I wonder when microsoft will get around to getting their vendors to stop accepting kickbacks for shitty adware on new systems.
This practice is one of the reasons why I still build my own desktop systems. Getting rid of the junk is a massive hassle, and restoration of the system from partition brings it all back.

I hate the usual crap that gets shovelled on too, but to be fair Microsoft have apparently been pushing against that for a few years now for exactly that reason. Of course, they need to tread carefully there for legal reasons: if they block, say, Dell bundling a limited-time version of Norton Anti-virus, Dell won't be happy (they lose the $5 or whatever kickback) and Symantec will probably lawyer up and come knocking, particularly with Microsoft offering their own AV product now. Remember all the fallout when they killed off Netscape, when they stopped IBM from bundling OS/2 as a dual-boot setup with Windows? We both know this is different, but Microsoft's lawyers are apparently paranoid about crossing that line again.
I'm told they also offer crapware-free machines in their own stores, which makes sense. I just wish they'd make OEMs ship a plain vanilla Windows install disk like they used to, no more "restore" BS - so anyone wanting a clean machine can just re-install.

The article does not make it clear that the satellite signals in question are those of ARINC's ACARS data system, developed in 1978.

Probably because ACARS was turned off hours earlier in the flight, back before the aircraft flew back over Malaysia! Had it been active, ACARS would have reported the aircraft's location, altitude, speed and other useful data, making finding it much easier; it was switched off with the other cockpit systems, though, leaving just the Inmarsat terminal's hourly "ping" active, so until the Doppler analysis, all they knew was the distance between the satellite and aircraft.

Unfortunately, 127.0.53.53 is a perfectly valid IP address already in use globally - try pinging it on most machines for proof. Remember, the loopback address is not just 127.0.0.1 - it's that whole /8 subnet, all the way up to 127.255.255.255. Indeed, two of my own DNS servers are bound to 127.0.0.53 right now (there's another DNS server bound to the public IP address, which forwards certain queries to this one).

This seems like a really, really stupid hack to me. If they are effectively revoking the domain, why not just return NXDOMAIN instead of bad data? Apart from the "people seeing it for the first time will be curious and go and Google 127.0.53.53 to see why", the rationale just doesn't hold up. Apart from anything else, returning that will cause mail servers to attempt delivery to themselves. Yes, it contains the traffic within the host - but NXDOMAIN would stop the traffic having anywhere to go too, and is the correct response. (One clueless hosting company did something very similar - any departing customer's DNS entries were updated to route mail to 127.0.0.1 - with the result mail bounced until the new delegation propagated fully. 127.0.53.53 would have exactly the same effect.)

Data capping isn't really relevant to that - a hundred megabytes of, say, LAPD beating up a suspect or university campus police tear-gassing non-violent protesters is no bigger a datastream than a hundred megabytes of my cat chasing his toy mouse round the floor, when it's being uploaded to the likes of YouTube; once it hits there, I don't think Google use cable modems to send it from their datacenters. A hostile power would just cut the connection, whether you have an "unlimited" connection or a pay-as-you-go one - as has happened a few times in recent disturbances (Egypt or Syria?) - they don't bother looking at individual data packages anyway.

The poster further up had it exactly, I think: it's all about killing off competition from Netflix, Amazon and Hulu. Any guesses why else it would be Time Warner and Comcast - i.e. the cable ISPs - pushing this, rather than AT&T and Verizon? (Not that those two would be unhappy either, of course: more money, an easier market for their FiOS and U-verse TV offerings - but it's obviously Comcast and TW who have the most to lose.)

Backdoor way of limiting bandwidth usage. On TCP/IP, really a "server" is just the one that sends SYN|ACK packets in response to SYN packets, rather than sending out SYNs - but ISPs latched on to "no servers" as a more marketable way to kick heavy users off without being honest about usage limits.

With cable, downstream bandwidth is more abundant and more efficient (the upstream channel is vulnerable to collisions, since there are multiple senders on a channel) so heavy upload usage can actually be a problem to some extent. On ADSL and its derivatives, though, it's only your own link you're filling up with upstream traffic: the backhaul connections are invariably symmetric, so those gigabit+ links between you and the ISP are only full up in the other direction.

I switched back in 2012 from "unlimited" (but no servers, dynamic IP, ports blocked, sending nastygrams to anyone using "too much" of the "unlimited" bandwidth) to an ISP with actual explicit usage charges (and a small routed subnet with no ports blocked). As long as it's legal I can do what I want: mail servers, web servers, the lot - I just have to pay a bit more if I download more. (It's download traffic that matters to them: upstream, there's bandwidth to spare, because the links are symmetric.) I hated the idea of usage-based charging - but I hate all the other restrictions more; at about $0.30 per Gb, it's low enough not to bother me as much as "unlimited, but use it too much and we cut you off".

I imagine 'E10' there is a reference to 10 Mbps metro Ethernet, something like the Ethernet in the First Mile approach. There's nothing inherently "consumer grade" about DSL itself: indeed, even E1 "leased lines" get delivered over HDSL or similar in some cases. Unlike cable, which is contended and prone to collisions, DSL gives you a constant bitrate (unless configured to vary to squeeze higher bitrates when line quality permits) point to point link, just like a conventional leased line - all the performance fluctuations of typical DSL Internet access come further into the network, where your 20 Mbps connection is sharing a 1 Gbps backhaul with a thousand others and gets choked up when everyone is streaming X-Brother Get Me Out Of Here or whatever. Give the DSL link dedicated or uncontended backhaul like leased lines have, you'll get the same performance too.

