Slashdot Mirror

Time to call BS on all the insanely great hardware arguments. Apple is buying off the shelf components, and there aren't that many to choose from. Clone manufacturers will stick to the same CPU, the same GPU, and the same chipsets with the same embedded NICs, sound, bluetooth, and Wifi for the same insanely great results. Otherwise, the manufacturer will be fielding support calls, not Apple. Obviously, they wouldn't ship a product that requires downloads to get components working, any more than Linux vendors would ship a partially enabled system and tell customers to recompile the kernel.

As for third party hardware, Apple support isn't much better than Linux support these days anyway. I just tried to get an old webcam to work with my mini, and all I could get was hazy blobs. I assumed it would just work, since it worked well with Linux several years ago when I bought it, but OSX doesn't support USB webcams. After some searching, I found and installed the open source macam driver, but my Logitech camera is only partially supported. My choices now are to buy an iSight or go back to using the webcam with Linux.

This is just one example, but I've run into the same problem with HP printers and wifi cards with OSX. With either OS, you're at the mercy of the manufacturer. And, as far as reliability and usability, I find Ubuntu to be at the same level as OSX, except for power management and iPhone support.

Good advice. Mod parent up. From a technology perspective, a Version Control System, Test Driven Development, and Continuous Integration can go a long way towards improving quality. If the OP is in a MSFT shop, then you are most probably stuck with VSS or TFS. VSS is file based so it is not very good for distributed development. You will need to enhance VSS with SoS if you have remote developers. TFS doesn't have that problem and also has support for TDD's unit testing. If the OP is willing to use OSS, then there are plenty of good options available. There is plenty of good advice here as to OSS VCS. There are various unit testing frameworks for Java, .NET, Ruby, PHP, C++, you name it. Also, check out Cruise Control for Continuous Integration.

Technology alone cannot solve quality issues, however. Changes in methodology, process, and even corporate culture may also be needed. Take a look at my site for more advice on that.

Good advice. Mod parent up. From a technology perspective, a Version Control System, Test Driven Development, and Continuous Integration can go a long way towards improving quality. If the OP is in a MSFT shop, then you are most probably stuck with VSS or TFS. VSS is file based so it is not very good for distributed development. You will need to enhance VSS with SoS if you have remote developers. TFS doesn't have that problem and also has support for TDD's unit testing. If the OP is willing to use OSS, then there are plenty of good options available. There is plenty of good advice here as to OSS VCS. There are various unit testing frameworks for Java, .NET, Ruby, PHP, C++, you name it. Also, check out Cruise Control for Continuous Integration.

Technology alone cannot solve quality issues, however. Changes in methodology, process, and even corporate culture may also be needed. Take a look at my site for more advice on that.

Good advice. Mod parent up. From a technology perspective, a Version Control System, Test Driven Development, and Continuous Integration can go a long way towards improving quality. If the OP is in a MSFT shop, then you are most probably stuck with VSS or TFS. VSS is file based so it is not very good for distributed development. You will need to enhance VSS with SoS if you have remote developers. TFS doesn't have that problem and also has support for TDD's unit testing. If the OP is willing to use OSS, then there are plenty of good options available. There is plenty of good advice here as to OSS VCS. There are various unit testing frameworks for Java, .NET, Ruby, PHP, C++, you name it. Also, check out Cruise Control for Continuous Integration.

Technology alone cannot solve quality issues, however. Changes in methodology, process, and even corporate culture may also be needed. Take a look at my site for more advice on that.

Safari can block ads using the Safari AdBlock addon. It uses AdBlock+ subscriptions. The only major flaw at this point is the lack of a simple way to disable it on a site you're visiting temporarily. You can put in an ignore list by hand though.

This is similar to what we've done with WiKID (sourceforge.net). A hash of the server's cert is stored on the auth server and is sent down to the software token with the OTP. The token fetches the cert via the user's internet connection, hashes it and compare the two hashes. If it matches, the otp is presented and copied to the clipboard. and the default browser is launched to the website.

The key difference is that your server becomes the validation source and not a 3rd party.

