomly, and even that would be better than defaulting to always allowing everything. People who think UI design is not a security issue (like MS) are way off base.

    The average consumer just doesn't know when to allow permissions and when not to.

    There are probably people in the world that could not understand the message I gave as an example. They are few and far between. For the rest, it is more a matter of giving them the info and control they need, rather than asking them obscure questions in technobabble, most of which are wholly unnecessary.

    Consider that XP is the dominant OS, and that IE7 was rolled out through windows update, yes.

    Assuming all users running a system that supported it and IE6 have already switched, it would have 54% according to the numbers I've seen, so yeah, most but not by a lot.

    Irrelevant. The average consumer is running XP, and therefore has IE7.

    No, it isn't irrelevant. A lot of people are on Win2K and MS decided not support them. Would they have made the same decision if they did not have monopoly control of the market?

    I don't know. But it recognized it, and Firefox didn't. So I fail to see how Microsoft could be blamed in this instance.

    I'm not blaming MS at all, just asking a question and hopefully implying that anecdotal evidence is not particularly useful for making decisions. The point I was making was that MS can do a lot more to stop malware. I showed an example of how they could do so above. Now, I'll hypothesize a reason. MS has no need to respond to customers and give them what they want because they have no competition and, as such, to motivation to do so. I firmly believe that if MS was bro

  12. Re:You could just stop using Windows... on Voice Over IP Under Threat? · · Score: 2, Insightful

    Now, I understand in the Slashdot world, anything that pokes at Microsoft and Windows is instantly thought of as insightful and true, but what the hell does this problem have to do with Microsoft?

    The attack described relies upon a worm that can compromise desktop systems. Worms are a lot easier to implement if their are a huge number of identical targets with identical holes. Currently that target is Windows.

    This problem exists because of social habits of human beings. Most phishing scams work only when there is action taken by a victim that is either uncaring, or doesn't know better.

    You're assuming that improvements to computers can't significantly reduce the risk of the described phishing attack, but that is not the case. Simply by having many different OS's and browsers this type of attack would become a whole lot harder. Further, there is no reason why a given OS should grant a new binary access to read or write to your phonebook without explicit approval from the user with some pretty strongly worded warnings is plain English. In a free market, I'm guessing every desktop OS would include this functionality as soon as it became an issue, but Windows has not done so, despite worms grabbing data from the e-mail address book. The reason for this is, quite simply, it doesn't cost MS a significant amount of money when people are compromised because the vast majority of users don't have realistic options of other OS's (it's not at walmart, kmart or meijer).

    So in my above example, Microsoft was not at fault, in fact, they were proactive enough to protect the user.

    Do most users have IE7? Is it even available on Win2K? Did IE7 recognize it as a phishing site before a significant number of people had already been there?

    Stop blaming third parties for what amounts to human error.

    Sure some malware and scams are the result of human error, but a lot of them are also the result of poorly designed software for the environment in which it is operating.

    And if you think OS diversity would help the problem, you are wrong. People react the same way to phishing scams regardless of OS.

    The previous poster was specifically talking about the scenario in the article. That scenario required that the system was compromised by a worm. Diversity of OS's does reduce the ability of worms to spread and diversity of OS's motivates companies to innovate solutions to out compete others. Those innovations may include ways to stop worms, don't you think? Maybe instead of complaining about people's opinions by trying apply them to a situation they weren't talking about you should consider them in terms of what we're discussing.

    How would the average consumer react if they were told "this software won't work on this OS" or worse "this software only works on certain flavors of linux, but not yours".

    Who says that would be the case? If other OS's were common the practice of writing portable code that worked on multiple OS's and offering them would be more profitable and thus more common. Further, VM software, like portable Java apps would be more profitable. Your cause and effect is reversed. People offer software only on one platform because there is one dominant OS. When there were multiple competing platforms, even long ago, there was more software offered with cross-platform options.

  13. Re:Typical FUD - To support OOXML 'fully'... on Dark Corners of the OpenXML Standard · · Score: 1

    If I want to write a plugin for an open source text editor so that people can exchange word 2000 and later documents with my own editor I would certainly concern myself with supporting the aspects of OOXML which denote Word 95 emulation.

    Ahh, but assume the market standardizes on OOXML for word processing, which is what MS is trying to get governments to buy into. So you've written a text editor that supports that format and conversion from some old MS Word formats. The next version of MS word that comes out then relies upon part of this spec that is part of Word95. Suddenly you can no longer interoperate with standards compliant word processors, including Word because you did not implement this aspect of the spec. You're out of compliance with government contracts, not MS, since they are following the specification and you're not. Since Word still has 90% of the market, no one can just switch to something else easily.

