Jacob's Blog

Saturday, May 17, 2025

Tuesday, March 28, 2023

Sunday, March 26, 2023

意外的发现

今天在浏览我的谷歌账户的时候，我意外的发现十几年前我创建的blog，有一种重新启用的冲动。高兴....

Sunday, July 20, 2008

It is long time to untouch the blog esp.blogspot, but today when I sit in the bed and wait for the uploading photo, I wonder here and superise that this blog could be visited in China again. Hope it is not a temperorily recover, and could last the time after the Olympic Games hold in Beijing.

Wednesday, October 03, 2007

DOS命令大全 -- DOS Commands

winver---------检查Windows版本 wmimgmt.msc----打开windows管理体系结构(WMI) wupdmgr--------windows更新程序 wscript--------windows脚本宿主设置 write----------写字板 winmsd---------系统信息 wiaacmgr-------扫描仪和照相机向导 winchat--------XP自带局域网聊天 mem.exe--------显示内存使用情况 Msconfig.exe---系统配置实用程序 mplayer2-------简易widnows media player mspaint--------画图板 mstsc----------远程桌面连接 mplayer2-------媒体播放机 magnify--------放大镜实用程序 mmc------------打开控制台 mobsync--------同步命令 dxdiag---------检查DirectX信息 drwtsn32------ 系统医生 devmgmt.msc--- 设备管理器 dfrg.msc-------磁盘碎片整理程序 diskmgmt.msc---磁盘管理实用程序 dcomcnfg-------打开系统组件服务 ddeshare-------打开DDE共享设置 dvdplay--------DVD播放器 net stop messenger-----停止信使服务 net start messenger----开始信使服务 notepad--------打开记事本 nslookup-------网络管理的工具向导 ntbackup-------系统备份和还原 narrator-------屏幕“讲述人” ntmsmgr.msc----移动存储管理器 ntmsoprq.msc---移动存储管理员操作请求 netstat -an----(TC)命令检查接口 syncapp--------创建一个公文包 sysedit--------系统配置编辑器 sigverif-------文件签名验证程序 sndrec32-------录音机 shrpubw--------创建共享文件夹 secpol.msc-----本地安全策略 syskey---------系统加密，一旦加密就不能解开，保护windows xp系统的双重密码 services.msc---本地服务设置 Sndvol32-------音量控制程序 sfc.exe--------系统文件检查器 sfc /scannow---windows文件保护 tsshutdn-------60秒倒计时关机命令 tourstart------xp简介（安装完成后出现的漫游xp程序） taskmgr--------任务管理器 tasklist /SVC--查看进程详细信息 eventvwr-------事件查看器 eudcedit-------造字程序 explorer-------打开资源管理器 packager-------对象包装程序 perfmon.msc----计算机性能监测程序 progman--------程序管理器 regedit.exe----注册表 rsop.msc-------组策略结果集 regedt32-------注册表编辑器 rononce -p ----15秒关机 regsvr32 /u *.dll----停止dll文件运行 regsvr32 /u zipfldr.dll------取消ZIP支持 rundll32.exe shell32.dll,Control_RunDLL ----------显示控制面板 rundll32.exe shell32.dll,Control_RunDLL access.cpl,,1--------显示辅助功能选项 rundll32.exe shell32.dll,Control_RunDLL sysdm.cpl @1－－打开系统属性 rundll32.exe shell32.dll,Control_RunDLL appwiz.cpl,,1－－－删除或添加程序 rundll32.exe syncui.dll,Briefcase_Create－－－－桌面上建立公文包 rundll32.exe diskcopy.dll,DiskCopyRunDll－－－－复制软盘驱动器 rundll32.exe shell32.dll,Control_RunDLL timedate.cpl,,0－－显示时间属性 rundll32.exe shell32.dll,Control_RunDLL desk.cpl,,0－－－－显示桌面墙纸属性 rundll32.exe shell32.dll,Control_RunDLL joy.cpl,,0－－－－－游戏控制器 rundll32.exe shell32.dll,Control_RunDLL mmsys.cpl,,0－－－音频属性 cmd.exe--------CMD命令提示符 chkdsk.exe-----Chkdsk磁盘检查 certmgr.msc----证书管理实用程序 calc-----------启动计算器 charmap--------启动字符映射表 cliconfg-------SQL SERVER 客户端网络实用程序 Clipbrd--------剪贴板查看器 conf-----------启动netmeeting compmgmt.msc---计算机管理 cleanmgr-------垃圾整理 ciadv.msc------索引服务程序 osk------------打开屏幕键盘 odbcad32-------ODBC数据源管理器 oobe/msoobe /a----检查XP是否激活 lusrmgr.msc----本机用户和组 logoff---------注销命令 iexpress-------木马捆绑工具，系统自带 Nslookup-------IP地址侦测器 fsmgmt.msc-----共享文件夹管理器 utilman--------辅助工具管理器 gpedit.msc-----组策略

