Posts by Chris C

Prankster?

"'A prankster, apparently connected to one of the donors, then submitted this list to Wikileaks, possibly to test the project's principles of complete impartiality when dealing with whistleblowers,' it said."

I'm curious as to why the site's operator immediately jumps to the conclusion that it's a "prankster" that submitted the document. Surely it's just as possible (if not likely) that it's a donor who decided to publish the list. One possible motive would be that they were upset that their address was exposed as such, and decided to publish the document to bring light to the issue so that it doesn't happen again. Another motive could be that the donor recognized another name or address in the list, and wanted the public to know that person is a donor. There could be a number of legitimate reasons for someone to "leak" the document.

I also find it amusing that people who leak documents from other companies are considered "whistleblowers" while people who leak documents from WikiLeaks itself are considered "pranksters".

Manage?

"'These updates allow us to test and verify our ability to deliver and manage the updating of Windows 7. We typically verify servicing scenarios during a beta,' he said."

I certainly hope he either misspoke or used "us" and "our" in the abstract sense. As I read that quote, I read and interpreted it as "These updates allow Microsoft to test and verify Microsoft's ability to deliver and manage the updating of Windows 7." I'll be damned if I ever buy a software product (or recommend it to anyone else) where the author manages the updating of it. If it's a software product that I purchased and installed on MY system, then I will be the one to manage the updating of it.

Infection in T-minus...

"'Employees should not access GovTrip from any DOT/FHWA PC while at work and we strongly suggest employees refrain from any attempts to access GovTrip using a home system or government-issued laptop as this could cause the PC to be infected with a virus that may not be detected by your anti-virus software,' a Department of Transportation email sent to employees read..."

But of course, they'll continue to keep the site up so that it can infect the people who haven't been warned (read: the world at large). We certainly wouldn't want to do the right thing and, you know, REMOVE THE MALWARE. That would be too much work, apparently.

Ashamed of my fellow man

The owners/operators of two adolescent companies are suing each other over something they should have outgrown before they reached puberty. A technology journal writes an article about it, and four of the six comments posted so far carry on with the pre-pubescent was-never-funny-anyway "humor". And yet we (humans) claim to be the superior species? Lack of documented visitation from alien species does not mean they don't exist. It means they're smart enough to purposely avoid us.

And no, a whoopee cushion isn't funny, either.

re: <Sign> -- While there are some names used for both females and males (Kelly, Chris, etc), I've never heard of a male named Karen ("The filing also includes letters allegedly from Air-O-Matic counsel Karen Burr..."), so it seems the fairer sex does have some involvement, though we don't know if that's inside or outside counsel.

The part I find most depressing is that people are happy to waste money on such rubbish, but they're not willing to donate that same amount of money to help cure disease, help the homeless, or improve their local communities. And we consider ourselves superior.

@Eddy Ito

Perhaps I should have been more clear in my post. My comment, which was in response to the first comment ("Safe!"), was an attempt to point out that the failure of one wheel to receive power in an electric "use separate in-wheel motors to drive each wheel independently" vehicle is no more dangerous than the failure of one wheel to receive power in today's "use a drivetrain and differentials to split the power from one engine to drive each wheel independently" vehicle.

re: Rag week

Go easy on the knuckle-draggers, Sarah. Most men are just envious that women have any excuse at all, no matter how degrading and overused it is*, whereas men have no such excuse for their non-stop poor behavior. Men have to either rise above disgusting and crude adolescent behavior and become decent, respectable members of society, or become proud of such behavior and call it the "manly" thing as if that's how men are supposed to ask. Sadly, most males seem to choose the latter.

As for the rest of my thoughts, kain summed them up nicely so I needn't repeat them.

* While it is most often males that use menstruation as a ridiculous defense for bad behavior (as opposed to "I fucked up, and now she's pissed at me" or "She's fucking psycho"), it doesn't help that there are many women who still use this reasoning in an effort to get out of something or to explain unexplainable emotional behavior (as if human behavior is something that CAN be explained all the time).

I think I have a way to eliminate the "rag time" line. The first time a man uses it, he'll get a verbal warning. The second time, he'll get a verbal warning and a kick to the balls. The third time, he'll be Bobbitt-ized (it's hard to believe it's been 15 years). As deterrents go, I think it'll be very effective.

How to make money

Why can't they charge for it if it's currently free? Technology companies have a long history of starting out as zero-cost and then going to a fee-based structure. Why else do you think the $9.95/mn dial-up ISP is called NetZERO? Similarly, they may limit their mini-messages to 140 characters, but that does not mean they can't or won't inject ads into the messages. And sending standalone messages would not be considered spam because the people receiving the messages have a business relationship with the company (no, I personally don't believe that means "it can't be spam", but the US system of "justice" believes it).

So how can they make money? Here are a few ways:

1. Charge people to create an account (I'm assuming you need an account in order to create a message).

2. Charge a per-message fee (even if it's a small fee such as one cent).

3. Charge per-message fees to allow users to send larger messages (I'm assuming you mentioned a 140-character message because that's the size limit they impose on the message).

4. Sell advertising space on the page where users create the messages.

5. Sell advertising space to be delivered with the messages.

6. Sell access to the system so that advertisers can read the messages and develop targeted advertisements (either targeted to the author based on all messages they've sent, or targeted to the recipient based on all messages they've received).

