* Posts by b shubin

307 publicly visible posts • joined 19 Apr 2007

Page:

CNET insists Google ads are good for you - and fun!!!

b shubin

@ AJ and the US bookies

i doubt US bookies would give odds on Vulture vs. Attitude. too many idiots in the US have "failed upward" in the last 7 years (that's when a massive screwup is rewarded with a promotion and/or cash prizes).

surely you've noticed some minor issues with the US real estate market...and national debt, trade deficit, fraud, waste, corruption, cronyism, patronage, incompetence, secrecy, megalomania, ignorance, religiosity, war, pollution, Gitmo, and the sorry excuse for an Attorney General, i could go on, but you get the point, would you like fries with that?

people are risk-averse just now...especially bookies, i would think.

now, consider our graphic friend here.

glib, check. condescending, check. smugly sarcastic, check. zero useful content, check.

Donald Rumsfeld, is that you?

b shubin

Missed opportunity

too bad US residents are not allowed to place wagers with UK bookies.

i'd love to see the odds on this one. a blagg...um, blogger (likely bound by an NDA from a stealth startup) vs. a Vulture reporter. quick, someone put down a plastic sheet.

remember, people, "what happens on the internet, stays on the internet." may not be worth the pissing match, if one is a (corporate) suit.

besides, i hear reporters fight dirty.

NASA ponders stressful stress-test device for astronauts

b shubin

Need one

i wonder what the PVT would show for our Martian friend from the first post.

whatever substance (s)he's on, i hope it's legal and cheap, (s)he's definitely using a lot of it.

Las Vegas crooks go mad for copper

b shubin

Darwin award

erm...these guys (the ones zapped while trying to steal copper off the poles) are retarded.

an inductance coil multimeter can be had for under $20, and it will easily detect live power lines. the human race is better off without this sort of optimist.

Dolphins abandon Bay of Biscay

b shubin

More please

yes, a broader awareness of the world is a wonderful thing. can we please have more stories with a deviant, SF or science angle? also, how about more privacy, human rights and bureaucratic dysfunction articles?

the gentleman is quite likely to be in or from the US, as the philosophy here is "if it doesn't make money, it isn't worthy of attention or effort". the curiosity to enjoy such topics is thus discarded, in favor of learning content that can be more easily monetized.

since a majority here also believe in Intelligent Design and/or Creationism, this guy probably forgot (or never knew about) basic natural selection: "too much specialization usually leads to extinction".

this is good news for the rest of us, as it makes Stuart a short-to-medium-term problem.

Diebold rebrands evoting business, revises forecasts

b shubin

Mystery vote

the reason these companies got so much flack is very simple (yes, they richly deserved it).

they refused to provide paper receipts, or a verifiable paper trail. internal emails that surfaced from at least one vendor, suggested charging the better part of a thousand dollars for a low-end dot-matrix printer (easily found for under $50) that would print receipts from these voting stations, to discourage election officials from purchasing them, and to increase the profit margins.

an electronic record that is not backed by documentation is not auditable. the vote is whatever the database says it is, no matter how many times it is checked. if someone tweaks the pathetic, unprotected MS Access databases many of these vendors use, and the intruders covered their tracks, there is absolutely no way to know that the vote was rigged. even a casual knowledge of computers would suggest that it is trivial to provide a paper trail; amazon.com orders (just an example) are easily printable, and there is no reason that the audit trail should be any more difficult to produce here.

this is very, very simple and very, very obvious, except to those who shill for these companies (there has been a truly colossal amount of "astroturfing" - fake grassroots activism, really just a front for the company itself). Diebold has been a particularly bad player, so to see their shoddy systems hung out to dry is rather pleasant.

Russian firm targets wooden phones at posers everywhere

b shubin

Fire hazard

no, really.

for once, it is totally obvious why. keep away from open flame, by order of the fire marshall.

this is idiotic on so many levels, it added a sensuous luster to my "dumb expensive toy" list. Paris and Nicole should get these for their next gig...

VeriSign worker exits after laptop security breach

b shubin

They let it leave?

so if i was in charge of that outfit,

[1] the data would be secured to the highest practical level (considering available technology):

-[a] every machine in the place (especially portable devices) would have an encrypted file system (and, come to think, would be a Mac, UNIX, Linux, or mainframe box, depending on purpose);

-[b] every user (including janitorial staff) would be trained on security practices, evaluated on compliance with same, and required to log in using one of those RSA-type fobs with random numeric key sequences (i prefer CryptoCard on BSD, actually);

-[c] visitors and consultants would have to sign NDAs and confidentiality agreements that make them individually liable for damages; they would also require oversight, and would be given very limited access (no data to be transferred off premises), which would end the moment they are finished work;

-[d] all laptops and portable devices would have call-home and remote-kill LoJack-type functionality, and all connections would be encrypted and secure.

[2] this individual would be facing a civil lawsuit.