    Thus, MS locks out your word processor and other competitors and maintains their lock-in on the file format, until people realize that this specification was not really open and did not really bring the advantages of an open format, despite MS claiming it does. And having heard all this before, governments and companies are even less likely to try again and assume the new standard is actually, really a standard and not another trojan horse.

    This has been MS's strategy numerous times. Customers want the advantages of open code and open standards and MS promises them that if they stay on board with them then they will deliver open standards and open code, or something just as good. And because most people don't understand the mechanism by which open standards and open code delivers the advantages they want, they assume that what MS is offering will provide that. Look at MS's "shared source" initiative. It lets customers look at the code just like open source, but prevents those users from being able to contribute real changes, branch, make workable fixes, avoid lock-in to one vendor for improvements, or get a pile of free code from other vendors with similar issues. It is open source with all the real advantages stripped away and people buy into it because you can see the code. It won them a number of sales from places that had heard of the advantages of open source code, but did not truly understand anything about how it worked.

    OpenXML is the exact same ploy. It is an pseudo-open pseudo-standard designed by MS to provide the minimum number of advantages to consumers and the maximum advantages to MS, while still seeming to be sort of like OpenDocument. It exists only to steal sales from decision makers in companies and organizations that have heard of OpenDocument or who have been advised by consultants or internal experts to move to OpenDocument, but don't understand why and can be sweet talked by MS salespeople. Don't buy into it. Only a real open standard will bring the benefits of an open standard and OpenXML is NOT open or a standard.

  14. Re:What about a BotNet? on Voice Over IP Under Threat? · · Score: 1

    A serious botnet can have 50k-100k minion boxes out there... Imagine if VOIP hit even 20% penetration

    Unless they're all running the same VoIP client and service, it is pretty hard to grab all those 20%. Another option would be to use a custom VoIP client, if there are free services available for calling out.

    If you were the type of slimeball or, gods forbid, terrorist, what would you do with 20 thousand phones you had access to? Think DDOS on 911?

    To what end? 911 is for reporting crimes and emergencies. The police very rarely show up in time to stop a crime in progress. In fact I heard a story that in some locations the police wait a period of time after arriving at a shooting incident before going in, in order to give the shooter time to leave and minimize risk. The damage from DoSing 911 would probably just be more fires burn places down instead of being put out in a timely fashion.

    People maybe shouldn't be allowed to run their VOIP systems on just any old machine...

    The government regulating this would be a huge clusterfuck. They can't even secure their own machines. Micromanaging this won't work. We have a way to insure that machines are relatively secure. It is called "capitalism." Restore the free market to the computer space by breaking up MS and then people will move to solutions that don't result in spurious bills from foreign pay-to-listen sites.

  15. Re:Logical progression on Voice Over IP Under Threat? · · Score: 1

    Perhaps its because im some sort of luddite, but the VOIP system that i have hooks up into the phone line, not into the computer. Who would trust there computer for anything?

    What you're failing to understand is that your VoIP system is a computer, just a specialized one. As to who would trust their computer, lots of people. The main problem being a lot of those people are running Windows desktops instead of a specialized computer or a Linux machine or an OS X box or, well really anything but a Windows PC.

    The only "victums" of this would be the morons that are to lazy to use a actual phone.. are phone numbers hard to remember?

    I don't have a landline anymore and I'm by no means the only person I know who has chosen this route. Yes, phone numbers are hard to remember. They are arbitrary numeric codes and my cell phone has about 150 of them in it. I'm certainly not going memorize all of them. Further, I don't use printed phone books anymore either, rather I use the computer to look up numbers. Thus, a computer is already telling me the number to dial in many cases.

    phone books hard to use?

    Phone books are slow and out of date. If I type "pizza" into my computer it gives me a list of pizza places arranged by how close they are. When I see the one I want I click on it and the number displays in giant numerals on my screen so I can see it from across the room if I want. Where is my motivation to downgrade?

    ...why trust your computer when you hear about all those breakins...

    Most people don't hear about them or notice when they're compromised or even know anyone who mentions such a thing. Most people assume products have to have a reasonable level of security or they would not be for sale in the store. Most people assume the computer market is a free market and thus what is in the the stores is the best product on the market. I doubt that most people would even think of this unless it made big news or happened to them.