Sunday, May 27, 2007

颈椎病的预防

严防急性头、颈、肩外伤：头颈部跌扑伤、碰击伤及挥鞭伤，均易引发生颈椎及其周围软组织损伤，引起颈椎病，故应积极预防。例如坐车打瞌睡，遇到急刹车，头部突然后仰，可造成颈椎挥鞭性损伤；有人生气时随意拧孩子耳朵，孩子为了防御而急性扭颈，或用巴掌打击孩子后头部等，均可引起颈肌及其周围软组织损伤；婴幼儿颈部肌肉尚不发达，颈软，如过早抱起或抱孩子姿势不合适，甚易造成过伸性颈椎损伤；有些青少年体育运动不得要领或不重视运动前的预备活动，如顶牛、头顶立、前滚翻及骑颈娱乐等，均可造成运动损伤。一旦发生外伤，除治疗软组织损伤外，还要及时治疗颈椎小关节错位，以防止发展成颈椎病。纠正生活中的不良姿势，防止慢性损伤：颈肩部软组织慢性劳损，是发生颈椎病的病理基础，生活中的不良姿势是形成慢性劳损的主要原因之一。例如，有人喜欢俯卧，为了呼吸，只能将头扭向一边，这样会发生1～4颈椎扭伤;有人平时姿势尚好，但当看小说、看电视时，习惯把头靠在床栏杆上或沙发扶手上，造成屈颈屈背扭腰等，这样会造成颈椎/脊柱椎间韧带损伤。合理用枕：成年人每天睡眠6～9小时，即每天有1/4～1/3的时间是在睡眠（枕头上）中度过的。人熟睡后，颈肩部肌肉完全放松，只靠椎间韧带和关节囊的弹性维护椎间结构的正常关系，如果长期用高度不合适的枕头，使颈椎某处屈曲过度，就会将此处的韧带、关节囊牵长并损伤，而造成颈椎失稳，发生关节错位，进而发展成颈椎病。合理的枕头必须具备两项：科学的高度和舒适的硬度。大部分人以自己的颌肩线（下颌角至肩峰的距离）或手掌横径，作为侧卧或仰卧的高度，此高度适合绝大多数人。枕头应有适当的弹性或可塑性，内充物以木棉或谷物皮壳较好。老年人的预防：50岁以上的人，脊柱多有退行性改变，因此更应重视预防脊柱病。枕头必须选用合乎个人规格的；天气寒冷时要注意保暖，防止颈肩受寒，尤其睡眠时颈肩部要保暖，以避免因冷刺激而发生落枕，诱发颈椎病和肩周炎；与人谈话、看电视、看电影或看书报，要尽可能正面注视，不要过度扭屈颈部。

Monday, March 12, 2007

Access controller specification

Access controllers generally provide port-based access control. When a user attempts to utilize a network-based application, such as a Web site via a Web browser, the access controller blocks access and redirects the user's browser to a login-in page. The user can then enter their user name and password, and the access controller will authenticate the user via an authentication server. The network application could, as an alternative, use digital certificates for authentication purposes. The authentication server provides authentication and authorization information that the access controller uses as a basis to regulate the user's access to the protected network. The user will have authorization to use specific port addresses, such as "port 80" for Internet browsing.

When shopping for an access controller, assess the following features:

Authentication. Most access controllers have a built-in database for authenticating users; however, some offer external interfaces to authentication servers such as RADIUS and LDAP. Keep in mind the number of users and scope of your network when determining which authentication server type to use. For smaller, private networks, an internal database may suffice. If you plan to provide nationwide access, then an external centralized authentication server will provide better results.

Link Encryption. Some access controllers provide encryption of data from the client to the server and back, using such security as IPSec and PPTP encrypted VPN tunnels. This provides added protection beyond what 802.11 WEP provides. Be sure that that the access controller protects the transmission of user names and passwords.