[3] the person wouldn't "leave", they would be fired for negligence and escorted off the premises, their manager would be subjected to an audit and an investigation (at least), and that's what the press release would say, too.

aside from all that, whenever this sort of thing happens, i always get a mighty urge to throw the idiot so hard that the moron would bounce.

this company is (supposedly) a security vendor (among other things); they should try harder to act the part (they're far from broke, and their profit outlook is excellent).

unfortunately, VeriSign (and NSI before that) has never had its stuff together. they were always fsckups, so no news here (just had to deal with them last year, and they were still fscked up). this twit likely fit into their culture of incompetence just fine, and was probably either management or HR, or maybe both.

NBC muckraker gets hacked at Defcon

b shubin

Consider your prey

if what you hunt is possibly smarter, more capable, or better-informed than you, it may be a good idea not to hunt it.

honestly, Defcon is just about the last place i would try to gatecrash. this is the sort of venue that attracts curious, capable, relentlessly inquisitive, and probably quite intelligent people. they're likely to be self-taught critical thinkers (the US educational system sure doesn't teach that), and they probably like to push limits, legal, technical, or whatever.

in conclusion, i think this was very unwise (well, just about the dumbest thing i've heard all year, actually). i wonder what her credit history, and her life in general, will be like for the next year or so. i'm sure there will be some at Defcon with an axe to grind, and they are the sort to grind it, too.

such foolishness may well attract retribution, if only as an example to others...but not too much, i hope.

if any of the axe grinders are reading this, please take it easy on this one, she doesn't deserve the heavy artillery.

too easy a mark, i should think.

Social networks to replace imagination and be woven into clothes

b shubin

Smell something non-virtual?

i get the impression that they're trying to talk faster than their audience can think, so as to prevent anyone from figuring out that it's all a load of marketing baloney.

all this virtual potential is really just so much bovine digestive byproduct; or maybe it doesn't like being called that, perhaps it is bull-generated fecal matter.

whatever the name, the smell is the same, but at least it's good fertilizer.

Gaming 4G warfare for the USAF, with rayguns

b shubin

Life imitates art

the reality of military action is starkly different from the fantasies used to market it to the public; different in goals, methods, experience, and outcome. rayguns will do nothing to change this.

there was a series of SF novels written by Pournelle, that featured a mercenary outfit called Falkenberg's Legion. aside from the suspension of disbelief required for faster-than-light transport technology, the books were realistic in every other way, including the likely experience aboard transport ships. conflicts were messy, confusing and complex; soldiers and civilians were multifaceted characters with personal agendas; and the series was, at times, a very demanding read.

the novels are about imperfect people using the blunt tool of violence to address situations where there is neither nobility nor compassion. the results of this are predictably ambivalent, solving some problems while creating others. the fog of war, and the pervasive uncertainty of dealing with a terrorist, insurgent or guerilla enemy, with hooks into the civilian population, are portrayed in detail and to great effect.

for anyone who thinks that armed conflict is noble, clean, good-versus-evil, or black-and-white, i recommend reading the series as a counterpoint. the Iraqi situation is messy and complex, as real life should be, and historically, there has never been a truly good solution to any problem in the Middle East.

glad to see that there is at least one game that models military action in a more realistic manner, even if only from a statistical perspective.

Use of web archive was not hacking, says US court

b shubin

Clueful judge

truly an uncommon animal within the US judicial system. most judges here, when given an opportunity to make sweeping, disruptive judgments on technology issues, jump in with both jackbooted feet.

the DMCA is, without question, one of the worst technology laws ever enacted. it is certainly in the top 5. be that as it may, this act has not been declared unconstitutional, and it has not been amended in any significant way.

the judgement conforms very narrowly to the letter of the DMCA, which is vague enough to include simple things like robots.txt under anti-circumvention measures. the opinion specifically excludes any other cases from using itself as a precedent (precedent is very powerful in US law, good to see someone treating it with care).

kudos to the judge for a wise, well-considered ruling (that is the fist time i have written those words in almost 40 years).

IBM: Dinosaurs were green

b shubin

Arithmetic

there will be 30 mainframes spread over 6 datacenters, so 5 towers per datacenter on average. probably some fail-over built into that, and the z mainframe is very redundant, self-diagnosing, and just about the top of the IBM line for all the components.

IBM may even have some spares on hand, and maybe a technician or two, to replace anything that the z flags as a potential problem, well before the component breaks and causes a crisis. please note that a zSeries doesn't just break like commodity servers do. if properly maintained, it is very unlikely to fail, except maybe if hit by a car, or submerged, or something equally drastic.

i doubt they would charge themselves for their own software, but even for a customer, replacing 3900 servers having at least 1 core per server (usually 2 to 8 cores per server, these days), with 30 servers having several cores per server, makes financial and administrative sense, not to mention volume discounts, leasing and financing options, 24-hour technical support (the real stuff, not script readers), training and documentation, management and monitoring software, fail-over and replication assistance, and lots of other goodies that IBM would throw into a deal this size (z mainframes are NOT cheap).

