Honestly, convincing several close friends, my girl and my team at work to switch partially or completely to Macs has been totally egoistical.
It's cut the time I spend on troubleshooting weird driver issues, fixing filesystems from an OS crash or cleaning up malware-infected crap to almost nothing.
At the hourly rates most of us here on/. are worth, even buying a Mac for a partner/parent/kid would be a profit for us compared to letting them buy a PC.
So yes, maybe we Mac fanboys are enthusiastic - and we have damn good reasons for it.:-)
Quite a lot of people never liked Bill Gates. Not his person, not his business ethics and not the software he created. There's enough stuff on the Internet about his early disagreements with Free Software advocates, for example.
And far from the article, like it or not, Microsoft and especially Gates are still hailed as the best and greatest in a lot of trade magazines and computer magazines for the non-techies. Despite the crashes and bugs and problems, a lot of "regular" people believe that they invented "the cumputa".
But there is no bigger tribe, and none more zealous, than fans of Apple, The windos crowd is definitely bigger, and the only reason they're not seen as zealous is that their particular "faith" is the norm and not as often questioned (except here on/. and we all know that the MS shills come out in droves and many very good anti-MS comments get modded down very quickly).
Walk into the IT department of your company, to the guys with the "Vista" keychains or whatever trinkets MS handed out at the last trade fair, and ask them for help adding your Linux or Mac machine to the domain. Or tell them you need OpenOffice installed on your PC. Then you'll see "zealous".
The real difference isn't that forging is more difficult.
The real difference is that undetectable forging is a whole lot more difficult.
With a paper ballot, there are a couple hundred years of forensics that you can throw at the sample to test whether they were all filled out by the same person, for example. Modifying existing ballots is even harder, if you want to do it in a way that stands up to any kind of investigation.
In pure electronic voting, one bit is for all purposes identical to another bit, and the only checks you have against tempering with the data or software are - other data and software.
I just know a lot of people with the "all users are evil" attitude, and most of their networks are among the least secure that I've had the pleasure to inspect.
Maybe you are the exception, that's entirely possible.
So, what does the "whatever" mean in instruction (1)? How much stuff does that "authorize"? Something was authorized there. But I can't say what. Then ask for clarification. In case of doubt, nothing was authorized, that was just a fill-word.
And I am authorized to play music. But the computer didn't have a program that could play music. It seems, then, that I was impliedly authorized to install a music-playing program. That is a dangerous assumption. I mean that. You can probably lose your job over it. Now I don't know the circumstances, but to use a metaphor: You have a driving license (authorization to drive a car), but that doesn't mean you can steal your bosses Porsche (authorization to drive that specific car).
I was not given any information regarding who to go through to get software installs authorized. Again, that doesn't mean you have authorization. Lack of information != authorization.
Yes, the information policy at your job sucks. Yes, they probably need someone who tells them that reducing employee confusion would be a good value.
Fired eh? For treating a secure network like a secure network, and not like a kiddie pool for helpless users? Actually, let me reconsider that. Fired for not being able to read and comprehend a simple sentence. I wrote quite clearly that your attitude towards the users, i.e. for the people doing the work that keeps the company running and your salary coming in, as "evil".
People wonder why there are constant security problems, and the reason is because everyone assumes that anyone who is on the inside is friendly Partially true, but the correct counter is not to assume the opposite - everyone is evil - but to assume a realistic evaluation of the situation - almost all users are friendly, but there might be malicious ones among them.
The way to prevent that is to trust NO ONE, not to be all happy and nice and just assume you'll never get hit. That's the stupid thinking of an inexperienced geek who refuses to live in the real world. In addition, it's really childish. "Trust no one" sounds great in an action movie and as the lyrics for a metal band. I like to rock to words like that as well, but it's not the appropriate mindset for a real corporate network.
Again, the proper solution is a more refined attitude towards trust. That's not a binary value. Most users can be trusted with a large set of operations. Some users can be trusted with an enlarged set of operations. Depending on your OS, a few users may have to be trusted with the full set. Different users can receive different trust levels.
