Almost everyone's doing it wrong, that's why it doesn't seem to work in practice. 99% of the "agile" efforts I've seen used agile as an excuse to avoid whatever part of the SDLC annoyed them most.

Microsoft created registration-free COM and .Net assemblies over ten years ago. Both improve on the old registry-based library locating technologies. Picking on Microsoft for this is like picking on Ford for building the Edsel.

I never said that. I was only pointing out that your analogy was flawed because it was a buggy whip argument. If there were a major technological shift that made soda free, then stores would not sell it, and all of the stock on the shelves would be given away. What do you think happened to all of the buggy whips on store shelves after the transition to automobiles?

You're entire attack on my nullification of your argument was to assume I meant the most ridiculous thing possible and then attack that.

If you want me to make a more concrete argument, then here it is: the people who are pushing DRM today are in the distribution business. They used be a valuable and necessary part of getting music into the hands of consumers. Their services will be no longer needed soon, so they should find something else to do for a living before the well dries up.

So... they want to reinvent RADIUS... again.

If soda becomes copyable, then it becomes worthless. Same thing happens when a store buys two sets of Super Bowl hats and shirts printed with each team as the winner. Once one of the teams loses, half are junk. All in all, the world would be a better place if food became free (maybe not soda, but still), regardless of the fact that an entire industry would be out of business. Do you really want me to pull out the buggy whip argument?

I've worked for a training provider and seen this from the other side. Increasing your marketplace value is actually a negative for the employer. From that point forward the company has a higher chance of losing you. Some employers would contract with us for special training that omits sections that are big on the certification test and not relevant to the work the employee is doing for the company. I'm not suggesting that this was a good thing, but it shows that certification isn't necessarily a win-win.

Unfortunately, that would block pretty much all outbound calls from call centers. Any call center I've ever worked with calls for multiple clients. They attach the number of the calling campaign to the caller id, not their own number, since no one ever wants to call the call center, they want to call "tech support for Acme Bearings" or whatever. The client doesn't want the number tied to the call center because they use that number on all of their advertising copy. If the number were owned by the call center, then the client couldn't switch to another one. Even corporations that don't do outbound calling like to do fancy stuff like put their main switchboard number on the caller id of the calls placed from all of their sites.

So, in reality, most commercial calls use spoofed caller id. The whole system is based on it. It's technically trivial to put some data on a call that charges an arbitrary amount to the other parties phone bill. The only thing that keeps the whole system in check is the fear of getting caught. With systems like this, there will always be scammers.

Not really. My team has a great track record of our products passing security scans. We've never used mock hacking to find security issues in our code. We simply do rigorous code reviews against solid security principals. Some teams around us do the whole code-hack-fix thing, and they have a lot of security fix work every time the pen-testing tool is updated or changed.

I laugh every time I hear a colleague come back from some security class they were sent to and I find out that they spent five days running ten-year-old exploit tools against unpatched servers.

And here is the harm in the "If you're not guilty you have nothing to worry about" attitude. A lot of people act as if nothing can hurt them if they've done nothing wrong. These same people tend to look on those that protect themslves as guilty. The student may have been trying to appear innocent by cooperating instead of "acting guilty" by lawyering up so this would just blow over.

I look at it a bit differently. I consider readability and maintainability a core part of the craft of programming. I don't expect anyone to ask for them and I wouldn't compromise on them even if I were explicitly asked to do so. In my opinion, writing bad code is like being a doctor and taking shortcuts like not properly cleaning your instruments. Sure, you might be successful for a while. But, eventually it's going to cause problems.

Given the bad code I run into, my answer would usually be "when it fails, there is no way to figure out what went wrong". Just because the business requirements didn't specify error handling and logging doesn't mean it is superfluous.

The bug I triaged today involved a UI where if you added a record to a table and pushed the save button twice, it would make two rows in the database. The underlying problem was that the original programmer sprinkled a bunch of status flags all over the place in a highly disorganized manner and he forgot to clear the "new" flag after saving. If I fix it by clearing the flag after save, it will still be bad code, even if it meets all of the requirements. Whether code is good/bad and whether it works/doesn't are two different questions.

It could be that your organization has a high tolerance for bad code. If defects are unlikely to cause major problems and fixes are easy to apply, then bad code might be OK. But, it's still bad code. If all of your code has to be validated by an expensive third before deployment and defect cost lives or a lot of money, then you really should write good code.

Wait, being a good arguer is a problem to be wary of? Often, the better arguer is the one who sees the problem the clearest. Also, the inability to defend a position can be a sign of cargo-cultism. I'm much more wary of someone who calls everything they do a "best practice" without ever being able to describe the benefits of said practice. That's how hungarian naming gets adopted.

XP already uses NTLMv2. You really want to make it refuse to do NTLMv1 and LM. The link in the summary tells you how.

It won't be long before companies figure out how to get them to work. The Phillips L-Prize bulb uses the LED as a source of photons to excite a phosphorescent material. The actual light that the bulb emits comes from the outer surface of the bulb, so directionality of the LED is irrelevant, as long as they can excite enough of the phosphor.

... and when web sites require membership, the newspaper industry will bounce back. The public is not obligated to support anyone's business model.

This isn't "oh no, you're going to kill the Internet", this is about both sides having some level of power and letting the web mature to a point where everyone is happy. That won't happen if consumers don't voice their opinion. There's no social contract here, just a bunch of people that discovered that they can make money by putting ad supported content on the web. When that becomes a poor way to make money, some will do something else and some will become really good at getting ads through the filters. The world will move on.