Subnet Roaming. In order to support roaming from one network to another, access controllers general provide subnet roaming that allows users to roam without needing to re-authenticate with the system. As a result, users can continue utilizing their network applications without interruption. This feature is especially useful for larger installations where access to the network for specific users will span multiple subnets.

Bandwidth Management. Because users share bandwidth in a wireless LAN, it's important to have a mechanism to ensure specific users don't hog the bandwidth. Access controllers provide this form of bandwidth management through the assignment of user profiles based on required quality of service levels. A profile specifies the types of services (e.g., Web browsing, video streaming, etc.) and throughput limit. For example, an unsubscribed visitor to a public wireless LAN could classify as fitting a "visitor" profile, which may only allow access to information related to the local hotspot and online subscription Websites. A subscriber, however, could have a different role that allows them to have access to the Internet at a throughput of 128Kbps. For users paying a premium, they could have higher throughput access, perhaps 3Mbps, for fast downloads and access to other higher end applications.
Access controllers aren't always the best solution for wireless LAN applications. If you're implementing a smaller network for a home or small office, then there may not be enough benefit to offset the thousands of dollars for an access controller. With only one or two access points, the more cost effective solution is generally to use a "smart" access point to provide enhancements to the network. Or, you might only need to deploy "thin" access points alone if security is not of major concern and you have a limited number of users.

Saturday, February 24, 2007

Can Contactless Credit Cards Be Hacked? 5 Tips to Stay Secure

Although RFID (Radio Frequency Identification) is still a tough sell to a many people, millions of contactless credit cards have been issued over the past year. Issuing banks are increasingly making RFID cards the default replacement card, and banks aren't required to tell cardholders that the new cards are RFID-enabled. Some contactless cards have visible microchips, but others don't, so it may be difficult to know if you own an RFID card.

The lack of knowledge about what type of credit card you have in your possession is just one part of the security problem. Other issues, like a misunderstanding about how these cards operate, create yet more reasons why you need to become proactive about your credit card security. One way to become more secure is to learn about what makes this technology "hackable".

Can Contactless Cards Be Hacked?

The only difference between a contactless credit card and a regular credit card is the way that your card's information is transmitted at the point of transaction. Instead of using the traditional magnetic stripe (magstripe), the contactless credit card uses a "tag". The tag consists of a semiconductor ship or set of chips and an antenna that relays radio frequency signals into and out of the chip. This passive RFID technology creates a fear factor for most people who don't understand how it works. In some cases, however, this fear is reasonable.

The problems behind this technology as utilized in credit cards lie in three distinct areas:

The information contained on that chip.
Whether that chip is secure or insecure.
The radio frequencies and data transfer standard used to activate that chip.

The information contained on your contactless credit card may contain the same information that can be found within the magstripe in your traditional credit card. This information varies from issuer to issuer, but in essence your contactless card's chip will include your name, address, card number, and card security code. It may also include or be tapped into information about your birth date, social security number, and any other bits and bytes that you would deem highly sensitive and personal. Even at their tiny size, the chips contained in contactless credit cards can contain megabytes of memory.

As with any technology, issues often are addressed in "second-generation" products. Contactless cards are no exception. In first-generation issue, some cards were "open" to name and credit card number theft, but the security code couldn't be stolen. However, retailers often allow purchases without that security code, so the fact that a thief wouldn't have that code becomes moot.

Second-generation cards, like the Visa Contactless card, no longer send the cardholder's name, but it can still send the card number to malicious scanners. The argument as to why this security measure is better is that the card number would be difficult to use without the cardholder's name.

The chips used for contactless credit cards are, by most accounts, secure. A chip's memory can be altered as in a read/write program, and these "dynamic" chips are supposedly encrypted in credit cards. This means that the chip will contain some fixed information that can be programmed on the chip only once, like your personal information. Then, the chip may also contain a sophisticated processor that executes cryptographic elements that protect static data.

The chip contains an antenna that allows that chip to communicate with a reader through a radio frequency (RF). This is where the mystery lies for many folks, as this information often sounds as cryptic as the security issue. But, an understanding about this technology is critical in your quest to protect your identity and your privacy.

