Don't know why you posted a question as an Anonymous Coward, but... .

1) Comcast's filters notice you're infected; for example they see your machine send 200,000 emails in a day.

2) You request a webpage.

3) Regardless of the webpage, they can intercept the HTML on its way to your browser and insert something like (don't know how much code Slashdot will let me post but here goes)

(wait for HTML tag and body tag)

document.writeln('');

(send the rest of the page)

With that inserted, your browser will now call out to Comcast's servers and load that .js file. That .js file runs inside the page, so it can do anything any other script could do, like:

var div = document.createElement('div');
div.innerHTML = "You've got a virus! You've sent 200,000 emails a day non-stop for a week - or at least your infected machine has without your knowing. To fix it take the following instructions ... blah blah ... to validate this message is a legitimate Comcast notice ... (this is going to be the really difficult part for them)";
div.style = 'position:absolute;left:50%;top:50%;margin:-100px 0 0 -200px;width:400px;top:200px;background:#fff;border:3px solid #00f;z-index:1000';
document.body.appendChild(div);

That puts a nice large box up in the middle of the page with that message. What's going to be really difficult is making it clear this is real, and doing it in a less-obtrusive way - for example stuffing it up at the top of the page and giving you an easy way to make it go away.

I think email and free antivirus software are better ways of notifying you (make a deal with McAfee to be able to send your own antivirus alerts via their software)

Why did you link to a song as proof you remove viruses? I'm not anymore confident you remove viruses regularly, but now also find your song-writing skills suspect.

I think everything Comcast did in the above situation was appropriate except:

1) They should have notified you somehow of being part of a spam network. If they can't get ahold of you or you ignore notifications, I don't see blocking outbound SMTP as wrong on their part.

2) They should have offered you as much data as possible on that. I'm betting they offered you no data not because they didn't have it, but because they people *you can reach on the phone* don't. The people you're talking to are buried in a call center with call scripts about how to reset your modem and reboot Vista. They don't have access to the data Comcast found, but you can bet it's somewhere. It just takes software - and a decision to invest in it - to get it to you. That seems like something they definitely should invest in.

I think if they can say to customers, clearly, "Here's the amount of spam you've sent for the past month," you'll get a MUCH stronger response from technical and non-technical people alike. Say it in real terms, especially if you've already got all the numbers.

Yes, that's an interesting point - if they detect malware on your system, they could do several things:

1) Notify you. I think a small Comcast notifier installed on your system would actually be more trustworthy than a message inserted into a webpage, but it would cover a lot fewer customers. Since Comcast has a deal with McAfee to deliver free antivirus software, they could co-brand the software and send messages through that instead, which would feel even more appropriate and trustworthy to the customer - anti-virus software notifying them they have a virus. Very reasonable.

2) Block SMTP traffic coming out of your machine. That would prevent any chance of your machine being used to send spam, which is the majority of what these bot networks are built to do. You may not even need to notify customers they're getting SMTP blocked; the set of users that run their own legitimate SMTP and the set of users letting a bot carry on on their system is likely a very SMALL overlap. But the notification catches that small overlap nonetheless.

At the same time I think Comcast might be missing a critical opportunity here. By automating this they reduce the "taken care of" feel to helping you through a computer virus. Statistics show that a customer you treat well is happy, but your happiest customers are the ones that had something go wrong, and you took the time to help fix it. An automated webpage message takes Customer Service out of the loop. That doesn't mean it can't still feel like Comcast is helping you through it, but it's more difficult to pull off.

I think Comcast's best move would be for whatever notification they show you to take you to a log of what horrors your computer's been up to - "247,000 spam emails sent in the past month" - things like that. Give the user the full diagnosis and what awful things are going on underneath their fingers. Then help them fix it with antivirus that has strong auto-remove features.

Agree as well. Go Comcast for trying to do something about the massive bot networks in the world. If we can take American machines out of the mix we might take a lot of horsepower out of these massive networks.

Going to vote the other way here - I had Comcast in Boston and the Silicon Valley area and they were excellent in both locations. I'm stuck with Time Warner now and miss them every time Time Warner's service goes down, which has been once a month for the past 5.

Comcast has been very effective in many areas, including reasonable channel selections instead of some of the insane stuff you have to pick over on other companies, getting a lot of last mile wired up over fibre optic and then delivering just the last smigeon over normal cable lines, and just generally doing a good job. Maybe people complaining about them need to live with another cable internet provider to see how bad it can get... .

This is a very good solution but it can still paralyze you if someone:
* Opens an important record
* Gets distracted
* Leaves for vacation for 2 weeks

Now their PC is locked with the page open and constantly polling, the record is locked forever, and people are angry. This can be solved with a message like
"This record is locked. _Take Control of this record_" - Clicking it would up-end the equasion - in order to keep control the other user has to click a "I'm still editing" link within a minute. This would solve not only the vacation disaster, but the lunch annoyance.

