Hey! Why does my Windows 10 system boot up with a picture of a penguin?

And it's probably made in China. Just like the real thing.

By that time, however, they'll probably seize the factories and start producing Terminators.

Actually, if it would cut down on the idea that a corporation had to wring as much profit out of each quarter as possible, even if it hurts the long-term prospects...

Maybe we're on to something here!

Phone companies most definitely know which of their resources are being employed to make calls with. They BILL for those resources and each and every call gets logged. Those logs are also required to be available for (allegedly) authorized law enforcement agencies and they're one reason why the old movie trope of "keep them on the line while we trace this call" is bogus. If the connection was made at all, no matter how briefly, there's a record constructed by automated equipment.

Naturally, if the true origin of the call is coming in from some other source, the phone company can only trust whatever ID came in from that source, but they definitely know where the call itself came from and that means that law enforcement can then track back until such point where they cannot gain any sort of co-operation. Even spoofing via Internet phone can be tracked if you're determined enough.

Yes you can. I did, in fact. I had the callerID route to a Perl script that screened incoming numbers. Not only did it filter out unauthorized callers, I even had it playing different ringtones.

One of the vilest calls I've ever received is one where a robotic voice says "IRS (sic) has filed a lawsuit against you".

"The" IRS, or as they'd be more likely to identify themselves, the Internal Revenue Service of the United States of America" doesn't call like this. They use the US Postal Service, for one thing. For another, they don't use "English" phrasing constructs, because they're American.

This particular scam is blatantly intended to terrify the recipient into calling back the (Indian) call center who will then supposedly proceed to further the scam. However, if you check with the "who's calling" websites for comments, you may discover that like a lot of such scams, their agents are too incompetent to actually hook anyone not in advanced stages of Alzheimers or under 5 years old.

And speaking of "who's calling", such sites are a ready-made black-hole list for phone numbers someone else already answered so you wouldn't have to.

The real question: Did they get The Low Price Always[TM] for their IT services?

This is somewhat deceptive. Sonatype supports Maven component archives.

One of Maven's chief claims to fame is that when you build a project, it doesn't grab "the latest" versions of dependencies, it grabs the selected versions of dependencies. On the grounds that "If it ain't broke, don't fix it".

This ensures a predictable product because everyone who does a build, no matter when, no matter where, will be pulling in the same resources to build with.

The problem arises when one (or more) of those selected component versions turns out to have issues. The build ensures that the product will be consistent, and thus will pass its own tests, but as the old observation goes, testing cannot prove the absence of bugs, only their presence. So if there was a vulnerability, an old project's tests wouldn't see it. And because you're asking for a specific library release version, later fixes don't get automatically included (of course, neither do later breakages, but they ignored that aspect).

In theory, then, this is simple to fix. Just update the project (POM) to pull in newer, better dependencies.

And the NEXT version of Windows will fix all your problems, and I've got a very nice bridge in NYC for sale cheap.

If you're working on a project, you generally have all you can do to keep up with issues in your own code, let alone some supposedly trustworthy third-party libraries. You cannot afford to be constantly updating the dependency versions and even if you could, there's the issue of "dependency Hell", where changing the version of Hibernate can conflict with the version of slf4j which can conflict with junit, which can conflict with... I usually like to budget 2 or 3 DAYS when I'm ready to start upgrading dependencies.

Sonatype doesn't get a pass here, though. If they/Maven supported a mechanism that could flag builds that have known weak dependencies, it would help a lot. Management, of course, would promptly command it to be turned off to ensure "productivity", but at least we'd have some help short of periodically manually auditing every library in a complex project (like that's ever going to happen).

But the Enemy of My Enemy is my Friend. Right?

More to the point would be to compare this to the number of arrests for similar events with less intrusive measures.

Just because the customer purchases a product doesn't mean that he/she cannot simulatenously be a product. Which is manifestly what's going on here.

And they apparently did use "1984" as an instruction manual.

It's a Comfort to me. Like a Big Brother watching over me wherever I go!

One of the reasons I rented was that I'm tired of having old units accumulate.

In reality, however, I rent so long that by the time I'm done with the equipment they don't want it back anyway. I would have saved money by buying it and I'd still have an old unit cluttering up the place when I was done with it.

The full text should have read:

Seriously. What went wrong? Employers used to not think they were entitled to perfectly-shaped disposable cogs. They not only brought new hires' skills in line with their needs, they imbued them with the corporate culture and philosophy, ensured that they were kept trained or retrained, and in exchange avoided the continual expenses that come from bringing a new, untried person who doesn't even know where the paper clips are kept. And, as an added bonus, the employee might feel loyal enough to put a little more of themself into the company's ongoing fortunes.