Posted by
ryuzaki0
on from the are-you-the-Keymaster dept.
jeffwolfe writes: "In his latest column in InfoWorld, Nicholas Petreley claims that Microsoft's attack on the GPL is merely a diversionary tactic to distract the Open Source community from Microsoft's real goal: authentication services."
330 comments
This guy....
by
Anonymous Coward
·
· Score: 1
is just your standard Slashdot troll with some articulation skills.
Not quite
by
Anonymous Coward
·
· Score: 1
Enterprises still want the infrastructure of single sign-on, because they want to only manage one user accounts database.
They don't want people to have separate user accounts on every machine. They want global user accounts, and global groups, and the ability to then grant resource access based on membership in those groups.
Ideally, they want the ability to partition users/resources into different groups, and then grant admin rights to some people for some of those partitions, without granting admin rights for all of the partitions.
Welcome to the "enterprise".
Re:Remember Ghandi
by
Anonymous Coward
·
· Score: 1
We have a winner! Congratulations, richardmguy, you're the first person to post the tired "First they ignore you" Gandhi quote!
As a reward for your devotion to the fine craft of Slashbotting, we are pleased to offer you some CAFFEINATED MINTS FROM THINKGEEK.COM! That's right -- Thinkgeek.com, your source for everything geek.
Congratulations!
Re:Why I'm Not Using Windows Anymore
by
Anonymous Coward
·
· Score: 1
1. The MS's hidden files idiocy has been throughly debunked.
The guy who wrote it does not have a clue about what he is talking about. Anyone who does have a clue will get a great laugh out of it though. Be grateful idiots like that don't use Linux.
read: http://arstechnica.infopop.net/OpenTopic/page?q=Y& a=tpc&s=50009562&f=48409524&m=3840916991
follow the links from there, too. It'll be a struggle to read to the end, it is amazing that someone can run the wrong way for so long without a tiny bit of common sense ever coming in play. If you don't want to read that much retardation (it'll corrode your brain), be assured that the moron gets everything wrong.
2. It's been updated, thankfully. It was even reported on Slashdot.
3. and 4. are both utterly moronic, but believable if you are a rabid MS hater (hello, slashdot!). They are not, from my moderately neutral perspective, not even remotely believable.
In general: The Register has never published an accurate sentence about Microsoft, ever.
The NSA claims have _never_ been backed up by any evidence either. I'm not going to dig up links to rebut it for you, google is your friend. MS don't deny involvement because the claims are so retarded. Why even respond to such drivel? (Something the OSS community should think about in the face of MS FUD.)
MS's past history isn't quite as awful as you seem to think.
I've said this before: there are plenty of genuine reasons to hate/despise MS. Why do people so often ignore the valid reasons and make up bullshit to justify their anti-MS stance?
Petreley's
by
Anonymous Coward
·
· Score: 1
been extolling the virtues of open source (or whatever we used to call it) before slashdot was on air, unless I'm mistaken:) WHich is possible, however improbable. Senior IT leadership in this very large company have read the Petreley *troll*:) religously for some time. He has a bad habit of providing fairly objective and insightful journalism.
He has the bad habit of just being another opinionated Journalist.
And while tech journalists often ooze slightly less 'essence of liberalism' than journalists in general, Petreley gravitates toward Katzness. He's truly one of the most zealous out there.
Re:Renamed: Or, just say the truth...
by
Anonymous Coward
·
· Score: 1
Let's see, shall we?
Anyway, I just might give it a shot (no pun intended). Think about it. I hate the stupid fucker, it'd be doing the world a _huge_ favour, and *poof!* instant celebrity status for me. Fun, fun. Sure, I'd get executed, but I don't happen to place much value on my life. If I can do something worthwhile with it, then I'm happy.
So, what do you guys think is the best way? I can't work out any better plan than the old cliche... sniper scopin'. If anyone has a better idea, lemme know, please.
Missing the point
by
Anonymous Coward
·
· Score: 3
Unified authentication is not a piece of software. Certainly the software exists, but the information must be shared among different groups for it to be worthwhile.
As far as sensitive transactions on the internet goes, I use eBay, ING (for banking), Paypal, Chapters.ca, Amazon.com etc. I would like to be able to login to my personal computer or to my computer at work and have instant access to any of these services without remembering a password for each one. If I gave these companies permission to share my personal information I would not consider this an invasion of my privacy.
If, on the other hand, Microsoft took control of my personal information implicitly when I signed up for these services I would consider that an invasion of my privacy. Microsoft would, in effect, be saying "if you want to perform sensitive transaction on the internet you deal with me." I don't want to deal with MS.
What is needed is not a piece of software, what is needed is a standard format for sharing sensitive information and a standard legal contract by which you give a company to share your information with whichever companies you want the information shared with. A legal open standard similar to the GPL which would also include instructions on encoding and transmitting sensitive information would make universal authentication practical, with or without NC. We can make a contract that we're comfortable with and boycott companies that don't subscribe to it. This is how we'll beat Microsoft.
Passport
by
Anonymous Coward
·
· Score: 3
I think it's interesting that Peterley didn't mention Passport once in his article. The headline screams out how authentication is key and yet fails to address Microsoft's stategy for actually making authentication happen.
Guess what? Microsoft has already mined MSN and Hotmail and has it combined with Passport to create a ridiculously huge user base. Take a look at the Open Source sites (like any of those owned by VA in its OSDN sites). I think at last count there were something like 16 different sites each with a different name and password. How can a supposedly backward thinking company like Microsoft figure out how to leverage it's online websites and yet a company like VA Linux can't? Why is it that you can buy advertising across the entire OSDN network and yet you have to potentially use a different username and password for each of these sites? Why isn't VA doing a service like Passport that would not only tie OSDN sites together, but could potentially use a PAM module to tie your Linux login back into each of those sites?
It seems like the open source community is only going to 'get it' when people fire up Windows XP the first time and realise that they can login with their Passport/MSN/Hotmail accounts.
Re:Unfortunately there is no resistance...
by
farrellj
·
· Score: 1
> A great example is in Oklahoma we have the 1
> Black Republican JC Watts. How was he elected
> you wonder. He played Quarterback for the
> Oklahoma Sooners college football team,
> therefore he must be qualified.
Add to that he played a number of years of Professional Football up here in Canada, for the Ottawa Rough Riders, where I met him once. Can't remember anything about him, but he was a reasonable Quarterback. As to if that makes him qualified to help run your country down there? I would take a quarterback over an actor!
ttyl
Farrell
-- CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada
h
How to really sink Microsoft!
by
farrellj
·
· Score: 1
O.K, with the.Net system, and with Windows/Office XP, MS will be able to charge you for it every year or 6months that you are using it. To me, that sounds like taxes...so we need to put a campain together to fight the new Microsoft Tax! Let's hijack a shipment of Windows XP and dump it in Boston Harbor! No New Taxes!!!!
ttyl
Farrell
-- CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada
h
Re:How to really sink Microsoft!
by
SpaceLifeForm
·
· Score: 1
Hmmm...
No Taxation without Re-compilation!
-- You are being MICROattacked, from various angles, in a SOFT manner.
*holds up cards* 9.9
A truly wonderful troll with a fine, fruity flavor right down to the piquant user-ID: the only flaw is at the very end, where 'Lord Hugh' cannot supply a link. Remember, you don't need to justify any sort of assertion if you're trolling- leaving the last sentence out entirely would have been still better! Ideally the impression you want to convey is, 'but of course everybody knows this'. However, this lapse does not negate the otherwise excellent qualities of the troll, not least the fine efficiency and lack of effort expended in producing it. Kudos and many happy +1 Funny's;)
That's what we're doing here at work-- Sunrays on the desktop, with Solaris boxes doing the heavy lifting. We've only rolled out a few (about a hundred or so), but we will hopefully have everyone on them soon.
The NC *has* been done right. The Sunray is just the most recent (and perhaps the best) example. And it *is* a grand idea.
It won't work, of course. Even here we feel the pressure to move to MS software. We've resisted so far; but find a corporation-wide financial system that can run exclusively on Unix. Pretty much every financial package has an MS-Windows front-end, even if the database runs on Oracle or DB2.
Petreley was right-- it doesn't exist until Microsoft invents it.
-- Microsoft is to software what Budweiser is to beer.
In essence, Microsoft is trying to do the same thing RCA tried to do but on a bigger scale. May the same fate befall them.
-- Wansu, th' chinese sailor
Re:Forget the privacy implications
by
pohl
·
· Score: 1
I use memorable phrases,mapped to characters in a n obvious way, but the hint need to give much information about it. For example, the phrase "working on a sex farm plowing through your bean field" could be mapped to w0a5fptybf -- and the hint could be "St. Hubbins". Who could go from the hint to the password? No one.
--
The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...
Re:Forget the privacy implications
by
pohl
·
· Score: 1
yikes...that should have said "the hint need not give much information about it"
--
The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...
NC World Magazine archive still exists!
by
rickmoen
·
· Score: 2
Nick wrote:
We made more than a few enemies by poking fun at the reams of poor journalism about NC. I wish I could point you to archives of the articles, but I'm not aware of any way to reach them. The campaign against NC was ultimately successful. For that among other reasons, the magazine folded, and the content disappeared forever, at least as far as I know.
Thanks to Don Marti and I acting quickly to create and keep a mirror (allowed by IDG's licence terms), NC World's superb coverage remains available, at http://ncworld.zgp.org/.
Enjoy!
Rick Moen
rick@linuxmafia.com
Re:the appeal of a single sign on
by
tzanger
·
· Score: 1
If some mugger just happened to rob me, he didn't just walks away with my wallet: he could be walking away with all my belongings!!!
That's why most good security systems are multi-tier. Something you know, something you have kind of stuff.
My ideal security device would be some kind of physical card which contained all my passwords and info I'd like to keep stored out of my head but require a biometric or two (fingerprint, retina scan) and a passphrase to grant access to the info on it. Of course, it'd have a backup in my safety deposit box using a standard (old-tech) key and my standard I.D. to get access to it.
What if I lose a finger? That's where the multiple levels come in. Under some not-yet-determined circumstances (national key, something) the device could be reset to a different biometric, but one at a time. You'd need to have all other info to do it. And you could change your passphrase as often as you like, so long as the matching biometrics were there.
Re:Renamed: Or, just say the truth...
by
IvoryRing
·
· Score: 1
It may just be modern myth, but I do believe that the Secret Service is supposed to investigate any threat seriously. Just as it isn't too bright an idea to joke about having a gun when waiting in line at the security check in an airport, this doesn't sound too bright to me.
My guess is that the post was a joke, but I also wouldn't be too surprised if the poster in question gets a little bit of face-to-face time with the Secret Service.
If you think that Slashdot would resist the Secret Service, think again. This is exactly the sort of thing that most rational people (particularly the people in a position to obstruct the SS tracking down the poster to a real-live-body) would agree is a valid exception to the anonymity that they may normally defend.
Re:Other conclusions possible...
by
Jason+Earl
·
· Score: 2
Microsoft is not out to test the validity of the GPL. The last thing that Microsoft wants is to set any precedent that would limit the power of copyright. After all, they rely on the power of copyright to limit the legal use of their software a lot more than the GPL does.
Other than that, I agree. What Microsoft says is always smoke and mirrors. Heck, I wouldn't believe them if they told me the sky was blue (because in the background they would probably be working on changing the color of the sky).
Re:the appeal of a single sign on
by
Jason+Earl
·
· Score: 2
Ah, good point. Of course, that simply means that the information is stored on the file server (of my choice) out on the Internet in an encrypted fashion. The owner of the web site wouldn't need to know what was in this data packet, and wouldn't be able to read it, but I would be able to access it whenever I needed it. Barring that I could carry the information around on a smart card or a PDA. Most importantly, however, would be that I would choose who I shared that information with. My biggest problem with Microsoft's passport service is not that it's centralized, but rather that some other entity has access to my personal data. I would be perfectly happy with Microsoft's service if all they knew about me was that I was storing a blob of encrypted data on their network. As long as they don't have access to my information I don't care who stores it.
It is not like this would be any harder to set up. The reason that Microsoft didn't set passport up this way is that they aren't interested in providing a passport service (even if the users paid fees), they are interested in creating the largest database of marketing data ever compiled. Quite frankly, that scares me.
Re:the appeal of a single sign on
by
Jason+Earl
·
· Score: 2
This is a fairly simple thing to fix as well. LDAP already would allow you to do this, and Mozilla (or whatever you chose as your personal security manager) could easily update a list of sites all at one time if an open protocol like LDAP was used. What's more, since you wouldn't really be interested in the passwords for the individual sites (after all, you would only need to remember the password that unlocked your security manager) the passwords that actually went over the Net could be ridiculously long and complicated. Mozilla could even automatically change all of your remote passwords every day when you first logged in. The user wouldn't even need to notice that this was happening.
And if this blob of information was stored in an encrypted format somewhere on the Internet you could access it from whatever device you happened to be using. More importantly, however, no one else would know what account information you were storing. Right now Microsoft is happily compiling a database of information about everyone that uses their passport services. They know who you are, they know where you live, they know what you buy over the Internet. They know which affiliated sites you visit and when. If Passport was at the center of authentication for the entire Internet then they would know nearly everything about everyone.
The same ease of use features could easily be created without anyone being in the middle (well, your credit card company would get involved when money changed hands). You would keep your own information privately, and could take steps to guarantee that it remained safe.
Re:the appeal of a single sign on
by
Jason+Earl
·
· Score: 3
I can at least back up my hard drive. What happens to my passport credentials when Microsoft decides that I can't use them without paying for an "upgrade," and what happens when Microsoft gets hacked?
Heck, what happens when Microsoft "loses" my passport storage file. Microsoft doesn't guarantee that their site will be up, that they won't lose data, or that they won't be hacked. They don't guarantee that their prices won't go up, or that their service will even be available a year from now.
And if Passport becomes ubiquitous what is to stop Microsoft from using it to spam the lot of us? You think the EULA which specifically states that they can change ther terms of service is going to save us. To be honest, I don't even see Hailstorm as being all that useful. As a developer I personally am not really that interested in having my customers data on Microsoft's servers. I want to control my customers information myself. I want to have their email addresses, and mailing addresses in my database.
I imagine that Microsoft's competitors feel the same way, and now that Microsoft is a full-on media company they have a lot of competitors.
Re:the appeal of a single sign on
by
Jason+Earl
·
· Score: 5
It's already been done. Mozilla will happily remember your usernames and passwords for as many sites as you like. If you wish you can password protect this information store (I believe that IE does something similar as well). This is a much better solution than putting all of the information about everyone in one huge database. Sure, some people will probably lose their passwords when their hard drives crash, and some will have their master password stolen by thieves. But I can guarantee you that if everyone's information was in one net connected database eventually someone would learn to steal that information from everyone (the only trick would be to steal the information slowly enough so that Microsoft wouldn't notice).
Of course, if you put me in charge of the database that would be a different thing altogether. I would never use it for nefarious purposes, and I would be very careful to make sure it never was stolen:).
The funny thing is that this could really work, but not if Microsoft insists on charging money for it. Heck, they should be giving away Windows XP and then hold everyone's data hostage.
The way network computing should work
by
iabervon
·
· Score: 3
The idea is that users can use any computer anywhere, and they access a central location, where their information is stored.
What this will really mean, though, is: people don't buy PCs to put their data on. They buy servers to put their data on. They've finally gotten their 24x7 connection, and they're going to stick a box in the basement next to the other utilities. Then they can go anywhere and get their desktop from their computer at home.
For the first iterations, the box will also be the PC they use, but it will act exactly the same as if it were storing things remotely. Of course, it will act as a thin client for other people who want to use other home machines, and it will be a server for when they're at their friends' houses.
Later, of course, they'll want more places to connect from than they want central stores, and they'll want to upgrade their client capabilities (graphics, raw processing, etc) at a different time from when they upgrade their server (long-term hard drive space), and the server will fall out of use as a client.
All this will be possible in... 1996. At least, that's when I started doing it, at least as far as ssh, and then screen, which covers most of the things I actually want to do with a centralized configuration. MicroSoft will probably end up with a similar model (using proprietary parts, of course, so MS client with MS server does things that either doesn't otherwise do). Being the server is probably a stopgap for people who aren't yet set up to run the servers themselves; after all, serving files for people isn't all that exciting, especially if they get people to use software subscriptions and pay to run the file servers on their own machines.
I find it interesting the various attacks I see upon Microsoft's.Net initiative. Perhaps it is a clever strategy of Microsoft's, but.Net encompasses so many things that these attacks lack focus.
Petrely attacks the Passport services piece of.Net. This is just one small piece, and probably the weakest point of the whole.Net initiative.
Most of us Microsofties are really more interested in the.Net programming framework. ASP.NET, VB.NET, C#, Web services, etc.
I do think there is a want for a single signon for internet websites. I have to keep track of some 90 or so names and passwords for various web sites that I have used. It kind of sucks.
I guess the chief complaint I have with Passport is the stupid hotmail.com account. I really don't see why I need or want a free email account, especially since all I get is spam from it.
So if they could develop a system which was interoperable with my email address that I already have, well then. That'd be cool.
I don't know, I guess in a sense I suspect this Passport thing will have some limited success. I don't think it will become all encompassing though mainly because it's not totally desirable.