Minion is a *much* better too for this than even Prolog.

http://psyco.sourceforge.net/

The really neat thing about it is that you can just load the module and call some functions, and it'll start JIT compiling your Python code for some moderate speedups (particularly string and number crunching). It doesn't need a special version of CPython or anything.

The original author is no longer developing it though -- he's working on PyPy, the Python interpreter/JIT written in Python. I think they're up to about half the speed of CPython, which is pretty impressive considering how slow Python is.

You can look at Psyco which functions like a JIT for Python.

I'm very concerned with the frequent discussion of MitM attacks performed on open wireless nets. I get the feeling that most /.'ers probably believe that it's nothing more than academic fancy, not any sort of a real threat.

As a matter of fact, it is indeed real, and I've done it as a proof of concept. Went down to the local $coffee_shop, ordered myself a hot cup o' joe, and hunkered down with my lappy. It wasn't long until I had intercepted numerous Gmail, Amazon, and even bank credentials, just to name a few. To be fair, I live in an area relatively densely populated by yuppies (West LA), but that doesn't really change the nature of the threat.

SSL MitM isn't just an idea being thrown around, the threat is very real and is not to be taken lightly. Tools such as ettercap-ng make it literally as easy as point and click. Having a CA that verifies something, even if they don't do much diligence, is much better than none in a situation such as this.

So, this seems to have a really high "neato!" factor, but not a lot of practical use. Except for maybe 3D modelers in Hollywood?

Maybe this can be rolled into Photoshop or Hugin.

It is at this point that I would normally point people to the Open Voting Consortium, but unless I'm missing something, the project stalled some time back in 2006. Yet they're still taking donations...

Am I missing something or is it time for a fork? Because I think we definitely need an open, easily verifiable voting system.

I don't even think it needs to be a LiveCD as the current project seems to have. What is so difficult about making a paper trail?

grep /var/log/access.log

I meant something like this kojoney that pretends to be a ssh server but isn't.

I hadn't heard of SSHguard, but I do use fail2ban.
Any thoughts on which is better SSHguard or Fail2ban ?

Does anyone know of a simple SSH honeypot that looks like a ssh server, but just logs the IP address, usernames and passwords that the robots are trying to use ?

Exactly. But there is a workaround. Just sign up for an OpenDNS free account and you can turn their "features" off in your preferences. Once configured OpenDNS works just like normal DNS servers that return NXDOMAIN on unknown domains, which is all I want.

For dynamic IP users like me a bit more work is necessary: find a way to report the IP to OpenDNS so it knows it is you. I use the ddclient daemon to update my IP information to OpenDNS and things are working reasonably well so far.

A web browser using Python for client-side scripting? It's been done

Quite frankly, I'm the same way. I have FF delete all personal data on close, and run PasswordSafe. I keep the master password different from the rest, and keep most of the other passwords the same, with some slight variation. Sorry, but I don't trust anyone. I've been burned enough times to know better.

I had a really psychotic ex get into my email and posted all of my personal stuff on her blog. Needless to say, don't trust anyone until you really know them.

https://sourceforge.net/tracker/?func=detail&aid=1973248&group_id=4421&atid=104421

Up until recently I'd had a similar opinion. Then I started work on a new project and began noticing all these interesting technologies.

Some exciting technology is being developed using Java. Check the trove.

You send a specific packet across the internet to raise the power state of the targeted host.
Until someone does something other than that, it doesn't matter what they fucking call it.

Okay, I see where the problem here is -- inadequate information about the problem space.

• The old technology required that the sending host know the MAC address of the system to be woken up; those are only available within a LAN segment, and there's certainly no way some arbitrary caller initiating a phone call is going to know it.
• The old technology didn't allow any kind of access from the other side of a NATting router, even if the remote end did know your MAC address, because when your system is asleep you're not keeping any connections open, so the NAT table entries allowing any UDP streams previously available are going to eventually time out, making your machine un-wakeable

This solution keeps the NIC alive enough (sending an occasional packet to whomever you're allowing to wake your computer) to keep your masquerading router aware that there should be bidirectional connectivity available, even when your computer is in sleep mode.