7. Charge for access to the API.

These are just the ideas I came up with in about 10 seconds. I'm sure if I actually cared enough to think about it, I could come up with a lot more. But suffice it to say, there are plenty of ways to make money. The question is -- would people continue using the service if they had to pay for it?

Doublespeak

"The attacker's claim to be able to access customer data is correct..."

"the attacker did attempt to gain access to customer data however, the attempts failed..."

So which is it? Those two statements are mutually exclusive. The attacker either was, or was not, able to access customer data. Failed attempts to gain access to customer data means the attacker could not access customer data, which means the first statement is incorrect. Are they purposely using doublespeak in order to prepare us for the seemingly-imminent 1984?

Not a major issue?

"Thomas Kristensen, CTO at security notification firm Secunia, explained 'This isn't a major issue; after all it requires that the user already downloaded some executable code and decided to run it.'"

Is that really what it means? Or does it mean that the machine must already be running some executable code? There's a world of difference between "the user downloaded, and the system is running, the xyz.exe executable" and "the system is running the xyz.exe executable". For those who don't see the difference, let me spell it out -- a vulnerability in any application can give attackers at least user-level access to a system. If you haven't updated your Adobe Reader, your system could be compromised just by viewing a specially-crafted PDF file. Through that compromise, an attacker (now having user-level access to your system) can download an executable file and run it.

So unless the computer can somehow tell the difference between "the meatsack in the chair downloaded this executable file" and "an exploit downloaded this executable file", this *IS* a major issue.

Delicate topic

As sad as it is, there's a part of me that wants to defend this game. Why? Because like the violent games many of us play (or have played), it's not real. It's not a "training utility" as the anti-gamers say about violent games. It's merely a fictional video game in which you control a fictional character to perform fictional acts on other fictional characters. And in this case, it looks as if the characters aren't even rendered to look realistic. The subject matter is in extremely poor taste, but some people would say that about violent games such as GTA Vice City or the countless war-based FPS games out there.

On the other hand, there's also a part of me that feels certain topics are off-limits, specifically rape and child abuse. That includes pornography involving young children and pornography in which the person was forced or coerced. It would be nice to be able to say "child porn" instead of that previous sentence, but we can't use that term anymore since the idiotic law enforcers and lawmakers have used that term to describe a 17-year-old girl taking nude pictures of herself, and to describe anyone receiving an unsolicited picture of a nude minor on their mobile phone.

That said, where do we draw the line? It's important to be able to talk about rape, in order to teach people (specifically young girls) about it and hopefully prevent it, and also to help someone recover if it does happen to them. To that end, it *may* also help to allow it to be a part of a television show or movie, depending on how it is treated (though, if you ask me, it's way overused it today's media, and used for the wrong reasons).

I guess the ultimate question is: Why are we psychologically opposed to rape but not to murder, especially in a society which largely considers casual sex an acceptable act (thereby eliminating the "sex is sacred" defense)?

Useless blather

Here's what I took from that CERN guy: blah blah blah WE'RE IMPORTANT blah blah blah POOR US blah blah blah GIVE US MONEY blah blah blah YOU NEED US blah blah blah...

As we're firmly ensconced in a global recession, quickly sliding into a global depression, it does lead to the question -- does a bunch of scientists spending millions of dollars/pounds to smash atoms together have any short-term benefits? If not, does delaying the smashing result in a significant rise in cost? Normally I don't like to think short-term, but if we hope to get out of this recession/depression, then we need to. As for my own country, I'd gladly give up the space program (including the ISS) for however long it takes to reach non-rec/depression status. Spending lots of money on things which have no immediate benefit makes little sense in a rec/depression.

"And last year's budget didn't even keep up with inflation." -- join the club, pal. Most companies have had to CUT their budgets in addition to laying off thousands of people, and in addition to freezing or cutting the pay of employees being retained. Be happy you still have a job.

If the CERN scientists are so great that they can solve problems and have lasting benefits to mankind, naive little me must ask the question -- why don't they do so instead of having those solutions coming as an unintended side-effect of an unrelated problem they are having?

"Now the medical imaging industry are looking at what we've done, with a view to making combined PET/MRI scanners," adds Gillies. "Of course, it won't make us any money."

Bullshit. What he meant, of course, is that it won't DIRECTLY make them any money. And since it was created directly from government funding paid for by the various nations' taxpayers, it SHOULDN'T make them money directly. The information SHOULD be entered into the public domain since it's the public that paid for it in the first place. But considering it's things like this which at least partially factor into whether a country wants to help fund CERN (and how much), then it does make them money, just indirectly. But like other industries, indirect is hard to measure, so we'll conveniently ignore it.

"And I'd argue that that's why we have the world wide web today, not the Microsoft web and the Apple web and a lot of other competing methods all incompatible with each other... That's helped the economy, hasn't it?"

Oh yes, sing it, brother! "We are the world... We are the children..." Oh, sorry, I got caught up in his "We bring harmony to the world" aura. I'm sure all the web developers out there are happy there are no incompatibilities that require them to test for and design separate code for IE6, IE7, IE8, and Netscape/Mozilla/Firefox. Yes, I know that's not CERN's fault, but it goes to refute his stupid comment about the web not having incompatibilities. In theory, it doesn't. As Tim Berners-Lee designed it, it doesn't. In reality, it does.