IBM possibly knows something about efficient ways to virtualize workloads on mainframes. they will likely share any such knowledge with customers who are willing to buy one or more zSeries boxes.

i would say they're thinking much more clearly than people throwing money at hot, proprietary blades, backed by hot, proprietary storage arrays, connected by hot, proprietary storage switching gear and hot, proprietary gigabit switch/router fabric. add licensing and administrative overhead, and i'd say the zSeries starts to look quite attractive. the z also scales rather well, is upgradeable, and has a potential useful life of up to 20 years (maybe more).

if you're going to go proprietary, at least get the stuff to make life easier.

Virtualization software to crush server market

b shubin

Fail-over niche

some interesting reasoning to be had here.

after reading through all the arguments previously mentioned, it still appears that the bigger IT shops with the bigger budgets will be able to get value from this technology much more easily, if only because of the complexity and administrative overhead required for virtualization fail-over relationships between various multi-core boxes, along with maintaining the higher-end storage and server hardware, day-to-day operations, updates, upgrades and projects.

those bigger shops may be better served by a mainframe running several virtualized environments (IBM's LPARs come readily to mind). it is possible to host more than 70 Linux/BSD environments on a single, self-diagnosing, multiply redundant, massively parallel host, that can dial your 4-hour-response support vendor automatically when it senses a component about to fail.

now, consider smaller firms. almost 60% of the US economy is an aggregate of SMBs. each of these is an organization whose entire IT budget is likely to be under one million USD, and that's on a good year, when they can afford an IT budget and don't decide to handle technology expenses on an ad-hoc basis (you'd be alarmed how often that happens). someone mentioned a savings of 500K british pounds. this figure often exceeds an SMB's entire IT budget, and in many cases, exceeds the entire organizational operating budget for the year.

other arguments include "thousands of corporate lemmings can't be wrong" (please examine any of the technology bubbles of the last 20 years to see how this reasoning fails), and "statistics indicate that it will be up forever" (MTBF statistics have a more tenuous relationship with reality than most people like to think).

the one application i can think of, that would be most compelling from a cost-benefit perspective, and involves minimal complexity, is to have two large, beefy, multi-socket and multi-core boxes running fail-over VMs for many smaller physical dedicated single-app VM servers. that way, one gets close-to-unvirtualized performance on one's dedicated hardware, but each dedicated box still has a VM host to fail over to, if needed. this setup may also offer benefits from a licensing perspective, depending on the software used.

The cold, cold heart of Web 2.0

b shubin

Process vs. goal

several studies have documented that many human decisions (maybe even a majority) are out of sequence: if it is assumed that [a] is the process of rationalization or consideration, [b] is the derived justification or context, and [c] is the point of decision, then the common sequence appears to be [c, a, b] or [c, b, a], and not the expected [a, b, c] or [b, c].

this tendency undermines the argument that rational self-interest drives all human decisions. if such calculation prevailed in all (or even most) decisions, the world would be a more rational, unsentimental, predictable place. it is certainly true that, once you grab someone by their self-interest, you can easily guide them in a direction of your choosing; the same can be said of prejudice and sentiment. the reality is that, as a species, humanity is "brutal, immoral, unreasonable and self-centered" (quoted from "America, The Book" by The Daily Show staff). many of us may be rational individuals, but as a group, we are often an angry, violent, unpredictable mob.

the situation is further complicated by two major tendencies in people: goal-oriented vs. process-oriented. this is well demonstrated by a "bus" metaphor: some people prefer a charter bus that takes the fastest available route, so they arrive at the destination faster, and they aren't too concerned with how nice the trip is; others want to ride the double-decker with a tour guide, through a scenic part of town, since they are in no particular hurry and want to enjoy the experience. generally, individuals tend to have one of these tendencies as a dominant.

the final equation is not as simple as Web 2.0 and Becker postulate. the methods put forward are useful within certain contexts, much like Newtonian physics and the theory of relativity. perhaps Asimov's advanced social calculus will emerge in due time, but what we have here now is certainly not the final word, nor is it adequate to modeling anything more than some fairly narrowly defined situations.

Tossfest 2007: are you a hardened open sourcer?

b shubin

FOSS TOSS OSS etc

there are many fanboys, but there are likely to be plenty of FOSSers, too.

sounds like a phenomenal educational and networking event, complete with the famously excellent Southeast Asian entertainment.

frankly, i'm jealous. wish i could attend.

McKinnon earns Lords appeal

b shubin

Unreal crime

as a citizen of a sovereign nation, he should absolutely stay right where he is, in the UK. if he accessed a server in Saudi Arabia by using a default password that someone didn't bother to change, would it be reasonable to extradite him to SA, considering their human rights record?

speaking of human rights, US practices haven't exactly been warm and fuzzy lately. they're not as bad as SA, but they're not good, either (Gitmo and secret prisons abroad, anyone?).

as for the crime itself, it can be argued that:

[1] if the server has a default password, that server is not secured. it is open to the public, especially if it is accessible through the firewall, because there is no circumvention or hacking required to access it. this puts the responsibility on the server admin, where it belongs, and doesn't turn some poor curious schmuck (yes, Gary, i'm looking at you) into a criminal.