If you wanted to save electricity you'd have a normal fucking phone and answering machine, VoIP or not.

Yes, but I also want my spam-filtering rules in place. Folks need to go through a menu to actually ring any of the phones in the house; anything without Caller ID gets a message telling them why they're getting hung up on (and is then hung up on); anything I've blacklisted gets hung up on without even ringing the phones; different members of my household have different voicemail boxes, and a distinctive ring is used to indicate who the call is for; and incoming calls are recorded so I have evidence against the $@!@$#^ spammers who keep calling my house. And faxes are received and sent through iaxmodem, so there's no paper wasted in processing them. It's shiny, see!

Perl is in itself neither good or bad.

And neither are the programmers of history really guilty.

The big issue here is that what started out as something small and neat has been growing over time with different programmers involved. This is caused by various input from different areas within a company and after a while the structure that once was consistent is now degraded and there is a lot of dead code. And the evolution of the language has also contributed because what once was the only way to do something can now be done in three different ways.

But this is still nothing that's unique to Perl. Most languages suffers from this problem, and the problem arises from the fact that there is often no compile-time verification of the code to find any inconsistencies between modules.

Languages with strong and static typing are a bit better to cover for problems like these, since they can verify the worst problems at compile time. Additional tools like Findbugs and Splint can also help.

Weak and dynamic typing are fatal problems waiting to happen. You may claim that it's resolved by better testing, but that drives up the cost since the iterations will be longer. And some cases are missed during tests because that code is only executed in rare cases.

So if anything - what should be hated are weakly and dynamically typed programming languages. Regardless of what the language is called. But we can't live completely without them either since they come in handy from time to time. But at least the usage shall be limited to keep things safe.

And back to the issue where code has evolved over time - it is sometimes the best to actually bring together a set of engineers that has to analyze the functionality of an existing system and then rewrite the whole system in a consistent way using a language like Ada, Java or C#. In some cases special languages may be needed because there can be functionality that can be best expressed in Erlang or Fortran. This means that it's important to not be too obstinate about using a single language for development. Select one main language and make it interact with other languages when needed.

Lines of code is of course not a good measurement of the complexity of an application or the task ahead. A programmer may use weeks to code something that's a 1000 lines long, but other parts can be 5000 lines in a day.

Comments in code are useful - but only to a degree, too much comments will just obscure the code instead.

Breaking down code into reasonable modules is also important. Tools like Eclipse have some refactoring capabilities which allows you to actually break out a certain code segment into a new method in Java.

And yet another factor that's easily forgotten is that there are three types of systems;
  1. Architect designed systems.
  2. Hacks.
  3. Evolved systems.
Both 1 and 2 can converge into an evolved system, but the evolution depends strongly on the programmers involved and their experience. An experienced programmer can actually restructure a hack into a structured evolved system, but inexperienced programmers can easily cause a designed system to be evolved into an unstructured evolved system. Available tools and methods also bear their share for the quality of an evolved system.

With no server side support you would have to transfer the entire contents of the file every time you you wanted to view the encrypted file.

Erm... why? I don't have to read the entire contents of my encrypted partition every time I want to seek somewhere in it.

Then if it isn't what you want, it would transfer all back.

WTF?

This kind of makes me question your understanding of computers beyond "This is a mouse."

It's called copying. I download the file to view it, which is copying it -- if I didn't want it, I do not then have to re-upload the entire file -- it will still be on the server, because I copied it, not moved or deleted.

That's probably not what you meant, but the way it's worded, it sure as hell looks like it.

With plain FTP, it just gives you the header name so you can see the file is there in much the same way as ls or dir displays a directory listing.

Right.

If you want to view the contents, you have to download it

FTP supports resuming a download. Even if it doesn't support specifying that you only need some tiny chunk of it, you can always close the connection (canceling the download) once that amount has been transferred.

So no, you don't have to download the entire file.

Same with HTTP -- only moreso; I believe you can request a specific byte range of a file.

you can create a secure connection, have the server decrypt the files as needed

Both of which assume you trust the server -- because the server now has unfettered access to your files.