Talk to any programmer; user submitted data must be treated like it's straight from a hacker, EVERY TIME. Thank you, I am a programmer. Validating input data isn't a matter of security, it's a matter of quality and proper engineering. Yeah, it might be malicious. Much more likely in the real world, it could be an input error (I loved crashing C students' first "take two numbers as input, add them up and print the result" programs by entering "one", which could really have been a user error because most of their prompts didn't specify it must be numeric input). For many types of input, the data could also have been corrupted in transport or on disk. Validating your input data is simply something you do, and that it gives you security is one of the benefits, yes. But you don't do it because you're cool and the users are evil, you do it because you aren't cool if you don't.
People who put user comfort above security deserve what they get. People who don't understand that security without user comfort will never work are the ones who are getting shafted by the dozen every day. In a well-designed system, user comfort and security are not opposites.
With your attitude, you lock down your systems, you set up an aggressive firewall, you do everything to make a user's life difficult in the same of security - and then you're surprised that they creatively circumvent your carefully set up barriers.
If you're an admin tasked with security, you have to assume all users are evil, If you're an admin with that attitude in my company, you'd get fired.
You can assume users are stupid, dumb and uneducated, in which case I'll tell you to design the system so that stupid, dumb and uneducated people can use it. Evil implies malicious intent, and if your basic assumption of the world around you is wrong, then whatever you do as a consequence of that can not be right (you learned that in logic 101).
Obviously, you don't get the concept of authorization at all.
Was what you do authorized? When and by whom? If it wasn't, then it's unauthorized. It really is that simple.
Authorization can also be if you were given authority (look how all these words start with the same syllable!) for arbitrary sofware installs or something like that, which, for example, many people in the IT have as far as the test systems are concerned (that's why they're test systems, after all).
But, in short, you're looking at it from the wrong perspective. You ask if it's unauthorized, when you really should be asking if it's authorized. Because if it isn't authorized, then by definition it's unauthorized and it simply is much easer this way around.
and half admit to installing unauthorized software on their employer's computers. And if your system allows them to do that, you carry 90% of the responsibility.
First rule of security design is always to make undesired actions either impossible, or at least very difficult and very obviously against the rules.
Half of the time that companies whine about their employees running unauthorized software, there are very few barriers in place to, you know, prevent them from doing that, maybe?
But, while you're at it, please note that several hundred years ago, this wasn't true. The Catholic Church used to be the "sole distributor of the bible", and you had to join it in order to learn the language it was written in. While after Luther the cat was out of the bag and they had little choice, don't forget that for hundreds of years, the Vatican was as protective of its "secrets" as Scientology today - but in a different way. It wasn't the stories per se that were kept secret, but the church maintained a monopoly on interpretation with fire and sword. In a sense, trademarks and copyright law are today's more modern versions of those tools.
In the words of Bill Maher: All religions are batshit.
Show me the secret books of the Bible or the Qu'ran that only the followers who have ponied up tens of thousands of dollars get to see. You can't. There aren't any such books. Not in the same sense, no. But the vatican library is vast, contains a lot of stuff that is hard to find outside, and from what I have heard, access to the interesting parts is far from free or easy.
I'll bet neither have the fundie Christians or Islamists done anything directly to harm you and yours. Then I'll speak for him and say the same, because they did to me. It's been a while, but let me tell you, xians and scientologists aren't half as different from each other as both would like.
Or, as Bill Maher would say: I don't care what kind of crazy you are.
Speaking as someone who knows all three worlds, I'll take "some clever industrial design" over the buggy hell that is windos or the ramshackle self-help set that is Linux any day. Really sorry to say that, just a few years ago I was as convinced a Linux fellow as they come.
And hey, it's not as if MS could write an OS that supports all those third party hardware. Remember that the drivers ususally come from the manufacturers, and guess what MS blames all the crashes on? Answer c), 3rd party drivers, wins.
XP's still a crashing piece of shit. Better than the predecessors, which were utter and total crappy pieces of crashing shit.
If I write a text editor and the license says you can't use it to write poetry, that's perfectly legal. It's probably stupid but maybe I have a good reason. If you don't like it, you know, you can use some other editor.
For the record: No, I don't support artificial restrictions. But they're not illegal business practices.
But maybe some people don't like what author said? For a fanboi: Hurray, we have sdk!. For normal people: well, this sdk is way below our expectations. Your definition of "normal" needs revision. It has been above expectations for most people, and if you've taken a look at examples page, you realize how much power the SDK puts into your hands.