[2] US organizations, and especially the government, have a habit of wildly exaggerating the damage caused by hacking, so as to pressure someone into a plea bargain. this saves the trouble and risk of going to court, where a judge or jury may decide that the plaintiff is making absurd, unsubstantiated claims, and dismiss the case.

access does not usually constitute damage, unless the accessed information was confidential and the organization was materially harmed by the dissemination of this information. if Gary altered things while he was in those systems, he may be out of luck on this defense; however, $700K of damage is a substantial number, and they should provide some proof to support that figure.

if incompetent US government employees or contractors are trying to cover their backsides with Gary's conviction, i think the names of these persons or companies should be given wide publicity, to discourage future stupidity.

default passwords went out of fashion in the early 90's. a default password on a US government server (and especially military servers) is like a man wearing bell bottoms and a daishiki at a black-tie event. the admins responsible should be held accountable for this breach. throwing the book at a script kiddie (Gary is one by his own admission) will accomplish nothing.

Comments are disabled

b shubin

All that's old is new again

brought a tear of nostalgia to my eye, it did.

modern social networking sites are like USENET in its days of decline, but with GUI and more bugs, on higher-end hardware.

as for the classical philosophers, good thing they had to write stuff down before they shared it. gave them time to edit it into something useful, unlike the insipid MST3K fragments we see here.

if {given a platform even an idiot can use}

and {most idiots can access}

then {too many idiots will abuse it, making the platform useful only to idiots}

else if {the platform includes methods to filter idiots}

or {the platform requires effort and intelligence to use}

then {the platform will be condemned as elitist - "sour grapes"}

eBay 'Buy It Now' button survives latest attack

b shubin

Brief but useful

the US legal system is dysfunctional, and the patent and copyright regime is insane.

a boozer friend of mine ("i'm not an alcoholic, i'm a drunk; alcoholics go to meetings") explained to me that, once in a great while, alcoholics will have a "moment of clarity". she said that, in her case, these moments are generally well-timed and critically useful.

i believe we are witnessing one such moment in this judgement.

this will likely be followed (at the other extreme) by a successful patent on the verb "to be", in all its verbal and written conjugated forms, regardless of extensive prior art, and a lawsuit against absolutely everyone who speaks English, for damages and an injunction.

to avoid this issue, i'm already learning Spanish, and the wife is working on Mandarin...

Virtual narcs boot Second Life casinos off the island

b shubin

Well-bribed

most online gambling is illegal in the US because gambling industry lobbyists pay US politicians to keep it that way.

this free market is so open that, if there is demand for certain laws (backed by political contributions and lobby funds), someone will satisfy that demand.

very simple really, why do people keep asking?

Red Hat flags OSI offenders on partner site

b shubin

Thought they were extinct...

companies with occasional flashes of integrity are becoming slightly more common. i thought they were all driven out of business a long time ago.

perhaps there is profit to be made from integrity. who'lda thunkit?

anecdotal:

during a recent house renovation, we contracted over a dozen vendors. only 4 delivered what they promised (or fixed their mistakes).

so that would be about 70% sleazy, 30% honest. nice to find (occasional) decency. it is quite rare these days, usually replaced by marketing...

RFID a 'technical blunder', report says

b shubin

Immature and expensive

he may be wrong in the long term, but spot on in the short and medium term.

this technology is too custom to be useful, is expensive to use, and has security issues. in the mass market, this usually leads to failure, and only the largest and most mature (in management, policies and procedures terms) product companies (as in, "they sell physical objects on a per-packaged-item basis") can benefit from this kind of real-time supply chain awareness at the current level of cost and complexity.

the technology has to mature, commoditize, standardize, and address many of its current issues (like security).

only then will RFID succeed in the mass market. it doesn't have to be great, just good enough (also has to be economically viable), but it isn't good enough yet.

Security conferences versus practical knowledge

b shubin

Sour grapes

the article reflects a very vendor-focused and self-centered opinion of one individual.

they didn't accept your submission, so therefore there is little practical use for the speakers who were chosen over you. says who? just because it was of no interest to you, doesn't make it useless.

if you want to go to vendor-centric conferences (no shortage of those), no one is stopping you. there are plenty of things to be learned at a general conference, and one gets to meet people who have knowledge one may need, or ideas one has never considered. other professionals often have valuable new information or experience that is more commonly accessible at a non-vendor-specific conference.

general security conferences have become more about collaboration and theory than training, but that makes them more valuable, as there is nothing else out there that serves the same function.

just because it isn't Microsoft or Cisco, doesn't mean it has no merit. it just means you (yes, you, the author) shouldn't be there.

and as for the junket argument, it's nonsense. we work in a rapidly innovating technological field, with capabilities and constraints that change on a yearly basis. that budget was allocated to allow company staff to interact with others in the field, and to see technology and techniques that they would not experience otherwise (something they would likely not see at a vendor-centric venue). that information may prove very useful, and could save the company money, make it more competitive, or likely both.

the only people who truly learn nothing at general conferences are non-technical managers who have technical subordinates. these managers (the "low-hanging fruit") are usually discovered by aggressive, ethics-free salespeople that persuade them to buy expensive, marginal products. this situation is much worse at vendor-specific conferences, where a rapacious vendor runs the show, and can push crap products even more effectively.

if you really think you can't learn anything new at a general conference, perhaps it's time you switched to marketing.