RFID credit cards rely on a reader to supply energy to its chip through the reader's RF field. The chip picks up the reader's energy, powers up, receives commands and/or data, processes it, and communicates back with the reader. This communication prevents identity theft from readers from a distance, but a malicious scanning device could still be able to read any card that can be read by a legitimate reader. The common RF used to activate the tags and readers for credit cards is at a higher frequency than the ones used in tagging animals or in many supply-chain management systems. The frequency chosen by most credit card companies is the 13.56MHz frequency with data transfer rates of ISO 14443.

The reader's 13.56MHz frequency seems very low, especially when compared with items such as current mobile phone systems that operate at ultra high frequencies between 800 and 1800 MHz. But, in reality, the 13.56 MHz frequency is mid-range with an operating distance that would depend upon the tag size and the reader type. Proximity can be close to one meter, or 3.28 feet.

The ISO 14443 standard for transfer rates was chosen to modify the 13.56MHz frequency. The ISO 14443, put simply, is a four-part international standard [PDF link] that was created for contactless smart cards that operate at the 13.56MHz frequency in close range with a reader antenna. It has a generally accepted read/write range of up to 10 cm, or four inches. ISO 14443 accepts authentication mechanisms such as encryption.

The transfer rate is also affected by certain materials placed between a reader and the chip. If metal is placed between a reader and a tag, the RF will be deflected. This is why thin sheets of metal are placed in biometric passports, to protect your information when the passport is closed. This response to metal is also the reason behind a new market for metal sleeves that claim to protect your biometric passport and your contactless credit cards from theft.

But while metal currently can create noise between the card and the reader and while it can also detune both reader and tag antennas, it's also possible to bypass this problem with the right frequency and data transfer standard. The ability to bypass metals to maintain "conversation" between the tag and a reader continues to evolve. So, eventually, this will be one problem that won't be resolved simply by wrapping your credit card in aluminum foil.

With that said, it's time to offer some tips on how to protect your contactless credit card and its information. When Texas Instruments, an industry leader in RFID technology and the world's largest integrated manufacturer of RFID tags, warns [PDF link] that the consequence of a successful compromise in the use of the tags is "large to enormous," it's time to take matters into your own hands. Below are five tips that should help you on your way to being more secure with your contactless credit cards.

Five Tips for RFID Card Security

Take a pro-active role with your financial tools. Unlike the card's passive technology, you need to take a proactive stance to protect your information. Call your credit card company and ask them if your current card is a "contactless" card or a traditional card. If they've issued you a contactless card, you have one of two choices: 1) Ask for a traditional card, because you refuse to use the RFID technology, or; 2) Ask the company about the finer points to their system. If you go the second route, then…
Ask the credit card company about their RF and ISO. If the numbers match those shown above, great. If not, ask why and demand detailed information. The bank may be using more advanced technology that may surpass the information above (yes, the technology is moving that quickly). Beyond this, if the bank states that the information on your card is "static," then destroy that card. The information on that chip must be "dynamic" to enable encryption on data transmissions. If your chip is dynamic, then…
Ask the credit card company about its encryption methods. The encryption on contactless credit cards can contain from 32 to 128 bits for security. The fact that this encryption is enabled on a dynamic card allows the reader to alter certain information from transaction to transaction, and this is a good thing. But, even these encrypted cards can be compromised. So what do you do about that problem?...
Ask about the credit card company's fraud detection and any other prevention measures. Unfortunately, credit card information ― even that contained in traditional credit cards ― is open to theft. As recently as last year over forty million credit cards were exposed to potential fraud due to a security breach that occurred at a third-party processor for payment card transactions. And, that's just one story about credit card hacks. Perhaps the question here isn't about credit card security so much as it is about how you can protect yourself against your credit card company. So be diligent about your records and transactions. Make sure that what you do corresponds with your credit card statements.
Be careful where you shop. As any technology grows, its capabilities to cover security issues probably will remain just one step behind the hackers. Retailers failed to keep up with security issues in a safety measure led by Visa in 2005. So, at times the credit card company isn't to blame. You also need to be careful about where you shop online or at your local brick-and-mortar. The one question you might ask that retailer: "Do you use the card's ID code (or other measure) to finalize transactions?" If the answer is a resounding, "yes," then your transactions may be safer at these stores than ones that go without that extra security measure. The Smart Card has forced some retailers to understand the obligations they have to consumers, so this new technology may make your transactions safer.