Apple handles the distribution and payment processing, and they don't have to worry about competing with open source weenies. [...] and end users get nickeled and dimed for apps that would have free equivalents in a competitive market. Which is probably why, when you sign up for the SDK, one of the options they ask in there "what are you planning to do with it?" questionaire is "Free Software"...
There's a lot of stuff that I wouldn't want as a Web app. Personal data shouldn't be stored on some remote webserver, for example, plus I don't always have an online connection (think flight mode).
There's still plenty of reasons for native apps if you ask me.
, and easy to program (to anyone who knows objective C) The horror! You will have to learn a programming language in order to write a program! What's the world come to?:-)
I agree. I am a fan of most of the industrial design and ui design that comes out of Apple but if they lock this up I will be ...realizing that the only reason the design thing works at all is that they do stuff like this?
Look at the windos world, look at Linux. On each of them, developers can do as they care. And they do. And it's a horror to behold.
Yeah, MS owns the computing world, so from that perspective, Apple failed.
But if you look at what they rule, and how, you get a different perspective. It's not like windos is the #1 OS because it's so great, we all know that. The state of software is horrible, quality non-existent, interoperability weak - even on the same OS.
What kind of "victory" is that? Yeah, it made Billy the richest man alive. It also made him one of the guys who can't wash his name clean even with billions of bucks poured into charity. He's also a criminal, in all senses but the pure legal one which for some reasons allows you to do illegal things legally as long as you don't do them as a private citizen but as the CEO of a large enough company. He also makes some of the worst powerpoint presentations I've ever seen.:-)
Market share is cool, but quite honestly, I'd rather have a 10% share in any given market and be able to look at myself in the mirror each morning, than having the other 90% and know I'm a scumbag. And I'd rather buy a computer from the honest guy with the 10% share than from the scumbag. Which, incidently, means all the scumbag-lovers are somewhere else, which only makes my choice even more attractive.
So, all you windos lovers: Please stay in your corner, we simply don't want you over here. Write your buggy software for your crashing piece of shit, hail Bill and make sure to buy the xbox720. Meanwhile, we guys over here will simply work on our Macs and use our iPhones and occasionaly wonder what the noise is all about.
Because, you know, I didn't buy an iPhone because every idiot can write shitty software for it, I bought it because I liked what was in the package. And aside from the few dozen guys who bought it to prove the world they can hack it open, everyone else had pretty much the same reason. So the whole whining, crying and complaining over what exactly is or is not possible with the SDK - it's simply pointless. The people who care largely aren't the people who did or will buy an iPhone anyways.
While I had the same joke come to mind, I think the idea has serious merit. Try that thinking part again when you're sober. There are already marketing companies out there who will sell you a grass-roots campaign. There are already companies out there selling you the service of cleaning up any PR mess you made. I'm sure it would be less than three days before one of them offers a "we'll provide both, the consumers and the moderators to put your product into good light on Adipedia" service.
Wikipedia is a collection. Little of the stuff on there is unique. It's a great collection, I don't want to argue its value, but it's not like there would be revalations there, or stuff that you can't find anywhere else. In fact, the Wikipedia guidelines specifically require that the stuff is second-hand.
All it does is collect and categorize it into one place. That's still great, but it's a long shot from "preserve our shared knowledge". archive.org is much closer to that claim.
Yeah, if you simplify it enough, it's "really" that cut and dry.
But it isn't. There are tons of questions like "why pay nothing for your content, and then profit on it?" that go beyond the simple "it ruins the experience/impartiality/whole-idea" thing.
There's the fact that Wikipedia content gets included on many other sites. That's non-trivial to solve if you know anything about marketing and exclusivity deals.
The most important problem is priorities. You simply can't help shifting your priorities towards the hand that feeds you. Anyone saying you can take advertisements with zero effect on your business is stupid, lying, or more likely, both. And that's not a "simple" effect, it's a subtle and difficult one. Newspapers and magazines have lots of experience with that, and it's a fine line to ride at times.
Honestly, convincing several close friends, my girl and my team at work to switch partially or completely to Macs has been totally egoistical.
/. are worth, even buying a Mac for a partner/parent/kid would be a profit for us compared to letting them buy a PC.
:-)
It's cut the time I spend on troubleshooting weird driver issues, fixing filesystems from an OS crash or cleaning up malware-infected crap to almost nothing.
At the hourly rates most of us here on
So yes, maybe we Mac fanboys are enthusiastic - and we have damn good reasons for it.