Google's Lemon squeezes out web app bugs

b shubin

MOAB

that would be "a physical method or device that provides structural analysis and diagnostics for subsequent forensic examination, in a repeatable and consistent manner, using controlled energy application...specifically designed for testing reinforced or fortified structures".

i'm pretty sure that's what the original DARPA proposal claimed...

Sharks in the soup, says conservation group

b shubin

how did Gore's party get in here?

i just love the way right-wing nutjobs free-associate.

sharks are biologically important scavengers in the marine ecosystem. scavengers are vital for keeping food chains healthy and balanced.

several species of shark are becoming extinct for the sake of prestige, and this twit thinks it's a political problem.

iPass layers on security for laptops

b shubin

Syntactically faulty

would have to be iTechnology, but the naming convention would still be iNsipid and iDiotic (because it was iTerated until it became iRritating and iRrelevant).

iGained this iNsight when iBecame iNcredibly iRate after iRead this article.

Microsoft rigs Live Search traffic

b shubin

Moychandizing a la "Spaceballs"

yes, a momentous achievement.

MS marketing, now even more expensive.

boy, wouldn't it be great if they threw some of that money into creating truly innovative, stable, reliable and secure software? or how about more and/or better support? or even charge somewhat less for their products, making them more affordable for more people?

maybe then they wouldn't have to come up with so many ways to make their numbers look better, as their customers would do it for them...

nah.

Wave goodbye to your TV... literally

b shubin

Douglas Adams redux

i do believe there was a radio like that in the Hitchhiker's Guide trilogy.

all the controls have been designed out, so one had to wave a hand in the desirable direction, and hope for the best. one also had to sit absolutely still or the radio would lose the channel setting.

i can't wait.

Romanian cops cuff drunk, naked, handless driver

b shubin

He'll get a slap on the wrist

...mark my words.

China aims artillery for a blue-sky Olympics

b shubin

Pragmatism

my observations of modern Chinese culture and methods reveal a stark practicality in most of their actions. policies practiced by the state are rarely sentimental, and corporate culture seems even more hard-nosed.

their interest in safety is, shall we say, situational.

as for controlling weather, well, i reserve judgement until more tangible proof is available.

Crazy cyber-jihadi emails planned death for Mayport, FL

b shubin

Wa on terra

well, looks like it's MUCH easier and safer to "fight them over here" than it is to "fight them over there".

over there, they know how to make IEDs, recruit and train martyrs, and carry out coordinated, effective attacks.

over here, they need a flashlight and a map to find their gluteus maximus in broad daylight (and he calls himself a doctor...).

there is, however, some risk of a hernia from laughing too hard.

i'll take that risk.

Antigua attorney speaks out on landmark WTO case

b shubin

US out of WTO - unlikely

as a sentiment without rational thought, this is absurd and unworkable. most of the products sold in the US are now made elsewhere, largely thanks to the WTO.

WTO procedures are fairly straightforward and transparent (as opposed to, say, ICANN), so this is certainly a "lesser evil" situation. The WTO would otherwise be replaced with an insane patchwork of complex and contradictory trade treaties between individual countries (usually opaque, questionable back-room deals with little or no oversight). that precarious arrangement would then be actively exploited for its flaws, or evaded entirely through the smuggling that would explode in response to such labyrinthine regulatory arrangements (with a concurrent rise in corruption, crime and money laundering).

US-based manufacturing that is also domestically owned, is almost dead; it just hasn't stopped twitching yet. China got most of it, but there's plenty all over the world. if the US were to withdraw from the WTO, its economy would simply fall apart. modern industrial mass production is expensive and complex (not to mention the supply chain arrangements required to feed it), and can not be restarted overnight. very little domestic production remains (and foreign companies like Toyota and Honda own more of what's left every day).

where gambling is concerned, Mr. Abramoff (or persons like him) did an amazing job creating this dispute situation. i wonder who the US gambling industry has bought at the DOJ. must be pretty high-level, to be so effective.

if people want to gamble, let them (they'll find a way to do it anyway). what we have now is protectionism, not prohibition. if you'd like proof, consider lotteries, Nevada (Las Vegas, etc.), New Jersey (Atlantic City), the closest navigable river (riverboat casinos), your local Turf Club, or a nearby American-Indian reservation (more often than not), not to mention online wagers (legal and otherwise) and the office pool.

i live an hour away from Detroit, and it's full of gambling joints (domestic auto manufacturing doesn't pay the bills any more, you see). They're popular, too, even on weekdays.

if one must go online to gamble, and gets ripped off through international credit card fraud, i can only laugh. with all the options available here, one hardly needs facilities in other countries, but if people demand access to this, i say we should let them have it.