As for whether or not the World Wide Web has helped the economy, I won't pretend to know the answer because it's not a clear yes or no. Sure, you have economic successes like amazon.com, but what impact has that had on local economies? You have social networking success stories like myspace and facebook, which at least benefit data centers and probably a small number of employees, but at what economic cost to local economies (since people "meet" on those sites instead meeting in person and frequenting local eateries, entertainment, etc)?

re: Statistics lesson

The problem with your model is that you assume the system is going to match a profile to every single person. If the system has an 85% hit rate, that means it will identify the right person 85% of the time. It does not mean it will "identify" the wrong person 15% of the time. There's always the third possibility -- that it won't recognize the person and hence won't be able to identify them. I'm not saying there won't be false-positives, but your method is not the way to calculate those.

Microsoft SQL server

"Meanwhile, any UK organisation interested in adding the tool to their already squeezed IT budget will need to install Microsoft's free SQL Server Express edition, which doesn't need a licence, in order to host the database."

I hate to break it to you, but Microsoft's SQL Server Express most definitely *DOES* need a license. The fact that it is zero-cost does not mean that it doesn't require a license.

http://download.microsoft.com/documents/useterms/SQL%20Server%20Express_2005_English_b432ae7e-417a-4847-b779-34d6dea77163.pdf

Idiots

"Patents as knowledge-sharing tools may seem counterintuitive at first. After all, patents do give their owners the right to exclude others from using a technology. But even in this case, denying use is very different from denying to others knowledge of the new technology, which patents by law are required to disclose."

So... What good is that knowledge if you're not allowed put it to use?

The numbers game

"... accused of illegally rerouting millions of dollars worth of VOIP calls ..."

"... accused of carrying out a scheme that routed more than 10 million minutes of voice-over-internet-protocol calls over the networks of a dozen or so telecommunications providers ..."

"... cost each of the defrauded telecom providers an average of $300,000 in routing expenses ..."

10,000,000 minutes into $3,600,000 = $0.36/min. Are those providers actually saying it cost them 36 cents per minute to route VOIP traffic? And what was with the judge? A (relatively) rich guy looking at a multi-year jail sentence, and they DIDN'T consider him a flight risk?

Credit monitoring is a waste

We need to come up with laws to properly punish companies for "losing" employee or customer data. Credit monitoring will do literally nothing to restore the credit of those who become victims of identity theft. Nor will it give them back the time and money they have to give to clean up the situation. And since you're given a social security number at birth and keep it for life (much like biometrics), there's really nothing you can do to prevent the same ID thief from assuming your identity again once you restore your credit (assuming the credit bureaus will even talk to you and help/allow you to restore your credit in the first place). Since you can't change your social security number or your date of birth, the only thing you might be able to do is legally change your name, and then deal with all the hassles that causes. All because a large for-profit company didn't care enough about protecting the information it stored about you.

Credit monitoring is just as useful as on-demand antivirus with no realtime component. Sure, it'll tell you once you become a victim, but it won't prevent it from happening. What we need is something to prevent ID theft in the first place. And using information that cannot be changed when (not if, but when) it is compromised, such as biometrics, is not the answer.

Help me understand this

I won't even try to pretend I'm a web guru, but I've done a bit of web programming, mostly as a hobby for myself and a friend. And for the life of me, I cannot possibly understand how an SQL injection is successful. Let me rephrase that -- I cannot possibly understand how the person programming the website can let it be successful. Who in their right mind would write code that allows an untrusted source to query whatever part of the database they want? Don't these people validate the input before running the database queries? That's one of the most basic security tasks. If you don't even bother to do that, you might as well put phpmyadmin on your site with no password. That also raises the question -- could they simply read the data via SELECT queries, or could they also write data with INSERT or UPDATE queries? The former is a bad security vulnerability; the latter results in a database you can no longer trust.

On a side note, it certainly is a bit unnerving that a security company, who (most likely for reasons of greed and power) is the single source of defense against the most prolific piece of malware ever developed, shows such lax security (self-admittedly the result of poor security practices -- not properly reviewing code before going live with it).

Efficient?

"Light-emitting OLED technology eliminates the need for a backlight and achieves a high level of energy efficiency while consuming up to 40 percent less power than conventional 20-inch LCD panels."

Wow. Sony's ELEVEN inch screen uses 40% less power than a TWENTY inch LCD? In other words, Sony's 11" OLED screen, which has a screen area 30.24999% of the area of a 20" screen, only uses 60+% the power of that 20" screen. Or, put another way, the 20" LCD has 230.57861% more screen area than Sony's 11" screen, and only uses up to 40% more power. And they call the OLED screen "energy efficient". For the record, Sharp's 19" LCD uses 45-54% less power than their 20" LCD. Sharp's model LC-20D42U 20" LCD with 10W audio uses 69W. Sharp's model LC-19D44U 19" LCD with 4W audio uses 45W. Sony's model XEL-1 11" OLED with 2W audio uses 34W.

"Experience an unrivaled picture quality. Boasting a 960 x 540 native resolution, the OLED TV yields the same pixel density as a 40" (measured diagonally) 1080p LCD TV."

Yes, a screen that's half the resolution of 1080p will definitely be unrivaled. Nobody else would be stupid enough to try that. Pixel density means nothing if the resolution isn't great enough to handle the input sent to it.