Similarly with some of the Hailstorm stuff. Truth is, I think these ideas are good, but I think they need to be decentralized, not centralized. I want to be able to access all my email, various files, whatever from anywhere. But I think that I could do that just as easily myself with the right software, or perhaps as a service from my ISP.
In that sense, I think Microsoft should sell the software, not the service.
Re:Forget the privacy implications
by
WWWWolf
·
· Score: 1
Don't actually write your password, just something to remind you what the password is.
That doesn't solve the "zillion sites" problem, though.
I used to write all of my passwords on a notebook - just the passwords! There were hundreds of passwords there, all on different parts of the page. Most of the passwords had been changed and forgotten ages ago.
(The reason I stored the passwords was that "reminder" tends to get obscure when all passwords look like b6NqX01xZ and n4s0rN04.... That's how people have told me to choose the passwords, to make hard-cracking harder =)
The problems came when I needed to remember the place where my password was stored. Eventually ended up trying a lot of different combinations...
The stack most commonly used was Trumpet. Most everyone I knew of obtained it and used it unless they knew nothing about computers or the Internet and bought one of those all-encompassing Internet access packages. Trumpet worked implicitly and almost all applications worked with it correctly unlike the others. Hell, during that time, MS had a TCP/IP stack- but only for ethernet networking and it didn't work worth spit.
By the way, SOAP's not a "godsend"- it's XML RPC for all intents and purposes. For some things, it's a good idea- for others, you're better off using CORBA or something like it. As for the CORBA problems you describe, well, that was the Windows Vendors' problems- not CORBA in general. I mean, there's open source ORBs that plays nicely with nearly every ORB out there- ACE, MICO, OmniORB2... And if you're shopping an ORB and are using C++, ACE is fast, reliable and works across platforms well- and it just uses WinSock2 under Windows.
-- I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Change the font size or the screen resolution...
by
Svartalf
·
· Score: 2
You'll find that IE doesn't do so well at 640x480 or with larger or smaller fonts. Now, while that's the fault of the HTML work at the site (I've seen sloppier- but not by much...) they're not getting it to look like a Word document. There's TONS of sites out there that don't work right with IE or Netscape- Mozilla, possibly, but it's a huge honking monster that eats memory and HD space like candy (Does it work well? Yes. Do I use it, sometimes. I use Konqeror and Galeon mostly...).
I don't use HOTMAIL. Anyone concerned with their privacy shouldn't use it based on MS' terms of service for that and all their other online services. They lay claim to rights for all of what you put or recieve on their servers.
-- I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Re:Forget the privacy implications
by
richieb
·
· Score: 1
Problem is that it's also moronic that next spring when I buy new seeds from Burpee, I'll have to either remember the
password that I created in 1999
Wouldn't it be better to just be able to buy things over the net without having to create accounts and spreading your credit card numbers over many databases?
I don't have to login and remember my password each time I shop at Home Depot!
I think the article is close to the target, but it's not quite there. It's not that authentication by itself is the key, it's the directory services that's part of the authentication which is the key.
Any one remember archie? The difference it made in using FTP? The key part of the phrase "You can find anything on the Internet" is *find*, it's not that any thing and every thing is on the Internet, it's that you can *find* it. (In some way, this is may be what Sun's CEO meant about not having any privacy -- there have always been records kept on people in all sorts of places, just now it is possible to find the records, index them, use them to *find* what you like, or *find* people that like certain things.)
File transfers have been around for a while now. Napster was interesting because it let people, tada, find the files they were looking for that other people have. eBay lets sellers find buyers. Social communities have formed up on the Interent because people have found other people who share similiar interests.
This probably seems all terribly boring, but think about it for a moment. If Microsoft does create a single sign-on authentication system, they will (potentially) have one of (if not the) largest online directory of people (competing with AOL.)
Authentication is just part of it. If Microsoft controls the directory services, they can control who (or what -- i.e. smart tags , etc.) can be found... or not found. Heck, even forget the authentication bit -- anyone serious will have their own level of authentication and authorization, probably -- the first step in authentication of a person is *finding* their record.
Just look at the whole DNS root server mess, Network Solutions and such making money off of basically directory services. The battle over whether or not AOL will have an icon on the Windows desktop. Instant messaging -- which is basically the idea of presence (which appears to be one of the big buzzwords coming up), or rather, making it easier to be found.
Take a look at how much money is made from the sale of.com domains, etc. Now suppose Microsoft had the equivalent of the root DNS servers, but for a directory of identities rather than domain names. How much would someone pay to have an identity of "John Doe" rather than "jdoe@someplace.onthe.net"... just type "John Doe" in your MS email program... Windows Messenger... goodness, maybe even your web browser. Now, wouldn't that be something? MS could let you type in 'identities' or keywords (i.e. "John Doe" "Amy Smith" "Microsoft Corporation" "Plumber" "Sun Microsystem") into your browser/Windows Messenger (off-topic, SIP blows chunks) and pop up perhaps their web page, a phone call, an instant message, or what not. Mmm. Do away with all that messy 'domain name' bit, or rather replace it with the Microsoft authenticated identities. Hmm. Interesting idea, isn't it?
Look, if you want to change the face of the network, the killer app is directory services. Online the map is literally the terrain -- the domain name system is the map we use to find things! That is, if you replaced the current DNS system with something new, that could change web browsing, email, all the services that depend on it to find people, places, and things.
This is closer, but still a bit off. Remember, m$ is way ahead of everyone. They have many allies (stock holders) who will help them succeed (sometime, analize their rise to power as if the were generals; very interesting). M$ is very driven, but somewhere deep in the middle of their little charcoal hearts, they are human(oid). They have worked hard and want to retire and live off their spoils. It's the ultimate capitialism; get more, do less. IMHO, they are still competing with IBM. They want to be a blue chip. M$ didn't make it in to that top 100 companies list that was posted a while ago. IBM did. What IBM (AT&T too) mostly do is license their patents. They learn something new, and let others do the work, for a small fee. Mark Twain would be proud.
How does this apply to Hairstorm? They'll get things in place and provide authentication, but I doubt they even think for a moment they'll replace the current finacial infrustructure. What they will have is one of the largest research areas to do some data mining. They will also be able to "pave the streets" of commerce (so to speak). That is to mean, through setting up schemas (which can patented and copywrited) they will enable people to find and exchange goods and information. These schemas will define the agreed upon standards for exchange of data and exchange of goods, etc. Thus, any one wishing to get into the b-to-b of (for example) selling car parts to retailers, will have to decribe their inventory and exchanges through m$ schemas, and will have to pay m$ to use that commerce toll road.
THAT is what they really want. That is what they actually CAN do.
There's the CDSA implementation from Apple (OpenSource). They use it for their keychain, a non-centralized cryptographic password store. It should run as-is on Darwin - would probably need a light port to BSD or linux.
-- My God, it's Full of Source! OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Re:the appeal of a single sign on
by
unitron
·
· Score: 2
Yorrike probably meant to say "proverb".
Is there such a thing as an amateurnoun or amateurverb ? Or an antinoun or antiverb ?
--
I see even classic Slashdot is now pretty much unusable on dial up anymore.
Re:Likelihood of .NET and hailstorm success is low
by
garcia
·
· Score: 2
there isn't any advantage, that's why I have a strong feeling that they want to eventually force you to use their services...
it will only be monopolized if we continue to let them create this positive spin on the control of our lives!
people are alowly accepting large organizations as the maintainers of databases w/all of our personal information. Do you really want MS to control EVERY single facet of your computer connection? I am scared enough of centralized databases of credit info that companies sell to each other for mass marketing, but I would be ESPECIALLY afraid of MS controlling 90% of every computer remotely...
Bill of Borg is really starting to get closer to reality:(
from a 2000 single domain forrest/tree set-up, without giving all your data to M$. Single signon can be managed thru Tivoli also on a multi platform environment. Only Solaris presents real problems in the password intercept area, Aix/Tandem/M$/TRU64/VMS and of course LINUX all work well. There are also products out there like ControlSA that handle single signone and multiplatform access well.
None of these are opens source but they are M$ controlled either....
-- errr....umm...*whooosh* *whoosh* Is this thing on ?
Tivoli? Who's the dumbass who decided to use that name? From http://motlc.wiesenthal.com/text/x01/xr0175.html
"This increase was brought about by the general political constellation, by a definite anti-Semitic turn in the Conservative Party, which adopted an openly anti - Jewish paragraph in its so - called Tivoli Program (1892)"
are what we are placing for admins and tellers, COMPAQ makes a case smaller than a VCR that mounts easily just about anywhere. In a corporate environment the PC lifespan is short anyways, and with long term (10year) deal with the PC vendor for 2 year replacement, it is cheaper to replace 20 PC's than 1 decent server that could support 20 working thin clients. Give me a entire giga-bit fiber network and some uptime agreements from M$ and maybe it will make some headway.
-- errr....umm...*whooosh* *whoosh* Is this thing on ?
Re:small form factor PC's
by
pete-classic
·
· Score: 2
"Smaller than a VCR"? That dosen't sound like much. Do you mean smaller than a VHS tape? That would be something.
I work for the 2nd largest M$ exchange implementation worldwide, and our management along with several other fortune 50 companies told M$ to stick.net where it was safe...Ballmer's deep dark hole. Data security is PARAMOUNT and M$ would not pony up the $$$'s for insurance and bonding nor would they provide ANY sort of IRON CLAD uptime/access agreement. With VPN and broadband so prevalent these days we are going the exact opposite, to the hardware vendors' delight, and deploying PC's everywhere with VPN clients to access our data on our OWN SAFE and SECURE machines. If I were a sales business or some such heavy travel industry I MIGHT be able to see 'some' value in a.net structure but otherwise...NOT.
Can someone present an argument PRO.net beyond M$'s security and uptime smokescreen ?
-- errr....umm...*whooosh* *whoosh* Is this thing on ?
Re:Who has MS convinced ??
by
technos
·
· Score: 2
No, but my 270 once impressed a VP at Microsoft. He then accused me of being signal11.
Maybe, if you had bothered to even find out what.NET was.
.NET has nothing to do with data security..NET has nothing to do with storing personal information online. If you ignorant of the difference between.NET and Hailstorm, then maybe you shouldn't spout off on it.
Re:Why government is NOT a *Good Thing*
by
Big+Boss
·
· Score: 1
Why should I care if MS introduces a digital ID? They should be allowed to produce new products just like everyone else. If people like it and want to use it, that's thier choice. And yes, if businesses don't want to do business with me because I don't have one, fine. They should not be required to do business with anyone, even me. Just as I am not required to do business with them. Do you honestly think that there will not be other businesses ready and waiting for me to give them my money for the same products? I doubt it. If there is money to be made, a business will appear to make it. As long as there are no laws preventing it. Which, as a Libertarian, I feel there should not be.
If there were enough people that were unwilling to get a MSID, and wanted an alternate form of digital ID, some other group or company would make one to use. And I suspect many businesses would support it if it were offered free or cheap to them. Why turn away customers?
There are millions of Americans and billions of others on the earth that do not have credit/debit cards. They seem to get along fine. I didn't have one for the longest time. Even then I got it mostly for convience. I could always go to the bank and withdraw the cash. Or I could be really paranoid and not have a bank account, just carry all my cash everywhere. Not the most brilliant thing in the world to do, but it would work. The same would hold with the MSID. Sure, maybe I would be inconvienced, but that's a choice I can make.
The biblical refference is a red herring. Without government force such a thing could not happen. And if they try it I can see a revolution starting. People don't like to be forced to do things like that.
The right of free association includes the right to no association. They don't have to deal with you, and you don't have to deal with them. In a free market, business WILL provide for those of us who don't want an MSID. Hell, I'll start a business myself in that case to serve my fellow/.ers.. Probably won't make me a billionare, but I can live with that. The only way to prevent market forces from correcting is to invoke government force. You can help prevent that by talking and writing to your congresspeople. If they don't vote the way you want them to, vote for someone else next time. If government is abusing you, get politicaly active! Find a group that you believe in and back them. At the very least vote and write to your reps. Yes, money talks, but in the end it's because they want to be re-elected. If that is threatened by us, they will reconsider. After all, corps can't vote. Like the other guy said, go read up on the Libertarian Party. If you still disagree, great, it's a free country, for now. Check out some of the writers that write about common misconceptions about the LP.
One really good place to start is Dr. Mary Ruwart.
http://www.ruwart.com/
And her book, available online for free reading, "Healing our World".
http://www.ruwart.com/Healing/register.mgi
It may ask for a name and email, feel free to put bogus info in there if you want.
"Healing" is a great start to answer a lot of questions and concerns people have about the LP. If nothing else, you will be better able to debate Libertarians if you actually understand our beliefs better.
Re:Why government is NOT a *Good Thing*
by
Big+Boss
·
· Score: 1
Ahh, but there is. Corps don't all agree on everything. I doubt Sun would enforce such a thing with MSIDs for example. Or IBM... Perhaps they would. But, like I said, others will fill the gap. So maybe you can't buy from Company X.. But Company Y will be happy to take your money. As long as there are no laws requiring something like that there will always be a business willing to work with you. It just means it will be inconvienent for you. So, what are your principles worth?
I don't think the auther wanted NC to be under complete control of SUN or anyone else. What the artical is suggesting is that total control of authentication from any one entity is bad, unless that entity is Open.
reworded in another domain...
by
battjt
·
· Score: 1
I'm tired of carrying dozens of keys. I want to be able to just unlock my house each morning and have all the rest of the doors I encounter all day long to be unlocked.
And now that he's dating again, he might be more inclined to insist on a bit of privacy. (The collective response of the FSF people to Stallman's acquisition of a significant other after all these years was, basically, "Thank God!". This info is a good four months out of date now, though. Dunno how things are going in Boston...)
Sun and IBM don't have a monopoly on the desktop. Think Netscape, but if IE had come out before it did.
-- --
What on earth needs 350 meg!!!
by
Sangui5
·
· Score: 1
First off, yes it is true that my example doesn't scale. Cutting 99% is a fairly extreme.
But consider MS Office. Many of the DLL's were statically linked, even when there was no reason too, or if another portion of the same binary required the DLL anyway. Excel 95 did have that flight sim in it. And how much sheer cruft did they have anyway (megs of clipart, the damn paperclip, overlapping functionality, etc).
My point is that just about all programs can be put on a huge diet.
Another small point. Look the size of linux binaries. Compare them to equivilent Windows binaries (equivilent! compare CLI picture viewer to CLI picture viewer, compressor to compressor, etc). The linux binaries are almost always much smaller (half or less), for the simple reason that GCC makes very efficient use of shared libs. It almost never generates statically linked code. That cuts down the binaries to what is fairly unique to them. On the other hand, Windows programmers are familiar with DLL hell - the random and undetectable changing of DLL's that their programs require. Becuase it isn't safe to use dynamic linking, almost all 'doze
binaries are statically linked, and if they are dynamic, they include a copy of the dll in the distro, and require it to be located in the same directory as the binary to work. They may have code reuse, but there is no binary lib reuse.
Re:What on earth needs 350 meg!!!
by
ethereal
·
· Score: 1
Part of the reason to statically link was mentioned in the recent article about Gnucash: you avoid DLL Hell if you carry all your libs around with you. I don't think it's a great reason, but it's a reason.
Caution: contents may be quarrelsome and meticulous!
Re:What on earth needs 350 meg!!!
by
groomed
·
· Score: 1
Yes, well, I've been hearing this stuff for ages, about how programmers should "be more efficient", but meanwhile, all those wonderful word processors written in assembler (Tempus Word) seem to have perished.
Besides, some people think that so-called "cruft" (clip-art, templates,...) is added value. Should people design their own fonts, too?
In any case, there was a time when 3000 bytes could hold an interpreter. You need 3000 bytes just to write a character to a file. Go figure.
The heart of the matter is that applications grow larger as they incorporate more elements from the day to day world (page sizes, fonts, languages, sound, advertisements...). Writing tight code does nothing to avoid that.
Yes, NIS and kerberos are useful
by
Sangui5
·
· Score: 1
But what Hailstorm is is having the same centralized authentication for many separate sites.
If the local NIS server gets 0wn3d, my/. login is still safe. If/. is hacked, my home box is still secure. And my credit card information isn't on any of them.
But if passport is hit, then it's all gone. Even worse, because of the way Passport has to authenticate for other sites, they have to store the tokens there for many sites. With NIS, the local machine passes on my password to the NIS machine, which checks it for validity. The NIS server doesn't know my password, it just is able to positively ID my password. Not necessarily true of Passport.
Re:Yes, NIS and kerberos are useful
by
matman
·
· Score: 2
I love that nowhere in MS's W2K texts that I've read, does it mention that a kerberos KDC needs to be computationally secure, since if it is compromised, all passwords in a domain must be changed, since the attacker can potentially decrypt the session keys in use on the network.
What version of g++/the c++ libs are you using?
Templates are the reason that C++ code tends to be big, and I'm running a fairly new 2.9whatever (moving to 3.0 as soon as I get around to updating glibc). Different versions of g++ have support templates to varying degrees, with varying effeciency (run-time speed and code size). Also, the compiler flags that are passed can make a big difference. I'm not sure what my default flags are (aliases, environment variables, and the configure options passed at compiler time (compiler compile time)), but they do generate fast code, just not small code. -fno-templates, -s, -no-unroll-loops, etc. affect code size quite a bit.