Computer virus turns 25

b shubin

Cookie monster

one of the earliest known prank viruses, the first known version of this application was first deployed on Multics systems in the early 70's.

networking was rather primitive, so the virus spread between systems mainly through "sneakernet", leading to some debate as to whether whimsical humans with admin privileges can be considered a valid infection vector (i vote yes, as any effective infection vector is, by empirical demonstration, a successful propagation method).

the program would be triggered by a timer, much like a cron job, but without the easy log tracking. when it woke up, the cookie monster would stop whatever the user was doing, and ask for a cookie. once the user gave up fighting it and typed "cookie", the virus would go back to sleep until the next timer event, and the user was returned to the original process.

ah, the early days...

Verizon condemns FCC wireless move

b shubin

One word: Choice

the US wireless market provides a severely limited range of services.

all of the carriers have free reign to throttle or filter network traffic however they wish, with little threat of competition. the terms of service are draconian, privacy provisions are nonexistent or laughably inadequate, prices are high, coverage is very inconsistent and sometimes unpredictable (even if you are absolutely stationary for an hour), good smartphones are expensive and lack features because the carriers want it that way (WiFi, HSDPA, etc.)...really, i could go on, but you get the idea.

it's time someone lit a fire under this oligopoly. if regulation won't do it, i'll take deregulation as my only option.

yeah, i'm desperate, but the US president is a corporate whore who appoints lobbyists as regulators.

i'll take what i can get.

Microsoft promises VMware beater despite reversals

b shubin

Forecast not good

based on MS software release performance to date, VMware-comparable MS virtualization will be delivered either:

[a] on time, but so flawed and buggy (yes, missing features, and driver problems too) as to be completely unusable in a production environment, until SP1,

or,

[b] so late as to completely disrupt customers' deployment plans ("completely disrupt" meaning delays of 9 to 18 months).

i'm sure there are EU-area bookies willing to give odds. any takers?

Neteller founder Lawrence cops a plea

b shubin

Abramoff smiled

taxes, my foot.

this is all about lobbyist dollars well spent, and politicians protecting established interests. it must be nice to be able to speak of virtue while taking campaign contributions from Abramoff types. having one's cake and eating it too.

these guys will take the fall so someone else can look good at a press conference.

Microsoft points robots toward point upgrade

b shubin

Mobile and WinCE in robots

oooh, can't wait to see those robots used in production.

so far, my impression of Windows Mobile and WinCE is that they are temperamental, unstable, and require increasingly frequent reboots. if the user doesn't reboot them, they helpfully reboot themselves, usually at some crucial juncture.

we used Windows CE devices in a large warehouse where i ran the datacenter (about $600M turnover of food logistics per year). at one point, a vendor changed from VxWorks to WinCE, and it was like someone blew a whistle and shouted, "let the game begin!" reboots and flakeouts and warranty returns, oh my. the UPC scan guns were even worse. the most stable ones we had were based on MSDOS, and were virtually bulletproof barring hardware failure (a real dog to configure, though). the ones that ran Windows had to be reset four or more times a day.

on the personal side, in the last 5 months, the wife has gone through 3 Motorola Q phones in a row, without dropping any in the drink (a miracle in itself). all the Q phones followed the pattern outlined in previous paragraphs.

she finally gave up on mobiles running MS and got herself a BB 8830. loves it.

there's a reason why production machines still use custom code and/or UNIX derivatives. after you get it working, it just works (barring hardware failure), like a microwave usually does, day after day, for years, like...well...a robot.

the last version of Windows that could meet that metric was NT (and some configurations of Win2k). anything derived from the 95-through-ME line usually died after a while, and the newer the product, the shorter the while.

now they'll put that same flaky code into robots. i quiver in anticipation.

And the winner is...the laptop!

b shubin

Absurdly bad idea

yes, outside contractors are expected to bring their own tools. outside contractors are also more expensive (usually), self employed, and frequently exempt from company policies and procedures.

if an employee is expected to use a tool on the job, the employer can be reasonably expected to provide it (and quite properly write it off as an operating expense). to put this a different way, if an employer expects me to bring my own laptop or handheld, i will absolutely refuse to load any of their security or compliance software on my precious equipment that i paid for and have to support myself...oh, and call me "contractor", as my rate just increased fivefold, and i'll set my own schedule, thanks.

this is a support and compliance nightmare. it's fine for startups with no compliance requirements, but unworkable for anyone else. in an always-on world with multiple, rapidly evolving threats, this is the worst possible solution to a problem that doesn't exist.

it doesn't take that much to issue people the equipment that is durable, reliable, and suitable to get their job done. the IBM T-series used to be excellent for this in the Windows world, provided the OS and security software was configured correctly and the user couldn't install apps. Mac is an excellent mobility platform. BlackBerry is a stable, mature handheld (even has a firewall) with a superbly designed interface (my latest, an 8800, took a swim in a pond and survived). these are just some of the products widely available that would make remote functionality accessible, reliable and secure.

this is yet another boneheaded beancounter money-saving brainstorm, and it will turn and viciously bite the organizations that adopt it. i look forward to the additional hourly billing this idiocy will generate for outsourcers who will be called in to fight the resulting fires.

it's like watching the fall of Troy: you saw it coming, but no one wanted to listen.