  16. Re:ppc on Premiere Back on Mac · · Score: 1

    Maybe they figured out that their low-level assembly code, already tailored to the Intel processor, could be married to their already existing OSX front-end code, thus making bringing it over to OSX relatively easy to do.

    More likely they noticed that the mac market had doubled since they made the decision and the mac video editing market had quadrupled and did not want to be left out of it.

    As for competition? Hardly. Premiere is already a mediocre program on Windows. I doubt it's going to suddenly get better just because it runs on OSX.

    I've never used it, but I hear it has improved greatly in the last few years as they struggle against Apple. It certainly does get suddenly better if it runs on OS X though, because cross-platform portability is a huge feature they are losing out on.

  17. Re:Backwards compatibility on Dark Corners of the OpenXML Standard · · Score: 1

    I've used every version of Winword from 1.0 up to 2002, and each one has been able to open documents from the previous versions with a substantially higher degree of success than I get today opening them with OO.o.

    I used to manage a lot of .doc and .rtf files created by different versions of Word, including on both the Mac and PC. We had a whole slew of .doc files that the current version of Office for Mac and PC could not open, but which OpenOffice managed. It has been a standard tool for that purpose in my arsenal for years now, and I'm not the only one. I twas even mentioned in a lecture at a conference I attended about archive file formats. Problems with Word files also seem to get worse as the number of images and the file sizes increase. We actually had a procedure in place whereby we would save a file, not close that file, transfer the file to another machine, open it on the other machine, and then quit Word and archive the file. This is because Word often silently corrupted files on save and it was the only way to be sure we'd be able to open that file again. Note, this was Office 2000 era. I've luckily not had to use Word for large files for a long time and the last one I opened, I used TextEdit.app.

  18. Re:Length on Dark Corners of the OpenXML Standard · · Score: 2, Insightful

    Afterall if Microsoft wrote the spec, and has implemented the spec, then how difficult could it be?

    Did you read the article. Some of the spec is things like "do what MS Word 5.1.4 did with line spaces." How exactly is anyone other than MS supposed to implement that? By reverse engineering a whole slew of old products that are not even available on the market anymore?

    I once spent 18 months writing a 3000 page spec, and it only took a team of 5 another year to implement it.

    That's fine but this spec isn't even a spec in the proper sense. It references specific closed implementations by MS and other vendors. Since those other implementations are not themselves specs, neither is this one.

  19. Re:MIcrosoft sucks. on Dark Corners of the OpenXML Standard · · Score: 1

    You forgot those crazy laws that grant human rights to corporations in the first place.

  20. Re:MIcrosoft sucks. on Dark Corners of the OpenXML Standard · · Score: 2, Insightful

    Things that are illegal for a monopoly are perfectly legit for a non-monopoly. It's a crazy law, but that's how it works.

    I think your logic is more than a little broken. Monopolies have a great deal of power that other's don't have. They can undermine capitalism in a market and destroy innovation in entire industries. They can spread causing that damage to other markets. Think of it like this, people piloting airplanes aren't allowed to drink or step outside for a cigar, while those behaviors are perfectly legal for people who aren't piloting planes. Isn't that crazy?

  21. Re:Competition improves the breed on Premiere Back on Mac · · Score: 1

    adobe bought out avid some time last year.

    I had not heard that and Google doesn't come up with anything on the first few pages. Do you have a source? Are you sure you're not thinking of their huge Macromedia acquisition?

  22. Re:ppc on Premiere Back on Mac · · Score: 3, Insightful

    Yes, and Framemaker next, please.

    As far as I know Framemaker was not cancelled for the Mac, Linux, and Solaris because those platforms were not profitable. It was cancelled because Adobe suffered (suffers?) from a serious case of Not Invented Here syndrome. You'll notice even the PC version is nearly mothballed with few improvements as it just barely keeps up with some of the new technologies on the market. As of a few years ago I was told that Adobe dearly wanted to kill it off, but users were unwilling to switch to their replacements. Of course their replacements were simply pulling a few of the features into InDesign and assuming that would make everyone want to switch. So they didn't want Framemaker, just the customers of Framemaker and they were unable to deliver something else acceptable.

    In my mind the Premier re-release was simply because their is such a demand in video editing for Mac compatibility and they were losing sales left and right not just to people who wanted to use a mac, but to people who worked somewhere where they needed the option to use either. What holds more hope for Framemaker is the merger with Macromedia that might help cure the NIH syndrome Adobe has always had, which in turn could save it on both platforms. Given all the work integrating both product lines, however, I doubt this will be a priority unless they get some real competition.