But really, using the obvious g++ foo.cc on my system generates fairly large binaries when you use C++. I'd would like to know why yours are so small.
Compiling under FreeBSD 4.3, with g++ 2.95.3, just invoking g++ gives me a file size of 5228 bytes; stripping it gives me 3500 bytes.
The executable requires the libstdc++, libm, and libc shared libraries.
At work, our binaries display a stack trace if it gets a critical signal which would prevent function names from being displayed if these binaries were stripped. So we leave them in for supportability.
Yeah. Switch Hailstorm and Passport as needed. In any case I'm just pointing out the stupidity of massive centralized authentication/data storage. Leaves you with one big fat target to take down.
Smaller isn't impossible, just more difficult.
by
Sangui5
·
· Score: 3
Here is a little anectdote relating to executable size
I recently recompiled my kernel, and put in the MagicSysRq support. I had been playing with fork, and the killall/nukem-now support it offers was attractive. However, can be dangerous, and as such you have to put a '1' into/proc/sys/kernel/sysrq before it will work. Putting a '0' in instead will also work.
Now, I wanted to be able to turn this on/off from my user account w/out going to root. A script wouldn't do it as/proc isn't world writable, and you can't suid a script safely. Therefore I needed a very simple binary program. Being the lazy person that I am, I wrote it in C++:
int main(){
ofstream out;
out.open("/proc/sys/kernel/sysrq");
out << "1";
return 0;
}
Now, when I compiled it, I noticed that the filesize was a whopping 354K. 354K just to write a single character!!! That is way too much. So I decided to put it on a diet. First step: strip. Strip removes all of the debugging information from a file, which can really shrink it's size. It did, but still left a whopping 71K.
I then realized that the problem was using C++. So I switched to C, using file pointers, fopen, putc, and so on. This brought things down to a mere 12K. Stripping this brought a final size reduction to 3276 bytes. A very very slight reduction could be achieved by using the more raw calls to open() write() and close(), but only a couple of bytes.
Now, what is the moral of the story? It was a little harder to write the small version. I had to look up the exact semantics for fopen (I don't use C very often). I had to know about the existence of strip (or the -s flag for gcc will do the same). And I had to have the will to cut the size down. As a result I cut the binary to less than 1% of it's original size.
Now how many end-user apps:
have been written with absolutely no attemt to keep the size of the binary down?
haven't had their debugging symbols stripped?
statically link to common libraries rather than dynamically link?
statically link multiple times to the same library, and then dynamically link once or twice more just for good measure (hint: MS Office).
have lots and lots of extra features that only a small percentage of people use?
have totally unnecessary things (a whole flight sim in Excel!!)?
are written in "big" languages like C++ (especially for GUI work), or are written by people who would rather save themselves 5 minutes coding rather than slim something down, even a large amount?
The answer is "a lot"
Network computing is perfectly possible. It just takes a small amount of effort
Re:Smaller isn't impossible, just more difficult.
by
ademko
·
· Score: 1
I compiled your C++ program under Red Hat Linux 7.1. With no optimization, the binary was 4212 bytes. With optimizations it was 4776. Both versions where stripped. Are you sure your linking the standard C++ libraries dynamically?
Also, a quick scan of by bin diretories shows that most binaries are indeed stripped.
Finally, if you consider C++ "big", then I urge you to read some of Bjarne's writings on the subject. The whole goal of C++ was to help you code in "with classes" with 0-cost over the same code implemented in C.
I also don't understand how a binary can be linked mutiple times both statically and dynamically to the same library. Surely you'd get symbol conflicts.
Re:Smaller isn't impossible, just more difficult.
by
ttfkam
·
· Score: 1
I'm seeing 14,850 bytes for an unstripped build with g++ and 4,194 for the stripped build.
Now let's perform a couple of very simple C++ optimizations: put the filename in the ofstream constructor and pass the character '1' instead of the character string "1".
#include <fstream>
int main () {
ofstream out( "/proc/sys/kernel/sysrq" );
out << '1';
return 0;
}
With these changes, I get 14,738 bytes for the unstripped build and 4,114 bytes for the stripped build.
Bigger than the C code by only ~800 bytes, and definitely not 354K or 71K.
FYI: I am on a relatively stock RedHat 7.1.
--
- I don't need to go outside, my CRT tan'll do me just fine.
Re:Smaller isn't impossible, just more difficult.
by
rkent
·
· Score: 1
Now, when I compiled it, I noticed that the filesize was a whopping 354K.
Alright, with an node size of (probably) 32K, that's like 12 nodes, ouch...
which can really shrink it's size. It did, but still left a whopping 71K.
Alright, down to 3 nodes now, cool!
This brought things down to a mere 12K.
Alright, down to one node!
Stripping this brought a final size reduction to 3276 bytes.
Whoo hoo, now we use... oh yeah, still one node.
As a result I cut the binary to less than 1% of it's original size.
Yes, and saved 11 nodes in the process. But the last step was basically useless, as it was already fitting in one disk block. And even 3 blocks wouldn't have been bad, except the 3rd one was almost totally unused...
---
Re:Smaller isn't impossible, just more difficult.
by
nihilogos
·
· Score: 2
354K??? The same program compiles to 5978 bytes using g++ on my system.
-- :wq
Re:Smaller isn't impossible, just more difficult.
by
eMilkshake
·
· Score: 2
12k, eh? You need to check out http://www.muppetlabs.com/~breadbox/software/tiny/ teensy.html, which describes just how to make a small Linux ELF program. Fed up with program bloat, the author found just how small he could make a program: 45 bytes.
Re:Smaller isn't impossible, just more difficult.
by
groomed
·
· Score: 1
So you saved ~350K on a ~354K file. But that doesn't mean that you'll also save ~350M on a ~354M application distribution.
Forget the privacy implications
by
Sangui5
·
· Score: 4
Just consider for a moment the security implications.
You must remember that this is MS running the servers. Now, last I checked, they didn't exactly have a very good track record on security. Just think of what bad things could happen the first time somebody breaks into the Hailstorm servers and steals millions of people's login info at once. Or credit card info too, as there is talk about using Hailstorm to handle online purchasing too.
The very idea of a centralized single signon is moronic. I would hope that most people on/. realize that by now.
Re:Forget the privacy implications
by
MrNixon
·
· Score: 1
What kind of clue would you suggest for 5G3*c3DE?
Re:Forget the privacy implications
by
stroppy
·
· Score: 1
Ah, you see when they have the amount of control they want, they get their tame politicians, tame attorneys, and tame reptiles of the press to convince the 'public ' that security holes are good for Freedom Loving Peoples(TM) everywhere.
As to authentication generally, I look forward to the day when I can Sit Down (R) at my Computer(TM) and Work (C) while have A Lot More Fun (Pat. Pending) at the same time.
And while we're on the subject: Is it just me or does Ballmer REALLY look like the monster from Young Frankenstein (pron. Fronk-en-steen)
Re:Forget the privacy implications
by
Asgard
·
· Score: 1
You can get a program for your Palm called CryptoInfo which stores your logins/passwords, encrypted in 128bit IDEA (or another algo, but it is one of the standard ones) until you enter your master passphrase. Very handy.
Re:Forget the privacy implications
by
technos
·
· Score: 2
Moronic, sure.. But so are the millions that want it. And only Microsoft, who has experience in the 'So you got hacked! What am I supposed to do about it. You only paid us $40K for out software, you didn't pay us to make it secure!' business is going to be moronic enough to try it.
-- .sig: Now legally binding!
Re:Forget the privacy implications
by
malfunct
·
· Score: 1
I thought the idea of hailstorm was not to centralize the data storage but to unify the client used to look it up. Make one standard to get all the data and it doesn't matter where the data is stored in the end.
--
"You can now flame me, I am full of love,"
Re:Forget the privacy implications
by
Salsaman
·
· Score: 3
Let me introduce you to a novel concept - it's called 'paper and pen'.
What you do is, whenever you register with a site, you write down your username and password in a little notebook.
Don't actually write your password, just something to remind you what the password is.
Amazing eh ?
I think I'm going to patent the idea.
Re:Forget the privacy implications
by
update()
·
· Score: 2
What you do is, whenever you register with a site, you write down your username and password in a little notebook.
The problem with that, as well as the schemes other people propose about encrypted text files and such is: what happens when I'm hanging out in my wife's office and decide to order some more slightly irregular T-shirts from Sierra Trading Post? Yes, I could carry the notebook with me, but doesn't that strike you as a little inelegant? None of the methods people are suggesting are worthy of a world with pervasive networking. (Although the MacOS keychain does work great on a local system.)
What I do is remember a couple of strong passwords (my main Unix account and the root account on my connected Linux box) and reuse a few weak ones for sites where I don't care if I get 0wn3d (I'm not a sufficient privacy freak to care if someone cracks my Burpee account), with one password for news sites, one for merchant sites... But there has to be something more elegant coming along: biometrics, automatic authentication through my wearable, something like that. George Jetson doesn't have to carry a paper notebook around with him.
Unsettling MOTD at my ISP.
Re:Forget the privacy implications
by
update()
·
· Score: 3
The very idea of a centralized single signon is moronic. I would hope that most people on/. realize that by now.
Problem is that it's also moronic that next spring when I buy new seeds from Burpee, I'll have to either remember the password that I created in 1999 (and can't have sent to me because I'm at a new email address) or spend 10 minutes creating a new account and lose my history. Or that I find myself registering on sites as "jsngr8" or something like that because I've already created and lost 8 accounts there.
I don't know what the answer is, and I sure hope it's not putting Microsoft in charge of a single unified login -- but the methods that made sense in 1996 just aren't going to cut it any more.
Unsettling MOTD at my ISP.
Re:Forget the privacy implications
by
Auckerman
·
· Score: 2
Internet Explorer for the Mac remembers passwords for you. The keychain in OS 9 and OS X form a conveint place for all your passwords, encrypted of course, all locked and unlocked with a single password or if you are in a multi-user set up, merely by logging on and off the computer.
This isn't meant to be an add for MacOS. Use what you want. The point is merely there are alternative solutions that are clearly more secure than a centralized network location, it's just that MS needs an to hide their thinly veiled attempt to make it easier to code network applications only for Windows rather than using existing standards and protocols to do it behind "innovation" and "service".
Quite frankly stuff like this disturbs me. I don't trust my personal information to new unproven technologies, this includes.NET/Hailstorm. The level of inherent complexity of these services combined with the fact that most companies use their customers as beta testers make for nothing more than a receipe for disaster. No thanks, I keep with my set that works and is secure.
--
Burn Hollywood Burn
Re:Forget the privacy implications
by
Tech187
·
· Score: 1
That points out one of my sore points with sites that insist I enter in some clue in case I forget the password.
Is it an intentional effort on their part to make sure I use my Mom or my cat's name as my password???
My clue is usually something like 'Not a chance' or 'None given'
The key is that when Hailstorm gets integrated into applications (instead of being "on the web") people won't feel as uncomfortable with it. They won't even notice its happening.
This reminds me that a lot of people are confused when operating their computer--they aren't quite sure what's going on. For example, an intelligent lady of about 60 recently told me that she avoided using the internet because she wasn't sure whether she was paying for stuff when web pages came up showing products and prices...
In a department store, we all know we haven't paid until we go to the till and it goes ka-ching!
I know I'm paying when I switch on the lights. And I know the bill will come from the electric company. But how the hell am I supposed to keep track of thousands of micro payments to hundreds of companies I've never heard of? Check my system logs??
The "masses" who are unsure of what exactly their computer is doing are not going to be examining their system logs... only the tech savvy will know how, and so only the tech savvy will use this technology--except they know enough not to trust it--while at least now even the average user may venture to type in their credit card number occasionally.
Maybe in 15 years the new generation will grow up accustomed to understanding what's going on in their computer, and know what it's doing at 3am. But in the meantime, technology will have changed even more.
Re:the appeal of a single sign on
by
dennism
·
· Score: 1
(the only trick would be to steal the information slowly enough so that Microsoft wouldn't notice).
You mean like they noticed their source code to Windows being stolen?
There's three categories to your list of Sun "accomplishments":
(1) Sun doing something because it's the "right thing to do"; (2) Sun doing something because it costs them nothing and is perceived as (1); and (3) Sun doing something that advances their business and that can be spun as (1).
I'd bet that Sun does most of what Sun does because of #3, some because of #2 and very little as #1. Sun is also motivated to look "good" relative to Microsoft, either to rank-and-file IT who use their product, to PHBs that buy the product or to the "community".
If Sun, IBM or anybody else had a monopoly position like Microsoft's, Sun would probably act no differently than Microsoft does when the day was over. They'd be pursuing the exact same save-my-monopoly routine that Microsoft was doing.
Sun it motivated by its shareholders and board, not by anything else. If you believe that they are motivated by charity or their own "good deeds" you're a victim of their "MS is bad" PR campaign.
Re:Another novel concept Notepad.exe
by
Chelloveck
·
· Score: 2
Or don't even bother encrypting the file. Do you think anyone really cares about the password to your Burpee account? Or 99% of the other transient accounts you create on the web?
I've been using URLTrack on my Palm, which is designed for this. Lately I've switched over to using a generic database manager just to make it easier to export the data to my PC as a CSV file. I ought to remember to copy that CSV file to my shell account periodically, just in case I'm caught somewhere without my Palm and I desparately need to logon to Slashdot.
Chelloveck
-- Chelloveck I give up on debugging. From now on, SIGSEGV is a feature.
Re:So name the open source alternatives
by
scav
·
· Score: 1
Of course, there's still the problem of centralised control. What I would really like to see is a PGP or PGP-like solution where the user has control over their private key and each site grabs the public key when they sign up
SSL with client-side certificates does exactly that. (apart from it doesnt use PGP, just the technologies PGP uses).
Microsoft's PassPort.com allready exists.
It was the world's 8'th most visited web-site, last year, the userbase they have collected (*@msn.com,*@passport.com and *@hotmail.com) is enormous!
MY money is one SOMEONE ELSE's safe.
by
ABEND
·
· Score: 1
Most of us are not keeping the "fruits of our labor" tucked into our mattresses. Experience has taught us that "mattresses" burn quite easily and they do not provide a significant barrier to oportunistic thievery. Thus, we put our trust in select others to store and protect the products of our toil. Though we are providing these select others the opportunity for misuse of the "fruits of our labor", this is preferable to the quite likely event that we experience total loss of this fruit.
In summary:
Friday && paycheck && cash in hand == Monday && penury.
||
Friday && paycheck && cash in bank == Monday && solvency.
-- In all seriousness:
Re:MY money is one SOMEONE ELSE's safe.
by
Erik+Fish
·
· Score: 1
And what NOC (or chain of NOCs) on the scale of what Microsoft wants to do can boast the kind of reliability that a bank of a similar scale can? Banks are backed by the FDIC and therefore robberies, mistakes and natural disasters that result in monetary loss are insurred against. What kind of insurance can MS provide for data which (if their plans succeed) will be worth many trillions of dollars?
I'm sure the fact that the NC approach looked, smelled, walked, and quacked like the 3270 controller/displays that the PC's had just displaced was another reason NC went nowhere at the time.
What has changed since then is that networking is now ubiquitous and cheap AND the hardware cost/performance ratio is so low and getting lower.
-- Well, apparently, you only have to fool the majority of people for a little while.
Really?
Who made and opened OpenLook ?
Who donated code to Mozilla ?
Who donated code to OpenOffice ?
Can I download Windows for free just like Solaris?
Did M$ develop something like lxrun?
Could we really expect from Sun the same as from M$?
Does anybody have the right to say that Sun _would_ be as bad as MSFT, _if_ they had the desktop monopoly?
Could it ever be that Sun does not have any monopoly because it is not as bad?
Please remain fair to fair players and hold back unsubstantitated slander.
Disclaimer: I never worked for Sun, do not own Sun shares and I am in no way affiliated with Sun.
Miranda's murder was never solved because the suspect invoked his right to remain silent. Now that's ironic.
This is so wrong its not even funny. Miranda signed a confession about a rape and kidnapping (not murder), exactly the opposite of remaining silent. He conviction was overtuned in the Supreme Court because he was never told he didn't have to talk without council.
See Below:
http://www.mtsd.k12.wi.us/mtsd/district/whacked. si tes/anatomy.of.a.murder/miranda.htmhttp://www.mtsd.k12.wi.us/mtsd/district/whacked.sites/anatomy.of. a.murder/miranda.htm
Miranda signed a confession about a rape and kidnapping (not murder), exactly the opposite of remaining silent. He conviction was overtuned in the Supreme Court because he was never told he didn't have to talk without council.
And, according to the guy you're quoting (I assume it's a sig - I have them blocked), he was subsequently murdered and the suspect invoked his right to remain silent and got off. I have no idea if it's true but it has zero to do with your response.
Micro$oft's ".NET" is a move to send computing back 40 years, back to the bad old days of centralised computing resources and remote users.
I would rather keep control of my own personal computing. I don't want my private data residing on servers outside my control. How do I know that Micro$oft can be trusted with it? How do I know that Micro$oft won't steal it by changing their "terms and conditions" with a bait-and-switch? Micro$soft will as usual disclaim all liability for lost data. For these and other reasons, ".NET" cannot be trusted as a reliable computing alternative.