Microsoft boots Savvis from data centers

b shubin

Roadkill in the sun

that smell is the first sign of decay of the old business model.

commercial software will survive in the long term only if it has compelling value to its target customer base. the rest will become commoditized, and will either go OSS, or move to another business model.

MS stated years ago that it will embrace SaaS (software as a service). so far, there is little to show for it. if licensing revenue were to collapse tomorrow, the company would have to scramble to purchase a viable SaaS vendor. they certainly have the money to do this, but first, they'd have to admit there's a problem.

this seems unlikely. MS has always been slow to learn from mistakes. more of the same is much more probable.

Run free little root zone

b shubin

US ownership of ICANN

...will likely continue as a very useful point of leverage, until this country goes broke (which, at the current level of borrowing, shouldn't take more than another 5 to 7 years at most).

please note that there is nothing (except maybe technical competence) stopping other countries from getting together and redirecting all DNS queries to their own servers that spoof like TLD roots. it would take some hacking to change all their core routers at approximately the same time, but if managed properly, there is no technical reason why it can't be done.

careful coordination and timely action will be required, along with meticulous preparation (zone transfers, registry spoofing, etc.), several trial runs on isolated networks, and then a near-global cutover.

properly executed, this would bypass the current root servers completely, while duplicating the functionality in a parallel spoofed structure.

this would be somewhat more difficult after secure DNS is implemented, but it would still be possible.

fortunately for the US, the rest of humanity doesn't cooperate worth a damn. unfortunately for the US, "things that can't go on forever, don't" (a statement made famous by Herb Stein, an economic adviser to the Reagan administration). at some point, this structure will have to diversify; let's hope it's not at the point of catastrophic failure.

Core 2 Duo: Intel's insecurity blanket

b shubin

Real issues please

if he points out real problems, it hardly matters if Theo bites people, is personally unpleasant and eats live puppies for breakfast.

please save the ad hominem attacks and address the topic at hand. i will not be having a drink with Theo any time soon, so i care nothing about his personality. on the other hand, there are many Core 2 Duo products out, so if there are problems, i care that they're publicized, and handled...right now.

if the NX bit only works on one core, and you have more than one core, it's a problem. it's still a problem if Theo cooks and eats your parents.

as far as i'm concerned, he doesn't have to be socially gifted; he does have to be technically competent. that last part has been demonstrated consistently.

i wouldn't want him to date my daughter (i have no kids, good thing), but if he has something to say about security, i will listen and consider it.

Red Hat tight lipped on Microsoft talks

b shubin

lawyers and novices (lions and lambs)

for the novice post:

laws in the US are usually vague enough that multiple interpretations are possible. when there's money to be made (which is most of the time, to a lawyer who charges $300 or more per hour), the lawsuit can be long, painful, and lucrative for the lawyers.

lawsuits are used to create fear and doubt about a defendant's business or product, and will usually drive customers away.

since many laws and regulations are poorly written (sometimes out of ignorance, most often due to influence of industry lobbyists), many lawsuits are won by having more money (so the lawsuit can be sustained longer by one side), or more and/or better lawyers (usually requires "more money" as mentioned above).

therefore, the law in the US usually has little to do with justice, and much to do with money.

Microsoft has huge reserves of money, and makes tens of billions of dollars more every year. fighting them in the courts is expensive and unpredictable, even if one is a lawyer.

the system is designed to benefit corporations, not individuals; corporations hire lobbyists and give "campain donations" to political candidates to make sure it stays that way.

having said all that, your naivete is refreshing and inspiring. i thank you very much for the post, seems there are still true believers out there.

b shubin

Beware convicted monopolists bearing gifts

i remember my sharp reaction the first time i read about RH's CEO.

the phonetic "zhulik" means crook (with a con man flavor) in Russian.

if Mr. Szulik takes this deal, he will have conned himself.

if the man has never seen Bill's carnivorous creation do an "embrace and extend" on another company or technology (reminds me of stuff by H.P. Lovecraft, it does), he will get a fast intro to the process once he signs the deal.

MS does not obey laws, there's no need. the lobbyists and the lawyers make sure the law doesn't matter, so MS will sign anything, because they can always ignore the contract if they need to. lawsuits are expensive and lengthy to the point where the outcome is irrelevant.

if RH gets eaten, i suppose there's always FreeBSD, NetBSD, OpenBSD, Ubuntu, Debian, rPath, Gentoo, Turbolinux, etc...