And seriously, who cares how thin the panel itself is when the size of the base means the total unit depth is 6-8"? However, "thin" does mean "breaks more easily when bumped". Yes, you should be careful around your equipment (especially such expensive equipment), but accidents (and children) happen. That was one of the best things about CRTs -- a glass screen meant good protection (not to mention it could be cleaned much more easily without fear of damaging the screen).

But hey, let's not let silly things like facts distort the fantasy of an overpriced piece of bragging rights.

re: I'd fear

"I would fear for MySQL, since a bunch of stuff I use depends on it. Large companies have a knack for killing stuff, you know. But since it's open source I don't have to worry."

Can someone please explain this mentality to me? I seriously don't get it. Yes, I understand that as an open-source project, anyone is free to fork it (so long as their fork also uses the GPL as its license). But that doesn't mean that anyone WILL fork it. If you have the financial means, then sure, you can hire someone to maintain the software (as long as you can find someone knowledgeable enough). And yes, that alone makes it much better than proprietary software in that regard. But so many people seem to equate open source with "I'll be able to get support for eternity", whether that support is from the vendor during the product's life or through a programmer or contractor after the vendor stops stops supporting it (or anytime, really).

As an example, think of old DOS or OS/2 apps, or anything written in ADA, COBOL, Pascal, or even x86 assembler. Can you find someone to support those? Probably, with a lot of searching. But it's a dying breed that still retains that knowledge. While the code may be available for support, it doesn't mean you can find anyone willing and able to support it.

Ah yes, boycott them all

I do so love hypocrisy. It smells great in the morning, and even now in the early evening.

When there's an article about musicians actually wanting to be paid for their time and their talent (the audacity!), many people jump in here and say "I'm not doing anything wrong by downloading or sharing it, I shouldn't have to pay for it, music should be free! The artist should only get money by touring." (which conveniently ignores the time, effort, and cost that went into creating the music, and the fact that touring in and of itself is a separate job in addition to actually creating the music).

And now when the ticket agency jacks up the prices because THEY are getting greedy, people jump in here and say to boycott the concerts.

So, umm... HOW is the artist supposed to make money when you won't buy their music (and insist that they tour to make money), and then boycott them when they tour?

For the record, I haven't been to a concert in a number of years. Largely because I haven't known of a show worth seeing, but mostly because I refuse to pay the high ticket prices and all the extra fees. But then, I still buy CDs (and when I can pay the artist directly, I'll do that).

Ugly

Wow. That is one hideous design. So it comes as no surprise to read that it was designed by the same guy that designed the XO laptop. And what's with the recharge times? 8 hours from a 120V outlet, but only 2.5 hours from a 240V outlet? Assuming a standard US 15A 120V outlet, that's 1800W/hr, so 8 hours will consume a maximum of 14.4KW. To do the same thing in 2.5 hours, you would need to supply 5760W/hr, which comes to 24A at 240V.

Stupid idiot

How utterly stupid. In all seriousness, I hope the attendees sue him. He voluntarily and willingly inflicted fear and emotional distress to all of the attendees, allowing them to believe that their safety (and, in fact, their lives) were in danger. That is completely unacceptable behavior, even for one of the richest men in the world. If he had said, as he released the mosquitoes, that they did not carry malaria, that would be one thing, but he did not. There is also no guarantee that the mosquitoes weren't carrying any other disease which the attendees could not be infected with (much like deer ticks can carry Lyme disease). To say nothing of the possibility of one of the mosquitoes sucking the blood of an HIV-infected attendee, then introduces that blood into another attendee. Sure, in all likelihood, there will be no negative affects other than some temporary itching, but the truth is, we (and he) just don't know.

And, since this is the US and the previous administration liked to call everyone a terrorist, consider this -- Bill Gates really is a terrorist. By definition, a terrorist is someone who uses terror/fear to coerce someone into doing something. And that's exactly what Bill Gates was attempting to do. So when will he be arrested and tried as a terrorist?

There are plenty of (correct) ways to get your message across, and to ask for aid. That was not the way to do it. And while a lot of people will defend the guy, if he's that gung-ho about it, let him contribute a lot more of his personal fortune. He can afford it a lot more than those attendees.

Trust?

Thibadeau is quoted in the TCG press release, saying: "TCG’s approach to Trusted Storage gives vendors and users a transparent way to fully encrypt data in hardware without affecting performance so that data is safe no matter what happens to the drive."

How are we supposed to trust someone (or something designed by someone) who lies so blatantly? Encrypting data WILL affect performance. There is literally no way around that. If you are doing extra work, which you are, then it DOES affect performance.

I'd also be interested to see how this affects data recovery in the event of hardware failure. It would seem logical that it will make data recovery impossible. In that case, you damn well better make frequently backups.

Rendered data vs form data

"We've asked Microsoft for clarification on how the statement that "IE 8 does not send back any elements of data in the body of a rendered page" squares with a statement in its draft privacy policy) that "information associated with the web address, such as search terms or data you entered in forms might be included" in data submitted when Suggested Sites is turned on."

Those two statements are NOT mutually exclusive. Microsoft can, in all fairness, say that form data will be sent to them, while at the same time saying that they don't send back any elements of data in the body of a RENDERED page. The word "rendered" makes all the difference. When you enter data in a form, the data you enter is not part of the rendered page. The rendered page is the page as you received it (before you changed it by entering form data), not the page when you submit it.

Having said that, would I trust Microsoft with my browser history? Not in a million years. Not even if they paid me.