We should therefore work hard to ensure that ".NET" becomes ".NOT". --
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
"Smithers, use the amnesia ray..."
by
FatSean
·
· Score: 2
"You mean the revolver Sir?"
"Yes, Precisely..."
-- Blar.
Re:As always, Cosmo said it best...
by
Gabey
·
· Score: 1
It is on DVD, but there's no interesting additional features. I also own it on VHS, but, hell, I may get it on DVD also for the hell of it...:>
Re:Likelihood of .NET and hailstorm success is low
by
WasterDave
·
· Score: 3
MY data is one SOMEONE ELSE's machine.
The problem is that while you're comfortable with data being on your machine, 99% of people (joe consumer) would rather it wasn't. They have no idea how to do backups, are uncomfortable with the idea of disk crashes, and (ironically) are used to the idea that computers just do go wrong even if they have no idea that it's our friends in Redmond that cause it.
So they want someone else to look after their data.
By which I'm sure you mean 'X' or 'The X Windowing System'.
Any app that deals with text or numbers could run over a 56K modem no sweat. I know this is possible....
Of course its possible; its called xterm (or other telnet client). Anything that can't run in an xterm obviously isn't dealing entirely with text and numbers.
The reason an application like Quake can run so smoothly across a dial-up is because it's performing a very specific, limited task, and the messages being sent are all very simple - shoot, jump, turn left 15 units. The reason the X protocol is so flexible is because its so generalized and non-specific. It doesn't even know what operating system or window manager you are running at the other end of the connection. This means an X client has to send a lot of information to the server at the other end of the connection to describe what it looks like, how it works, what kinds of input it's listening for, etc. This boils down to enough bandwidth use that app sharing with X is "usually" useable on a LAN, but too unwieldy for broad internet use. (I'm reminded of the time at my first Unix job when I innocently ran a full-screen mpeg video player remotely via X and brought down the whole 10-megabit network).
I agree with you that it would be a Good Thing to have a lightweight protocol to run sophisticated apps across a network connection. I like to think that's where XML is headed. But X, while it has its uses, has been around for years and years and plagued by problems of varying implementations, bandwidth use, and general non-acceptance among the MS-Windows crowd. (It also doesn't help that even the commercial X servers I've seen for MS-Windows - like Hummingbird Exceed - are of pretty unexceptional quality.) I suspect that X has been around long enough that if it *were* a magic bullet waiting to be discovered, somebody would've done so by now.
Re:MicroSquish for authentication?
by
Kaa
·
· Score: 1
Yeah, right. Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security
You mean Emacs, right? Wasn't there a time when incoming mail opened in Emacs's mail client could execute arbitrary Elisp code?
Kaa
--
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
Re:M$ has done a better job than the competition
by
r2ravens
·
· Score: 2
2.) They run Hotmail. Everybody's used this at least once.
I beg to differ. I'm sure there are many people who do not use and have not used Hotmail. I am one of them.
As a matter of fact, most of the spam I get is from Hotmail accounts. If I could convince two more of my friends to give up Hotmail and switch to something else, I would send all incoming mail from Hotmail accounts to/dev/null.
-- War is Peace. Freedom is Slavery. Ignorance is Strength. - George Orwell or George Bush?
Re:I see two possible outcomes...
by
MindStalker
·
· Score: 2
Problem with number 1 is that the basic laws of capitolism state that the internet retailers would abandon such if the cost rose above what consumers want to pay. And either go back to simple credit card systems, or MS would become a credit card company, and charge the same rates. And people can simply use a 2 click system.
Re:So name the open source alternatives
by
pangloss
·
· Score: 1
some implementation of LDAP, or its big brother, X.500? maybe in conjunction w/ using certs?
but what does merely having an available open source implementation get you? who's going to run it? someone who you are going trust? just because it's open source certainly doesn't mean someone is going to run it for free in competition against microsoft.
and if not microsoft, what, is petreley implying that sun would have been a better candidate for holding a monopoly position on auth services? pah!
maybe some single, monolith authentication service isn't the direction to be looking to in the first place. seems like trust issues keep cropping up....
Re:As always, Cosmo said it best...
by
asland
·
· Score: 1
That is a rather sickening set of links. He is so sold out, and the product is so hyped and buzzworded. Yuck...
As a POS developer I worry a lot about NCs at POS. I remember many years ago, my dad worked on a back office system for Asda, the UK supermarket chain. All dumb terminals at POS. Something (I think it was a major hardware failure) took out the back office, and left the cashiers asking customers how much they usually spent on groceries, and charging them that amount. Cash only, of course.
Now I have a retail chain of my own (ha!) I am constantly defending the position that no matter how much redundancy you put in the back room, even if you use the sexy multi-transport networking in QNX, something can happen that will knock the register off the network. And when that happens, if it's an NC, you have a blocked lane. If it's a PC, and you've coded it right you can still capture all the barcodes, and the customer's credit card number. You might lose something when the cashier has to guess at how much an item without a tag costs, but when everything comes back up, at least you'll know how much you've lost without having to inventory the whole store.
--
--
-- E_NOSIG
Re:Scary - but it may be Microsoft's downfall
by
JMax
·
· Score: 1
baptiste wrote:
> The money is NOT with personal PCs - hell half are using pirated software anyway!
> Its the business customers.
Are you kidding? Music, movies, television... that's what this is about; it isn't about "office productivity" anymore, it's the entertainment industry. This is about MSNBC, and Disney, and Sony, and all those people.
Re:How to remember 3,000 passwords!
by
MrNixon
·
· Score: 1
That's great. Until I use a computer somewhere other than my house. I don't have a PDA, so I can't store stuff there (and I'm not going to write my passwords down on paper).
What would you suggest then?
Use an affiliated .edu/.org for your CA
by
__aadkms7016
·
· Score: 2
I've always thought universities were the perfect
certificate authority for their graduates; you
would get the service as part of joining the
alumni association, along with the bad magazine
and the alumni email address. Grads are already
using them as an authority every time they
request a transcript, and certifying someone
completed a degree is a pretty strong claim of
identity, more strong than Verisign has to offer.
The idea can be extended to handle people who
don't go to college too -- there are enough
organizations in this world, from churches to
unions to professional organizations to AARP to
AAA, most of whom collect money from their members
while providing various value-adds. Certs could
just be another thing along with the discount
health insurance.
Who owns and controls this accounts database?
Are all resources controlled by this accounts database?
I think it comes to something like levels of access (or security classifications). If you have a front-gate, a doorway, and a wall safe, you do not use the same key for all three.
Re:Makes perfect sense, really.
by
Tony-A
·
· Score: 1
But with all the noise, a few more people do get curious and find out a bit more. The signal to noise ratio may be pretty bad, but any attention is better than no attention. The GPL has been around for a long time. You have to wonder why it is suddenly "bad". Microsoft is worried that the coporate world will discover that GPL'd (or other Open Source) software is their best (maybe only) defence against being locked into incompetent and/or uncooperative vendors. Remember that FUD didn't originate from IBM but from customer's PHB's with a deathly fear that Big Blue would drop effective support (while technically living up to the support agreement). The irony is that the companies that got the best support had multiple vendors pointing fingers at each other and not with a "single number to call".
Red Hat Professional Server
by
Tony-A
·
· Score: 1
>>People like to shop, and companies like to drop down bucks on new hardware and shiny new CD's. Tarballs aren't sexy.
Yeah, you can download everything important for free, but you don't get the pretty box!
Actually, the fact that you can download everything for free makes the box all the more attractive.
Re:Red Hat Professional Server
by
DrCode
·
· Score: 2
No kidding! At my previous job, my boss wanted to set up a Linux server. I offered my recent SuSE CD, but he insisted on spending a couple hundred $$'s on 'Red Hat Professional'.
Man, haven't we seen this already? Go back to the 70's and 80's where everyone* had Mainframes or Unix Servers. Just take away the LAN, and throw in the Internet. Voila... Brave New World indeed!
*Everyone being the larger corporations
Re:MicroSquish for authentication?
by
remande
·
· Score: 3
The long and short of it is, MicroSquish knows precisely *squat* about multi-user computing, data security, and crypto.
That's alright. Remember when they knew precisely squat about the Internet?
In two to three years, Microsoft will have invented those technologies.
--
--The basis of all love is respect
Other conclusions possible...
by
dead_penguin
·
· Score: 2
While the article does make some interesting points (you *did* read it, didn't you?), I'm not quite sure I'd go so far as to see this as a huge consipiracy to draw our attention away from "authentication services".
It's probably true that Microsoft isn't as concerned with the GPL as it appears in previous articles here, but I think their "concern" with it is a pretty good indication that they are taking it seriously. Aside from the fact that this is classic MS FUD-mongering, I'd imagine that before they went and made any such statements that their lawyers had taken a very, very close look at the wording and workings of the GPL.
Rather than the current smear tactics (comparing something a "cancer" is *not* playing nice) being a diversion, I think they are being carried out because Microsoft actually believes that the GPL could stand up in a court of law, and that their corporate lawyers *probably* couldn't fight it effectively.
Of course if you want a real conspiracy, you could even go so far as to conclude that MS has already (secretly) violated the GPL, or is planning to do so...
"Intelligence is the ability to avoid doing work, yet getting the work done".
--
It's only software!
Re:Other conclusions possible...
by
Moooo+Cow
·
· Score: 1
"While the article does make some interesting points (you *did* read it, didn't you?)"
We'll, I tried, but my eyes glazed over after "One of my favorite scenes in the movie Ghostbusters II..."
-- Slashdot is entertaining like pro wrestling is entertaining
Re:Other conclusions possible...
by
DarkProphet
·
· Score: 1
Get real! Its a proven fact that M$ will play dirty pool if its threatened enough (see Netscape v. Microsoft in the browser wars). Yeah, you're right, M$ may want to test the validity of the GPL in court, but M$ is smart enough to cover thier bases. Lets look at some reasons M$ would be so vocal to the general public about the GPL (remember, Joe Sixpack isn't reknowned for giving a shit about licenses):
By trying to convince the general consumer that the GPL is bad, it makes M$ look like the helpful innovative company that they wish they were. "Hey people, these GPL commies are trying to destroy our economy!"
Since Microsoft _has_ been so vocal, it seems to me they have weighed the possibility of testing the GPL in court. They wouldn't call attention to something unless they were willing to face it head on. M$ might not take on the GPL in court, but I'd dare to bet that someone will, and probably pretty soon. M$ will be watching.
Its an obvious attempt to try to distract and fragment the open source community. United, we are a very real threat to MS, but if we start squabbling about liscenses (GPL vs MPL vs BSD flamewars), we'll be a little too preoccupied to worry about what M$ is up to. M$ has tried this experiment before, and they know full well we fall for it everytime. Its a diversion alright
With all the dot coms going belly up, its a good I toldja so from M$. M$ could quite easily quote quite a few companies (RH, VA, Caldera) who have had quite the hard time generating positive net earnings. Of course alot of closed source companies had the same problem, but M$ is known for leaving out details.
When it comes down to it, M$ is up to something more than just flaming the GPL. Sure, us OSS zealots would like to think its because M$ is scared of the GPL. Yes, they are, but we'd be naive to think it ends there. It does not. M$ will take pot shots like this at us, BECAUSE IT BUYS THEM TIME! It gives them time to develop something new, and market it as the Next-Big-Thing(tm) that the consumer HAS to have. And it will conspicuously have no OSS alternative.
It would be in our best interests if Slashdot (and open source developers in general) stopped paying attention to the M$ FUD machine. It'd be infinitely more wise to pay attention to what M$ is doing not what its saying.
-- What could possibly hurt the security of the American people more than giving our own government the ability to hide its
Re:Other conclusions possible...
by
quasar0
·
· Score: 1
Why does microsoft want to test the validity of the GPL? They are already using the TCP/IP stack from FreeBSD. They probabally get all the code they want from non copyleft code.
Re:So name the open source alternatives
by
jfunk
·
· Score: 3
It's really a pretty cool solution and you can authenticate to almost anything: LDAP, RADIUS, even SMB.
Of course, there's still the problem of centralised control. What I would really like to see is a PGP or PGP-like solution where the user has control over their private key and each site grabs the public key when they sign up (with this, a signing up process could be transparent to the user). That way, you get the common authentication method and there's no need to store complete data about you anywhere but on your computer. Imagine getting a popup: "Whatever site has requested the following information:...." Each piece could be accompanied by a checkbox so the user can accept/deny specific pieces of information.
This is probably doable such that it will easily integrate into current systems, too.
Of course, I could be totally wrong, and I'd expect someone to point that out.:-)*
"Why is it that when they agree to support XML and SOAP, and at least do lip-service to the "open standards" idea, we continue to bash them and whine about how Sun did this 10 years ago?"
Because MS always seems to find a way to add proprietary extensions so that you still have to use MS. For example, Kerboros.
Re:the appeal of a single sign on
by
Necron69
·
· Score: 1
No, no no nooo. This is just another piece of pseudo-physics. In business, smaller does *not* mean 'quicker' -- in either the 'ability-to-change-focus-suddenly' or the 'ability-to-fully-exploit-an-opportunity-before-an yone-else' senses. *Bigger* is faster. *Bigger* has less inertia.
Small companies necessarily have homogenous portfolios -- they focus on one wee lil corner of the market, because they lack the resources to cover more. Any change of direction (or market) jeopardizes the company; hence, alterations in course are 'expensive', probablistically speaking. OTOH big companies can follow a zillion different speculative trails to their logical conclusions *simultaneously*. Think of quantum computing. Now, if 99% of those trails end in failure, so be it; the company naturally 'collapses' its waveform onto the remaining one percent and be extremely successful.
The reason why small companies appear to be quick is the same reason that dust motes seem to be 'everywhere' when you wave a flashlight around in a darkened room: The sheer number of small businesses make it very probable that a handful will be at the right place at the right time for any given opportunity, never mind the hundreds of unlucky failures, floating in the dark!
Now how's that for pseudo-physics?:)
-- - undoware.ca
Re:Why government is NOT a *Good Thing*
by
alecto
·
· Score: 1
Nice writeup, but free association implies symmetry of power. There ain't no such animal in today's world, and you know it. When there's an oligopoly of corporations telling you they aren't going to deal with you without an MSID, then you aren't going to be able to live without that MSID. It would be free association for them, but not for you.
Re:Why government is NOT a *Good Thing*
by
alecto
·
· Score: 1
I hope you're right, but current events don't bear that out. Tried to rent a car without a credit card? Or a hotel room? We're not talking about inconvenience here, we're talking about "If you want to stay in anything other than a roach-infested firetrap for the night, you have to give us a CC#."
I agree that government should not mandate the use of an MSID or similar mechanism. I believe, however, that government should mandate that no business may require one as a condition of conducting business. (I also believe this about SSN's.)
If I thought true free association were possible and that businesses engaging in intrusive practices would die on their own, I might think differently. I'm not that optimistic, though.
While we were all vigorously arguing on Slashdot, they snuck in the room and put little black boxes between our network interfaces that record a micropayment for every TCP/IP packet.
Nice diversion!
Sarcasm aside, Microsoft is still a big corporation... and smaller means quicker. So it's not really about Microsoft sneaking anything past us... it's about the quality of our decisions and actions, and how effective they are to counter moves by Microsoft.
But hey, the best solution is to just give in, buy their stock, and move to a remote Pacific island to live off the profits. Or, alternately, move in with Stallman and start amassing the GPL cult that will eventually take over the world like... Pac Man...
Oh God, have other cult members done an identity check on her to make sure she's not a secret agent from evil empire to control our beloved's mind?  _ /. /    |\/| |\/| |\/| / Run, Bill!
Microsoft is a medium-sized company. IBM employs some 250,000. Microsoft is some 30,000. Sun is about the same. Oracle has slightly more. So MS may be big compared to Red Hat, but they're not a BIG corporation. Especially considering the breadth of software they produce from operating systems to application software to server software.
Agreed, Microsoft is a big company. That's why when they enter new areas they're like a huge elephant: they go slow, but there isn't much that can stop 'em once they start moving.
Smaller doesn't mean quicker though. Sticking to the same analogy, the smaller companies are more like mice. They can quickly dart back and forth, but obstacles can really slow them down.
I firmly believe that Microsoft can be beaten. It's just important to remember that just because they're big and slow does not make them an easy target at all.
Open Source Alternative... maybe?
by
metacosm
·
· Score: 1
I do not know of any open source alternative to the microsoft purposed system. But I have a concept (very off the cuff). What if you used FreeNet as the data-store. Your data would be replicated, cached and encrypted. Once you access it from your place of work, you place of work would have a cached verion of it, when you try to access it from somewhere else, whatever node you are using as your "server" will go out and look for you current information in the FreeNet service, replicating it along the way back. I am not going into details, because I don't know how this might work, is it possible? Anyone with more knowledge of freenet/universal login system care to comment? I just see there being LOTS of servers rather than a centralized few, and once you get your data in the building you are working at, it stays there until you try to access it from somewhere else (home) and then it is replicated. This would use the power of P2P to be the load of a universal login/data storage system to the edges of the network, decentralize control, and allow local administrators to setup Nodes for ther users data, which would become a part of the FreeNet network as needed (accessed). Just a comment, I don't know if it possible or what, just wanted to throw it out there.