I don't know about you, but I'm a little more paranoid. I'd rather the server not be able to get at my files.

render the contents in a viewer that transmits only the characters your looking at, at a time.

Ok, first off, that is a retarded idea, if you're actually talking about characters (as in, chunks of a text file). Text is small enough, and compresses well enough, that it makes more sense just to send the whole file. It'll use more bandwidth, but it will perform much better, because you won't need a roundtrip to page down.

I'll grant that it does make more sense for low-latency, low-bandwidth scenarios. But I can't think of such a scenario -- the only place where that bandwidth might matter is dialup, which tends to have a high latency, mostly because it has so little bandwidth that any other, simultaneous activity will saturate the connection and slow everything down.

Second, as stated above, there's absolutely no reason you can't do this with encrypted files stored via FTP.

You can even use server side support to open large archives or zipped files and present individual files within them.

And you know what? You can use client-side support to do that, too!

For a really impressive example, take HTTPFS -- you can mount an ISO over HTTP, and it's actually fast enough to browse files and such.

The only place where this would matter is for things like tarballs -- in which case, you're forcing the server to read the entire archive from disk (probably decrypting it in the process) before sending pieces of it back.

For an archive of any size where it'd make sense to do this, it probably makes much more sense to unpack the archive, or repack it as something like Zip, which is seekable -- and either situation puts us back to Square 1, where encrypted files over FTP can do the same thing.

Now, given the question that was asked, I'm assuming it's massively easier for him to add client-side support for this than server-side support. Given what I've just explained above, you can get almost all the same features with client-side supports, and the only ones that would really benefit from server-side support (that you've mentioned) are a bad idea anyway.

just karma whoring here, but it's important to mention that pretty much everything ZFS has to offer was already available on tru64's advFS: http://advfs.sourceforge.net/ [sourceforge.net]

As much as I love tru64, I think it really is time to put this myth to bed. AdvFS is a good solid filesystem and cluster aware too, but it's no ZFS. AdvFS doesn't do any form of RAID other than concatenating disks into disk pools (domains) which can then be populated by filesets (AdvFS speak for filesystems) that share the same domain space. Every enterprise implementation of AdvFS always always has AdvFS sitting on top of some form of hardware or software RAID. AdvFS itself doesn't provide any RAID like data protection or redundancy.

AdvFS doesn't come close to the flexibility and power of ZFS. That's just the plain truth.

Now if you're really interested in Linux's answer to ZFS, you should keep an eye on the development of Btrfs. I wouldn't expect it to be production ready for a couple of years yet, but when it is it should kick ZFS ass!

The ZFS filesystem is interesting for desktop installations - it does allow seamless use of the 1-2 terabyte desktop disk configurations that are now possible. ZFS was designed for the datacenter - eliminating the need for the time-honored but fragile combination of journaling filesystem over software volume manager (usually over HW RAID).
It's the first real innovation in filesystem architecture since journaling filesystems were developed.

just karma whoring here, but it's important to mention that pretty much everything ZFS has to offer was already available on tru64's advFS: http://advfs.sourceforge.net/

it's a shame HP killed this fine unix to keep that abominable HP-UX, so kudos to sun for bringing back the functionality of tru64 back to the datacentre AND the desktop.

hmmm, i wonder if my notebook (presario v6210) is compatible with opensolaris...

Been using it fo over a year and it is great. http://areca.sourceforge.net/ Encypts, does incremental and ftp to my personal site, can't beat it. Even did a restore once from it very smooth. Has everything you could ever want.

There is at least one tool to convert images to text so that emacs and vi become useful image editors.

http://sng.sourceforge.net/

Also, emacs is clearly superior.

I've looked at it a while back (I'm the one who wrote rsyncrypto). When compared with rsyncrypto, the main thing I didn't like (aside from the fact there appears to be no implementation... ) is the amount of state stored. Esync actually needs access to the old plain text file in order to work (or a substantially similar state). Rsyncrypto, on the other hand, needs just a few pieces of state per file, that once created never change. These include the symmetric session key and such stuff, and are about 68 bytes in length.

I really don't remember the details any more, but I think that there were also performance implications to the above.

