Pollywogs!

I had the pleasure of dealing with WonderWare recently. WonderWare is owned by Invensys, a really gigantic company. WonderWare has put out shit software and charged an arm and a leg for it for about two decades. Really buggy, piece of crap software. But, they have a virtual monopoly, so that is what you get, shitty products and outrageous prices. I’m sorry for complaining, please don’t punish me…but I digress…

—

A recent email exchange:

I went to log in to my account and was prompted to change my password (apparently my old expired?). I followed the prompts, entered my old password and a new strong password (I generated a 228-bit password) and hit submit. I was informed by your server that I entered my current password wrong. Knowing I had entered it correctly but for the sake of humoring the server, I tried again with a new 220-bit password. Again, it failed saying I incorrectly entered my current password.
At this point I believe the problem likely lies in the coding of the password software on the server. It is either not accepting the length or some of the extended ANSI characters in my password, but instead of correctly detecting the error it fails with the unrelated message that my original password was incorrect.
I’m not sure what to try next, as there are no guidelines regarding the password other than the minimum length. I’m really at a loss, and not even this Account Help page has any suggestions.
I’m nearly astounded by how little thought was put into this process, actually. Or, not surprised in the least, I haven’t quite identified this sensation yet…
Any suggestions?

Their reply:

Garrett,Without visibility to your password, it was reset to test your account.

Using the credentials below, I was able to login as you.

Please login with:

Userid: (my email address)
Password: (a fantasitcally insecure password)
Once logged in, please click on “Update My Account or Password” link on the left navigation panel to update your profil

Password should at least be 8 characters long.

>From there, your email address will be your userid.

Questions, please let us know.

Thanks,

Rosita Leong

Webmaster Admin

Wow, proofread much Rosita? I’m guessing English is not your first language…

My reply:

Yes, I set a ‘not very secure’ password and got in myself. I’ll try again and set a new ‘not very secure’ password. My problem was with the website not providing what the parameters actually were for an appropriate password, other than “at least 8 characters long”. It doesn’t say the maximum length, doesn’t say what are acceptable characters are, basically doesn’t give any direction on how to actually generate a real password (following the basic prompts, I generated a 48-bit password using lower case, upper case and numbers, which in a practical sense isn’t much better than having p4ssw0rd as a password). When I tried to craft a real password using a full character set and 32 characters, it failed with insufficient feedback to find out what I did wrong. Which is pretty much unacceptable behavior from a login system.

I guess I’ll check back from time to time to see if someone fixes the web page and set a proper password at that time.

Thanks,
Garrett

Yep. Settling for failure. Billion dollar multinational conglomerate. Continued, unending failure. Shit…I just remembered when I first started using InTouch (WonderWare’s flagship product) back in the late nineties, I couldn’t have the application explorer open or it would simply crash InTouch. A basic program functionality causing a crash to desktop, and they charged thousands of dollars for the product and shipped it to my door? I’m such a lucky guy! Sure, they release bugfixes and whatnot ‘for free’, but each very minor and incremental revision they force you to purchase an upgrade license (for thousands more) to stay on top of the latest REAL fixes and very minor upgrades. You’d be HARD PRESSED to tell the difference between InTouch 7.1 from 1998 and InTouch 9.5 from 2006, and yet they expected you to pony up a new wad of cash for each version between. The real difference? InTouch 9.5 crashes a little less. Whoopity fucking do. They’re getting pumped for cash, I’m getting pumped for cash, it is all a gigantic fucking cash pump from everyones pockets into these few rich cunts. Bottom lines. Profit margins. Cash pump. I need to break the cycle. I need to find a reasonable competitor and stop feeding the beast.

My contempt for WonderWare and Invensys (owner of shitty actuator maker Barber-Colman too!) literally knows no bounds.

The richest, most successful companies should be making the best, most polished and perfect products, no? Is that too much to ask? IS THAT TOO FUCKING MUCH TO ASK?!?!!

I typically post shit I don’t like (being only sensible considering the dangerous state of affairs) but this fine dreary saturday afternoon, I thought I’d post a few things that I ‘like’, instead.

—

http://solutions.3m.com/wps/portal/3M/en_US/O-Cel-O_US…

I never really minded regular old scrub pads (sponge on one side, abrasive pad on the other) until we got a set of nice cookware. I don’t really like the idea of teflon pans, but having to work with them this Ocelo pad is WONDERFUL. Just the right size, squishes right, holds the right amount of soapy water inside, the abrasive side is the EXACT RIGHT amount of abrasive: gets off shit you need to scrub off, doesn’t mark teflon. A really perfect product.

—

http://www.ultralifebatteries.com/datasheet.php?ID=U9VL-J

Nothing worse than throwing away alkaline 9V batteries every year out of your smoke alarm, and damn NiMH voltage sags immediately so the damn fire alarm start beeping after a week or two, so what can you do? Get a Lithium battery and forget about it!  Says 10 years on the package, lasts about four times as long as an alkaline, costs about $8 (you can pick them up at Wool’s True Value locally). A 9V Duracell runs what, $3? So they are cheaper per year and I don’t have to fuck around with my fire alarms as often? Oh yea, Lithium batteries contain no mercury or other toxic material and if incinerated or otherwise disposed of release no toxins into the environment. Why do they still make regular alkaline batteries again?