Re:As always, Cosmo said it best...
by
QuantumG
·
· Score: 1
The original article in Esquire magazine, October 1971. The Capt'n is still the man. He's the CTO of a company making "The Crunch Box" which is an IDS appliance running on OpenBSD.
-- How we know is more important than what we know.
Re:As always, Cosmo said it best...
by
QuantumG
·
· Score: 1
As the first article clearly demonstrates, he was always sold out, from day one. John Draper likes money and he aint afraid to say it.
-- How we know is more important than what we know.
I don't see the problem with this. Well, there's the ever-present plans of MS to take over the world, but that's nothing new.
What microsoft has always been good for is successfully implementing the grandiose ideas that nobody else could. Do you remember the Windows 3.1 days? If you had a new graphics card or new printer, what was the only thing that could talk to it? That's right, MS Windows. And MS shared the love by allowing any program running within it to talk to those devices as well.
And now there's network computing, with its related monstrosities, central directory and PKI infrastructure. Many big heads have tried to tackle these; none has come close to success. These are ideas that would expand the usefulness of computers beyond belief, but they can only be pulled off if there's a strong center to hold everything together.
In case you're worrying that "center" means monopoly, think again. The center is shrinking! MS is no longer trying to have a stranglehold on the Apps or the OS, just the authentication and the basic protocol which can be run on any hardware. We should rejoice!
Unlike visa or doubleclick, they're not trying to put themselves in a position to snoop on you. They're trying to give us something that no one else can. --
Oooh, so MS eases off on the OS and office apps market, yay. Why would I want to rejoice? If MS has a stranglehold on a protocol (when pigs fly) and the authentication carried by it, then you and me will be paying alot more that a yearly OS subsription, my friend. How do you feel about your network packets being licensed?
Flash forward to 2002: Semi tech-literate IT worker on his GNU workstation powered by GNU OS,
has his.NET (can you say P2P rebranded?) service yanked from beneath him because he failed to renew his MSAuthTCP/IP license.
Ah well, MS just makes buzzword compliant, corporate intranet technologies anyways. This'll never fly the way they hype it, just think Active Directory.
>Wasn't there a time when incoming mail opened in Emacs's mail client could execute arbitrary Elisp code?
You *can* configure EMACS to be that stupid, but you have to know what you're doing to make it happen. EMACS doesn't default to running any elisp code it finds in any file you open.
-jcr
-- The only title of honor that a tyrant can grant is "Enemy of the State."
MicroSquish for authentication?
by
jcr
·
· Score: 5
Yeah, right. Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security.
The long and short of it is, MicroSquish knows precisely *squat* about multi-user computing, data security, and crypto.
When Hugh Daniel went up to Redmond to do interoperability testing between FreeS/WAN and their half-assed IPSEC, he asked them which crypto algorithms they'd implemented, and they told him "40-bit DES". Nothing else.
Hugh just left. I would have, too.
-jcr
-- The only title of honor that a tyrant can grant is "Enemy of the State."
Re:MicroSquish for authentication?
by
quasar0
·
· Score: 1
Dont forget microsofts implimentation of xor encryption for their screensaver password. (Stealing teachers passwords at school was a synch)
Re:MicroSquish for authentication?
by
grammar+fascist
·
· Score: 1
FreeS/WAN doesn't do 40-bit DES. It never would have worked with Microsoft's setup. (And yes, I know it's in the RFC, but the good folks at FreeS/WAN have thrown it out in favor of security. I say good for them.)
Re:Why I'm Not Using Windows Anymore
by
Old+Wolf
·
· Score: 1
That "Microsoft's Hidden Files" page is a crock. It writes all this sensationalist text in order to point out the existance of caches.
It's the same sort of thing as "Linux is conspiring against you and recording your every moves, because it creates.bash_history files".
Re:Why I'm Not Using Windows Anymore
by
Old+Wolf
·
· Score: 1
Well, try going "rm *" when you're in your home directory. You will see that.bash_history remains (and so does.profile -- how evil).
Might I contend that no special attention has been given by MS to its cache files; merely that OS processes hold them open, and Windows (unlike Linux) doesn't allow open files to be deleted.
Furthermore, as to file secrecy, I don't want my history files to show up when I am grepping for some text over a directory tree, etc.
I would also suggest that measures like this are in place to stop brainless users accidentally deleting useful files (we've all heard about windows users going around deleting random files because their harddrive is full). Anybody who is wised up, as you clearly are, can remove the files without much trouble.
How did he lose his old articles?
by
dccase
·
· Score: 1
How did he lose his old articles if they were safely stored on a central server, accessed by a simple NC?
That sounds like the kind of problem you should only have if you use a stand-alone PC where you are responsible for your own backups.
Re:Renamed: Or, just say the truth...
by
colmore
·
· Score: 1
Oh shut the fuck up. I'm no GWB supporter. It made me mad when idiot rednecks said that about Clinton, so I'm not about to tolerate it now. The American people occasionally (read: almost every single damn time) elect really bad people to the office. Deal with it and wait for '04.
The central premise is that your data lives in a central location that you can access from anywhere.
And I want that central location to be my residence, which is easily achievable today without special NC boxes. The problem with NCs is that they are strictly inferior(*) to full-featured PCs, and PCs are so cheap that cost isn't much of an issue.
(*)from the consumer's perspective, of course. I'm sure Microsoft and the RIAA are huge fans of the limitations of NCs.
-- How to solve most of our problems: 1.Lots of nuclear plants. 2.Cure aging.
Im afraid I don't quite see what he was arguing. "Authentication services" is a pretty loose term and was not adequately defined in the article. I assume Nick meant the term to be used as how we can connect to.NET. If so, the article's conclusion that we need to beat 'Microsoft to the punch' makes little sense with a network/platform in which a single company holds all rights.
Re:Makes perfect sense, really.
by
clump
·
· Score: 2
"If you can keep the appropriate people focussing their attention on trying to justify themselves, even against
rather pointless and ineffectual attacks, they don't get quite as many people thinking "what are they up to?"
One side effect of Microsoft's attempt to slander volunteer software production is that they are now making the target of their attacks ever more visible and understood. In that I mean Microsoft is inadvertantly creating debates that can cast critical eyes on their own proprietary software models and can raise awareness of the existance of free/better alternatives. Microsoft has the hurdle of trying to make philanthropy look "bad".
Imagine what would happen if WalMart suddenly attacked and lobbied against thrift stores or charitable institutions. They could quite easily argue that the very exitance of low-cost/zero-cost goods destroys the industy. They would, however, endure a backlash they likely could not comprehend.
Likelihood of .NET and hailstorm success is low
by
Bilestoad
·
· Score: 5
They still haven't addressed the biggest problem with the model -
MY data is one SOMEONE ELSE's machine.
Even if you have a local backup that introduces issues with consistency. And just who is reading your work? Why will people suddenly trust a third party to provide their environment? It didn't work for Sun in the 90s (which although Petreley mentions MS fought, was not a failure because of MS opposition) and it won't work for MS now - in fact this could be the undoing of Microsoft. We have huge, cheap hard drives, great technology like IMAP, and software that works. I can't see the compelling advantage.
Re:Likelihood of .NET and hailstorm success is low
by
samantha
·
· Score: 1
Your email stays on any server you want. Including your own. Some things benefit by being server based or mediated or replicated through a network of machines. Others don't. Why do we keep trying to make single statements that cover all cases? There is no single magic bullet technology. When will we grow up enough to not forget that?
Re:Likelihood of .NET and hailstorm success is low
by
kimihia
·
· Score: 1
Hum her hah. I'm a bit divided over this.
MY data is one SOMEONE ELSE's machine.
A lot of my friends use MSN Messenger and Hotmail. My friends that used to use only ICQ are now either MSN and ICQ users, or use MSN exclusively now.
Why I mention this is that MSN Messenger and ICQ has different views of where to store data. MSN is all on the server, while ICQ is all on the user's machine. Different perspectives on computing.
They have their merit, and Messenger seems to be the favourite. On ICQ I would continually hear... I'm about to format my computer. Send me a message in an hour if you want to be on my new list. Aw, but I deleted my old list, send me a message so I can add you again.
Messenger doesn't have this trouble because MSN looks after your list. I go to a cybercafe 12 hours drive away and PACHOW my list downloads and its just like being at home, or just like using my mate's computer, or just like using my Dad's computer.
Although I like ICQ because I can hack the client and add people to my list without their authorisation, there are strong reasons why server-side is good for some applications.
No no no I will not store my MP3s or private documents on a third parties computer. Driveway.com and iDrive both bit me when they terminated their file sharing.
But you can have my MSN Messenger list. I don't mind.
Re:Likelihood of .NET and hailstorm success is low
by
Trekologer
·
· Score: 1
MY data is one SOMEONE ELSE's machine.
Not to mention that your data is completely out of your control, which asks the question if your data is even yours anymore. MSN already tried to leverage the idea that everything produced using their service became theirs. Don't be shocked if this is part of their plan. The MSN attempt was just testing the waters. Which brings up entirely new privacy issues. Who says that they won't be selling your data to marketers? Or if The Man wants to see if you've been doing something illegal. Your data could be being sifted though without your knowledge... The Man gets the warrant against Microsoft, not you.
Re:Likelihood of .NET and hailstorm success is low
by
grumling
·
· Score: 1
I've found most people keep important files on floppy or zip, not understanding MTBF on a hard drive is so much higher than on floppy. Then they come to me and want me to pull the file off the trashed floppy.
Most people won't put anything on a hard drive, much less a network drive.
-- "Well, good luck finding a judge that doesn't run a bestiality site."
Re:Likelihood of .NET and hailstorm success is low
by
Crixus
·
· Score: 2
If consumers are so uncomfortable with their data being on someone else's machine, then how do you explain the popularity of...
1. web-based e-mail (www.hotmail.com)
I don't think people care too much about the dumb jokes and chain letters that they forward to all of their friends.
Financial records might cause them to think a little harder.
But we'll have to see.
Rich...
-- Ignore Alien Orders
Re:Likelihood of .NET and hailstorm success is low
by
gengee
·
· Score: 2
Firstly, All Your Data Already Belongs To Someone With Root. That is, unless you only distribute data on physical media.
But it's a legitimate concern. Hell, I wouldn't feel comfortable with it either. So I would refer you to TCFS.
TCFS is a cryptographic network file system featuring group sharing of encrypted files. TCFS will encrypt your files before sending them to the file server
and will decrypt them before they are read by the requesting application. Because the encryption/decryption process takes place on the client host, no
clean data will travel the network. This is particularly valid for the encryption key.
TCFS does it's thang at the kernel level. This is certainly convenient, but not necessarily practical. If that is the case, there's a userland counterpart to TCFS called CFS that does basically the same thing. signature smigmature
-- - James
Re:Likelihood of .NET and hailstorm success is low
by
rgmoore
·
· Score: 2
You must deal with very different people from me. I don't know anyone who wants their data stored on somebody else's machine. Even at my work, where we have some kind of confidence that the data will be secure and well looked after, ITS has had a hell of a time convincing people to save their data over the network instead of locally. Most "Joe consumer" types still live at the ends of narrow pipes and find downloading even modestly sized files obnoxious; they're not going to put up with having to do that with the files they own as well as the ones they're downloading from somebody else.
--
There's no point in questioning authority if you aren't going to listen to the answers.
Re:Likelihood of .NET and hailstorm success is low
by
sparkane
·
· Score: 1
99% of people (joe consumer)
Keeping in mind that I have no idea what you do for a living or what your level of expertise is when you offer an opinion, I have to say, I love it when commenters drag out pseudo-statistics such as that one. Even if it's true, it's obviously not the right statistic to use. What 99% of the people in a given business want won't be what goes; what will go will be what the 1% with the expertise with running servers and backing up the data say. And that 1% will have 99% of the experience, if I may drag in a meaningless statistic. Just to add a little spice to the pot, I must point out that at least at some businesses, admins don't even like employees to keep data on their desktops, but only on servers - that way no one loses data when the random desktop goes blooey. I have a really hard time believing that any self-respecting admin (of which I am not one - an admin, that is, not self-respecting) would allow their company's data to reside on servers that they have zero control over. It's just the worst sense in the world
Re:Likelihood of .NET and hailstorm success is low
by
sparkane
·
· Score: 1
That's individuals' data - non-business email and photos. Aren't we also, however, talking about business-critical data? Like, say, for a company that invests in and develops properties, investor lists, property data, performance data, budgets, occupancy data, rent data, earnings data, and then such things as investor distributions calculations and payment data? If you were running a business like this, would you consider putting all that data where you could not be its complete and total master?
Lest you forget, hotmail went down not so long ago, losing the email for a lot of customers. I have a friend who used hotmail for important personal email. He doesn't use hotmail anymore. He realizes now that he should have made a personal backup. But if you have to make your own backup to secure your data, that sort of defeats the purpose of network computing - particularly if that's how you run your business.
Re:Likelihood of .NET and hailstorm success is low
by
elliotw
·
· Score: 1
If consumers are so uncomfortable with their data being on someone else's machine, then how do you explain the popularity of...
1. web-based e-mail (www.hotmail.com),
2. online storage services (photos.yahoo.com), and
3. financial portals (www.fool.com) where people enter their portfolio contents.
Re:Likelihood of .NET and hailstorm success is low
by
elliotw
·
· Score: 2
If consumers are so uncomfortable with their data being on someone else's machine, then how do you explain the popularity of...
1. web-based e-mail (www.hotmail.com),
2. online storage services (photos.yahoo.com), and
3. financial portals (www.fool.com) where people enter their portfolio contents.
Re:Likelihood of .NET and hailstorm success is low
by
sulli
·
· Score: 2
Right. Petreley wildly overstates the support for.NET. My impression was that people don't yet know they don't want it - because they don't yet realize that it's another one of these godawful-stupid centralized data storage ideas.
Hey everyone in the biz: People like their PCs! They like controlling their own data and apps. If Hailstorm/.NET try to remove this control from the users, they will have the same level of success as, say, Microsoft Bob.
Re:Likelihood of .NET and hailstorm success is low
by
K45
·
· Score: 1
I think most people would actually prefer to have all of their data on someone else's machine.
Think about information as a type of currency. Now, do you store all of your money in your house, or do you keep most of it in someone else's building? I keep mine in the bank, because they have better security, insurance, and convenient features such as free checking.
Note of course that banks go to a huge amount of trouble to assure everyone that their money is safe. M$ will need to earn similar trust from the public, and really earn it, not just pretend it's secure like they do with current software.
So if M$ fails (and I hope they do) it will be because they have failed to earn trust, not simply that people care what machine their data are on.
K45.
-- This signature has eleven vowels.
Re:Likelihood of .NET and hailstorm success is low
by
Ayende+Rahien
·
· Score: 2
Hm, I know that NTFS has something like it, I wonder if it works over networks, anybody knows?
-- Two witches watch two watches.
--
-- Two witches watched two watches.
Which witch watched which watch?
Re:Likelihood of .NET and hailstorm success is low
by
kanayo
·
· Score: 1
Hotmail kind of snuck up on us. We got so comfortable with someone controlling such personal and sensitive information simply because it was free and accessible everywhere. And then Microsoft bought Hotmail.
Once that happened, I deleted all my personal mail, and gave my family and friends a different e-mail address to use for me. I only use the hotmail account now as a general spammable untrusted and impersonal account. Things and people I care for go to a different account.
Re:Likelihood of .NET and hailstorm success is low
by
slashdot.org
·
· Score: 2
great technology like IMAP
Huh?! You mean where your email stays on the server? Aren't you contradicting yourself here?
Xwindows, Xwindows and more Xwindows. I'm amazed at the untapped potential Xwindows/Xfree has for networked applications. Why is there not a decent GPLed Xwindows server (should be client IMHO) for Microsoft Windows. Screw ASP Java/script even PHP do it with Xwindows. Build into every.NETtish Xwindows app the ability to save locally and or remotely and Microsoft/Sun and the rest could just go get screwed.
I've played around with VNC awhile in an attempt to so this but it isn't designed to do what I'm talking about. It sends a picture of the screen... no good, we need to cache stuff the desktop background, icons etc locally and just pass commands that say (use Greg's background #1 and icon set #7 and let the local PC draw that stuff. Any app that deals with text or numbers could run over a 56K modem no sweat. I know this is possible.... think of Quake... there's a helluvalot going on but only a few bytes get sent across the wire to keep everyone synched up and fraggin.
Imagine a world where you subscribe to a KDE or Gnome desktop running on the local ISP's server with X Office and a few other kickass apps.
True networked applications that would let me start writing a letter, start a quote, fillout an invoice, or whatever at work, go home and pick up right where I left off is what I want.
Microsoft really does inovate... They just twist their inovations to make them money and not help the end user. Instead of playing catchup to Microsoft's glitter, this could be the killer system that puts them in their place. Unfortunately I'm too dim to write something like this.
First of all, it's not 'Xwindows' or 'X-Windows' or whatever but 'the X Window System'.
And for who's the client and who's the server: Say program A connects to program B, which draws graphics and processes input for program A. Which is which?
Submit the right answer to bill@microsoft.com and win a free Passport account! *grin*
So what's stopping SUN or IBM or whoever to provide a competing service based on open standards and convince Joe consumers to use THEIR flavor of authentication?