Err, no?
Quite a lot of people never liked Bill Gates. Not his person, not his business ethics and not the software he created. There's enough stuff on the Internet about his early disagreements with Free Software advocates, for example.
And far from the article, like it or not, Microsoft and especially Gates are still hailed as the best and greatest in a lot of trade magazines and computer magazines for the non-techies. Despite the crashes and bugs and problems, a lot of "regular" people believe that they invented "the cumputa".
Walk into the IT department of your company, to the guys with the "Vista" keychains or whatever trinkets MS handed out at the last trade fair, and ask them for help adding your Linux or Mac machine to the domain. Or tell them you need OpenOffice installed on your PC. Then you'll see "zealous".
Totally correct.
For all we know, the machines could be programmed to work perfectly, except on election day when subroutine X is used (on that day only).
But, we also know that thanks to compiler trickery, even studying the source code isn't enough.
The real difference isn't that forging is more difficult.
The real difference is that undetectable forging is a whole lot more difficult.
With a paper ballot, there are a couple hundred years of forensics that you can throw at the sample to test whether they were all filled out by the same person, for example. Modifying existing ballots is even harder, if you want to do it in a way that stands up to any kind of investigation.
In pure electronic voting, one bit is for all purposes identical to another bit, and the only checks you have against tempering with the data or software are - other data and software.
You're right I don't know you.
I just know a lot of people with the "all users are evil" attitude, and most of their networks are among the least secure that I've had the pleasure to inspect.
Maybe you are the exception, that's entirely possible.
Yes, the information policy at your job sucks. Yes, they probably need someone who tells them that reducing employee confusion would be a good value.
Again, the proper solution is a more refined attitude towards trust. That's not a binary value. Most users can be trusted with a large set of operations. Some users can be trusted with an enlarged set of operations. Depending on your OS, a few users may have to be trusted with the full set. Different users can receive different trust levels. Talk to any programmer; user submitted data must be treated like it's straight from a hacker, EVERY TIME. Thank you, I am a programmer. Validating input data isn't a matter of security, it's a matter of quality and proper engineering. Yeah, it might be malicious. Much more likely in the real world, it could be an input error (I loved crashing C students' first "take two numbers as input, add them up and print the result" programs by entering "one", which could really have been a user error because most of their prompts didn't specify it must be numeric input). For many types of input, the data could also have been corrupted in transport or on disk. Validating your input data is simply something you do, and that it gives you security is one of the benefits, yes. But you don't do it because you're cool and the users are evil, you do it because you aren't cool if you don't. People who put user comfort above security deserve what they get. People who don't understand that security without user comfort will never work are the ones who are getting shafted by the dozen every day. In a well-designed system, user comfort and security are not opposites.
With your attitude, you lock down your systems, you set up an aggressive firewall, you do everything to make a user's life difficult in the same of security - and then you're surprised that they creatively circumvent your carefully set up barriers.
What a surprise.
You can assume users are stupid, dumb and uneducated, in which case I'll tell you to design the system so that stupid, dumb and uneducated people can use it. Evil implies malicious intent, and if your basic assumption of the world around you is wrong, then whatever you do as a consequence of that can not be right (you learned that in logic 101).
Obviously, you don't get the concept of authorization at all.
Was what you do authorized? When and by whom? If it wasn't, then it's unauthorized. It really is that simple.
Authorization can also be if you were given authority (look how all these words start with the same syllable!) for arbitrary sofware installs or something like that, which, for example, many people in the IT have as far as the test systems are concerned (that's why they're test systems, after all).
But, in short, you're looking at it from the wrong perspective. You ask if it's unauthorized, when you really should be asking if it's authorized. Because if it isn't authorized, then by definition it's unauthorized and it simply is much easer this way around.
First rule of security design is always to make undesired actions either impossible, or at least very difficult and very obviously against the rules.
Half of the time that companies whine about their employees running unauthorized software, there are very few barriers in place to, you know, prevent them from doing that, maybe?
As I said: Not in the same sense.
But, while you're at it, please note that several hundred years ago, this wasn't true. The Catholic Church used to be the "sole distributor of the bible", and you had to join it in order to learn the language it was written in. While after Luther the cat was out of the bag and they had little choice, don't forget that for hundreds of years, the Vatican was as protective of its "secrets" as Scientology today - but in a different way. It wasn't the stories per se that were kept secret, but the church maintained a monopoly on interpretation with fire and sword. In a sense, trademarks and copyright law are today's more modern versions of those tools.