As for the AC with "Here, let me clarify that for you", his explanation is pointless and incorrect. Whether the request uses GET or POST to send the form data to the server is irrelevant. The browser (IE is the browser, remember? IT is the one receiving, rendering, inputting, and sending the data) knows what data is part of a link with an embedded query string and which data is form data being submitted. Therefor, the browser can quite easily choose to NOT send the form data as part of the URL when submitting it to Microsoft, while still including that form data as part of the URL was submitting the request to the request host. How laughably unrealistic to expect a holier-than-thou I-know-more-than-you Anonymous Coward to understand THAT complex stuff.

What?!?

350 quid and you STILL need to register with Logitech before you can use the unit?

Or, put another way, you just spent 350 quid, and there's absolutely no guarantee that you'll be able to use (set up) your remote in the future. When (not if, but when) Logitech decides to turn off their servers, well, at least you'll have a pretty paperweight.

re: Protocol needed for criminal domain seizure

"Better still to prevent domain registration without proof of ID, but this one will vary between different jurisdictions."

And exactly what "proof of ID" would you like? Credit card number? Company letterhead? A telephone number for the registrar to call? The notion of identity is virtually meaningless on the Internet. There is no way to confirm identity.

I also don't like the idea of forcing ISPs to police their customers, acting as complaint department, investigator, and judge.

What we need is education. We need to educate users about what is and is not acceptable behavior (as in "If a popup box you don't recognize says you're infected with xyz, don't 'click here to scan' and don't click to 'buy now'."), how to detect (and where possible without outside help, clean) infections, and how to avoid getting infected in the first place. We also need better software. We need software that isn't riddled with holes. We need built-in (not add-on) user-customizable filtering in our browsers so users can block specific sites (and IP addresses) and PCRE patterns. DansGuardian is great for this on a network level, but browsers should have built-in ability to filter requests based on the URL. Lastly, we need browsers to become smart enough to not endlessly redirect us to random sites simply because a host uses a 3xx redirect, meta refresh, or Javascript location change, at least not without explicit consent. Changing to another page in the same site/domain is one thing, but redirecting from safe-site.local to i-am-going-to-infect-you.com is another. A change in this behavior alone would eliminate probably at least 90% of the infections.

Simply put, we need to stop thinking reactively and start thinking proactively. We need to devise education and software to prevent systems from getting infected, not how to block the control channel once a system is already infected.

Darwin near-hit

So they willingly and voluntarily ate something that they knew was poisonous (or knew that it was very likely to be poisonous), and they ended up hospitalized. Sounds like a Darwin near-hit to me. Why do we bother interfering in such natural-selection processes?

Support for standard cookies?

Does IE8 have support for standardized cookies? Standardized as in RFC2109 (Feb 1997) and/or RFC2965 (Oct 2000)? IE6, FF2, and PHP5 only support the Netscape proposal. They don't support the standards. I don't have IE7 or FF3, so can't test those. I guess 12 years isn't enough time to implement a standard.

Gah!

Well, if that wasn't an advertisement for mandatory sterilization upon birth, I don't know what is. Couldn't they have at least found people who could actually sing? At least something better than fingernails on a chalkboard?

I believe Metal Church put it best in "The Human Factor":

I just need a sample cause no one says it's wrong / It's so easy to rip-off using someone else's songs / Everybody wants to be a star in modern days / But if I don't have talent then I'll just get by this way

re: Oh good grief!

"Even though I have cable, I got my coupons and redeemed them months ago."

And you are part of the problem. Part of the digital-TV coupon problem, and part of the overall problem. When people like you, people who can afford to pay full price for the product, instead request and use the coupons (which are meant for people who CANNOT AFFORD IT OTHERWISE), you are wasting my money. Yes, I blame the government for allowing you to waste my money, but it is YOU who has the decision here, and you chose to have me buy it for you because you didn't want to pay for it yourself.

The reason there's a backlog and a shortage of coupons for people who legitimate need them is because people who don't need them requested them anyway. And while this topic is about the coupons for digital TV converters, it's the same for every government-subsidized program (food stamps, welfare, government-subsidized health care, government-subsidized housing, etc). Too many people abusing the system because they don't want to pay. You know what? I don't want to pay, either. But I do. And because so many people want to abuse the system (many of them better off than me financially), I end up paying for myself AND for them.

You want to see why the government is so involved in every aspect of our lives? Why our taxes are so high? Then look in the mirror. Because you're a direct cause of it.

re: Say WHAT?!?!?!1

No, you're not the only one. I seriously want to know how the defense attorney could write and submit that without laughing. Who knows, maybe he was laughing at the time. I cannot for the life of me understand how "didn't steal MUCH money" can possibly be a mitigating factor. Everything he did screams "lock me up for life" to me, especially when he did it from work, employed as a security consultant. I'd love to know the defense's definition of "lasting damage", since the attacks against his victims (from him and those he passed the information onto) will have identity and financial consequences for years to come. Not to mention the immediate cost of cleaning his malware off of the system, a cost most people probably won't be able to afford right now.

And am I the only one who's sick of tired of people trying to blame everyone else for their actions? Substance abuse and sexual abuse do not dictate this sort of behavior. You committed a crime, you fucked up, you got caught. Deal with it. There's a reason we have laws. When we show people that criminals can do pretty much whatever they want and get away with it, we show them that it's acceptable behavior and that the laws are meaningless.