This "microsoft conspiracy" thing is getting old
by
quartz
·
· Score: 2
No really. Why should anyone in the free software/open source communities give a rat's ass about what microsoft does? I know that as long as something is made by Microsoft, I won't use it. And as long as there's a free software community I'll share my software with them. Microsoft can go to hell. They can't make me use their software, no matter what they do.
So c'mon people, let's spend less time bitching about microsoft and more time providing ourselves with the software that we want. I can understand journalists, they can't help blabbing on about microsoft vs. open source, it's their job (and I bet they're praising the patron saint of journalism right now for such a long-running and juicy story source as the oss-microsoft war). But us? We have far better things to do...
Network Computing is still a step into the past. Timesharing revisited. A system that ignores the power of user machines in favor of doing as much as possible on servers and to top it of uses only HTML for GUI is seriously broken and I am amazed it is even considered in this day and age. What a waste of the last 40 years of hardware and communication advances! We should be seeing massively P2P architectures and as much work as possible being offloaded to clients that have their configuration managed as automatically as possible.
If MS wants to play the Open Standard game then simply make sure the keeper of the Standard is independent and the standard is really Open and independently certifiable with no bogus gotchas that prevent Open Source implementations from being certified.
I don't think it will end up the way you're thinking. Honestly, I see them sending out a HUGE number of programs with Windows, and making it so you only have to d/l the software once (per upgrade cycle), but then it's always on your local machine. The differences I see under this model are that a) they can charge you on a pay-per-use basis, by requiring you to get a _KEY_ every time you want to use the programs. and b) they will have your data uploaded to their centralized servers so you can access it anywhere. This can be a good idea. Think about it, you can log onto a computer at a local coffeehouse and work on your novel without lugging your laptop around.
However.
It scares the crap out of me, because as soon as this.net stuff goes online, it becomes the biggest baddest target for criminals that the world has ever seen. I'm not talking kiddies trying to break into accounts. I'm talking international organized crime and terrorist states, as well as domestic companies using hired guns to try to bring the system down or to steal or alter information. Imagine if they break in one day, and the data has to be restored from old backups...thereby eliminating a day or a week of business transactions for a large portion of the US. What happens when the data you have on your server doesn't match up with the data on their servers, such as if your "licensing privileges" get mysteriously changed. It's really scary to think about.
Re:Makes perfect sense, really.
by
binner
·
· Score: 1
Welcome to the Machiavellian world of PR. It's a lot more difficult to meta-moderate out there, and Microsoft is trolling.
If this isn't the most brilliant quote on/. in years, then I don't know what is.
Thanks for the laugh.
-Ben
-- Say what you mean, mean what you say! But please know what #$@% you are talking about!
Re:the appeal of a single sign on
by
plague3106
·
· Score: 1
Privacy implications? How about the fact that most people pick poor passwords. Imagine the amount of damange you could do to a person if you got their password for EVERYTHING.
Re:So name the open source alternatives
by
technos
·
· Score: 2
They're not.. They're just going to make sure that every bit of software running on their OS requires authenticated user credentials to run, and the only place they're going to let you get that authentication is passport.
-- .sig: Now legally binding!
Re:As always, Cosmo said it best...
by
jhoffoss
·
· Score: 1
"John Draper likes money and he aint afraid to say it.
Gaws, what a fruit-cake! He likes money? What kinda fool likes money? The nerve.../sarcasm ---
Ahh, you have taken me right back to High School. Our computer lab was full of (hard) diskless . . . I think 286es, maybe 386sxes, with one "big bad" 486 upstairs running the Novell 286 network. Must have saved the school a small fortune in hard disks.
Ah, the hours spent playing Tank Wars off a floppy. The godlike sysop powers I was granted. Ramdisks. 10Base2. Word Perfect 5.1.
I'm not an old school UNIX guy, and I was never into BBSes. This was my early geekdom.
I had a 286 with a 287, and I think two megs, maybe four, of bus ram. Oh, and a bus mouse. And I upgraded to an RLL controller and got 50% more space on my disks. Then, of course I had to re-optimize my interleave with the Norton Disk Utilites . . .
God those were the days. Thanks for sending me down memory lane!
I think that NCs will get a niche. Secretaries, POS, stuff that is better off centralized and doesn't benefit from being local.
Out side of that, I think that they are doomed to fail as a mainstream "PC replacement" for a reason I haven't seen anyone else cite. That reason is; PCs are cheap. By the time you buy 10 NCs, with displays, and a bad-ass 4 (or more) way server to service them, you may as well have bought the same 10 displays and 11 PCs, the 11th for file/print sharing.
And I think that NCs have a negative economy of scale. I.e., if you have 100 desks instead of 10 you need 10 times what I described above, plus a SAN, and a bunch of network upgrades to handle the load.
Or, I suppose, you could do a shoddy job. Only buy enough processor power to handle average load. (And have human beings sitting around waiting for the system at peak times. That ain't cheap.) And sit the whole thing on whatever network infrastructure you happen to have. (Hope you've got 100Mb switched, buddy.) Leaving you with a crappy system that cost as much as giving everyone a PC.
And don't give me a bunch of TCO crap. You aren't going to convince me that the army of real admins that will be needed to keep all those terminal servers going is going to be cheaper than running a helpdesk with a Ghost image on hair a trigger.
I really like the idea of single sign-on. There are products that do it (and have been doing it for a while). We use NDS (Yeah, I know it's from Novell, but it WORKS!). We have a mixed network with Solaris, Linux, and Windows and it seems to work well. My main concern is that the company is going to be a casualty of Microsoft and Novell's own of marketing. At this point cross platform authentication seems to be their only hope. If they do go under, I really hope they GPL their directory first... Novell seems to have realized that their future lies with authentication services, but the realization may have come too late.
My ideal computing platform...
by
mrogers
·
· Score: 2
...would be a server sitting at home on a broadband always-on connection, while I carry around a little Palm-sized wireless thin client, or optionally access my apps from any PC using a browser plugin (so that none of my personal information is left in the PC, and I don't have to put up with the web's display inconsistencies, slow rendering, privacy problems, blah blah).
Work at home, work at work, work on the move... your files and programs stay on the same server and nothing travels across the network except GUI events (encrypted, of course). You don't have to store your data on anyone else's machine: you can even download your own browser plugin from your own machine if you need to access your programs from an untrusted PC.
We could do all of this with free software. Most of what we need is already out there; the biggest problem I can see is the availability of broadband connections for home servers. There is no reason this needs to be centralized (by Microsoft or anyone else). --
Re:Who is Microsoft trying to sell .NET to?
by
Trekologer
·
· Score: 1
It also should be noted that the major victims of Microsofts earlier "update addiction" policies were businesses. The change of formatting between Word95 and Word97 does not really bother John Doe. However, when there are 500 John Does who are responsible for there time, somebody takes notice, and tries to correct the problem (the only way they know how). If one business makes the leap to.NET, other businesses will be compelled to follow either for reasons of cooperation or competition.
Exactly. The upgrade push is what Microsoft will use. It will be something like "You won't need to worry about upgrades anymore,.NET will do it for you!" In fact, they probablly won't provide upgrades anyway anymore. Since they're getting a steady flow of fees, they won't need to make needless upgrades anymore. Basic functionally between Office 95, Office 97, Office 2000, and Office XP is almost identical. The only difference is the default file types. Who really uses the new "features" each verison adds? They all are backward compatable, but who is going to remember (or bother) to Save As the file typle that the organization has agreed upon?
Re:Who is Microsoft trying to sell .NET to?
by
Trekologer
·
· Score: 1
It also should be noted that the major victims of Microsofts earlier "update addiction" policies were businesses. The change of formatting between Word95 and Word97 does not really bother John Doe. However, when there are 500 John Does who are responsible for there time, somebody takes notice, and tries to correct the problem (the only way they know how). If one business makes the leap to.NET, other businesses will be compelled to follow either for reasons of cooperation or competition.
Exactly. The upgrade push is what Microsoft will use. It will be something like "You won't need to worry about upgrades anymore,.NET will do it for you!" In fact, they probablly won't provide upgrades anyway anymore. Since they're getting a steady flow of fees, they won't need to make needless upgrades anymore. Basic functionally between Office 95, Office 97, Office 2000, and Office XP is almost identical. The only difference is the default file types. Who really uses the new "features" each verison adds? They all are backward compatable, but who is going to remember (or bother) to Save As the file typle that the organization has agreed upon?
Superior windows authentication
by
Ukab+the+Great
·
· Score: 3
They put a certificate of authenticity in every windows box. Hey, it works for the franklin mint.
It's a matter of trust
by
Alpha+State
·
· Score: 4
A piece of software is not enough so just having an open source alternatvie is not the issue. We are talking about a user's data here and what is going to be done with it. Sure, you could do it with open source tools, but who is going to actually store the info and handle the authentication?
I can see a private company (or more than one) coming forward to accept user's details and provide authentication to web sites, but they are likely to be just as bad or worse than MS.
The other problem is trust - you can build it, but why would users register their important info with someone they've never heard of before. You and I may not trust MS, but plenty of people will (and do).
What is needed is a large, recognised group which can provide authentication, funded by micropayments, advertising or contributions and backed by names that people will come to trust. I think this would be a perfect service for the government to provide, although I imagine many people here will be pretty dirty on that idea. But what the hell, they already have all your info and at least they wont play silly buggers with preferred partners and closed standards.
The only other possibility is an open consortium or perhaps financial companies (someone like paypal), but the possibility will still be there for abuse.
Unless someone can come up with a way of using a decentralised system like freenet to provide secure authentication, but I can't see people trusting that either.
Check out the AuthXML project - it's an open standard that allows for completely decentralized authentication between sites, businesses, etc., single sign-on, blah blah blah.. Completely platform, application, and corporation-independant, and prevents the need to entrust ALL your data to MS (or any other single entity).
Re:Why I'm Not Using Windows Anymore
by
Jaborandy
·
· Score: 1
My stupid response to a troll:
Hidden Files: This makes me laugh. The author complains about cache files, and can't figure out the ASCII encoding of his attachments by Outlook Express. Pure paranoia.
Passport Terms of Use: They've been changed to correct this misunderstanding.
Spying: This is unconscionable, and would be illegal in the US because spam faxes are banned. Is this legal in the UK? If not, I highly doubt that this story is true.
Stealing information: Who knows what misunderstanding could have made some Taiwanese companies think this in '98. It's unsubstantiated, but I can't discount it.
NSA key: MS did deny NSA involvement. That key is there because the NSA required it for export purposes. Specifically, MS had to validate its crypto routines to make it harder for people to plug in strong crypto modules in violation of US export laws. MS signed crypto routines to tell the OS what strength it was. First of all, it was a signing key. Second of all, the NSA never had a copy of the keys. So yes, MS did deny NSA involvement. Third of all, I get the impression that MS doesn't care if you defeat this mechanism, since it's only there because the stupid US gov had dumb export laws, which have now been changed anyway.
portege00, you're a Slashdot M$ basher.
WinXP comes with a personal firewall. I'd happily hang that ass on the net, but that's a totally different conversation (win9x does suck, I agree. NT is the one that compares to linux).
Re:the appeal of a single sign on
by
4of12
·
· Score: 2
I can guarantee you that if
everyone's information was in one net connected database eventually someone would learn to steal that information from
everyone (the only trick would be to steal the information slowly enough so that Microsoft wouldn't notice).
Yeah, I'm thinking about all those handy-dandy little kiosks that run some variant of Windows with some browser that is all set up for traveling fools like myself to look at our email back home. Yes, indeed, that https and SSL insures traffic is invisible between 2 points, but there's little to insure that my starting point is not the real authentication widget, but rather some trojan harvesting my authentication for later fun. (Or that the trojan makes me feel better by displaying the https URL where it invisibly proxies my session over to some 3733t 0\/\/n3d z0mbi3 box.
I wonder if the unidirectional control freaks at MS who are implementing all this authentication with unswerving attention to insuring that Joe User is a paying licensed software renter have given any thought to my concerns.
That is, is this friendly-looking screen what it looks like?
Before I authenticate against a self-described authority, I want to know that authority is authentic in a way that I trust. A generic Windows screen confirming that all the rent payments have been kept up on this software won't convince me that it's trustworthy.
On the same issue - has anyone developed a challenge/response program that one could run like xdm/gdm/kdm that users could interact with securely to see if they were talking to a known system prior to entering a passwd?
-- "Provided by the management for your protection."
Re:So name the open source alternatives
by
4of12
·
· Score: 2
If MS is selling authentication services, what are the open source equivalents?
Surely someone somewhere in GPL land has written some code that let's you do what their passport software does. If so let's hear about it!
A good point.
Some authentication services surely do exist, but not to the same level of centralization as in the Hailstorm model.
The nature of most open source and free software is such that the concept of a secure infrastruture for collecting charges for renting software is alien, almost anathema.
Authentication mechanisms to secure private communication are reasonably well-developed (PGP, GPG) and it looks as if Freenet may expand on this somewhat, but the glaring absence of monetary transactions for software use has guaranteed that such services will be slower to arrive in the world of free and open software.
That said, I don't look to MS Hailstorm authentication as anything I want to use. They're really playing with dynamite with this thing.
Like many others roaming the wild and wooly internet, I'd just as soon be able to adopt a secure pseudonym at will, rather than have every damn site know my real name, address, SSN, and how much Jack Daniels and hemorrhoid cream I bought last month.
-- "Provided by the management for your protection."
You don't need to "sign on" to anything
by
dingbat_hp
·
· Score: 1
Having a single sign-on has real benefits from the point of view of a non-technical user
Firstly, there's no need to "sign on" to anything. Authentication is what matters, not "signing on", not identification, and there's a whole pile of work out there on how to do this without either of the others. Why should you need to identify yourself to watch some web content, when instead you can simply demonstrate the right (which you might have paid for earlier) to view it ? Identification serves the marketers more than it serves the users; we don't need it, we don't want it, and they can shove it right up their IDispatchs!
Secondly, server-based sign-on has real problems. Microsoft Hailstorm is a complete crock; WTF should I use a server-based system to validate users before I serve them content when there are innumerable P2P systems that are as good, or even better ? If I do choose a server-based process (in some fit of madness), then why on earth should I use M$oft technology (or even services!), from a company that has a limited and so-far pathetic track record in supplying this sort of service ?
Thirdly, single-point "sign-on" is a potentially dangerous situation that only looks appealing threough laziness or lack of understanding. Compromising this one point invalidates all other services. If one of those is your credit card, then you could well find the situation of an eBay dispute over PayPal stopping you putting petrol in the car. How many/. readers run multiple CC's, just to avoid this sort of hassle ? I know I do.
Wrong! The post is clueful, no troll
by
JPMH
·
· Score: 2
The authentication process really isn't the issue. The basic protocols for talking to their authentication database should be fairly straightforward to reverse engineer. (MS may even have made them public).
If MS try to restrict things so that only MS servers can talk to their database, and lock out Sun and Apache systems, they will get nailed for product tying.
MS are hoping to win big in server space by offering a better programming environment and a better toolchain, making it faster and easier to write server-based applets, and faster and easier to re-use existing experience and code fragments from single-user single-desktop projects.
That is the challenge for the rest of the industry and the open-source community: to provide as easy to use an environment for knocking together web apps as users have become accustomed to when putting together join-the-dots VB apps in a visual environment, and as seamless a transition path.
.NET's promise of no-fuss linking and inheritance of object properties between different languages is another significant part of its potential attractiveness to coders, both on and off the web.
As just one example, in numerical software it would be nice if there was a really good fast set of open-source objects for matrix calculations, (eigensystems, SVD etc); and if the same objects could be used, with no performance hit, whether in C++, Fortran, Java or whatever; and could easily inherit methods written by other people in other languages. (Compare that to having to write a different hack for every compiler to access Fortran's Lapack from C, never mind C++).
If MS can create that kind of seamless integration, it will be a huge plus for writing code in their environment, locked in to their system service libraries.
Similarly if end-users can transparently convert back and forwards -- using the visual tools they already know -- between the existing page and form designs they already have in current existing standalone apps,
and the pages' direct equivalents as web-served content, this could be another big draw, another big chance for MS to leverage on their existing user base.
The free software community needs to wake up: MS's Common Runtime environment, and its associated (very extensive) service libraries, are a much bigger proposition to compete with than just another clunky java clone.
Re:Wrong! The post is clueful, no troll
by
CornfedPig
·
· Score: 1
Spot on. M$FT is desperate to better penetrate the enterprise at a level that will provide higher margins than those earned by low-end servers, desktop software and low-end tools. They will leverage their developer base (VB is the most widely-used language in the enterprise by a large margin, if IDC is to be believed) to go after mission-critical apps that are currently running on non-M$FT servers and will do so by making things as easy as possible for their millions of developers. The real essence of Christiansen's disruptive technology argument is that the low end always wins, by creeping relentlessly upward. M$FT is really really good at relentless creeping.
-- "It's not a bear, it's a hamster. A really, really large hamster."
All this latest flaming and full frontal attacks from Microsoft is totally out of character. And its worked. Nearly everyone has stopped thinking about.NET and is taking notice of these comments from MS. I know I did for one.
MS are very smart in this regard. They know that people have a lot of pride in the OpenSource community and by attacking OpenSource directly, people will instantly react. Everyone moves to take on these attacks from Microsoft while the.NET platoon out-flanks and out-manuvers the OpenSource community.
