* Posts by George Marian

19 publicly visible posts • joined 4 Oct 2007

Developer leaks Microsoft product plans for next two years

George Marian
Stop

Re: Dear Microsoft...

"Seriously - the ribbon is not complex nor difficult. Anyone who finds it so, seriously needs to revise their opinion of how technically competent they are."

Technical competence does not mean that I want to learn a new interface with every few versions of a piece of software that I use often. In fact, the *more* I use it, the **LESS** I want to have to learn a new way of using it.

You want a real world example?

Imagine if the auto manufacturers decided to shake things up and make drastic changes to the way we drive a car. That interface has evolved over time and there is little variability in it.

Meanwhile, the car dashboard has more variability through time and across models/manufacturers. Keep that in mind the next time you're in an unfamiliar automobile and you're trying to make use of some functionality on the dashboard.

"Honestly, for a demographic that is supposed to be good with trying out new things, there are some folks in the IT world who are seriously close-minded."

Trying new things is one notion. Drastically changing the fundamentals of something familiar to us is quite another.

To continue the sematics exercise: it seems that this "trial" of the ribbon UI is telling us that it's a failure. What gets many people's goats is the fact that we're paying to be guinea pigs in what effectively is an experiment.

Microsoft to open source ASP.NET Web API and Web Pages

George Marian
FAIL

Re: Desperation?

"ASP is legacy interpreted script similar in function and features to PHP.

ASP.NET is compiled server pages..."

Well, PHP is also compiled. It's debatable whether the .NET library makes ASP.NET superior to PHP.

"I think it is very good that MS are making this open-source should increase feature set, and reduce turnaround time on bugs and issues."

Patches aren't applied willy-nilly. Just because someone submits a patch, doesn't meant that it will be accepted.

Kernel.org Linux repository rooted in hack attack

George Marian
Thumb Down

You lost me at "imagine"

"Whereas in an internet-isolated development environment (in which I imagine the likes of Windows are developed)"

I don't know one way or the other, but until you know with certainty that this is the case your argument carries no weight.

Tosh admits customer accounts pillaged

George Marian

Password hashing speed

A password hashing algorithm has to be just fast enough not to negatively impact the login time. A fast hashing algorithm is actually a vulnerability. That's where something like bcrypt comes into play.

Here's a good article on the topic:

http://codahale.com/how-to-safely-store-a-password/

Lawsuit says Facebook plunders user names, photos

George Marian

Easy...

"facebook informed me that I might know other seemingly random and unconnected people who are on facebook... and yes I do... but where did they form that link?"

The link is your email address.

World's most advanced rootkit penetrates 64-bit Windows

George Marian
Go

Sure...

Just pop in an appropriate bootable CD and issue the necessary commands.

Nothing succeeds like XSS

George Marian
Thumb Up

Remotes these days aren't exactly simple

Not that I disagree with your points, but I must point out that my cable/DVR remote isn't exactly simple.

Worst of all, are the differences between the various manufacturers. Talk about a need for an open/industry standard.

George Marian
Thumb Up

Re: RequestPolicy addon for Firefox

Personally, I think RequestPolicy is THE best defense against cross-site attacks, as it block more than just XSS. Word of warning though, if you think that NoScript is a pain to configure and maintain, you ain't seen nothing yet.

US broadband speeds 15 years behind South Korea

George Marian
Coat

Won't someone please think of the children?!?

Seriously, though the U.S. will always lag behind, due to it's large expance, it's a bit sad for our broadband options to be so sorry. Maybe it's worth it if it reduces our risk of becoming a country Internet gaming addicts? Mine's the one with the slingshot in the pocket.

Apple admits iPhone apps not suitable for business

George Marian
Paris Hilton

Heh...

"Sold as a novelty only."

Researcher raids browser history for webmail login tokens

George Marian

RE: Same Problems, Different Place & VM it

@David

Same Problems, Different Place: Keep in mind that VMs may contain their own exploitable vulnerability. Don't be lulled into complacency; it's only a matter of time before exploiting VMs becomes a practical concern.

@Doc

Same problems, different place: Most businesses, unfortunately, operate with a good-enough mentality. Realistically, we have to come to some reasonable compromise between security, performance and ease-of-use. However, too often good-enough errs on the side of saving time/effort/money. Probably because it's easy to put a cost on the effort to implement and maintain software, but it's rather difficult to put a price on potential security issues.

Twitter docs hack exploits stupidity vuln

George Marian
Paris Hilton

@Duncan

There's a bit of difference between the compatibility issues of different version of Word documents and those of Word documents used with another word processor.

Much of the time, we can forgo the half-baked features of a new version of the Word document format and simply back down to an older version that's a better common denominator. We shouldn't be surprised that an older version of Word has issues with rendering or even opening a Word document that's in a newer format. Much of the time, the need to cope here is due to the fact that not everyone upgrades to the latest version of MS Office. Even within the same company, there may certainly be situations where there's a mixed deployment of different versions of MS Office.

The nature of the compatibility issues when opening a Word document in another word processor are more complicated and lead to more frustration. Some of these issues are due to fact that this compatibility is reverse engineered, or due to fundamental differences between the implementations and so on. Coping with these types of issues isn't necessarily as simple as using an older format.