People like this, who knowingly, willingly, and intentionally cause damage to others, especially on a massive scale like this, need to be shown that their behavior is not acceptable. And other people need to be shown that this behavior is not acceptable. "Oh, but he didn't cause much lasting damage". That doesn't matter. He *INTENDED* to, as evidenced by his attitude and his passing of the information to others. We, as a global society, need to show that this behavior will not be tolerated, that it has serious consequences. He should be made to personally apologize to every person affected, and remove his malware from their system (supervised by a competent tech to make sure he does remove it without causing additional damage). He should be made to reimburse every affected person for however much this ultimate costs them, including the cost of lifetime credit monitoring (lifetime, not this meaningless "one year of monitoring" that banks and companies get away with). He should be made to give back a portion of his paycheck to his employer for he spent not doing his job. He should be made to personally apologize to his employer and pay them back for whatever this ultimate costs them (if any), including lost business resulting from this. Finally, he should be made to perform some laborious task (think prison chain gang) uncomfortable enough to discourage him from even thinking about doing this again.

Still waiting

"Under that ruling, Microsoft agreed to separate IE from Windows and allow users to de-select IE as their chosen browser."

And yet, seven years and three versions of Windows later, and we're STILL waiting for them to separate IE from Windows. Removing an icon is not the same as removing an application (and its security vulnerabilities).

Windows Updates

Regarding the comment "Those one in three who have not updated would not happen to be those who find WIndows Genuine Armlock to be unfair and intrusive would they?", either you don't understand Windows Updates, or you're just trolling. I can't stand WGA, and I explicitly recommend that nobody install it. Having said that, it does NOT block Windows Updates. It DOES block you from going to the Windows Update website. Yes, there is a difference. Without installing WGA, the systems I administer update perfectly fine when set to automatic updates or download-and-notify. If I think there's an update my system hasn't checked for, I'll go into the Windows Updates control and disable it, wait 30-60 seconds, then re-enable it, and it will go out and immediately check for updates. My system is fully patched, and I do not have WGA installed or use the Windows Updates website.

Having said that, one reason people MAY not want to set Windows Updates to automatic is that as part of installation, it will automatically reboot your system no matter what. What' s that, you say? You had something important open, or were running scientific simulations, Pime95, StressPrime2004, download a large file, etc? Too bad. It shows a dialog box that says it will reboot in 5 minutes, and if you don't click no, that's exactly what it will do, no matter what is open or what app is running. That's why I set my personal system to download-and-notify. Download-and-notify wouldn't be bad for most companies, either, as long as the users shut their systems down at the end of the day (and let Windows install the updates during shutdown).

DOOM3's plot

Anyone who actually paid attention while playing DOOM3 would know there most definitely was a plot. Was it cheesy? Yeah, a bit, for my taste, but it wasn't exactly designed to win a Pulitzer. Perhaps the overall, general plot was limited (demons from Hell attacking Mars/Earth), but the level of detail that went into the storyline was amazing. Yes, it's an FPS, but it plays like a story, very rich in detail if you pay attention and care about more than simply killing monsters and opening doors. My only complaint was that reading the messages (and especially the unlock codes found in the messages) was extremely difficult on a TV with either composite or S-Video hookup (though I expect that won't be a problem with newer TVs with VGA/HDMI connections).

As for DOOM4, I don't really see where they can go from here. Perhaps they could use the current worldwide political/war situation to bring about Armageddon, and use that as justification for (or cause of) Hell on Earth.

re: is anyone else

"[H]ow do you justify being charged for something you have no control over?"

This is the US. Haven't you learned by now that the US government and powerful corporations (certain software companies, oil companies, telecom companies, banks / credit cards, etc) can do anything they want without having to justify it?

But if you want a serious answer, I'd say it's because people have no choice. It's either A) pay for every text message sent and received (either per-message, as a separately flat-rate monthly fee, or as part of your plan), or B) don't get a mobile phone. And with the alarming disappearance of pay phones, you pretty much need a mobile phone now, even if only for emergencies. Ten years ago it wasn't too bad for emergencies because you could get a plan for as low as $20/mn (granted, that was only for 20 minutes of talk time). Now the lowest plan I can find is at least $40/mn plus taxes and fees (this includes the pay-as-you-go plans I've seen which require you to purchase minutes, but then those minutes expire whether you use them or not). It's similar to why people stay with Comcast despite their illegalities and deception -- we have no choice if we want faster-than-dialup internet access (a lot of the US, even suburbia, doesn't have any form of DSL available yet).

But, back to your question -- "[H]ow do you justify being charged for something you have no control over?" I think the more important question -- in a different industry but the same principle -- is how can you justify being arrested and charged (in the legal sense) for something you have no control over (receiving an SMS of a (semi-)nude picture of a 15-17 year old)? Again, this is the US. Government and corporations don't need justification. They'll do whatever they want. After all, what are the sheeple really going to do -- wait for another election, vote the current idiots out, only to realize that most politicians are the same, that they don't care about their constituents, and only care about those who line their pockets?