The only way to resolve this is to ignore Microsoft's public comments like this. Instead, concentrate on what they're actually producing, not what they're flaming. Let guys like RMS throw the mud back (I suggest him because he does it so well) and let the rest of us carry on doing what we do best... Building a great community, pretty damn excellent software and something that everyone can use freely and openly without fear of "The Man".
If it weren't for work, I'd be totally free of MS software and their crap. If I didn't have to keep up with issues about their software, I'd completely ignore them altogether. Nothing I do in my own time has anything to do with them, my software isn't trying to use or emulate their 'standards', just provide an alternative that does what I want the way I want it to.
Those that can, I strongly suggest that you ignore the statements MS make like this. Just keep an eye on the products they actually produce (its not smart to not know what "the other side" is doing).
Re:Who else can control this chaos
by
Korgan
·
· Score: 1
Only MS is seasoned enough to provide such services
Oh so not true!!! IBM, Sun, Novell are all capable of doing exactly the same thing. IBM would never get the 'job' because its always been likened to Big Brother ever since Apple's famous SuperBowl add in the 80's (Either Steve Jobs was a great forward thinker, or he fluked that one). Lotus Notes/Domino could quite easily be modified to be very much along the same lines as.NET is intending, it just doesn't have the advertising budget or the market share to make it worth while.
Sun.... Well, they tried... But everyone was against it then so it didn't happen.
Novell... OneNET is actually functional and you could use it right now if you wanted. But its biggest hurdle is market share and advertising. Every ad I've seen from Novell is about the company and what it can do, not about individual products.
Microsoft are not the only ones, they're just the ones that have made it seem like a good idea and have put a huge (as they always do) marketing hype to push it forward quite outstandingly.
I honestly doubt that NC's are the future that the author of the article does. Many of the app's that people cannot work without are rather large (and perhaps bloated). These often include Big Bad Bill's homegrown programs. I do not see a lot of development for the PC (I speak specifically of the Windows environment here) for the public that is smaller, tighter, faster code.
Until NC's can deliver the same punch as a PC continuously (in terms of performance and customizability), people will continue to purchase PC's.
A couple of thing which stays in the way of Network Computer (and.NET) acceptance:
PC nmarket is world-wide; Net PC can only work where broad-band access to the Internet is cheap and ubiquitous (in my country, which buys lots of M$oft products[and copy ever more], BB is around $500 per year, and only available in big towns ).
You are right: most of peole does only two or three things with their PC (I do four:). But there is an alternative for them to NC : appliances, i.e. light PC-that-arent-PC, which can be engineered do to the two-or-three things smootly and at zero-maintenance-costs.
Network Computers may be accepted in corporate and office LAN, where most of services are already centralized. But for this is not needed any.NET technology : a remote display product for WinTEL platform is more than enough (and IIRC they are already on the market).
The problem, it seems to me, is that, from our lofty vantage point here at Slashdot, we tend to forget that the highest form of network connection that the vast majority of computer users in America have these days remains in the form of an analog modem.
Even higher end broadband solutions don't match the speed of a traditional hard drive, and won't for some time. Even when they do, for that matter, one has to allow time for the tech to become not just available, but common. And this involves an update of the communications infrastructure of the entire country. It'll happen sooner or later, don't get me wrong, but I wouldn't hold my breath. I'd say at least five years for the network hardware to be available, and another five for the NC to really take off.
And I'm not sure it's safe to say that the "future" of computing lies in the NC, anyway. There are clear advantages, but clear disadvantages, as well. Aside from potential privacy issues, there's another layer of potential mishaps: if the network isn't rock solid, the entire enterprise seems to be inviting disaster. And, in some cases, I think a PC will always be preferrable, if only for the tinkerer.
-- Sean Daugherty
"I have walked in Eternity -- and Eternity weeps."
The apps that I use the most are a browser, a media player, a text editor, an email client and a terminal. Only the text editor isn't specifically network-centric, although most of the files I edit are scattered across many computers.
The NC isn't necessarily a terminal with no hard drive and a crummy processor. The central premise is that your data lives in a central location that you can access from anywhere. I would love to be able to access my MP3s from my car or edit code while kicking back at the beach. That is the power of the NC.
My prediction (from the Microsoft side of things) is going to be "Microsoft Home Server.Net" or similar. This will be "terminal services" for the consumer. The average family that is looking at having more than one computer will buy a package from Dell or Gateway that includes several pieces:
1. A modestly powerful server without a monitor that runs Microsoft Home Server.Net - this goes in a closet somewhere.
2. Several thin clients or NC's or whatever you want to call them - these are placed in the den, the kids room or on the porch.
Everything is connected wirelessly and you can have a fully-functioning (in terms of power and customizeability), multi-user, multi-access-point home computer system/network.
I think the thin clients will have everything a computer has except:
- fast processor
- lots of memory
- hard disk
You cut those costs out, develop some protocols for dealing with a "remote OS" interacting with "local hardware" and the merging of the PC and the NC is complete. Functionality (full-blown unhindered Windows applications), power (server runs everything), customizeability (add external peripherals) all in a client-server environment.
We have NCs already, they're called 'game consoles'. PS2, DC, GameCube, XBox... These are networkable boxes. Maybe not as customizable as PCs but adequate to do all kinds of things. I just wish VGA connector for monitors on these. TV isn't good enough for anything other than playing.
If IEE 1394(Firewire) technology catches on, that's fast enough for most upgrades that home users could need.
I'm dreaming of stackable boxes with integrated connectors to make huge MP machines from consoles and upgrades easily. What if PS1 would've had connectors on top and bottom of it? "Stack 2 PSOnes and you got twice the power! Stack as many as you can but beware: tests have shown that undermost PS1 can take the weight of appr. 33 units on top of it.."
-- Preserve old classics: copy your collection onto all hard drives.
Until NC's can deliver the same punch as a PC continuously (in terms of performance and customizability), people will continue to purchase PC's.
Erm, wouldn't a powerful customizable NC just be a PC anyway?
Think how many people just want to read email, use a web browser and maybe write something in a word processor or let the kids draw pictures etc, at most. Make something cheap and powerful to do that and it should meet those people's needs.
The problem is education as always. People seem to be of the idea (maybe through the much greater advertising) that you need a huge, powerful PC to get the best out of the "web" or "multimedia". Rubbish, people were doing both very well indeed on the PCs of yesterday, which are likely to be about the same power as a modern NC. Plus with NCs being more limited in scope (which has to be stressed isn't a bad thing, your video only records and plays things for example but it does them well) they can be set up and coded tighter than the general, allpurpose PC.
NCs. They should be an ideal, cheap addition to any home, but PC arrogance and ignorance is kinda getting in the way...
And don't ask me if I'd buy one because of course I wouldn't. I'm an intelligent geek and therefore represent a very small minority of the world population. Why try to force people to become geeks to use our hardware when they can stay as they are and use something designed for them?
I have to deal with Network Computing every day at work and it is a major pain in the ass. When the server goes down - guess what. Not only am I unable to send or receive e-mail (which you expect), I also cannot access any e-mail messages that I have previously sent or received - or the documents attached to them. Because.... they're all on the server!!
Maybe if this happens, Microsoft might be considered a basic, essential utility and have to be regulated by the government... After all, it's no good to let a power company arbitrarily set prices.
Re:As always, Cosmo said it best...
by
dciman
·
· Score: 1
That was an amazingly cool movie. Sure some of the stuff they did was a little sketchy (ie wiring up that box to the computer and being able to watch the screens of data "decrypt" in front of their eyes), but the cast was great and they really pulled it off.
I've read the article before I left for vacation one week ago. This is hardly some news.
On the other hand I can agree partly with the article. In case that we will have service oriented software, the authentication is likely to get monopolized and thus who will win the authentication services is going to dictate terms
similar to the way when you control the platform. Although this monopoly might not be so stable and we should definitely go for open standards to prevent it.
-- If programs would be read like poetry, most programmers would be Vogons.
Why I'm Not Using Windows Anymore
by
portege00
·
· Score: 3
These types of actions on Microsoft's behalf is exactly the reason why I bought an Apple iBook with OS X recently, learned how to use Unix over the last four years, and put a LINUX firewall between my Microsoft machines and the Internet--I don't trust M$ products enough to hang a Winbox's bare ass off the network like I would Linux or OpenBSD.
I don't mean to sound like a Slashdot M$ basher. I have my reasons...
I can't find the link right now, but Microsoft and the NSA have backdoors into your system. Microsoft doesn't deny NSA involvement, either.
Given their past history, anyone who uses.NET is either ignorant, foolish, or just doesn't care.
Where do you want to be violated today?
-- Trolls make great pets. Adopt one today!
Re:Why I'm Not Using Windows Anymore
by
krystal_blade
·
· Score: 2
Umm... Actually, have you ever TRIED to del the index.dat's from the cached folders?
I just went through it the other day, and had to download a program that wiped the files on boot-up, before windows started.
It's called Window Washer, shareware. Check tucows.
And somehow, you think that because Linux stores the files/text of where you went somewhere they're the same? I highly doubt it.
First of all, in Linux, you 0wn the system if you want to. You can pretty much do what you want.
Show me how to do that in Win98, running IE 5.5, and I'll be impressed. Try the old "Dos/Delete" trick, and see where it gets you.
HINT: You won't even see where to go unless you do a dir -a in the tempor~1 folder.
Not usually the thing the average, knowledgeable user is going to either A. Do. or B. care enough to see it through to the end.
krystal_blade
-- It will be easy to motivate our fellow man; there is hardly anything people treasure more than not being annihilated.
Re:Why I'm Not Using Windows Anymore
by
BCGlorfindel
·
· Score: 1
"Given their past history, anyone who uses.NET is either ignorant, foolish, or just doesn't care"
With general level of apathy in the user world and the high level of technical ignorance most people have I think MS is actually targetting a larger audience than you think. As much as I hate it most pc users out there are ignorant of MS's faults and don't care enough to take the effort to find out.
Re:As always, Cosmo said it best...
by
SpookComix
·
· Score: 1
I totally agree with you, my friend. Sneakers is one of my all time top ten favorite movies. I'm not just saying that because you just reminded me of it, either. I own the VHS (is it on DVD?), actually added it to my real, live, "top ten movies" list in my Palm, and named one of my three cats "Sneakers" six years ago.
Every time I hear about a faked moon landing, or mutilated cattle, I think of Dan Ackroyd. Every time I try to be cool and leap over a waist-high barrier, I think of Robert Redford. Every time I see a beautiful SWAT team woman, I think of River Phoenix getting that gal's phone number as his "one wish". It's an incredible movie on so many different levels.
--SC
-- You read fiction? I write it! Lemme know what you th
Re:the appeal of a single sign on
by
p0et
·
· Score: 1
Are you really sure that it has a) real beneficts and b) that strong appeal??
First the beneficts are there when you think of something like surfing the web... (oh no another portal, another login, another password) and when the most things sites can track is metainformation (I usualy don't feel the forms with real values, just a valid email if I don't feel confortable). Ok, sometimes is needed the full information and there I take great care to try to hold my privacy close.
But if you think in broader terms, *why* do I want (I as in a non-technical user) to have the same login to that news portal I visit sometime and for instance my *medical records*??? It's the same thing to have a key that opens my car, my house, my locker at college, my vault in the bank, my office door at work! Why do someone want that? I really don't think I wanted that!
If some mugger just happened to rob me, he didn't just walks away with my wallet: he could be walking away with all my belongings!!!
While we don't have a technical solution good enough to face a centralized atack on the key and survive (maybe it cames from biometry, don't know..) probably it's not going to have that strong appeal....
Re:So name the open source alternatives
by
susano_otter
·
· Score: 2
My guess is that this sort of global "one ID everywhere" solution only makes sense (and money) when you have a large, locked-in user base.
Microsoft probably hopes to integrate, MSN, Hotmail, Explorer,.NET, and Subscription Licenses under one monolithic service umbrella, with global access to "everything you could ever want or need" provided by Passport.
The open source community doesn't have anything like this because of the prohibitive costs of trying to integrate too many disparate - and often competing - services under one centralized authentication solution.
--
Any sufficiently well-organized community is indistinguishable from Government.
Moving house is not cheap.
by
yerricde
·
· Score: 1
What has changed since then is that networking is now ubiquitous and cheap
Unless you have to move house ($100,000+) to be able to even get Internet access faster than dial-up.
Home users' data on remote servers? No. Thin pipe.
by
yerricde
·
· Score: 2
at least at some businesses, admins don't even like employees to keep data on their desktops, but only on servers - that way no one loses data when the random desktop goes blooey.
Yes, but there's a difference between working across a LAN and working across the Internet. For one thing, office LANs are 100 megabit/s Ethernet, but as rgmoore pointed out, try getting 100 KILObit/s out of your dial-up PPP connection. The characteristics of telephone lines make it just not possible. Businesses can also afford to maintain a few smb/nfs/ftp/webdav servers and a couple hundred workstations; home users would have a bit more trouble affording $100,000 to move the family to an area where high-speed Internet access is available, $50/mo for the high speed Internet connection that Hailstorm would require to make it even remotely usable, and $25/mo (based on previous retail license price divided by 36 months) for Hailstorm service itself.
Remember, in the Matrix movie, the pods with people in them, being mined for their energy? Flash backward to now: the Wall Street dot bombers want to manage your individual identities for their energy (= money). Our identities are ultimately the content of the internet, exposed in HTML.
Enter directory services: the way to manage identities, profiles, and use-rights over network accessible resources. Could be client/server, could be P2P, still needs management.
Novell, with eDirectory, understands this. Eric Schmidt understands this. eDirectory can scale: a billion users publically demonstrated, 3 billion in house. Brilliant DirXML interface. Years ahead of Active Directory.
But Microsoft knows how to market, and over the last year Chief Software Architect Bill Gates has realized this. The.NET term has entered the media in a way that neither NDS, eDirectory, or digitalME ever was able to.
Personal Directory Services are the killer app of the post-web net. Personal, not consumer, not business, because each of us has many consumer, business, community, family, and other faces. And as we live in the net, we need to protect and expose our faces differentially. So this is the key battlefield of the Matrix: is it personal control over my identity, or is my identity a consumer item managed by Microsoft or some neo-Matrix-cartel including Microsoft, which knows better what's good for me?
I don't think there's going to be any escaping the necessity to use Directory Services: if you're on the web you have identity, even as an Anonymous Coward. Question is: are you in control?
And if this is such fundamental infrastructure, should it be Open Source? Is it sane for core infrastructure to be anything but Open Source and publicly controlled?
So name the open source alternatives
by
DrXym
·
· Score: 4
If MS is selling authentication services, what are the open source equivalents?
Surely someone somewhere in GPL land has written some code that let's you do what their passport software does. If so let's hear about it!
Re:So name the open source alternatives
by
pa_jones
·
· Score: 1
http://www.microsoft.com/billgates/speeches/2001/0 3-19hailstorm.asp
Remarks by Bill Gates, HailStorm Announcement, Redmond, Wash., March 19, 2001
"Passport is achieving very significant critical mass. All Hotmail users, of course, get a Passport. There are many third-party Web sites that we are working with to make sure that they get people to use Passport as part of their authentication. In fact, that was part of the relationship we had with people like eBay and many others, is to say, let's get Passport, so you only have to log in one time, and you get exactly what you want there. So it's our goal to have virtually everybody who uses the Internet to have one of these Passport connections"
I agree that Hailstorm/Passport is not generating the degree of analysis/discussion that it might - I was very suprised that there were not more comments about Passport and Hailstorm in the responses to Katz' recent articles about Microsoft's success.
Hailstorm seems to be about XML and SOAP driven by (in a business sense) Passport authentication. Is something like Zope (www.zope.org) an open source project which should be better developer supported in response?
Re:So name the open source alternatives
by
jeffy124
·
· Score: 1
some implementation of LDAP, or its big brother, X.500? maybe in conjunction w/ using certs?
You're describing somethign akin of PKIs: Public Key Infrastructures. If the name doesnt imply this, they also carry an entity's public key, in addition to certs.
-- The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Re:So name the open source alternatives
by
jeffy124
·
· Score: 2
-- The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Re:the appeal of a single sign on
by
aswartz
·
· Score: 1
I agree that single sign on is something that we really need to work on. That's why I started the Webwide discussion group to try and hash out an open standard and some open source implementations. We haven't seen much action yet, but you're welcome to join.
As for storage, something like OceanStore would probably be best, but no full implementation exists yet, to my knowledge.
It's so funny to read all the posts comparing Sun and Oracle's Net PCs to "time shared computers of the past" and "glorified x-terminals".
Just how many of those dumb PC magazines do you people get at work?
Nick may be a little off here and there ("benificient dictator" as opposed to "benevolent...") but that's no biggie.
I don't know or care about MS products and services.I've seen them fuck too many good people, whether employee or owner, government and private, for me to ever care what Microsoft thinks/does/shits.
But I can say that I've worked on a distributed system for a few years, and there is such a thing as a NC...not PCs, not timeshared, not NFS, not X-terminals, and probably what MS would like to see the Xbox evolve into.
Good God, I wish some of the Microsoft sheep that hang out around here would stop reading their "PC Wanker" magazines and start thinking once in awhile.