Bush official goes nuclear in Net Neut row

b shubin

Regulated now regulator

what a surprise.

a corporate lobbyist right-wing nutjob in a regulatory role in this administration, placed in a position to create highly suboptimal government policy (suboptimal for most of the citizens, that is).

really, we haven't seen this repeated anywhere before?

i suppose we could ask Mr. Abramoff if he's seen anything like this. he has much experience in government, surely he'd know...

b shubin

Regulated now regulator

what a surprise.

a corporate lobbyist right-wing nutjob in a regulatory role in this administration, placed in a position to create highly suboptimal government policy (suboptimal for most of the citizens, that is).

really, we haven't seen this repeated anywhere before?

i suppose we could ask Mr. Abramoff if he's seen anything like this. he has much experience in government, surely he'd know...

Israeli futurologist predicts terror horror

b shubin

Department of hope?

here's a thought:

instead of spending government funds on this guy, how about we spend some on those poor, starving, desperate areas of the world that produce the most terror recruits?

they would probably like electricity and sanitation. maybe some basic medical care (antibiotics, vaccines, first aid services). food. clothing. shelter. education.

you know, things that may give them hope, instead of the despair they have now...

somehow, i think it would be cheaper and more effective than paying people like Mr. Sharan to think up doomsday scenarios.

b shubin

What a moron...

-terror will use whatever weapon comes to hand!

you couldn't think of anything more obvious? poor, desperate, repressed people will use any method that has the slightest chance of causing a result they want. that has been true for all of recorded history.

-privacy is the problem!!

no, lazy and incompetent intelligence agencies want the public to do their job for them. additionally, they want more funding. much more funding. and total authority, without oversight. think "V for Vendetta"...

-we will all die due to an act of terror!

very unlikely. statistics indicate that you are more likely to die in a lightning strike than in an act of terror (unless you live in the Middle East).

-shut up! i'm trying to get paid here!!

at last, the truth.

Hacker breaks into Pentagon email system

b shubin

Know the Master, Know the Servant

appointed by George the Younger, who doesn't do email, and hates to read.

where's the surprise?

just be thankful the guy can read. well, i hope he can...

Texas cops taser diabetic seizure man

b shubin

Local police

pretty much everywhere in the States, the local police have two primary interests: [1] arrest anyone who breaks the law, and [2] protect themselves. the well-known cliche "protect and serve" is notably absent, as police performance reviews have no metric for that activity.

it is worth noting that, in the presence of a police officer, any sudden moves, raising one's hand or any other appendage can be interpreted as "assault", and moving in any direction can mean "resisting arrest" or evading a police officer. both will likely result in arrest.

given the considerations described above, i can't think of a worse idea than calling the local police in to help a seizure victim. when dialing 911, they should have stated directly that they require medical help, not law enforcement, and that the guy is not in control of his facilities.

yes, police can be ignorant and sadistic, like anyone else anywhere in the world. the job attracts people who like hunting and prefer hands-on intervention. as many cops as there are in this country, it's inevitable that some of them will be unbalanced; or maybe these particular officers were coming from a violent incident and were a bit worked up. maybe they just had a bad day.

i'm not defending anyone, but the system worked pretty much like you'd expect it to work. this is the way the system is; "should" is a bad word. don't like it? then vote for reform-minded candidates (half of US eligible voters don't vote).

i prefer to stay in the more liberal areas of the US; one reason is that the police tend to be more circumspect. i rarely go below the "Mason-Dixon line" (a traditional, somewhat arbitrary marker that unofficially divides the north of the US from the south), as some people there have a rather different concept of human rights (and, in some cases, of humans in general). i'd move to Canada, but the wife isn't ready to go back yet.

having said all that, a poor, racially segregated area in Texas is probably the last place where i would expect a careful, reasoned response from the local police.

US and allies lay global foundation for biometric border checks

b shubin

Law of Unintended Consequences

FD: i'm a lifelong geek, with 20 years of professional experience in IT, mostly support and infrastructure, from POS up to datacenter design and implementation.

i don't recall who it was that said that society only changes due to the impact of technology, but i seem to remember that many people were outraged, and debunked the idea immediately.

this seems like a fine example of that concept.

governments are certainly incompetent at collecting data, but they are even less competent at validating, synchronizing and securing data. this turns your travel experience into an interesting game of chance: if data in Australia (for example) says that your name matches a "person of interest", will you wind up at Gitmo the next time you try to visit New York? once bad or misleading data spreads to other databases through "sharing", who will correct the errors? if someone fixes the mistake, will it be fixed in other "sharing" countries?

the US has an arrest database (the NCIC), where every arrest is noted, even if the arrest is by mistake, or never results in a conviction. the data is accessible to private parties, which means that one arrest can result in being blacklisted for life, never to find a high-paying job again (background checks frequently include arrest records). once the data makes its way to information brokers, it never dies and never gets fixed, as "what goes to the internet, stays on the internet". even if the record in the NCIC is expunged (which they almost never are), enough other databases have duplicates that it makes no difference.

maybe when this hurts enough innocent people, the public will wake up and turn against it. presently, most of the US population is apathetic, ignorant, and determined to remain so. there may be outrage elsewhere, but there is none here.

good luck with that "sharing" thing.

Page: