True, one of them was that Apple used to be more expensive than PCs. That is no longer true, but it was, for many years.
Other factors are, of course, MS illegal business practices, the original IBM deal, later OEM deals and so forth.
Once dominance was achieved, all the self-perpetuating effects of a lock-in apply. In essence, switching becomes too expensive (in money and/or effort) for most people because you have all your software, all your documents in some proprietary MS format, all the usual stuff.
Finally, Apple does have the full features, they just work slightly differently. For example, OS X supports Kerberos, which alone puts you way ahead of most so-called corporate networks (which are regularly little more than samba shares on drugs). Bonjour is an incredible service for small networks. If you're running a company with 10 or 20 employees, setting up a network based on Apple technology will save you many days if not weeks of work, lots of trouble, and you can do it even if there isn't a geek in your 10-20 people. Oh, it also works.
I have the direct comparison, because I run windos for gaming. Stuff that takes me seconds to do using two OS X machines ("hey I need this file", "ok, I'll copy it into your inbox" (drag & drop some, done)" is a hassle on windos ("I don't see you on the network.", "Try my IP, it's...", "hm, why does it take so long?", "I think I'm in the wrong workgroup, where do you change that, again?" (hint, it's nowhere even near the network configuration, it's in an entirely different dialog...) ).
I've been watching this train wreck since I moved away from DOS 6 to Novell DOS. I've had the misfortune of using every windos version except ME, usually at work. I've seen how Linux came up, had its opportunity, and blundered it. I've seen how Apple resurfaced, and went straight past anything MS has to offer at a speed that's probably over the speed limit. Windos is a pile of steaming crap, from the network layer to the design details of the GUI. The reason it was successful are mostly business strategy, most of them criminal. The reason why it's still successful is summed up in one phrase: Lock-in. Everything else like training costs, costs of converting documents, convenience, software not being available except for windos, is all just manifestations of lock-in.
Part of the problem is that MS-Windows is the easiest desktop environment to use. Whatever you're smoking, reduce the dosage.
I've switched to OS X just a year ago, dragging several people in my immediate environment with me. From geek to "I bought my first computer two years ago", they all agree that OS X is so much better and ask themselves how they could ever put up with the horror that is the windos GUI.
No, the real truth is that the windos environment is horrible, but it's the environment everyone is familiar with. That means low training costs. Simple as that.
Obviously, in your case both the management and the auditors don't have a clue on what they're doing.
CC assurance levels, for example, are only certified for a specific version and configuration, namely the one that was submitted. There have been numerous patches and even at least one service pack (too lazy to look up the exact date) since windos got its certificate, so very certainly the certification is not valid for what you actually run.
Mostly because I'm old and I still believe in TLDs meaning something. I expect a.org to be a non-profit, a.net to have something to do with networks, and so on. If I were to go commercial, I'd use a.com simply because I feel like that's the honest thing to do.
He's right. And the main reason is the stuff that his company sells.
A consistent picture in every company that I have seen from the inside, with not a single exception: The Unix (or in some places, the mainframe) department is an order of magnitude more professional than the windos group. The Unix servers run reliable (mostly), while the windos network is always a hassle. I've twice replaced the windos infrastructure for a small team with something non-windos (Solaris once, OS X once) and it worked better, with less maintainance, and more useful features.
By now I doubt it's a coincidence, and I've come down from my former arrogance of simply assuming that windos admins are mostly stupid fuckups who couldn't get a job in real IT. If there's one constant in all the cases you see - namely microsoft software - then doubt as you may but the chances are excellent that that's the reason.
I mostly learned that from the one really good windos admin I had the pleasure of working with. He could make things work. But the amount of trouble he had to go to was astonishing. Since then, I'm sure the problem isn't the admins (though they sometimes add to the problem, as many of them are stupid fuckups who couldn't get a job in real IT), but the crap they're forced to work with.
When I look around on the market, there simply aren't many companies that could rival Apple when it comes to designing with the user in mind, i.e. useful, easy to use, sleak and nice, with just about the right feature set (80%, you never please everyone entirely).
Nokia, Siemens, Motorolla - they all suck in the useability department. Most of them suck hard and long. Dell, HP, Palm - useability ok, but the feature set is never quite right Google - interface ok, useaful, but thrives too much on hiding things (how many of your non-geek friends now even a fraction of the cool things you can do in the Google search input field?)
The only company that comes to mind as comparing to Apple in the design department is Nintendo - and I'd be more than surprised if they came out with a mobile phone ("DS+Talk" ?:-) )
Often you can't. The product already exists, or the family isn't willing to change its surname just because of your domain-name suggestions.
