Energy, Poetry, Security

EU may tax US goods for carbon-carelessness

Leave a comment

Interesting to read that the EU has started to describe products from the US as cheap and dangerous due to the lack of environmental concern in American leadership. The global impact of the US pollution is something that deserves attention, but will higher tariffs or even an outright ban on American goods drive the changes necessary?

…products imported from the US being taxed to compensate for resulting differences in production costs. Thus EU firms would be protected against unfair, carbon-careless competition from outside.

This seems connected with another report that the EU is successfully alerting consumers to the risks of harmful products:

The European Commission has released figures showing a rapid rise in the number of dangerous goods withdrawn from sale across the European Union.

The increase is seen in Brussels as proof that an EU-wide alert system is working better to protect consumers.

[…]

Ms Heemskerk said that the high proportion of Chinese goods among those withdrawn said more about the volume of imports from China, than Chinese safety standards.

A European Commission source also said that China was co-operating with the EU by revoking export licences for some hazardous goods.

Will the US co-operate with the EU by revoking export licenses for carbon-careless goods? Or is the demand sufficient that the prices will just have to be increased in order to compel the European’s to seek more sensible alternatives.

Henry David Thoreau once wrote:

Live in each season
as it passes;
breathe the air,
drink the drink
taste the fruit,
and resign yourself
to the influences
of each.

Little did he realize how much risk would be introduced to those simple concepts by unscrupulous folks trying to make more money at the cost of everyone else. The influences are therefore not so much the air, drink and fruit, but the chemical treatment plant, the industrial rancher, the land developer….

History, Security

Microsoft drops price due to lack of demand

Leave a comment

This seems like a huge blow to the company’s origins. Pretty soon, as global regions prove less likely to succumb to anticompetitive tactics and are free to make a balanced comparison versus other products (especially in the area of security), Microsoft might have to just give their software away.

Microsoft software will sell for just $3 in some parts of the world in an attempt to double the number of global PC users.

Some people call this a business strategy to out-compete hobby-ware such as Linux, or an extension of the kill-collaboration manifesto that built the Gates’ family fortunes. In terms of locking consumers in to the Microsoft philosophy, the question will become whether people are stuck with a $3OS or if they can use another OS on the same hardware.

In related news, Iowa has settled their lawsuit with Microsoft:

Microsoft Corp. agreed Wednesday to pay Iowans up to $180 million to settle a class-action lawsuit that claimed the company had a monopoly that cost the state’s citizens millions of dollars extra for software products.

The $179.5 million settlement means individuals in Iowa who bought certain Microsoft products between 1994 and 2006 will be eligible for cash. Companies with multiple copies can seek vouchers that will enable them to buy computer equipment and software. The amount that can be claimed will depend on which product and how many copies were purchased during the 12-year period.

Amazing, especially when you look at what they determined as “overpayment” per user:

For each copy of Microsoft Windows or MS-DOS, customers can claim $16 per copy, Microsoft Excel is worth $25 a copy and Microsoft Office, $29 a copy.

Poetry, Security

Linux advertising campaign…

Leave a comment

I was desperately trying to escape the clutches of yet another Microsoft vulnerability announcement when a funny marketing campaign came to mind:

Because I want to spend time with my family…Linux

or how about this one

Because I want to make it to the game/dinner/appointment on time…Linux

The problem is that I was recently reviewing firewall rules and wondering why the network folks were opening up ports 1025-5000 for all the “secure” windows server segments. Apparently the fat Microsoft administration tools (running on various desktops around a company) like to have all the RPC ports open to them. Coincidentally, the latest remote exploit comes in through…you guessed it, ports 1025-5000.

Ok, you have to run DNS on the Windows systems to be exploited, but try explaining the options to a Microsoft windows administrator. They don’t seem to understand why the number of ports is excessive, or why you can’t call a segment secure if you have to leave it wide open. My favorite comment so far has been “but the perimeter protects us”, second only to “if we install an old unpatched version of Microsoft’s DNS do you think it will mean we won’t be vulnerable to this exploit?” Ha. I almost choked on my tea when I heard that one.

Because I want to maintain my sanity…Linux

If I could put together a flashy photograph/visual, I think it would show the back of a group of people at a wedding looking towards a bride and religious official, with someone conspicuously absent. At the bottom of the image would be a phrase something like

Keep your priorities straight…Linux

Then again, I’m probably not in marketing for a reason. :)

Security

BMC angry about vulnerability

Leave a comment

BMC Patrol has a critical remote exploit that needs to be patched. Not the most exciting news, but what I did find interesting was the attitude/tone of their announcement:

[This issue] has been addressed, and a patch has been made available to our customers. A flash bulletin has been created describing the patch and will be sent to all affected customers in the next few days.

So far so good, right? Then something odd happens.

BMC has a formal customer support mechanism in place to provide solutions to security issues brought to us by those who have legally licensed our software. In cases where security issues are brought to my attention by individuals/vendors who do not have legal access to our products, we will investigate their merit; however the issues will be addressed at our own discretion and according to our understanding of their severity.

Finally, please note that in the future, I will only communicate resolutions and workarounds to licensed customers who are using our software legally. For a more meaningful dialogue around these issues and to be notified of any available patches, I urge all licensed customers to use BMC’s support mechanism.

They are taking their ball and going home now.

If you want to try and tell them about a critical vulnerability, then you had better be a licensed user or they will pretend you do not exist.