Depending on your resources and how large a "Record" is, you may consider getting more granular as well. You could lock by field, or form section, to capture use cases where for example "I'll type up the client notes, you update their contact info to fix any errors you find, and we'll call them about this as soon as possible."

"we saw a retrofitted Dell Adamo hit the Windows desktop in 20 seconds, while a Lenovo T400s with a fast SSD got there in under 10."

It's frustrating that this is what we're supposed to get excited about. I have a Win XP box I built years ago that boots in 10 seconds. It uses hardware that might cost you $400 today. All I did was pick a Bios that didn't have a lot of silly prompts you couldn't turn off, put in a fast hard drive, and, well - ran XP which doesn't eat up every last resource like 7 and Vista do.

What's even sadder about these numbers is that seeing the "Windows desktop" in XP means I can begin browsing the web or watching Hulu right now; in Windows 7 it means you've still got a long road ahead of you before anything actually WORKS.

Yeah, Joel sometimes has useful things to say; this is not one of them. It's a very knee-jerk "as a manager I like to save money" response, and it isn't helpful.

The Duct-Tape Programmer is the programmer whose work I get paid to come in and fix.

The programmers that do a good job up-front and leave code that's easy to maintain have a real irony to them - they leave the door open to Duct-Tape Programmers. There's not much incentive to write maintainable code at most organizations, especially if you have one of these Duct-Tape types in your organization or looming ahead - because the results to a manager who doesn't ask any questions will always be the same: "The 3 months programmer 1 spent got me 30%, the 3 months Duct Tape spent got me 70%. Duct Tape is my guy." Well he got there by throwing maintainability to the wind and leveraging what that good programmer set out as a foundation.

Unlike this article, what would actually be insightful is legitimate information about the relative maintainability of code at a given point. There's no industry-standard way to assess code for how maintainable a code base is. Perhaps we need one.

The most obvious potential method that comes to mind is to have 10 programmers (probably Duct Tape) attempt to write 10 very small features in a few days. The relative success or failure of this would indicate to you the flexibility of the code as it was when this experiment was begun. This would be a fairly expensive way to assess code, but with 10 programmers actually digging in and having to deliver, you avoid the high-level "barely read the code/have an opinion anyway" opportunity, and you average out a lot of the obviously subjective nature of the results.

You would have to select your 10 small features carefully so that they ideally capture either a broad picture of the code, or a narrow picture around the kind of flexibility your organization cares about/expects to leverage soon. The strength of the results would rest largely on how well you selected the features tested.

In any case, I assure you, the Duct Tape Programmers of the world would get a very low score on any such assessment. It's something the industry could really use - without it it's only logical you'll keep seeing counter-productive opinions from decision-makers like the one stated in this article.

There's probably cheaper ways to do this than paying 10 programmers for 10 days. In Open Source projects you could hold contests with prize money for implementing the 10 features, and see what people gravitate towards and what they avoid - Feature A gets 1000 entries and Feature B gets just 1, and it failed - found a code maintenance problem. But maybe people here have even better ideas, that work for closed and open projects.

Mod parent up. This is the best solution.

Any prepaid with the ability to run Google Maps (besides the iPhone) gets you Google Latitude working, and lets you prevent it from being used as a conventional cellphone. It might also allow you to pick a relatively small device to mitigate burden of always carrying it around.

If you own the account that it reports to then this satisfies all requirements, 1-6, including it working on Linux (it's a web app), working on your phone (as long it's not an iPhone, it has Google Latitude built-in where you can view her location), and being able to turn it off because you just login to "her" account and disable it. Voila.

A lot of people take law and order too seriously and forget that a fully functional Democracy is not complete without individuals standing up to bad laws, or good laws in scenarios where they turn bad.

Put another way, if I exceeded the speed limit on my way to work today, should I write the state a check? In the town I grew up in there's one of those silly laws on the books that says you can't pass through the center of town with a turtle unless you're wearing a veil. Should turtle owners be turning themselves in?

No, and no, and your friend shouldn't be paying anyone either. Stand up for good, rational thought and do what's right. Delete the scam from her computer and install the real thing. And absolutely do not pay the scam artists.

The Intent-based system in Android would be nice for machines of all sizes. You code each screen with the ability to serialize itself out to a very small state, so that the OS can dynamically swap screens of an app (not entire applications, their individual screens!) in and out based on memory needs.

It's a programming nicety built-in to the overall system and happens to provide a lot of other nice advantages - like you could potentially "deep link" from one app to another using the right serialized states, or "bookmark" your place in an app, each with very little additional work.

As for the desktop itself I agree it's probably too simplistic for a larger screen but I imagine that part is easy to replace with something more elaborate... as they say, any[one] can make things bigger [and] more complex... .