389 posts • joined 19 May 2010
Microsoft has a serious problem with staying on course while delivering fundamental functionality that shouldn't even be a question mark. Having issues playing audio is beyond stupid.
Does Microsoft know how to hire people that can manage and work in large teams? Or is it that they don't know how to hire programmers anymore? Seems like their development teams have been on a downward slide for a decade.
Re: put your hand in your pocket, synology
Regardless of who is at fault, seems like a small price to pay for a NAS company in order to bail out your clients.
It would certainly leverage a tremendous amount of good will.... At least until you became a target again. Hmm. No wonder we don't *normally* negotiate with terrorists.
Probably easier to get a hold of than the phone company as well.
I think some of you, article writer included, are looking at this the wrong way.
A command economy doesn't need to account for left hand screws being different in different towns. That way lies madness. Instead a command economy says THIS is the screw for the people.
When you are trying to align everyone into a short list of goals then a command economy is perfect. For example, fighting WWII. However, if you are trying to empower people to live their own lives in the way they see fit, then a command economy is the worst possible thing as it removes personal choice.
Trying to shoehorn the idea of personal choice into a command economy is just moronic.
Re: Ask a policeman
I'm not sure I would call cops the "executive arm" of the justice system. They are the enforcers. If it looks like a crime is going on then it's their job to arrest (and/or shoot [depending on your country of residence]) everyone involved. Then they let the prosecutors (or whatever you call them) deal with it.
"Sedition" isn't as catchy a phrase as "terrorism". I'm not convinced most people would know what sedition even is.
Wrong culprit identified
At what point do we stop blaming a bug which PATCHES HAVE BEEN RELEASED FOR and start blaming the idiotic network admins who fail to apply said patches?
The title of this story should be: "Dereliction of duty by Network Admins implicated in US hospital megahack"
They said the attacks occurred between April and June. The patches were released on April 7. I'll grant them 3 days to do emergency testing and patch their systems (which is way too much). That leaves approximately 80 days of time in which these attacks should have been stopped cold.
Re: Are there ANY success stories?
I disagree. Having a third party design the software is usually a bad idea.
The answer is to make sure that any given project doesn't exceed about 6 months worth of work, a year at the absolute most. As each piece is completed, let the consultants bid for the next piece while everyone, including the public, has total access to the source code. When sending in their proposal each company should be allowed to identify an area the want to recode along with the reasons for it.
That would solve a majority of this.
Re: Postmortem shows killing shot could not have been delivered from behind.
Excellent right up.
Re: Anonymous Fools ...
The problem is I'm not sure which store I'm supposed to loot from and burn down. What's the racial identity of the anon member that posted the wrong name?
As you can tell I'm ill informed but trying to make sure I hit the right target - probably means I'd be a lousy rioter. Maybe I should just stay home.
Re: CaptainDaFt Meh
I agree with the sentiment, but what qualifies as a proper journal report?
Re: Ahh, vigilante "justice"
Oh, I don't know, probably because it's highly likely to have occurred. People get death threats for just posting contrary views on the net. I'd bet my house that death threats, yes more than one, were sent shortly after a target was identified.
Unfortunately that's the jacked up world we live in. Anonymous had no business releasing that info. Especially considering it was wrong and very easily identified as such.
I bet they were using LINQ. That stuff is garbage.
Nations spend hundreds of millions, and in some cases billions, of dollars to secure their networks.
At what point does it make financial sense to code your own operating system and application suite that instead of using consumer grade crap?
None of the current vendors have shown that device and network security is the most important item. For anyone that thinks network security isn't possible: you're delusional because it is. What isn't possible is leaving it up to entities that base decisions on how much it costs them to clean up afterwards.
Sounds to me like they are doing DPI and playing with how to throttle certain traffic. They should probably call verizon and time warner to get some help
Expand / Refine / Sustain
In the timeline, it's the Expand, Refine and Sustain parts that worry me. Well that and the part on the right that looks a bit incomplete.
I suspect they are hiding "Phase 5" which is when they take over the world.
This is all about liability.
If I enter a PIN code and that code is stolen ( incredibly likely given the complete lack of security for most retailers ) then it is far easier for a thief to drain my bank account (debit card). Which can cause a lot of issues.
If I choose to do a signature and the card number is stolen, then it's all on the bank(s) to figure out what's going on and the money doesn't leave my account.
I just can't see a situation in which using a PIN code is a worthwhile idea.
I honestly don't see how TGI is still in business. The food is horrible, why do people subject themselves to that garbage. If it was horrible AND cheap then I might be able to understand.. but it's not.