—

http://www.generalmills.com/corporate/brands/brand.aspx?catID=22291

Fiber. How the fuck are you supposed to get 30 grams, 40 grams or even 50 grams of fiber every day? Lemme tell you what, it ain’t from the typical American diet, that is for fucking sure. So, what is a mildly health concious person to do?

Buy some delicious fucking bar which somehow has 9 grams of fiber and yet doesn’t taste like ass. The Fiber One ‘Chewy Bars’ has 140 calories, 4g of fat, 29g carbs (9 of which are fiber), and 2g of protein. Apparently they get the fiber from Chicory Root (being the first ingredient and all), but it certainly doesn’t distract from the delicious chewy sugary chocolatetaste of the bar. Seriously.

Also: http://www.kraftfoods.com/ESI.NET/south_beach_diet…

South Beach Diet Cinnamon Raisin bars are CRAZY DELICIOUS!!! 140 calories, 5g of fat, 15g carbs (3 of which are fiber), and 10g of protien. The magic ingredient in these are ’soy nuggets’, which sound like eating bark and twigs, but the fucking bars are soooooooo yummy for breakfast…

—

http://www.amazon.com/Mallory-994-Maxx-Ice-Scraper/dp/B000BQK526

The Mallory 994 ice scraper. Not very glamorous, but a very nice little device. I like long bladed scrapers, but where the hell am I supposed to hide them in the car? This little bastard tucks nicely in the pocket on the door, has a nice foam handle in case I’m not wearing gloves. Oh, and it is made in Canada (a plastic item not made in China???) and only costs like $3. Teh win!

—

Alright, that is my mini ‘things that don’t piss Garrett off’ post, hope you enjoyed it. The next installment will likely be a couple things I’m reading in various magazines (I had a ton of airline miles which were expiring, so instead of letting them ‘disappear’ into Magic Airline Mile Vanish Expiration Land I now have like 8 magazine subscriptions I’m trying to plow through).

—

Found this via reddit at http://assets.huffingtonpost.com/posters/poster5.html 

Pretty much says it all, no?

—

This is worth your time too.  Read something digusting today about televangilists, apparently it is a faith-based ponzi scheme, and a terrible travesty against, well, pretty much everything.  I may expand on this later…

…alright, you can get your mind out of the gutter now…

—

Back Orifice is a ‘trojan’ or a ‘remote network administration tool’ depending upon how you us it. I recently had an interest in remote access, and was wondering how to make it easier to traverse firewalls. As the vast majority of people on the Internet are now using firewalls and routers, having to have ‘clueless n00bs’ open ports for remote access ends up being quite an ordeal. However, the vast majority of people on the internet have firewalls and routers which only prevent incoming connections, the assumption being if your computer is sending it, you must think everything is A-OK with the data being sent. So…funny thing, not bothering users regarding outgoing communications…

I downloaded BOK2000 and spent some time playing around with it. Added plugins for security and reverse connections (the primary thing I was interested in). Reverse connections mean that once the server is running, it phones home, punching right through their firewall and router and back to the originators computer. After playing for a bit, I decided to try out infecting a ‘hapless victim’ so I emailed everyone in the office a ‘Hilarious ScreenSaver.zip’ file and waited for the incoming connections. Amusing from my point of view I suppose…

Having the remote server connect back to home is a genius idea as it is only detectable by someone actually paying attention. Who runs a real firewall these days? Or regularly checks their router’s logs (assuming their router even generates log files). The only thing which may catch it is an antivirus, and there are enough botnets and infected computers out there to show that huge swaths of the population are very willing to run strange .exe files, don’t use any real firewall protection and either don’t use a realtime virus scanner or never visit an online virus scanner…

You have run a virus scan recently, right? You wouldn’t drive your car with bald tires and no oil in it, so why be reckless with a computer?

With the concept of ’someone is in my house right now (or trying to get in) who has complete control over my computer without my knowledge, and yet I don’t want the expense or ass-grinding slowness of a realtime antivirus to help fight them off’, here are a couple links to free online scanners:

http://virusscan.jotti.org/ - this is neat, a website that submits your “file in question” to nearly every online scanner out there, and then provides the results to you.

http://www.bitdefender.com/scan8/ie.html - if you use IE, I really like BitDefenders scan.

http://www.eset.com/onlinescan/ - NOD32 is ‘hardcore’, but also requires IE. Very, very thorough! If you run BitDefender and then NOD32 back to back, you’re probably cleaner than a nun…

http://housecall.trendmicro.com/ - I’ve been pimping Housecall for years (not-so-interesting fact: I was running a 600Mhz Duron processor in 2000). Works with Firefox, finds a very wide range of problems. Me likely!

And, for your inner ‘conservative’:

http://www.tucows.com/preview/213160 - Sygate Firewall, my favorite incoming/outgoing firewall. It won’t let your computer blink an eyelash without you knowing about it…

http://www.avast.com/eng/avast_4_home.html - Avast Antivirus, my favority free realtime antivirus. Along with a firewall, it will slow your shit down and make life more complicated. But it will keep you safer.

Combined with Sygate, think of them as ‘Big Government’ for your computer…actually, I guess instead of free solutions you should go buy the most expensive, intrusive and ineffective software suite you can find (if you really want to express your ‘inner neocon’)…

I get on song kicks. My current kick is Cortez the Killer. Luckily it is pretty damn easy to butcher on the guitar.

Turn down the lights, fire up whatever you may fire up, and turn up the music:

Neil Young kicks ass.