Technology by itself is neutral. It's the people who handle that technology that need to be questioned. So, begin by questioning whether you own a contactless credit card and go from there. If you want to know the worst fears that people harbor about this technology, you can visit CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) so you know which questions to ask about your cards.

On the other hand, you may realize that this technology isn't going to disappear and that it may become a more secure method for transactions than traditional credit cards. You can frequent the non-profit multi-industry association, Smart Card Alliance, to learn how this industry plans to secure your information and your privacy now and in the future for your peace of mind.

A wikiHow article on How to Avoid Colloquial (Informal) Writing

----------------

Your friend just sent you the following article from wikiHow.com:

How to Avoid Colloquial (Informal) Writing
While it may be acceptable in friendly e-mails and chat rooms, a major pitfall that has been bringing down the quality of formal, written text is the use of excessive colloquialism. Here are some steps/tips that you can follow to help to improve your overall writing.

You can view the rest of this page at:
http://www.wikihow.com/Avoid-Colloquial-%28Informal%29-Writing

wikiHow is a collaborative writing project aiming to build the world's
largest how-to manual. Our mission is to provide free and useful instructions
to help people solve the problems of everyday life. wikiHow is a wiki, which
is a website that anyone can write or edit. You can help us, by editing any
page on wikiHow which needs improvement.

http://www.wikiHow.com - The How-to manual that anyone can write or edit

Friday, February 23, 2007

西门子难道也产杯子？

今天到表弟家去过年吃饭，偶然在楼梯过道中发现印有Siemens商标的茶杯包装盒，心里充满疑问西门子难道连杯子都生产？不知有朋友知晓不？

Saturday, February 17, 2007

C\C++ Boundary and Error Check (2)

Sample:

//ilist 中普通版本的insert()操作
//以一个待插入的值以及一个ilist_item 指针作为参数,新的项被插
//在这个指针所指的项的后边
inline void
ilist::
insert( ilist_item *ptr, int value )
{
new ilist_item( value, ptr );
++_size;
}

一种方案是通过调用C标准库abort()函数来终止程序该函数在C头文件cstdlib 中.

#include<cstdlib>
// ...
if ( ! ptr )
abort();

另一种方案是使用assert()宏来终止程序,但首先要声明引起断言的条件.

#include<cassert>
// ...
assert( ptr != 0 );

第三种方案是抛出一个异常例如

if ( ! ptr )
throw "Panic: ilist::insert(): ptr == 0";

一般地我们应该尽可能地避免终止程序.终止程序实际上是对用户落井下石,而我们或者支持部门可以分离并解决这些问题.

如果我们在错误点上不能继续处理,那么一般来说抛出异常比终止程序更好一些.异常会把控制权传送到程序先前被执行的部分,而它们有可能能够解决这个问题.

assert()是C语台标准库中提供的一个通用预处理器宏.在代码中常利用assert()来判断一个必需的前提条件,以便程序能够正确执行.

为了使用assert() 必须包含与之相关联的头文件

#include <assert.h>

assert.h 是C 库头文件的C 名字,C++程序可以通过C库的C名字或C++名字来使用它,这个头文件的C++名字是cassert

#include <cassert>
using namespace std;

assert宏将会判断表达式，如果一个表达式为真，执行将继续，否则，程序将显示一条消息并且暂停，你可以选择忽视这条错误并继续、终止这个程序或者是跳到Debug器中。

如何使用一个ASSERT宏去验证一个语句。

void foo(char *p, int size)
{
ASSERT(p != 0); //确认缓冲区的指针是有效的
ASSERT((size 〉= 100); //确认缓冲区至少有100个字节
// Do the foo calculation
}

这些语句不产生任何代码，除非—DEBUG处理器标志被设置。Visual C＋＋只在Debug版本设置这些标志，而在Release版本不定义这些标志。

两个assertions将产生如下代码：
//ASSERT(p != 0);
do{if(!(p != 0) ＆＆ AfxAssertFailedLine(—FILE—,—LINE—))AfxDebugBreak();
} while(0);

//ASSERT((size 〉= 100);
do{if(!(size 〉= 100) ＆＆ AfxAssertFailedLine(—FILE—,—LINE—))AfxDebugBreak();

} while(0);