I can imagine them rewriting history, but in this case I doubt it; surely it would suit them better for him to have been a normal, competent employee at that point, who then went rogue later, rather than saying "oops ... yes, we saw all these warning signs, but forgot to do anything about it for a few years. Told you so - er, I mean, we would have told you so, if we'd been more alert..."

Of course, if you're really paranoid, you'd wonder if the CIA computers had been compromised by, say, some other agency with lots of expertise at breaking into high-value targets, and this report had been planted by them, maybe to divert blame for their own failed internal security...

Foxconn have the contract to assemble the Xbox 720 as well - not to mention Nintendo consoles. I remember pointing this out after a smug ex-MSFT blogger posted a link about Foxconn, bragging that Foxconn would never meet Microsoft's supplier criteria, so Apple must have lower standards...

That said, historical company towns that didn't force workers to use scrip [wikipedia.org] avoided some of these issues -- but that would mean allowing workers easily to exit the town by actually paying them real money, which they could take elsewhere.

Why am I suddenly reminded of stock options and the whole "vesting" concept, where if you leave too soon some of the paper you got as part of your remuneration becomes worthless? Not identical of course - I'm guessing even Facebook's "company stores" won't take stock options in payment - but there are more than a few parallels there.

On the other hand, it also sounds like a nice setup if it all works properly, and you'd still be free to leave if you wanted.

Did the HD get knocked back to PIO mode?

That makes sense - I had a machine showing similar symptoms, and eventually found this was the culprit. Windows has an error counter, and it seems that once the drive hits the threshold, Windows assumes it's not DMA capable - of course, in reality, it could just be cumulative random glitches over a long period of time, as it was in this machine's case. There was a little script I found which cleared the relevant registry keys so the drive would no longer be on the Windows "blacklist" of dodgy drives, ResetDMA.vbs, which is top of the Google results for that term at the moment; as soon as I ran that, the performance was completely different.

But there is a difference. Even my interlocutor would know that "oil change" is a euphemism. "turning off" sounds like it might be accurate!

I would just have said disabled instead - which would be accurate, yet also nice and simple.

I remember getting what I thought had to be a snail-mail phishing attempt: a poorly-worded letter from my (major) credit card company, printed badly on something resembling toilet paper with a dot-matrix printer, saying they wanted to check an unspecific transaction with me so I should call some phone number with my card details handy. Needless to say, it was actually genuine: phishers would probably have used a better printer...

There's certainly room for improvement - but even moving from Windows Update to Microsoft Update took them a while, and that was just a case of extending support to another of their own products! I never cease to be amazed by just how resource-intensive the update check is, either: check for updates on a machine with "only" half a gigabyte of RAM and be prepared for many minutes of disk thrashing as the process responsible blasts through the hundred Mb barrier; at one point last year, I tried a little race, Debian 'apt-get update/apt-get dist-upgrade' against MS Update. In the time it took the Microsoft offering to download and display the list of applicable updates, apt-get had checked and updated not one but three separate machines, all less powerful than the Windows machine - even though the Debian tool covered every application installed.

I'm not sure the current Microsoft Update could realistically be extended much further - it struggles badly enough under the current limited workload. I agree about the InstallShield abomination, too: my heart sinks whenever I find myself having to install and support an application which has been mangled that way.

Rather than extend the existing MS system, though, I think the best route might be an open third-party update mechanism, preferably with central administration facilities and policy support. Having helped support labs totalling a few hundred PCs in the past, I'd love to be able to see that Firefox, Thunderbird, AutoCAD and Virusscan are all patched up to date, or indeed to be told that those three PCs in the corner are behind on patches and need investigation. As it stands, half our applications will tell users (who don't have the necessary account privileges to update anything) that they need updating, irritating users and making us look out of date - the other half silenty wait for an admin user to run them, which may not happen for weeks.

Sure, I could try to shoe-horn every application into some third-party application management setup - but that's a whole new world of pain, expense and overhead. Why can't I just approve and install Firefox, then have a privileged service automatically update to new versions without needing local intervention? I can't go round 200 machines, logging on locally just to update the web browser every other week!

I did this for a while with a free subdomain (my last name .ath.cx); unfortunately, I did this when I registered a domain with Verio. The domain itself has long since expired, I haven't had any dealings with Verio for years - but verio@mylastname.ath.cx still gets spammed regularly, because it was automatically listed as the domain contact address in Whois.

There is a Mac application I use a lot now called 1Password, which keeps track of passwords and other details - it has a built in facility for entering your contact information and a secure random password on registration forms which works very well, so making it generate and use a one-time email address should be easy enough, addressing issue 2 quite well at least: Chase wouldn't object to 72d48f27@... - the first four octets of the MD5 hash of 'Chase' in hex - in the way it might to chase@... Similarly, your mail client could be programmed to send to each recipient using their own personal address for you, perhaps entering it only as a Reply-To (with no email address in the From field, just a name). Not as useful for personal contacts, business cards etc, but that's 2 and 3 dealt with at least.

I had that last summer; I got the impression this was a transitional thing, though, and that once the airlines get the system working properly it will just take your ESTA number instead. Mind you, I had to switch browsers just to get Continental's site to complete the process (otherwise, it hung just after entering passport numbers), so it could be a while before they get that far...