Re: even if he did...
Did you run a background check on the individual to make sure they haven't already bought 10 hammers?
What did you do to ensure that they haven't been accused of participating in a violent crime in the past?
Did the individual say anything you thought was suspicious?
If the answers to the above questions aren't satisfactory then, yes, you have committed a crime.
Re: pretty big peg
Please do tell.
" Internet Explorer will begin alerting users when web pages try to launch ActiveX controls that are considered out-of-date and potentially insecure."
All ActiveX controls will be blocked by default? Woot!
"Microsoft will maintain the list of verboten ActiveX controls itself and will update it as new versions are released or new vulnerabilities are uncovered."
Oh... So typical Microsoft crap. They have a good idea and, as usual, barely implement the important bits.
Wouldn't it be better if we just disconnected that entire country from the Internet already?
Re: I only wish....
Sounds like you are working in a place whose only real answer is to fire IT administration. I'd leave
Re: So how do current versions get installed?
This is what I was wondering as well.
Who cares if updates are hard to detect. It still requires a program on the infected computer to receive and process the image correctly. THAT should be detectable; evidenced by the fact they say 350k computers are compromised.
Re: Maybe they have the wrong concept?
If you don't know the myriad of ways that something can be taken down and, more importantly, the principals of how those ways work, then you will never understand how to put up a defense. Period.
Yes, there are lots of ways to configure networks and "secure" applications. There are even plenty of industry "standards" for what you should do. What's lacking are people who understand WHY those standards exist. If you know WHY, then you can make an informed decision on how to lock things down while understanding the areas that are just completely missed.
The whole Touch Screen paradigm is not for normal desktop use.
The top applications for a regular computer is email, word processing and web browsing. Two of those require lots of keyboard input. Although the last one doesn't, holding my arms in the air all day just isn't worth it. Never mind that most of us have dual monitors and probably have a dozen applications running... So, what's the solution? Simple: have an interface that works well with keyboard and mouse control... Win7 did this.
I worked on touch screen apps in the mid 90s, there is a purpose, but it's not general computer use. If you have one application, whose operation is limited to a small set of actions then touch screens are perfect. Beyond that: waste of money.
Finally, whoever thought that a single OS INTERFACE across mobile, desktop and server usage was a good idea should be flogged. That wasn't what developers wanted. We wanted a single OS under the covers so that we didn't have to know 3 different APIs to build programs. They missed the entire point. Again.
Re: Verdict decided then
Let's say it was caught on the neighbors video camera. And let's say the Police then broke into the neighbors house and took the video. No search warrant, no notification to the owner. The owner comes home to see his door smashed down.
Now, should that evidence be admissible? No because it was not properly obtained. The entire point of those "technicalities" is to ensure that those enforcing the law are behaving correctly. If it was admissible then the police could, at any point, decide to break down your door and search your house just looking for something to charge you with. There is a reason these rules and laws are in place.
In a society ruled by law it is imperative that the ones sworn to uphold it are held to at least the same standards as everyone else. If the agencies responsible for collecting the data they are prosecuting him with have ignored, broken or even just "bent" the laws then the entire case needs to be thrown out.
I don't care what this guy did. If our society is hell bent on prosecuting people without following the rules then we don't have much of a society.
Instead of comparing the update schedule of an entire operating system to java, it would probably be better to compare the update schedule of the .net framework. I'm pretty sure there is an order of magnitude difference between them.
Another day, another java problem. ho hum.
Isn't this the sort of thing the regulators are supposed to fix?
Why is it important to the story that she was unemployed?
Lots of people are unemployed, that doesn't mean that you should be afraid of them.
Re: The simple answer is usually the obvious one
And here I thought it was the Minutemen just screwing with us...
( http://en.wikipedia.org/wiki/A_Matter_of_Minutes )
I don't see how this will go over well with the public.
Just mentioning the word "Axis" and most movie goers at this point will have no clue what you are talking about. Throw in a setting of an alternate reality in the 60s and I think the public won't know what to make of it.
Okay, I read the document. Just wow. They had an example of something that should be a quick fix: "user should be able to hit the ENTER key to activate the "submit" button function." Seriously? That isn't a given? That doesn't bode well for how the rest of the system works.
Also, what's up with the blacked out pages? What could be more damning of the SSA's handling of the project that it needs to be hidden from public view?
I have to say that the auditor did a great job though. Looks pretty thorough. Page 20 summed up my previous comment here nicely.
Having worked with many government and IT entities, the break down here is obvious:
1. Large company uses time and materials method for project billing.
2. Large government entity with mass of people each of whom have near equal say in project requirements that are often contradictory and certainly changing as they think of new things.