For example, if I ever wanted to make my game (see below) commercial, then battlemaster.com would be the obvious website. Except that it's been an "under construction", "coming soon" links/ads/search site, and has been like that for years. There's even advertisement for the "free domain name registration" (aka tasting) in the fucking WHOIS entry.
So I'll have to change the name that all my players are used to, or use a not-so-obvious one instead, even though nobody is using the one that I could use.
And that's why, refering to another comment, just 3.5 mio. honest registrations a years is a log better than 51 mio. "tastings" and 3.5 mio. honest ones.
One step back from the wrong direction they've been heading for years.
Or can anyone here name me one not-advertisement-related reason for "domain tasting"? The only use I've ever read about is registering the domain and checking if you get enough hits on it to run your ads with enough profit, before you commit yourself.
'the majority of downloads were through illegal P2P download services like BitTorrent and LimeWire'. What a huge difference a single carefully misplaced word can make. Here, I'll fix that for you:
'the majority of illegal downloads were through P2P download services like BitTorrent and LimeWire'. Now it's probably accurate.
And still, cars are a lot less dangerous than they used to be, while simultaneously easier to use.
Computers? Hardly.
The point is still that as long as it is difficult to set up some basic security, few people will do it. And it isn't that terribly difficult, really.
One example: I have sudo or the equivalent on any system available now, even something similar on windos. And yet, there is absolutely no feedback whatsoever if the current window or app is running with elevated privileges or not. And while we're at it, why is there no "sandbox" mode built-in where I can test something I downloaded from the Internet? Nothing fancy, I could probably script it, but why isn't it there by default, not in windos, not in OS X, not in Linux?
That's the kind of stuff I'm talking about. Yes, many people are stupid idiots. But still, if you make it hard to do the right thing, don't be surprised if nobody does. On the contrary, make it easy to do the right thing and you'll find that lots of people do.
Has anyone ACTUALLY seen someone in REAL LIFE with an iPhone? Every time I walk by the mirror in the hallway, yes. Why? You too dumb to realize that with four million sold there are roughly... well, let's not overcomplicate things, just call it "lots of"... people who have one?
How can carriers continue to justify the high cost of their apparent super-premium data transmission? It really is that simple: Because they can.
People are still using SMS, even though in many cases, actually calling by phone would be cheaper and more convenient. I'm not talking about the "I'll arrive at 11:20" message, I'm talking about the actual SMS "chats" that lots of young people engage in. 10, 20 SMS go back and forth easily. Maybe I'm getting old, but I simply don't understand why they don't simply call each other. It'd be faster and cheaper.
You don't need to read a 240 page book to operate a car. You need a few driving lessons, but after that you can drive most cars without reading the manual first. Why's that?
And no, computer security isn't a terribly complicated beast that can never be "dumbed down". The fact that we believe that today is a sign that we're still at the beginnings - 100 years ago, cars were terribly complicated beasts, too. Starting one up was a tricky thing that required a series of steps made in precise order, and it wasn't very reliable. Today you turn the key and it starts.
Setting up a firewall today is still fairly complicated. Tomorrow, we might - if the likes of Symantec and Co stop being geeks and start thinking about the user - simply turn it on and tell it that we want to use e-mail and the web and it should keep everything else out.
And yes, I know that's only part of the story, I'm illustrating a point not writing a thesis on IT security.
All you need to do is think back, and ask yourself "Has Palestine EVER made any concessions to Israel, which it did not violate immediately afterwards?". Last I checked, it's not Palestine which has ever held any Israeli lands with military power, so it's not as if they had any concessions to make. Yeah, words and peace-talks and all that, but in the end it's about land down there, so that's what counts.
And the fact that Israel has peace with its neighbours has very little to do with how tolerant and nice and diplomatic they are, and a lot to do with the fact that they kicked their asses in a series of short wars.
Again, my point is that in cases like this, both sides carry the blame, and anyone who makes one sides entirely or even mostly responsible is contributing to the problem. There's a lot of literature on that by experts who know a lot more about that than I do, I just study their stuff.
If I remember correctly, it was the one-sided ceasefire by the Hamas that lasted longer than any other. Think about that. Then google what made them revoke it.
In a conflict of that scale, you will always find responsibility on both sides, and discussions as to who carries which exact percentage of the blame are mere sophism that hinder, not help, any process of fixing the problem.
However, when Iraq refuses to cooperate, or the Arabs in Israel refuse to cooperate, Because we all know, in any conflict there is always ever just one side that's responsible. If only those arabs would cooperate! It's not like the israelis have anything to do with the trouble.