If want, there is also a program called "murk" http://murk.sourceforge.net/, which implements the same principle as rsyncrypto. As far as I can tell, it is much less mature, and no longer maintained.

Shachar

"secure" and "untrusted" don't go hand in hand. If you want security, don't put things in untrusted spaces. Period.

Are you sure about that? I consider my SSH connections secure even tho' they traverse untrusted links. Same goes for my encrypted mails, https connections to my bank, etc.

Anyway, to the submitter - is areca close to what you want?

This is why I can't stand the FSF. Sure guys, it would be nice if everything was open and free, but that is NEVER GOING TO HAPPEN.

Yes, it will -- no thanks to you. Eventually, just as has happened in other industries in their adolescence, digitized entertainment will settle on de facto standards, for the technicians' convenience and because the superiority of the best methods will become known widely enough that willing victims of trash like the .mp3 & .wav formats will disappear from the market. For example, electricians all use (in the United States) 120V/60Hz for residential outlets (AC because it's better for transmission, 60Hz because lower frequencies were found to cause headaches and agitation in some customers, so nobody will accept that now that the cause is known) and all plumbing works lefty=loosy, righty=tighty (standardized purely for convenience -- the opposite could function just as well but it's important to standardize, one way or the other). For now, a lot in IT is as obscure to most IT customers as building methods were when the Masons were a secret society. This, too, shall pass.

Not to mention that Theora and Vorbis are only used by a very tiny sliver of the population. Face it, FSF: The only people using these formats for their personal use are FOSS advocates and on toward the zealot end of the spectrum.

You're half right: few people care about 128k mp3 or comparable .aac v. .wav & lossless compression, ie .flac. You're half wrong: the reason for the above is not that we are "on toward the zealot end of the spectrum," but because we are also few who own earphones or speaker/amplifier sets accurate enough to hear the difference. But if you ever incorporate an audio sample into your own work, the damage of repeated compression (the lossier, the worse) is more likely to become noticeable, so it's not unreasonable to suppose that mash-up creative models will become popular enough in the near future for .ogg or .flac to become undisputed king. Probably not before the next major revision to the iPod, but possibly within the next decade. Certainly, not "NEVER."

BTW, I had a similar reaction to the OP to what you expressed for the FSF. I don't see the sense in picking on the BBC, but not because open standards are "NEVER GOING TO HAPPEN." I would instead pin the blame on Microsoft, Apple, and last time I checked, RealNetworks, because those are major drivers of digitized entertainment formats and do not support .ogg nor .flac, both of which are superior to .aac, .mp3 and .wav, which those "major players" push. Ogg is better lossy compression, and FLAC is better because lossless compression is better than useless bloat, which is a perfectly honest and accurate description of the silent bits in WAV files. If any of the aforementioned corporate megoliths were truly the ruthless competitors that they pose as in earnings reports, conventions and press releases, they would embrace open formats without reservation and battle for the best implementation of the best totally open formats. Unfortunately, they do not profit only by providing the best value possible to their customers. They differ from Adam Smith's model of free enterprise in their care for shareholders' interests, even if those are contrary to the interest of their customers. When profit can be reaped any way other than serving customers' demands, that signals one or both of two things: an immature market, or an overregulated one. We know IT is immature. I expect we'll disagree in the future about whether IT's also overregulated.

PS Hardware is cheap, but not free, so I prefer .flac, the free lossless audio codec.

http://p2p-radio.sourceforge.net/

There's a GCC based cross compiler that compiles for Windows CE targets, see http://cegcc.sourceforge.net/. I've never used it, but I would assume that it could be used for Windows Mobile development without having to pay for VS.

5. Use Artistic Style .

There, fixed that for you.

The SourceForge Help Wanted page is also a good place to look. Most of the projects looking for help aren't really top-tier projects, but they'd be a good way of building up reputation when the GP later wants to go for the big name projects.

NTFS-3G works pretty well. I'm not sure FAT32 is really necessary any more.

NTFS-3G is good for Linux reading Windows partitions, but you can have it the other way too. Windows can be set to read and write to Ext2/3 file systems. I imagine ext4 will work with this too when it comes out.