If语句将求取表达式的值并且当结果为零时调用AfxAssertFailedLine()函数。这个函数将弹出一个对话框，其中提供三个选项“取消、重试或忽略”，当你选取“重试”时，它将返回TRUE。重试将导致对AfxDebugBreak()函数的调用，从而激活调试器。

我们的实现能够识别空指针,并将其视为把value 插入链表头的请求

inline void
ilist::
insert( ilist_item *ptr, int value )
{
if ( !ptr )
insert_front( value ); //将value插入链表头
else {
bump_up_size(); //++_size;
new ilist_item( value, ptr );
}
}

直接返回给掉用者处理

inline bool
ilist::
insert( ilist_item *ptr, int value )
{
if ( !ptr )
return false;
else {
bump_up_size(); //++_size;
new ilist_item( value, ptr );
}
return true;
}

//声明一个ErrorCode的枚举
enum e_Error{
e_ErrorOK,
e_ErrorNullPointer,
……
}

inline e_Error
ilist::
insert( ilist_item *ptr, int value )
{
if ( !ptr )
return e_ErrorNullPointer;
else {
bump_up_size(); //++_size;
new ilist_item( value, ptr );
}
return e_ErrorOK;
}

C\C++ Boundary and Error Check (1)

Sample:</br>

void CopyData(char *szData) {
char cDest[32];
strcpy(cDest,szData);
// 使用 cDest
...
}

char *szNames[] = {"Michael","Cheryl","Blake"};
CopyData(szName[1]);

缓冲区溢出是指当计算机程序向缓冲区内填充的数据位数超过了缓冲区本身的容量，溢出的数据覆盖在合法数据上。
操作系统所使用的缓冲区又被称为堆栈，在各个操作进程之间，指令被临时存储在堆栈当中，堆栈也会出现缓冲区溢出。
缓冲区溢出是由编程错误引起的。如果缓冲区被写满，而程序没有去检查缓冲区边界，也没有停止接收数据，这时缓冲区溢出就会发生。
缓冲区溢出主要出现在 C 和 C++ 中，因为这些语言不执行数组边界检查和类型安全检查。

当编写 C 和 C++ 代码时，应注意如何管理来自用户的数据。如果某个函数具有来自不可靠源的缓冲区，请遵循以下规则：

要求代码传递缓冲区的长度并进行检查。
探测内存。
采取防范措施。

以下代码的问题在于函数不能判断 szName 的长度，这意味着将不能安全地复制数据。函数应知道 szName 的大小：

void Function(char *szName, DWORD cbName) { char szBuff[MAX_NAME];
// 复制并使用 szName
if (cbName < MAX_NAME) strncpy(szBuff,szName,MAX_NAME-1);
}
然而，您不能想当然地信任 cbName。攻击者可以设置该名称和缓冲区大小，因此必须进行检查！

void Function(char *szName, DWORD cbName) {
char szBuff[MAX_NAME];

#ifdef _DEBUG
// 探测
memset(szBuff, 0x42, cbName);
#endif

// 复制并使用 szName
if (cbName < MAX_NAME) strncpy(szBuff,szName,MAX_NAME-1);
}

注意：只能在调试版中这样做，以便在测试过程中捕获缓冲区溢出。

void Function(char *szName) {
char szBuff[MAX_NAME];

if(strlen(szName) >= MAX_NAME || strlen(szName)<0) { /* Do something appropriate, such as throw an error. */
}
else {
strncpy(szBuff,szName,MAX_NAME-1);
}

}

完成同样目的的更容易方式是使用 strncpy() 库例程：

strncpy(dst, src, dst_size-1);
dst[dst_size-1] = '0'; /* Always do this to be safe! */

如果 src 比 dst 大，则该函数不会抛出一个错误；当达到最
大尺寸时，它只是停止复制字符。注意上面调用 strncpy() 中的
-1。如果 src 比 dst 长，则那给我们留有空间，将一个空字符
放在 dst 数组的末尾。

Thursday, November 30, 2006

Wii you would like to play!

Wii tech make everyone to take apart in the game and it enlarges people's imagination. How to let me refuse this FANTASTIC PLAY and so do you!

Thursday, November 23, 2006

That is why we call underground music! Cool!

These are Cool: U2 singer motion, audience's fantasy choral society, high flash light, soft prelude, hard snarl! All things in the stadium reveal what the UNDERGROUND music is, and that's called for COOL!!!