But don't worry. With the way the US likes to push (read: force) it's ideas and laws onto other countries, the rest of you will probably adopt the same scheme(s) at some point in the not-too-distant future.

re: The problem is

I understand what you're saying, and I agree with most of it. I can certainly see your point. However, as much I would love all laws to be black and white, it's not that simple. The law needs to take things in the proper context. Black and white laws, the kind you mention, would brand all parents as sex offenders. Most parents have nude photos of their children, they disrobe and "fondle" their children (bathing), they force multiple children to be nude together (bathing, changing, etc), and they even sleep in the same bed as their children. Then there are those parents who record the birth of their children, which is blatant pornography of the mother and the children, and which probably counts as "extreme pornography" in the UK (especially if the mother requires an episiotomy). And what of the schools that require students to disrobe together for physical education, which (in many US schools, at least) includes completely disrobing to change into swimwear for swimming classes?

True child pornography, the kind that does actually prey on and victimize children, is a pathetic and vile activity, and if it can be proven (not beyond a reasonable doubt, but actually proven 100%) that a person partook in it, I would volunteer to execute them myself. But to brand teenagers as sex offenders merely for photographing themselves is definitely crossing the line. If you think about it, it's very similar to the UK banning "hacking" tools -- banning something simply because it *MIGHT* be used illegally does nobody any good; it only punishes the innocent.

re: unix is secure...

What you described is not an example of UNIX, Linux, Samba, or anything else being insecure. What is *IS* an example of is an extremely bad Samba configuration. In other words, whoever set up Samba on that server did not configure it properly. There's a reason you're supposed to understand everything in a configuration file before you begin using it, and why you're supposed to test things before going live. What you experienced was a poor design/implementation decision by a lazy IT person.

re: Reg comments proved violence/video game link to me

"Does playing violent video games encourage me to behave violently? Yes"

Then you are in the minority, and speaking seriously, you need therapy so that you can learn to differentiate reality from fantasy. As for the rest of your comment --

1. There are idiots, including violent idiots, in every group of people. A grouping of people who play or have played violent video games is no exception. So yes, you will get "violent threats and calls to disembowel anyone...". Why? Because people are idiots, and many people can't control their anger very well. This is not a phenomenon exclusive to those who play violent video games. People who have never even seen a video game display this same exact behavior.

2. Yes, a lot of people commenting here *DO* need to "take a chill pill", but not for the reasons you think. I think they do because they need to be able to speak about this emotional topic calmly and without threats. The moment you start yelling and making threatening comments, people will (justifiably) stop listening to you.

3. Why do you claim that people who are emotional about this topic need to "realise that they are the ones who need to rethink their position"? Are you so naive and arrogant that you think your opinion is the only one that matters? Maybe you think that everyone else thinks and behaves like you?

I'm not so arrogant to believe that everyone thinks or behaves like me. I know there are a lot of people out there, and they're all different. However, personally knowing many people who have played violent video games, and none of them ever being violent in real life, is a good indication to me that playing violent video games does not cause violent behavior in the majority of people. And before anyone says "One is too many, so we need to ban them all now" -- the minute we start limiting our choices and our actions to what is safe, reasonable, and has has effects on any one person on the planet, we'll see that we can do literally nothing because EVERYTHING will cause a negative reaction in at least one person.

As for the person who said the ESRB ratings are colorfully displayed, blending into the artwork -- I can't say they don't do that, but I can say that every time I've seen a game, the ESRB rating has been black lettering on a white background and/or white lettering on a black backround. The problem, as I see it, is not that parents don't see the ratings, it's that they just don't care, probably because there's this illogical belief that video games are "for kids" and that anyone who plays video games "refuse to grow up". A lot of people actively (and willingly) refuse to believe that video games, like movies and television shows, are made for adults as well as children.

The real problem

The real problem with this design is security. Even if you're security-conscious and you use full-drive encryption, you (or your employer, if it's a company laptop) still probably don't want to go giving your data to the world at large. What this "integrated" battery does is remove your ability to effectively control access to your data. When the battery dies, you either have to send the laptop out for repair or you have to bring it in to a service center for repair. In both cases, you don't know who will have access to your data or what they will do with it. And for people or companies serious about security, that's a big deal.

At a time was Apple is taking a lot of sales away from PC vendors, due to Microsoft's colossal Vista blunder, does Apple really want to give people a reason to NOT buy their product?

Life span of how long?

Does anyone take these claims (such as "50-year lifespan") seriously? Fifty years ago, we were using punch tape/cards. Look at how much storage has changed in the past 50 years, and think to yourself --

- Will InPhase still be in business 50 years from now?

- Will I still have (or be able to acquire) a working drive capable of reading these discs 50 years from now?

- Will I have (or be able to acquire) a computer capable of connecting to the drive to read these discs 50 years from now?

Look at the long-term tape used as backup media from decades past. Go ahead and try to find a drive that can read those tapes, and try to find a computer to connect it to. Don't get me wrong, a long lifespan on media is great. But it's irrational to use extended lifespans as a reason for buying a specific product, or to justify buying one product instead of another.

Beta testing

"The reality is, though, that no beta can be regarded as "feature complete". The beta process designed to thrash features and also take feedback on potential additions - although such additions are rare as much of the fundamental build work is considered finished by beta-test time."

I must respectfully disagree. (Historically, at least) the beta testing process, like the alpha testing process before it, is designed to find and fix bugs, not to add or remove features.