    Hopefully Apple comes out with a decent document authoring tool (not layout; they're different) like Pages on 'roids.

    This might help, but Apple is in the business of selling Macs, more than anything else. They are unlikely to make such a program cross-platform and as such it would miss a big chunk of the target market and probably not really take off. I think someone like Microsoft could actually do more damage in a hurry and restore competition, but we all know they would immediately try to tie it to other products and undermine that competition. So I'm not really optimistic. This might actually be a job for someone starting with TeX and building an open source, cross platform tool that they intend to use internally (IBM I'm looking at you).

  23. Re:I already talked about this. on Hackers Disagree On How, When To Disclose Bugs · · Score: 1

    If a Company releases software that is buggy. The very instance you find an exploit, it should be released to the public with all that you have researched including example exploits.

    Why? If there is no known exploit in the wild and without the information I have is unlikely to be one, why should I make things easier on malware authors. If the vendor has a history of quickly fixing reported vulnerabilities, how does it benefit me to undermine the security of my own system in that way? Full disclosure might be necessary to motivate a vendor, but if it is not necessary, it is counter productive.

    If you got screwed at the used-car lot, you'd let your friends know the details...

    If I bought a used car and then later found the locks did not work, I might tell a friend and I'd certainly call the dealer. I wouldn't, however, put an editorial in the paper including my car's description until I had a solution to the problem.

  24. Re:Opinion Swing? on Hackers Disagree On How, When To Disclose Bugs · · Score: 1

    If the responsible disclosure rules are well designed there is no reason to treat any vender good or bad differently.

    I disagree. If I find a big vulnerability and submit it to the vendor my next action depends upon the vendor. Some bugs take longer to fix and I won't necessarily know what a reasonable amount of time to wait is. If one vendor has a good track record and e-mails me back right away to say that they are working on it in it will take them 20 days, I'm inclined to wait at least 20 days before announcing it publicly. If the vendor has a lousy track record and after two weeks, they get back to me with a canned response about how they will look into it but can't make any promises, I'm more likely to make it public. If a vendor gets back to me and says it will be fixed in one month, but the last time I sent them a bug they said the same thing then sat on it for three years, I'm likely to go public with it more quickly.

    Treating all vendors equally is not avoiding prejudice. Tailoring your response based upon reasonable assessments of the vendor, based upon experience and response, makes a lot more sense. How long you give a vendor should be based upon an assessment of how long the bug should take to fix, if the bug is being exploited, what risk the bug presents, how easy it is to exploit, how easy it is for end users to mitigate, communications from the vendor, the likely response of the vendor to a non-public bug, the likely response of the vendor to a public bug, and the ease/cost of replacing that software.

  25. Re:Opinion Swing? on Hackers Disagree On How, When To Disclose Bugs · · Score: 1

    So disclosure is supposed to be the hammer over the vendor's head to "make" them fix it?

    If that is the only way to get them to fix it, yes. Several times that I know of bugs and even demo exploits were publicly released after researchers gave up on waiting for the vendor to ever fix it, or even respond saying they would fix it.

    Well, what if they have difficulties or other reasons that make it unlikely they are going to fix it?

    The point of security research is to promote security. If a vendor is unwilling or unable to fix holes, then people should be made aware so they can switch vendors to someone competent or mitigate the problem using a work around.

    In other words, what if they don't care about your hammer? Then disclosure just insures that it is out there to be used as a weapon against humanity at large.

    If one person can find it, so can others, and they probably will. If the vendor refuses to fix a problem in something they sold me, I want to know so I can do whatever it takes to reduce my risk. This might be turning off a service I don't even use, or it might be replacing the entire setup. If I don't know, I can't do anything about it until it is too late.

    You know, if you like actually used Windows or something like that.

    But I do use Windows, I just take care to properly isolate it from security risks because it cannot be trusted.

    Since you probably don't and don't give a rats behind about the people that do, then I guess so what?

    A whole slew of malware has exploited the RPC service on Windows. For 99% of users, there is no reason for this service to be exposed on the network at all. It was the subject of a zero day exploit, then a whole series of other exploits. Because of the announcement of later exploits, a lot of the worms were stopped from hitting a lot of machines, because people managed to isolate that port, set up ACLs in routers, replace the server with a Linux one, etc. Disclosure benefits users because it motivates fixes, but it also protects users because it lets them take action to defend themselves.