RSS Feed25 November 2007
Slashdot Silliness: Eee Violates the GPL?
Slashdot has a story today about the new Asus Eee PC and how it may violoate the GPL.
Now, I'm something of an open-source zealot. I've been using Linux as my primary/only OS since 1998ish, I've organized Linux installfests, and I generally try to be supportive of open source things. But this Eee complaint is just silly.
It's entirely possible that Asus has violated the GPL. But, who cares? To me, the important thing is that they've released a really cool device that openly uses Linux. It's a Linux device that normal, non-geeky people will buy and use. And they'll know they're using Linux (unlike a Linksys router, which may use Linux, but most people who buy one will never know it). The GPL zealots are being stupid and counterproductive: instead of seeing the upside - a Linux device that's cool and easy to use, and might make people want to try Linux on their other computers - they bitch and complain about the fact that a tiny bit of the code may break the GPL. Way to advance the cause, guys.
23 November 2007
Stupid Password Systems
I'm going to rant about password systems today. Now, I'm not complaining about what everyone else has already complained about online: requiring 8 characters, requiring special characters, not allowing dictionary words, etc. These are all perfectly good rules: you don't want your passwords to be weak. Sure, they make it hard for people to remember their passwords, but that's just something people are going to have to get used to if they want to trust software with important information. Forcing people to change their passwords every 6 months is silly, and leads to more problems, but I'm not even going to complain about that today.
What I'm going to complain about today is systems that make you dumb down your password. You know, they don't allow special characters, or they truncate your password to 8 characters. It's ridiculous. Proper passwords, where any character is allowed, are just not that hard to implement. So why does anyone do anything else? All it does is make users angry.
Example time! I do my banking at Presidents Choice Financial. When I first went to set up my PC Financial account, they got me to choose a password for online banking. I was happy to notice that the system at the banking pavillion let me choose a good password (one of the ones I usually use for secure things). Then I got home and tried to login. "Invalid character in password" it said. What? You mean the password I picked at the bank isn't allowed? It sure would have been nice if the system at the bank had told me that, so I could have picked a different password. I ended up having to call tech support and get them to change my password for me.