In addition, make sure that you're using AES with WPA, and not TKIP. TKIP is an implementation which uses less CPU, but is very similar to the way how WEP works. It's weak. There is more trouble than that out there. Try running a wireless network with WPA2 and a number of different devices. You'll soon find out that your favorite Linux distro doesn't support the same options as your Mac, and let's not even get me started about windos broken support (which provides you absolutely no helpful error messages to tell you what the problem actually is). Oh, did I mention that it sometimes depends on your wireless card and the driver version?
So I run TKIP, because it happens to work with the setup I have here.
Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? What does that have to do with wireless encryption? If you enter your CC data into anything that isn't SSL encrypted, i.e. end-to-end, then you are crazy. Adding another encryption on top of that, wireless or not, does not improve your security.
That's the whole problem. If we need that much space to explain people how to be online without being owned, 90% of 'em won't read it, and will get owned.
Until we've solved that problem - and it's not a technological one, there is no geeky solution here - there is no real security for the average computer user.
There is no solution to your problem unless you cut out the provider part. For every provider, you will be a minor customer not worth major trouble with government or law enforcement, and often not even with something like the RIAA or even just a lawyer who knows how to write impressive letters.
I ran one of the major DeCSS sites back when they were being taken down by the dozens (and new ones appeared quicker than that). In the turmoil, I offered one of about ten or so reliable static points, simply because I didn't have a provider at all - I worked at the company hosting the site, and I was one of the guys in charge of the server farm, and would have been among the first the lawyers would've talked to in case of any serious trouble.
Go work for an ISP and make sure you know the people in the legal department. Oh, also: Make sure it's not a company server, but a private server for which you have an agreement that it'll be hosted, cost-free, as part of your employment. That's how I've done it at several companies, and the only thing I'd do different today is to make sure I get that in writing.
As much as I would hope that what you say is true, my personal experience tells me a completely different story. Germany has 80 mio. people and a landmass of 360,000 square kilometers. No matter how much you travel, your personal experience can't possibly cover even the majority of it.
There is a general antipathy against immigrants and non-white foreigners. You may remember the attack on a pensioner carried out by two immigrants. You confuse the mass media with the actual people of the land. There was this incident you mention, and since there are elections coming up in several german states, the law-and-order politicians as well as a number of right-leaning newspapers took the story and ran with it. I've not noticed a change in attitude in any of the people I deal with, and I deal with a good number of people from CEO to call-center-agent regularily in my job.
Being a black, I can tell you that many places in East Germany are still no go areas. As are places in the UK, USA and many other countries. Racism is a sad fact still, but it's a world-wide phenomenon.
Most Germans are hostile towards non-white foreigners. At least that is the experience that I got when I was in Germany. Next time, pick a better travel agency that doesn't send you into the ghettos. Most of those "no-go-areas" you speak about are areas that most germans avoid as well, because they're simply the bad areas. I wouldn't walk through some areas in New York City as a white, either. Definitely not at night.
Why would anyone not give the USA great credit for the way it handles her defeated foes? We did and we do - to the USA of your grandfathers. The current version of the USA can, for all the majority of the rest of the world cares, fall off the planet.
You can earn lots of goodwill can credit by behaving the way your country did 60 years ago. But both goodwill and credit have a tendency to run out if you work hard enough to ruin your reputation.
I guess I don't know why Germany still has any neo-nazies America has them, too. So does the UK, France, Norway and virtually every other western country. It's simply that no matter how stupid your ideology is, you will always find someone dumb enough to believe it.
True, there were several factors at work here.
...", "hm, why does it take so long?", "I think I'm in the wrong workgroup, where do you change that, again?" (hint, it's nowhere even near the network configuration, it's in an entirely different dialog...) ).
True, one of them was that Apple used to be more expensive than PCs. That is no longer true, but it was, for many years.
Other factors are, of course, MS illegal business practices, the original IBM deal, later OEM deals and so forth.
Once dominance was achieved, all the self-perpetuating effects of a lock-in apply. In essence, switching becomes too expensive (in money and/or effort) for most people because you have all your software, all your documents in some proprietary MS format, all the usual stuff.
Finally, Apple does have the full features, they just work slightly differently. For example, OS X supports Kerberos, which alone puts you way ahead of most so-called corporate networks (which are regularly little more than samba shares on drugs). Bonjour is an incredible service for small networks. If you're running a company with 10 or 20 employees, setting up a network based on Apple technology will save you many days if not weeks of work, lots of trouble, and you can do it even if there isn't a geek in your 10-20 people. Oh, it also works.