In the words of Bill Maher: All religions are batshit.
Or, as Bill Maher would say: I don't care what kind of crazy you are.
Speaking as someone who knows all three worlds, I'll take "some clever industrial design" over the buggy hell that is windos or the ramshackle self-help set that is Linux any day. Really sorry to say that, just a few years ago I was as convinced a Linux fellow as they come.
And hey, it's not as if MS could write an OS that supports all those third party hardware. Remember that the drivers ususally come from the manufacturers, and guess what MS blames all the crashes on? Answer c), 3rd party drivers, wins.
XP's still a crashing piece of shit. Better than the predecessors, which were utter and total crappy pieces of crashing shit.
Yes, and?
If I write a text editor and the license says you can't use it to write poetry, that's perfectly legal. It's probably stupid but maybe I have a good reason. If you don't like it, you know, you can use some other editor.
For the record: No, I don't support artificial restrictions. But they're not illegal business practices.
There's a lot of stuff that I wouldn't want as a Web app. Personal data shouldn't be stored on some remote webserver, for example, plus I don't always have an online connection (think flight mode).
There's still plenty of reasons for native apps if you ask me.
(to anyone who knows objective C) The horror! You will have to learn a programming language in order to write a program! What's the world come to?
Look at the windos world, look at Linux. On each of them, developers can do as they care. And they do. And it's a horror to behold.
Yeah, MS owns the computing world, so from that perspective, Apple failed.
:-)
But if you look at what they rule, and how, you get a different perspective. It's not like windos is the #1 OS because it's so great, we all know that. The state of software is horrible, quality non-existent, interoperability weak - even on the same OS.
What kind of "victory" is that? Yeah, it made Billy the richest man alive. It also made him one of the guys who can't wash his name clean even with billions of bucks poured into charity. He's also a criminal, in all senses but the pure legal one which for some reasons allows you to do illegal things legally as long as you don't do them as a private citizen but as the CEO of a large enough company. He also makes some of the worst powerpoint presentations I've ever seen.
Market share is cool, but quite honestly, I'd rather have a 10% share in any given market and be able to look at myself in the mirror each morning, than having the other 90% and know I'm a scumbag. And I'd rather buy a computer from the honest guy with the 10% share than from the scumbag. Which, incidently, means all the scumbag-lovers are somewhere else, which only makes my choice even more attractive.
So, all you windos lovers: Please stay in your corner, we simply don't want you over here. Write your buggy software for your crashing piece of shit, hail Bill and make sure to buy the xbox720. Meanwhile, we guys over here will simply work on our Macs and use our iPhones and occasionaly wonder what the noise is all about.
Because, you know, I didn't buy an iPhone because every idiot can write shitty software for it, I bought it because I liked what was in the package. And aside from the few dozen guys who bought it to prove the world they can hack it open, everyone else had pretty much the same reason. So the whole whining, crying and complaining over what exactly is or is not possible with the SDK - it's simply pointless. The people who care largely aren't the people who did or will buy an iPhone anyways.
Don't you think you're exaggerating a little?
Wikipedia is a collection. Little of the stuff on there is unique. It's a great collection, I don't want to argue its value, but it's not like there would be revalations there, or stuff that you can't find anywhere else. In fact, the Wikipedia guidelines specifically require that the stuff is second-hand.
All it does is collect and categorize it into one place. That's still great, but it's a long shot from "preserve our shared knowledge". archive.org is much closer to that claim.
Yeah, if you simplify it enough, it's "really" that cut and dry.
But it isn't. There are tons of questions like "why pay nothing for your content, and then profit on it?" that go beyond the simple "it ruins the experience/impartiality/whole-idea" thing.
There's the fact that Wikipedia content gets included on many other sites. That's non-trivial to solve if you know anything about marketing and exclusivity deals.
The most important problem is priorities. You simply can't help shifting your priorities towards the hand that feeds you. Anyone saying you can take advertisements with zero effect on your business is stupid, lying, or more likely, both. And that's not a "simple" effect, it's a subtle and difficult one. Newspapers and magazines have lots of experience with that, and it's a fine line to ride at times.