PS: The Bass is my favorite!

Wednesday, November 22, 2006

Think about the power of bluetooth

The other day, I had communication with my colleague, and mention the bluetooth technology accidentally. Since I have not any bluetooth device, my colleague introduced this technology of application flow with his mobile. He just found serveral other bluetooth devices around us using scan fucntion in his mobile, and told me he can easily send any text or picture things to those devices as his wish, and he had some experiences of receiving other devices message sometimes during he stays in the public. These facts give me a impression that the connection existed in everywhere with bluetooth technology, Oh that's cool! So some special business modes are formed in my mind, such as personal and public advitisement delivering, no paid mobile message delivering and inspetion of around digital devices etc. That means you can send and receive the message anytime and anywhere, but the security of bluetooth device is a problem in the near future. I will try out this technology and find out more cool things!

Tuesday, November 21, 2006

Post a message for blogspot reopen in China!

I use the very precious opportunity to post this for celebrating the blogspot's reopen in China. I came back to my blogspot website this afternoon. As you know, this is very normal and hard things for mainland Chinese people to visit the blogspot.com. Today's reopen give our blogger a tiny bit of hope for using blogsopt.com. Nevertheless, I just wonder whether or not it could keep alive till tomorrow. Let's look forward to it!

Tuesday, October 24, 2006

Web2.0的人力资源成本核算

目前美国的最低工资标准,在各个州是不同的,联邦政府目前规定的最低工资标准为每小时5.15美元,纽约州规定的最低时薪标准是6.75美元.按照每天八小时,每月二十一天来计算,一月的工资是900美元到1000美元左右.这个是美国的最低工资标准.

网站编辑的人力成本肯定不能按照最低工资标准来计算,因为做编辑至少需要一定的脑力劳动,而美国的工资水平大概很多人是无法想象的,比如去年纽约公交系统职工大罢工,号称待遇太低,闹得全城瘫痪.但是从当时看报道,地铁司机和其他勤务人员的平均年薪是6万美元左右,远远高于最低工资.更为重要的是,美国有行业工会组织,如果资方的工资普遍太低,工会就会组织罢工来对抗.这也是美国人力成本无法降低的主要原因之一.

　　这种高成本带来的好处是只要就业了,基本生活问题就解决,并且带来了大量的服务行业的就业机会,对于整个社会的稳定有一定作用.

　　美国人从他们的观点,同样无法理解中国的情况,美国人看到深圳街头一家服装专卖店,狭小的空间竟然有5、6名员工,美国人会惊奇地问,雇用这么多人怎么可能赚钱?而事实是,在中国,雇用这么多人也可以赚钱,因为人工成本实在太便宜.深圳的最低工资仅有每月700元,几乎比国外低十倍以上,而且没有工会,同时社会上存在着大量失业人员,劳工阶层是绝对的弱者,对于资方没有任何讨价还价的余地,如果不接受这样的低工资,就只有走人,还有大量的人在等着这个工作呢.即使对于普通网站编辑来说,一个月的工资可能也只有1000到2000元左右,其成本也是相当低廉的.

　　这里我们可以做一个比较,将美国的麦当劳比做Web2.0网站,在中国吃麦当劳的时候,我们可能会发现一个奇怪的现象,就是老外吃完麦当劳后,会主动将餐盘放到回收处,而中国人都是直接走人,让服务员来收拾.这其实就是一个习惯的问题,因为人力成本的问题,老外在国外吃惯了自助的麦当劳,自己不收拾餐盘,也没有服务员来收拾,于是就养成了自己服务的习惯.对于国外的一些Web2.0网站,比如del.icio.us或digg,老外也很勤快的参与和提交内容,这大概是同样的道理.而中国就不一样的,人力成本极低,于是在中国的麦当劳在中国就可以雇佣很多服务员,以便增强竞争力,不这么做的话,对于中国同行就没有竞争力,所以中国人已经被惯坏了,知道即使自己吃完了不收拾餐盘,服务员也会很快来收拾.对于中国的网站同样也是这样的,大型门户网站雇用了大量网站编辑,可以用非常快地速度更新优质的内容,因此中国的网民也明白,即使自己不去提交、不去digg,也自然会有大量优秀内容提供给自己,所以久而久之,中国的网摘类或者digg 类的网站就怎么也无法和国外的同类型网站相比,这其中的主要原因,恐怕就是Web2.0的人力资源成本问题了.