I have the direct comparison, because I run windos for gaming. Stuff that takes me seconds to do using two OS X machines ("hey I need this file", "ok, I'll copy it into your inbox" (drag & drop some, done)" is a hassle on windos ("I don't see you on the network.", "Try my IP, it's
I've been watching this train wreck since I moved away from DOS 6 to Novell DOS. I've had the misfortune of using every windos version except ME, usually at work. I've seen how Linux came up, had its opportunity, and blundered it. I've seen how Apple resurfaced, and went straight past anything MS has to offer at a speed that's probably over the speed limit. Windos is a pile of steaming crap, from the network layer to the design details of the GUI. The reason it was successful are mostly business strategy, most of them criminal. The reason why it's still successful is summed up in one phrase: Lock-in. Everything else like training costs, costs of converting documents, convenience, software not being available except for windos, is all just manifestations of lock-in.
I've switched to OS X just a year ago, dragging several people in my immediate environment with me. From geek to "I bought my first computer two years ago", they all agree that OS X is so much better and ask themselves how they could ever put up with the horror that is the windos GUI.
No, the real truth is that the windos environment is horrible, but it's the environment everyone is familiar with. That means low training costs. Simple as that.
Obviously, in your case both the management and the auditors don't have a clue on what they're doing.
CC assurance levels, for example, are only certified for a specific version and configuration, namely the one that was submitted. There have been numerous patches and even at least one service pack (too lazy to look up the exact date) since windos got its certificate, so very certainly the certification is not valid for what you actually run.
Mostly because I'm old and I still believe in TLDs meaning something. I expect a .org to be a non-profit, a .net to have something to do with networks, and so on. If I were to go commercial, I'd use a .com simply because I feel like that's the honest thing to do.
Oh yes, that's a whole other ranting opportunity.
But hey, if people insist on buying a ship with holes, and then paying extra to have the holes filled in so it doesn't sink...
No, frankly I understand that just as much, which means not at all.
He's right. And the main reason is the stuff that his company sells.
A consistent picture in every company that I have seen from the inside, with not a single exception: The Unix (or in some places, the mainframe) department is an order of magnitude more professional than the windos group. The Unix servers run reliable (mostly), while the windos network is always a hassle. I've twice replaced the windos infrastructure for a small team with something non-windos (Solaris once, OS X once) and it worked better, with less maintainance, and more useful features.
By now I doubt it's a coincidence, and I've come down from my former arrogance of simply assuming that windos admins are mostly stupid fuckups who couldn't get a job in real IT. If there's one constant in all the cases you see - namely microsoft software - then doubt as you may but the chances are excellent that that's the reason.
I mostly learned that from the one really good windos admin I had the pleasure of working with. He could make things work. But the amount of trouble he had to go to was astonishing. Since then, I'm sure the problem isn't the admins (though they sometimes add to the problem, as many of them are stupid fuckups who couldn't get a job in real IT), but the crap they're forced to work with.
So you pay a few hundred bucks for a shitty OS, and then you have to pay more for a book to get rid of at least the worst problems?
That's a weird business model, assuming that we're talking about the world outside the BDSM area.
When I look around on the market, there simply aren't many companies that could rival Apple when it comes to designing with the user in mind, i.e. useful, easy to use, sleak and nice, with just about the right feature set (80%, you never please everyone entirely).
:-) )
Nokia, Siemens, Motorolla - they all suck in the useability department. Most of them suck hard and long.
Dell, HP, Palm - useability ok, but the feature set is never quite right
Google - interface ok, useaful, but thrives too much on hiding things (how many of your non-geek friends now even a fraction of the cool things you can do in the Google search input field?)
The only company that comes to mind as comparing to Apple in the design department is Nintendo - and I'd be more than surprised if they came out with a mobile phone ("DS+Talk" ?
If you can invent a name, that's great.
Often you can't. The product already exists, or the family isn't willing to change its surname just because of your domain-name suggestions.
For example, if I ever wanted to make my game (see below) commercial, then battlemaster.com would be the obvious website. Except that it's been an "under construction", "coming soon" links/ads/search site, and has been like that for years. There's even advertisement for the "free domain name registration" (aka tasting) in the fucking WHOIS entry.
So I'll have to change the name that all my players are used to, or use a not-so-obvious one instead, even though nobody is using the one that I could use.
And that's why, refering to another comment, just 3.5 mio. honest registrations a years is a log better than 51 mio. "tastings" and 3.5 mio. honest ones.
One step back from the wrong direction they've been heading for years.