Nevermind that most of the alternative office suites you mentioned are still jokes in comparison to MS Office.

"The reality is that you don't need to pony up to anyone to get a desktop operating system and a full-featured office suite. Why not acknowledge that?"

That's true. However, even so it's not as cheap as using Google Docs. It doesn't matter that you can get it for free, if you have to deploy and maintain it, there's some cost associated with it. So, Ted's point still stands, IMO.

To those of you that jumped all over that statement: Did you stop to think that it might just be flame bait? Enjoy your worm, little birdies. ;)

Telling lies to a computer is still lying, rules High Court

George Marian
Stop

It's not exactly cut-and-dry

Some key points:

1) The cars were MADE TO ORDER.

2) Two employees turned a blind eye to outrageous numbers.

3) Renault ***PROFITED*** from the abuse.

Look at it this way. You supply some goods to me. These goods happen to be below some agreed upon quality standard. However, I can still make a profit doing whatever it is that I'm doing with these goods. So, I don't say a thing, and allow you to continue selling me these sub-par goods. Then, some time later, I decide to turn around and sue you because you didn't supply goods of the quality we had agreed upon.

I agree that a lie is a lie, no matter how little that white lie may be. However, that's not the entire issue here.

Is MySQL's Google's Trojan Horse for world domination?

George Marian
Paris Hilton

Sure...

But, where's the Paris Hilton angle?

Seriously, though in response to the two older guys:

I totally agree that some standardization is necessary to drive technology forward. However, I'm not convinced that it requires one monolithic provider. Of course, this doesn't mean that we're ready to do that yet, as the Linux market shows.

Web 2.0 - carry on, don't lose your job

George Marian
Thumb Up

Business people writing applications, don't make me laugh.

People have been sounding the death-knell of the programmer since COBOL, at least.

While we've come a long way with programming languages, the type of thinking needed to be a good programmer hasn't changed substantially. Neither has the skill set of the good business person.

While there may be some that are good at both, the rest are good at either one or the other. The right tool for the right job, I say.

Genetics boffins on the verge of artificial bacteria

George Marian
Paris Hilton

It must be said.

I for one, welcome our new bacterial overlords.

Geeks and Nerds caught on film lacking geeky nerdiness

George Marian

@Federal

Yes, there can be many difficult to diagnose problems with a PC. Which is the reason I believe that you can't be a day-tech. You have to care enough about what you do; to always want to learn more about it.

Case in point: when I upgraded to an FX5900 video card, it was my first video card which required a separate power connection. I put the puppy in and my system wouldn't boot. It had be baffled for a while and a friend of mine suggested -- sigh unseen -- that I needed to replace my power supply.

This went against most of my troubleshooting knowledge and intuition. The PSU in question is a 440 watt "beast," and it's still humming away; powering another friend's PC to this day. What I realized after that encounter is that as PSUs age they won't necessarily be able to provide the same amount of power as they did when new. (That, or the PSU wasn't capable of its rated wattage from the very beginning, which was never an issue before that video card came into the equation.)

That PSU would've been marginally acceptable to power my PC w/ that video card, if it was capable for providing the rated wattage. While troubleshooting, I ignored my concerns over that issue and dismissed the PSU as being a possible cause. Lesson learned.

That's the problem of the day-techs. If you're not dedicated to your craft, you don't necessarily retain these lessons and probably don't seek out new information. In your case, I would've suspected the motherboard after the memory. Lesson learned; the hard drive is part of the "memory" equation, in that it stores much of the the data that ends up in RAM.

BTW, I'm programmer, not a hardware guy. I've learned to troubleshoot hardware issues out of necessity. However, I believe that anything worth doing, is worth doing right.

The lack of that kind of focus for someone's job is basically the problem with the poorly paid techs that work for such companies. It's not even the sorry pay. Everyone's gotta start out someplace; and anyone can find themselves in a tough spot where they accept a job just to make ends meet. Not caring about your work, however, is unacceptable.

There are many good reasons for being in that position, but we still must strive to do the best that we can, no matter the conditions. I've been in that situation in the past, where the situation at a job lead to a decline in my performance. I don't beat myself up about it, but I still strive for my ideal of reaching for excellence with everything I do. (That's the reason I usually preview comments a zillion times before I finally post them. And I still miss some errors, but it doesn't stop me from caring enough to always try get it just right.)

George Marian
Thumb Up

Not an easy fix?

As if. One of the standard troubleshooting steps is to try known working parts in a "dead" PC. If you can afford a memory tester, even better, as you don't risk blowing your good stick(s) of memory in a possibly fault motherboard.

However, any tech that didn't -- at least -- try a good stick of memory in the PC isn't worth his/her rate.

I do agree that not all of them are necessarily bad techs, just inexperienced. Blame the companies first for not training them correctly, and the techs second for not learning off the job. If you're merely a "9-to-5" tech, you don't belong in the business.

Hackers hit back at iPhone update

George Marian

Car Analogy, done correctly

If I make some after market modification(s) to my car and the manufacturer comes along and bricks it, for whatever reason, I sure am going to be unhappy -- to put it mildly.

*That* is the issue. Not the warranty.