　　因此,照搬美国的网站模式,需要结合一下中国的实际情况.有一些在美国不可能完成的事情,放在中国就可能完成,中国模式的网站需要结合中国的实际情况,相信在中国取得成功的企业,也是深刻了解这些问题的.一些在美国发展的很好的公司,如果想进入中国市场的话,就需要仔细研究中国市场的不同,结合中国的实际情况来创建符合中国特色的服务,这一点来看,麦当劳、肯德基、以及沃尔玛这些公司做的都非常出色.

原文链接地址:http://www.williamlong.info/archives/668.html

Thursday, October 12, 2006

My view on super girl phenomena

No one can doubt about the hot phenomena of super girl, this is so strange that every one between 15 to 40 gives his passion to burn them just for the girl who can sing song well. In 2005, the super girl championship achieved a broad influence that people never met in China, many girls came from different parts of the country sang the pop songs or self-edited songs in differnt cities in serveral stagies. More than million of people voted for the favorite girl using Internet and SMS. For my political point of view, I think this is also a sign of people want to acqurie the democracy and normal voting right. If you can make the winner of super girl as a president and voting people as constituency, that would be a real and drastic election! Social media, people and even players interacted with each other, good or bad comments spread oll over the country for the super girl, many merchants get rich because of super girl, many voters die or live for super girl... Isn't that a election as U.S. president one? The Chinese media supervision orgnization more or less found this subtle trend and formally order to stop this activity in 2007, as said "This kind of activity is beyond of social basic moral and wastes unnecessary resources." But maybe it is just a warnning, because the acitivity holders announce that the acitivity will be go on and they will launch the super boy championship in 2007! Funny enh?

Thursday, October 05, 2006

西门子推迟高管加薪助力明基员工再就业

新浪科技讯北京时间10月3日消息，据国外媒体报道，西门子本周一宣布将推迟高管加薪计划，并将节省下来的资金注入一项基金，以帮助前西门子手机部门、现明基移动的员工再就业。

2005年10月，西门子将持续亏损的手机业务出售给明基，并为此向后者支付了2.5亿欧元( 约合3.16亿美元)的费用，这是西门子重组计划的一部分。不过，明基上周宣布将不再继续投资其德国手机公司明基移动，而且该部门已经向当地法院申请无力清偿保护。明基在声明中称，该公司已经无力再继续投资明基移动，而且该部门扭亏为盈的可能性非常小。

在此之前，西门子计划为高管加薪30%，并因此招致了多方面的批评。据德国《Bild newspaper》报道，西门子高管已经同意推迟加薪一年，并将节省下来的资金用于帮助明基移动员工。《Bild newspaper》援引西门子CEO柯菲德的说法称，"我们面临着新的形势，我们希望帮助那些可能失去工作的人。如果明基移动抛弃员工，我们将积极、迅速地为他们提供帮助。"西门子本周一确认了这一消息。

明基移动申请无力清偿保护之后，约有3000名德国员工面临着失去工作的危险。西门子高管推迟加薪一年可以为公司节省500万欧元(约合630万美元)，这笔资金将注入一项培训基金。这项基金目前的资金总值为3500万欧元(约合4430万美元)，将主要用于帮助前西门子手机部门员工寻找新工作。

柯菲德曾表示，出售给明基是西门子手机业务继续生存下去的最佳解决方案。明基去年预计，明基移动有望在2006年就实现盈亏相抵。但从明基上周发表的声明来看，这一目标显然未能实现。由于大量德国员工面临着失业的危险，德国政界、工会和媒体纷纷谴责明基和西门子违背了当初的承诺，并要求西门子为明基移动员工提供帮助。

德国总理安格拉・默克尔(Angela Merkel)对西门子帮助明基移动员工再就业的计划表示欢迎，但认为西门子所做的努力仍然不够。默克尔的发言人汤姆斯・斯特格(Thomas Steg)表示："由此可以看出，西门子已经认识到了自己的责任。但仍然有很多问题存在，我们担心明基最初就做好了申请无力清偿保护的打算。"

柯菲德重申，明基的行为应当受到谴责，西门子不排除采取法律行动的可能。他说："我们所做的一切都是为了帮助手机业务继续生存下去，但明基并没有履行承诺，我们正考虑通过法律途径解决这一问题。"