Or can anyone here name me one not-advertisement-related reason for "domain tasting"? The only use I've ever read about is registering the domain and checking if you get enough hits on it to run your ads with enough profit, before you commit yourself.
Good point, yes.
And still, cars are a lot less dangerous than they used to be, while simultaneously easier to use.
Computers? Hardly.
The point is still that as long as it is difficult to set up some basic security, few people will do it. And it isn't that terribly difficult, really.
One example: I have sudo or the equivalent on any system available now, even something similar on windos. And yet, there is absolutely no feedback whatsoever if the current window or app is running with elevated privileges or not. And while we're at it, why is there no "sandbox" mode built-in where I can test something I downloaded from the Internet? Nothing fancy, I could probably script it, but why isn't it there by default, not in windos, not in OS X, not in Linux?
That's the kind of stuff I'm talking about. Yes, many people are stupid idiots. But still, if you make it hard to do the right thing, don't be surprised if nobody does. On the contrary, make it easy to do the right thing and you'll find that lots of people do.
People are still using SMS, even though in many cases, actually calling by phone would be cheaper and more convenient. I'm not talking about the "I'll arrive at 11:20" message, I'm talking about the actual SMS "chats" that lots of young people engage in. 10, 20 SMS go back and forth easily. Maybe I'm getting old, but I simply don't understand why they don't simply call each other. It'd be faster and cheaper.
Wrong train, Tikkun.
You don't need to read a 240 page book to operate a car. You need a few driving lessons, but after that you can drive most cars without reading the manual first. Why's that?
And no, computer security isn't a terribly complicated beast that can never be "dumbed down". The fact that we believe that today is a sign that we're still at the beginnings - 100 years ago, cars were terribly complicated beasts, too. Starting one up was a tricky thing that required a series of steps made in precise order, and it wasn't very reliable. Today you turn the key and it starts.
Setting up a firewall today is still fairly complicated. Tomorrow, we might - if the likes of Symantec and Co stop being geeks and start thinking about the user - simply turn it on and tell it that we want to use e-mail and the web and it should keep everything else out.
And yes, I know that's only part of the story, I'm illustrating a point not writing a thesis on IT security.
And the fact that Israel has peace with its neighbours has very little to do with how tolerant and nice and diplomatic they are, and a lot to do with the fact that they kicked their asses in a series of short wars.
Again, my point is that in cases like this, both sides carry the blame, and anyone who makes one sides entirely or even mostly responsible is contributing to the problem. There's a lot of literature on that by experts who know a lot more about that than I do, I just study their stuff.
If I remember correctly, it was the one-sided ceasefire by the Hamas that lasted longer than any other. Think about that. Then google what made them revoke it.
In a conflict of that scale, you will always find responsibility on both sides, and discussions as to who carries which exact percentage of the blame are mere sophism that hinder, not help, any process of fixing the problem.
So I run TKIP, because it happens to work with the setup I have here. Am I the only one who's paranoid of entering my PayPal or CC info on an unencrypted public access point? What does that have to do with wireless encryption? If you enter your CC data into anything that isn't SSL encrypted, i.e. end-to-end, then you are crazy. Adding another encryption on top of that, wireless or not, does not improve your security.
"a slim 240 pages"
That's the whole problem. If we need that much space to explain people how to be online without being owned, 90% of 'em won't read it, and will get owned.
Until we've solved that problem - and it's not a technological one, there is no geeky solution here - there is no real security for the average computer user.
There is no solution to your problem unless you cut out the provider part. For every provider, you will be a minor customer not worth major trouble with government or law enforcement, and often not even with something like the RIAA or even just a lawyer who knows how to write impressive letters.
I ran one of the major DeCSS sites back when they were being taken down by the dozens (and new ones appeared quicker than that). In the turmoil, I offered one of about ten or so reliable static points, simply because I didn't have a provider at all - I worked at the company hosting the site, and I was one of the guys in charge of the server farm, and would have been among the first the lawyers would've talked to in case of any serious trouble.
Go work for an ISP and make sure you know the people in the legal department. Oh, also: Make sure it's not a company server, but a private server for which you have an agreement that it'll be hosted, cost-free, as part of your employment. That's how I've done it at several companies, and the only thing I'd do different today is to make sure I get that in writing.
You can earn lots of goodwill can credit by behaving the way your country did 60 years ago. But both goodwill and credit have a tendency to run out if you work hard enough to ruin your reputation.
Won't work. They are already one and the same. Look:
"L. Ron Hubbard's declaration that the purpose of a lawsuit was to "harass and discourage"" (see court transcript)
Now if that doesn't describe the RIAA strategy, then I don't know what does.