3. Profit until someone gets mad.
You need competent leadership when dealing with time and materials projects; preferably the person holding the purse strings will do nicely. The IT company will certainly not stop you from changing your mind a dozen times for the color scheme alone. Happily charging you for every little thing. So, it's best to know exactly what you want before you engage.
Now if the contract is on a fixed bid, it is in the IT company's interest to freeze the requirements they bid on and say no to all the changes. For these projects you want to have clear timeframes for delivery which include penalties for being late and bonuses for completing early.
Honestly, I have no idea why anyone agrees to start projects that are in that price range. As failure is the most likely outcome. If you want to be successful, then you make a road map of where you want to be and lay down the foundation for getting there: one piece at a time. Where each piece is bid on (fixed), and achievable within 6 to 9 months. Any project that takes longer than that is just too much.
Re: Man's gotta know his limitations.
Just means they didn't pack enough Alcohol.
Re: I have argued for many years
You should drop the word "intelligent" when applying that to a teenager.
I think I know the answer here.
Just tack on a "media tax" to the VAT. Then, have the UK government set up their own TOR feed that the creators post to. Whenever it's downloaded the treasury can pay them accordingly.
No need for lawyers or useless ad campaigns. Just let your government take care of it like everything else.
Great article. As each paragraph unfolded I found it answering the various questions I had and addressed my thoughts around the feasibility of the tech. Keep it up.
What does "huge" mean?
If you guys are going to use words like "huge", it would be nice if that was quantified using a known reference.
Are you talking like 1 meter or 300 meters across?
Out of the major companies that have mobile app stores (Apple, Google, Amazon - does MS even have one?) I'd have to agree that Apple has had great controls for quite a while. So the EC's moaning at this point seems to be completely unfounded.
My family has iPhones and iPads. I've turned in-app purchases off on all of those devices and enabled a PIN code that has to be entered to modify those settings. I've also turned off the ability to install and delete apps... and I was able to do that a LONG time ago. Finally, when I do go ahead and temporarily turn on app store (including in-app) purchases, Apple sends me an email confirmation.
What more do they seriously need to do? Maybe the EC could focus on things that are actually a problem at this point.
Re: Atheists and Religion
Now, wouldn't it be funny if we did find aliens and some of those aliens believed the universe was only 6000 years old as well?
I truly wish the History channel had stuck with verifiable facts instead of constantly running off into "sucker" territory. There are many subjects I'd love to watch a show about but I simply can't trust a single thing they say.
Re: A quote from Hawking
A blind man says, "They must not exist because I can't see them."
A deaf man says, "They must not exist because I can't hear them."
An idiot says, "They must not exist because that's what the other guys said."
Absence of evidence is not evidence of absence.
Take from that what you will.
All I have to say is that I'm happy that my ipad and iphone allow me to turn in app purchases off and protect it behind a password. And even when I turn them on, I can require the password to be entered every single time a purchase is made.
If it wasn't for that there would be no way that my kids would be allowed near those devices.
"Put all of these pieces together to complete the puzzle and you have a clear picture of who the former smart phone owner was,"
Now that's funny.
Re: Well, well, well. I perfectly well understand that the expression "allies"....................
Which side of the pond are you on? -- just trying to clarify who you think needs to be persuaded.
In other words, are you saying the US should stop spying on it's allies or that the Germans should stop all the bellyaching and just get with the program already.
Re: I've posted a rant here before
I'd take a slightly different tact.
1. Maximum allowed ceiling of 200 feet while within a 1 mile radius of any airport.
2. Maximum allowed ceiling of 400 feet while operating within normal air traffic lanes.
3. Maximum allowed ceiling of 1000 feet everywhere else unless a flight plan is filed with the FAA.
4. Anything capable of flying above 400 feet must be registered with the FAA and include an active flight transponder and GPS system. A fail safe system must be built into it to allow tracking in the event of a crash.
A model aircraft (or remote controlled aircraft ) is immediately promoted to being a UAV when one of the following occur:
1. It is noticed by law enforcement or any other government agency.
2. It is noticed by the media.
- Review Apple takes blade to 13-inch MacBook Pro with Retina display
- Game Theory The agony and ecstasy of SteamOS: WHERE ARE MY GAMES?
- Intel's Raspberry Pi rival Galileo can now run Windows
- Microsoft and HTC are M8s again: New One mobe sports WinPhone
- Worstall on Wednesday Wall Street woes: Oh noes, tech titans aren't using bankers