This one.

Pick a project (you will have to filter the language to C for the more kernel-like projects), then offer to help out with some coding. The people running it should be happy for you to help out (just don't expect to suddenly become a respected developer until you've proven it) and should be able to provide you with more assistance in getting up to speed. Once there, you should have the confidence to tackle something more high-profile.

This isn't true. Microsoft has expressed interest in ODF. They are an official contributor to the OpenXML/ODF translators project. They also announced that Office 2007 SP2 will officially support reading and writing to ODF 1.1.

http://odf-converter.sourceforge.net/
http://www.theregister.co.uk/2008/05/21/microsoft_office_pdf_odf/

And, really, a lot of the complaints that people have about OpenXML aren't that valid. Sure, some of the tags in the initial draft were poor, such as referencing behaviors in previous versions of Word. Those tags are deprecated if not entirely removed. A lot of the problems with Office 2007 supporting the ISO version of OpenXML are minor as well, such as the use of an attribute value of "on" in place of "true". OpenOffice has the same kinds of implementation problems with ODF. Lastly, the complaints about the size of the spec are also largely unfounded. The OpenXML spec covers a lot more than the ODF spec. For example, OpenXML describes the functionality of every spreadsheet function, whereas ODF has no specification for any spreadsheet functions at all. Also, OpenXML's spec contains an absolute ton of sample XML. If you removed the sample XML from both the OpenXML and ODF specs their sizes become a lot more comparable.

Already here brother. Prepare for the ultimate horror.

Well, you can always trade in lifetime to recover more of those precious gigabytes...

• You can go through all your packages and remove those that you don't need. Many dependencies are not mandatory.
• You can remove documentation and meta-files that you don't need.
• You can enable compression in your filesystem.
• You can switch to gentoo where you get to decide which libraries every individual app will link to - and shave off even the last megabytes.
• If that's still not enough you are always free to grow your own, perhaps around dietlibc or uclibc.
• Ofcourse you also can always advantage of prior art in those areas.

But I suggest you simply do what everybody does: Buy a bigger disk and stop whining. Or live with the trade-off you made by going SSD.

I manage a large intranet wiki at a university, based on TWiki. We also do some research on its use. The main metrics I would suggest :

    * number of pages (cumulative graph over time, and per month/day)
    * number of edits, idem
    * number of views , idem
    * Number/size of attachments, idem
    * a histogram of edits/views per person
    * a histogram of people who only read and never contribute.

you can obviously anonymize the graphs if needed. A little straightforard programming-fu and access to the server logs goes a log way.

Before you show the histograms to the bosses, you need to tell them about the http://en.wikipedia.org/wiki/Power_law , as you will be looking at one, guaranteed. 10 % contribute, 90% read. That is fine and natural, but they must understand that. You can demonstrate the fact that people read it a lot and that it is a resource they use (use the the views/views and no edits graph), and the (relatively few) people who actively contribute must be encouraged to do so, and maybe even given an explicit task to do so.

You can also plot a degree distribution histogram per page ( http://en.wikipedia.org/wiki/Degree_(graph_theory) ), where the degree of a page is the number of outgoing links to pages + number of pages referencing back to it. If you get a power law again, you have a few important portal pages and lots of content. More uniform distribution suggests something in the lines of an encyclopedia/storage type of content. I would suggest that having a power law is better, as people find stuff more easily ( bar a good search engine...) You can also use any of the graphing tools (http://vlado.fmf.uni-lj.si/pub/networks/pajek/ or http://jung.sourceforge.net/ ) to draw all pages out, and show different clusters of content. AGain, you can do this over time

Oh, and while you are at it, list the top/bottom 10 (20, 30) most used pages, and explain why. Observe how they change over time.

Im sure that there is enough suggestions here to get a nice progress metric for the boss. Good luck.

Gori

I'd say the best measure of a wiki's effectiveness is probably a thorough analysis of the access logs for the web server where the wiki lives. Run them through something like awStats (personal favorite) and see what you get. Are people in your organization actually visiting the wiki? Which pages are most frequently accessed, and by whom? How many users are hitting the Edit or History portions of a page, as opposed to simply viewing static content? These are solid, quantitative numbers, and presented in a "dashboard" style format like you can get from awStats, that will probably satisfy the PHBs.