The beta, like the alpha, is supposed to be a full-featured, complete version of the product. First, you create the product. Then you run it through the (small user base) alpha testing phase to find bugs. Then you fix the bugs. Then you run it through the (expanded user base) beta testing phase to find bugs. Then you fix those bugs. Then you release the product. At no time during the alpha or beta testing phases should new features be added, and existing features should only be removed if they contain bugs which cannot be fixed within reasonable time/resource constraints.

It's only because coders are lazy and (more importantly) corporations are greedy that "beta" is the new alpha testing, and "release to manufacturing" is the new beta testing.

re: US of course

"But just to point out that in the US, they *do* need a warrant if they don't have permission..."

Tell that to Bush and the NSA. What you meant to say was that in the US, they are legally required to get a warrant. But the law only matters when you have someone willing to enforce it. And most government workers are extremely unlikely to enforce the law against other government workers (especially when the law-violaters hold more power than the law-enforcers).

Term limits

"...a position that becomes vacant in two years, thanks to US term limits."

Let's not make the US sound too good. Apparently governors have term limits (I'm somewhat ashamed to admit that I did not know that; go US education system!), and the President has term limits. Why is it, then, that the in-between people, Congress (Senators and Representatives), do not have term limits? Enacting term limits for Congress would be one huge step in the right direction of cutting down on corruption and bribery (oh, sorry, "lobbying"). But since these are the people that make the laws, they will never have term limits (just as you will never see them voting down a pay raise which they are legally allowed to give themselves with no oversight).

re: Things to be thankful for.

I agree with you to a point. In one of my old retail jobs (1997), we sold IDE hard drives from WD, Fujitsu, and Samsung. Never had a single WD fail, but many of the Fujitsu and Samsung drives failed on their first use (bad sectors during format, with more bad sectors during each successive format). At my next job (1997 to 2004), we used Seagate SCSI drives exclusively in our servers, despite the fact that the drives consistently had a 33-50% DOA rate (either wouldn't power up or wouldn't be detected by the controller).

My first personal computer (1992) had a Seagate IDE hard drive that failed after just over a year. Since then, I have personally had IDE drives from Maxtor and WD fail, both DOA and after use. Last year, I built two servers using WD's 150GB Raptor drives, and 2 out of 8 were DOA (they would spin up, but wouldn't be detected by the RAID controller). I've used and seen enough drives from enough companies to know that the quality of all drives is next-to-nothing nowadays, and that you simply cannot equate a manufacturer's name (or reputation) with quality. Back in the 90s you could, but not today. Having said, I'll never use or recommend a Seagate, Samsung, or Fujitsu drive. You know what the they say about first impressions.

re: @Breasts have been sexualised

"Breasts, for most of their lives perform a sexual function of attracting a male, that's why they are large even while not nursing..."

Wow. I had to do a double-take there. Do you realize how completely fucking retarded you sound? Talk about ignorant. Since you obviously live in your own little fetish world, please, allow me to let you in on a non-secret -- breasts are not universally large. Since the posters on this site seem to have an obsession with Paris Hilton, she's the perfect example. She has very small breasts. And while you may get the impression from watching porn that most women have large breasts, that is, in fact, not the case. Get out of Second Life long enough to have an actual peek at First Life (aka Reality).

And since you obviously need someone like me to point out your total ignorance, let me burst your "Breasts... perform a sexual function of attracting a male" bubble by merely pointing your direction to the various tribes in Africa, the millions of small-breasted women (less than a B cup) in loving committed relationships all over the world (probably many even in your own town/city), not to mention the rest of the animal kingdom).

As for AC "@Sarah Bee" -- "Not that it bothers me particularly, I like breasts, but I think it is naive of the women who post these pictures to believe that 'everyone' else sees them in the same non-sexual manner that they do."

Since you claim defecation is "more natural" than breast-feeding, and you admit that some people have a sexual fetish for defecation, then do you also think it's naive of people who defecate to believe that 'everyone' else sees defecation in the same non-sexual manner that they do? If you don't believe that's naive, then you're obviously a hypocrite for thinking it is naive when pertaining to breasts or breast-feeding which you claim is "less natural".

Personally, I'd rather see a woman, any woman, openly breastfeed a child as opposed to seeing someone trying to feed mashed food from a jar to a baby who's screaming, spitting up, and making a mess of everything. Yet the former is considered "disgusting" while the latter is considered acceptable.

Safari is OS X?

"Use of Apple's Safari browser grew in December to 7.93 per cent, up from 7.13 per cent in November, suggesting a parallel growth in adoption of Mac OS X..."

And which marketing idiot came up with that "suggestion"? Increased usage of Safari, a browser available on multiple platforms (at least Mac OS X, iPhone, and MS Windows), speaks only of Safari. It says nothing about OS X. Using that logic, I could claim that increased Firefox usage suggests a parallel growth in adoption of Microsoft Windows 2000 Server. I don't make such a claim because I'm not an idiot.

@AC re:@@ Always check ID

"Seriously, driver's licenses, at least in the US, are the least secure document we have... they don't contain any really identifying data..."

Perhaps things are different in your state. In Massachusetts, your driver's license includes your name, address, license number, date of birth, vehicle class, restrictions (such as corrective lenses), height, sex, license expiration date, and your signature.

It should be noted that until not too long ago, the default license number was your social security number. So for many people, your license includes your name, address, date of birth, social security number, and signature. In short, everything an ID thief would need. But should we really expect more when the IRS explicitly tells you to write your social security number on your 1040 estimated withholding income tax payments?