I try to avoid orphaned pages altogether. Every page in your wiki should fall under some umbrella or hierarchy, even if it's just a catch-all like "Miscellaneous," so that it can easily be found by people who didn't know it was there.

In my experience, people tend to use wikis one or both of two ways: either they do a title/text search to find a particular topic, or they just start exploring and reading what they have access to. The latter can be a great way to get new hires up to speed, or for people to gain knowledge about various business processes in their downtime. Orphaned pages are only accessible by search and IMO defeat half the purpose of having a wiki.

https://sourceforge.net/tracker/?func=detail&aid=1973248&group_id=4421&atid=104421

^- posted ages ago. Maybe Slashdot should lay off laughing at emails and actually look at their bug tracker more than once a year.

What justice?
Bob Jacobsen has paid Katzer $30,000 in judgments against Jacobsen, as well as his own legal fees. Katzer's made money off his product and gotten his legal costs paid for, and as I read the judgments, has yet to actually lose anything other than three of his 12 patents.
Katzer isn't winning, but JMRI is suffering a lot more than Katzer is.

I'm glad the court ruled the way it did but a lot of JMRI people have gotten pretty badly ground up along the way. This is only justice insofar as the rest of FOSS has dodged a bullet.

It's not even just that: Katzer also went and got patents over the concepts expressed in JMRI, which were only granted because he failed to disclose JMRI's prior art to the patent office, and then sued the JMRI people for infringement of their own code!

The open source guys didn't even start this; Katzer did. He brought it upon himself!

JMRI has a long and detailed page describing what happened. I highly recommend everyone reading it; it's amazing how brazenly this prick Katzer (and his lawyer) tried to rip everybody off.

This is kind of a kludgy solution, but what I've done in other circumstances with this sort of a need is install PDFCreator in my Windows VMs, print to that, then copy the PDF to another machine to print. Hope that helps you. Probably won't. :)

the developers had never thought to sanitize their data

Oh it goes well beyond sanitizing input data, why were they not utilizing the least privilige principle in their application design? Allowing an unauthenticated user to use a database user with full privileges to the database tables when only selects are required on specific tables is asking for trouble.

In most cases I suspect the developers are, well, just lazy. When presented with a ready made least privilege PHP application design the response by multiple developers was "I can just recover the website from a database backup, least privilege is not necessary", I kid you not.

burnin

GLIDE was Open Sourced just before 3dfx was bought by nVidia. http://glide.sourceforge.net/

Feel free to port it to other cards ;)

Slightly off-topic but I just discovered Ur-Quan Masters, an old Star Trek-like RPG game that's pretty decent. Massive world to explore, engaging storyline. Open-source, too.

It's a little old, but worth a look. http://sc2.sourceforge.net/

I know that the open source community has given a lot to me. I have been able to tackle some difficult coding tasks by being able to reference works already done by some different open source iniatives. I think the chicken-and-egg issue about the developers not having experience but needing it to get a job, is definitely something that if the developer could show they contributed meaningfully to an open source project would help there case trying to get a job. It looks good on the resume. I decided to try and give back to the open source community, and released one of my products as open source now. I am looking for anyone that wants to work on it, or just enjoy using it. http://sourceforge.net/projects/pop3wizardnet/ I hope it helps someone save a few hours of headaches, considering it has weeks of work in it.

Actually, an alternative to Visual Studio for Linux (and other platforms) is Eclipse. It supports Java, C, C++, PHP, Python (with the Pydev plugin) and more. Coming with a "stack" or not is irrelevant. Ubuntu, for one, has all of this (OS, bindings, Eclipse, Pydev, etc) so IMO it is more integrated than Windows+Visual Studio, rather than less.

are really only switched between different speed segments. I.e., they might bridge (switch) between a 10 mb segment and a 100 mb segment, but they're only repeaters (hubs) on each.

I think there's a good chance those guys know about ARP poisoning.