Treatment, not tyranny. End the drug war and free our American POWs.
--
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
From then on all you'll see is a dialog box that pops up saying "Do you want to buy this? YES NO" Peopel will just hit yes and barely think about. Since all the info is already in Hailstorm, you won't need to retype your cc.
Better yet why bother with the dialog box? You click it you've bought it...errr leased it... Goes even futher towards making your forget you're paying every time you open a file or watch a video.
So when you buy stock you also look at the past?
by
Otis_INF
·
· Score: 1
You must remember that this is MS running the servers. Now, last I checked, they didn't exactly have a very good track record on security.
In the past that is. When you eventually have some money to spend and think of buying stock, which stock would you buy? a) the one that made a lot of money for brokers 2 years ago or b) the one that will probably make you a lot of money because they have their things worked out ok and are making it better every day?
--
--
Never underestimate the relief of true separation of Religion and State.
while I appreciate raising the alarm - this is an insightful piece - I couldn't help but wonder why he thinks NC would have been good under Sun's control. Clearly.NET will be a nightmare under the monopolistic control of M$ - but Sun is just as hungry for monopoly as Microsoft, and would hardly have shepherded the concept any more benevolently than M$ would. The NC *was* a failed concept and for good reason!
-- Don't blame me - I voted for Howard Dean. http://dean2004.blogspot.com
NC sucked balls and I'm glad it lost. The specter of losing all control of your PC to Larry Ellison's Oracle empire was perceivd as, if you can believe it, worse than Microsoft to the user base, and so it died. Good riddance.
I think MS has a good chance of making this happen. Its not a certainty but it is very possible. IMHO it all starts from the desktop monopoly.
The key is that when Hailstorm gets integrated into applications (instead of being "on the web") people won't feel as uncomfortable with it. They won't even notice its happening.
Imagine that some music distribution company offers a jukebox like system where you pay a small amount of money to instantly play a song. If they teamed up with MS, they could install this ability in MS Media Player to log you into Hailstorm so you could "securely" transmit finaical information neccesary to get the song. And the normal user barely even notices becasue all the info gets typed into regular windows dialog boxes that don't look anything like the "scary, unsafe" web. For the music industry its great because they don't have to worry about keeping user accounts and the security. For MS its great becasue they get money even though they have nothing to do with music. Hell, that might even make it easy for artists to directly charge for music. Easy distribution, and easy money collection. It works with anything. Like the MLB's plan to charge people for the game broadcasts.
Its all perception. People get scared only when they take out their credit card and type it into the computer. Imagine MLB get you to type in your credit card just once into Hailstorm. From then on all you'll see is a dialog box that pops up saying "Do you want to buy this? YES NO" Peopel will just hit yes and barely think about. Since all the info is already in Hailstorm, you won't need to retype your cc.
Once people are in the system and comfortable with it other companies will dive in. Make the same modification to Internet Explorer and then companies can sell you stuff over the internet using Hailstorm as the payment scheme (a la PayPal)Companies probably won't even give you any option other than paying via Hailstorm since its a lot easier for them.
And this is exactly what the article is getting to. MS suddenly becomes the doorway to a whole host of services. In other words _everyone_ is dependant on MS. MS can raise prices however they see fit since comapanies would need the MS user db to conduct transactions.
Nothing stops another company from introducing another service. But if the masses are dependent upon Microsoft applications, these companies will have a more difficult time getting these MS apps to work seamlessly with their services instead of Microsoft's. Microsoft thus leverages their desktop monopoly to gain a foothold and perhaps dominance/monopoly in another market.
Sure, end users may like this idea, but if those running the computer systems don't go for it, it won't fly. I would think those who know and love UNIX and its 'many tools' philosophy will be aprehensive about.NET's one really big monolithic (bloated?) tool.
-- Go green: turn off your refrigerator.
Re:Two .NETs at issue here
by
Wesley+Felter
·
· Score: 3
Yeah, but all that cool auto-managing software that NCs used could have run even better if it was installed on a real PC instead of an underpowered NC. Management is a software problem, so solve it with software, not hardware.
To see who is growing Marijuana, or other such illegal substances? And if so, is all they need a "picture" from this thing to get a search warrant? Shouldn't they need a search warrant to use this thing on your farm specifically?
-- What, me worry?
Re:As always, Cosmo said it best...
by
pyite
·
· Score: 1
Maybe it's easier to see things before the revolution and total flood of a certain status quo or what not. Or maybe I'm totally wrong, maybe the statement was meant to be completely crazy just movie talk. Excellent movie nonetheless.
--
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
... assuming that storing your data with Microsoft is as safe as storing your money with your bank.
Did i mention that the Microsoft-Bank will not assume responsability for losing your money?
the appeal of a single sign on
by
fetta
·
· Score: 4
Having a single sign-on has real benefits from the point of view of a non-technical user. End users want the experience that Hailstorm theoretically offers (at least some of the time). They are tired of remembering dozens of separate password. Unfortunately, lots of people don't worry that much about the privacy implications.
Is there a good open source alternative that can provide the same experience?
-- ** The opinions expressed here are my own, and do not reflect those of my employers - past, present, or future**
Re:the appeal of a single sign on
by
the_olo
·
· Score: 1
Yes, in Mozilla yopu can store passwords, but in the world of network computing you won't use a single machine from which you access services, one machine where your passwods can be stored. You'll likely connect from your palmtop, your office terminal, your toaster/refrigerator etc.
So unfortunately this has to be a central authentication entity.
Re:the appeal of a single sign on
by
ibirman
·
· Score: 1
Thats great, but what happens when I want to change my password? Will Mozilla happily change ALL the passwords it remembers? Automatically contact all those sites and say: please change the password to xxxxx?
This is what the "non-technical" folks want - show me a list of all the sites for which I signed up, and make sure all the passwords are correct, and by the way, sign off from any I have not used for a year.... How do we accomplish this in the open source domain?
Re:the appeal of a single sign on
by
linzeal
·
· Score: 1
Has there been any attempt to create an alternative to microsoft passport by the open source community ? That might be the kind of project that would make me put back on my coder hat. . .
Re:the appeal of a single sign on
by
inbox
·
· Score: 1
I think the best solution would be to have some kind of published standard (XML, anyone?) for operating as an "authenticator" with one company (or a small number of companies) being the "router" to those companies that actually do the authentication:
1. User attemps to gain access to some resource or web service.
2. Resource or Web Service checks with several "gateways" to find out which actual company does the authentication for this user.
3. The correct system is located, some encrypted (standard XML) data is passed back and forth and voila, the user gains access.
This way, you can choose who you want to be your authenticator (Microsoft or otherwise) and all the other sites and web services out there just know where to look to find your information (and only if you allow them to of course by providing the right password or key or what-have-you).
Re:the appeal of a single sign on
by
tb3
·
· Score: 2
Sounds like Princess Liea from Start Wars:
"The more you tighten your grasp, the more systems will slip through your fingers."
(Okay, flame me if I didn't get the quote exactly right.)
Re:the appeal of a single sign on
by
Yorrike
·
· Score: 1
Hailstorm sounds like something Hitler would have instigated. "Commense viv project Hailstorm".
Microsoft will NEVER have complete control over our data, thoughts, work etc. because people like us exist. The power they do have at the moment will slip away over time because they keep making stupid mistakes and people are just getting sick of it.
The bigger they are, the harder they fall, so goes an old pronoun.
----------------------------------------
--
Looks can be deceiving. Or CAN they?
Re:the appeal of a single sign on
by
kernalklink
·
· Score: 1
LDAP, which Microsoft is "extending and embracing" in Active Directory, is a great alternative for authentication. I am currently knee deep in deploying an iPlanet LDAP server. I work in a small (100 user) department in a university and we are going to use LDAP to eventually replace NIS+. Meanwhile the university IT department is plodding along with a proposed site wide Active Directory deployment. The great thing about LDAP is that it is platform independant. We have Windows, Mac OS and UNIX boxes that will be able to access data stored in our LDAP server. I recently read that Microsoft was petitioning to "extend" the capabilities of LDAP, look out!
Re:the appeal of a single sign on
by
jeffy124
·
· Score: 1
Should biometrics become mainstream someday (fingerprint scanners, etc), the problem of remembering passwords and user names would be simplified. You would simply use your biometric agent (retina, index finger) in places that currently ask for username/password.
-- The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Re:the appeal of a single sign on
by
jeffy124
·
· Score: 1
I posted a message elsewhere on this page about something in Java that also has the capability for single-sign-on. It's the Java Authorization & Authentication Service library.
-- The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
So, from what you're saying, basically, MS just wants to be one big Primary Domain Controller?
--
"I don't know that atheists should be considered citizens, nor should they be considered patriots." - George Bush
Re:the appeal of a single sign on
by
baumanj
·
· Score: 2
Does the name "HailStorm" remind anyone else of the "Hacker Hellstorm" from the movie Canadian Bacon? You remember, the machine created by R. J. Hacker to secretly take control of the nation's nuclear defense systems? Sounds a little to close to be coincidence to me.
More specifically related to this thread, how many people are using their toasters for email these days? Not many, I'm guessing, so why have the urge to offload all your passwords to some far away source so that they can be accessed from anywhere. I see no reason to let anyone manage my infomation en masse except me. In the MacOS, there's a handy utility called KeyChain (did this make it into OSX? I haven't used it yet) that can be used to manage passwords, and though it's not perfect yet, the OS supports voice recognition login, a significant step towards biometric authentication. As we all begin to have more wired appliances in our home, I see no reason why a local server (probably one that would also act as the firewall) like the motorized tie rack couldn't serve as a local password repository. Maybe it's a little complex for the average end user, but this same server could be accessed from anywhere, and yet private individuals control their own fate. There is a lot less incentive to hack John Doe's Blender/Firewall than there is to get into a repository of thousands of passwords. I think we're still a long way from needing corporate intervention in this domain.
-- "The general contract of the method run is that it may take any action whatsoever." -- Java 2 API
Yes, they will *USE* xml and SOAP the same way that IE *USES* HTML, in other words paying lip service to open standards, then extending them because they feel that they shouldn't be limited by sticking to standards.
I see two possible outcomes...
by
nick_danger
·
· Score: 1
From then on all you'll see is a dialog box that pops up saying "Do you want to buy this? YES NO" Peopel will just hit yes and barely think about. Since all the info is already in Hailstorm, you won't need to retype your cc.
Amazon.com begins to turn a profit due to license fees on their "One-Click" patent. Meanwhile, cost conscious consumers begin to shop less on the Internet, as MS, Amazon and the CC company's cut of the purchase drives up the cost of basic items sold on the web to a point where the local mom&pop can survive again.
Or, Amazon & MS enter a long protracted legal battle over the "One-Click" patent, where the courts finally throw it out. MS inadvertantly causes patent law in the US to be rewritten, effectively killing business process type patents, bringing sanity back to the system.
Hmm... Can someone tell me again who loses?
Who is the bigger fool: the fool, or the fool who believes what the fool is saying?
Who is Microsoft trying to sell .NET to?
by
Rhinobird
·
· Score: 1
Who is Microsoft trying to sell.NET to? It can't be ordinary consumers, because if everything is going to brought down off of the internet they'll have to contend with the fact that most users still use odinary dial up internet access. And will continue to do so for MANY years to come.
Not only that but they REFUSE to pay more for speedier internet access. I use my mom as an example. She ordered a second line specifically for dial up internet access. She has cable. Here in the Denver metro area cable is provided by AT&T. He phone service is AT&T. She could get cable modem service for $40/month but instead gets the second line for $10/month with $4/month dial up access with AT&T worldnet. She is content.
I personally can't live without my cable modem service. But this.NET stuff is going to REQUIRE some sort of broadband access to be useful at all, but most of this great country of ours still can't get any kind of broadband. In this area sometimes you can get DSL and cable service, sometimes you can get one or the other, a lot of time you can't get either for whatever reason.
I have a friend that couldn't even get basic cable in his area because "there's nothing but poor people in your area, why would we have cable in your area when there's no money there". That was when it was still TCI, not sure what the current attitude is toward Central City nowaways...still full of welfare cases though...
My point is, I guess, that until everybody and I mean everybody, has broadband this netpc or.NET or whatever, is not going to fly too well.
And it takes time to change infrastructure. Here in Colorado US West was sued for taking, sometimes, up to a YEAR to get BASIC PHONE SERVICE to new houses. Upgrading the old infrastucture in the old US West 14 state region just might be put on the back burner until they can deal with more basic issues
-- If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
Re:Who is Microsoft trying to sell .NET to?
by
phpAbUser
·
· Score: 1
As valid the point you bring up is, Microsoft's invested, and future interests lie primarily in business software.
The initial and possibly most dramatic reason for Microsoft to target businesses is cash flow. There is great potential among mass-service; however an individual business (with several hundred employees and computers to boot (pun intended)) can just as easily be considered mass as a county. One reason for this is the growing necessity for computers (and the internet) in even more traditional industries. Comparitively a business can also afford more per employee than the average consumer. This cash flow also fills the void, which has been pointed out by many of the previous commentators, of bandwidth. The fastest connections in the world are controlled by ISPs and large businesses.
It also should be noted that the major victims of Microsofts earlier "update addiction" policies were businesses. The change of formatting between Word95 and Word97 does not really bother John Doe. However, when there are 500 John Does who are responsible for there time, somebody takes notice, and tries to correct the problem (the only way they know how). If one business makes the leap to.NET, other businesses will be compelled to follow either for reasons of cooperation or competition.
Earlier comments gave the issue of piracy as a motive for moving to the.NET approach. This has truth as it allows Microsoft to concern itself less with what each subscriber actually uses. Useing services, Microsoft plans to dominate the desktop. MSN is currently based on dial-up connections, and in that way Microsoft ensures constant income.
One of the more puzzling aspects of the.NET plan is how it will affect future PC purchases. On the one hand, until now PCs have been bundled with Microsoft Operating Systems for many years. On the other hand, there is a general disrest amongst hardware vendors about this death grip (which ironically MS seeks to extend to all users). Perspectives on how this may unfold are, of course, greatly appreciated.
DISCLAIMERS:
Please take this comment with a grain of salt. I wrote it in an expository fashion; thusly opinions are often stated as fact
The word "business" above also includes other establishments of similar needs, such as Universities or *shudder* Government Agencies
----
-- PHP, it kicks ASP!
Not so! MSFT *is* going after open source
by
revbob
·
· Score: 2
And what's more, they're going after it exactly where they fired their opening volley: U.S. Government code.
There are a number of open source, GPL Government projects going on today, and a number of others where people are working to retrofit the GPL to existing codebases. I'm participating in one that's struggling to get started in HLA, the Defense Modeling & Simulation Office's High Level Architecture, which is the DOD standard for interoperating networked simulations.
A large number of very influential corporations would be tickled pink if the code that they developed using the taxpayers' money stays locked in their own private safes. Microsoft is simply the point man on this effort to perpetuate a whole apparatus of sweetheart deals and fraud against the American taxpayer.
The argument that GPL is somehow un-American seems absurd your average/. reader. In fact, we may be wondering why they would bother to even give an argument like that. Simple. That argument carries a lot of weight with program officers for the military who have to contend with superiors who really do see a Commie under every bed.
Never, never doubt that Microsoft means precisely what it says.
Re:As always, Cosmo said it best...
by
gilroy
·
· Score: 2
Blockquoth the poster:
That groovey seating was in fact a Cray. There is no purpose to that scence (other than the plot dissemnation)
I disagree. There is a prosaic use, which is that the room is soundproof and not bugged. There are deeper, more symbolic interpretations: First, that Cosmo's bosses haven't bugged the computer room, meaning they still don't "get" the impact of computers everywhere (as Cosmo does). Second, that Cosmo in times of trouble turns to his devices, not his henchmen or any friedns. Third, that the computer is again a mediator of secrets (as is the theme of the movie). Fourth, that Cosmo -- with his magic black box -- ironically doesn't notice he's relying on a computer for secrecy.
Did the scriptwriter or director intend all of those? Any of them? I'd be surprised. But that's what makes it art: It resonates with us on levels far surpassing the conscious intent of the artist.
As always, Cosmo said it best...
by
gilroy
·
· Score: 5
There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information. What we see and hear, how we work, what we think... it's all about the information!
Re:As always, Cosmo said it best...
by
Jim+the+Bad
·
· Score: 1
One scene that sticks out in that film for me is the bit where Ben Kingsley and Rob Redford are discussing plot and they wander into this glass booth, sit down on some groovy curved seating, and then get up and leave the booth.
That groovey seating was in fact a Cray. There is no purpose to that scence (other than the plot dissemnation) than too show off the Cray, something that only real hardcore nerds would notice. Which was nice.
--
--
And when Justice is gone, there is always... Force. --Laurie Anderson, "Oh Superman"
Re:Makes perfect sense, really.
by
Morbid+Curiosity
·
· Score: 2
Imagine what would happen if WalMart suddenly attacked and lobbied against thrift stores or charitable institutions. They could quite easily argue that the very exitance of low-cost/zero-cost goods destroys the industy. They would, however, endure a backlash they likely could not comprehend.
I think the main difference there is that the everyday person-on-the-street knows thrift stores and charitable institutions. They understand them, and recognise what they do. To most people, open source is something they don't know or understand, and their main source of information about it has been FUD marketed to them by people who don't like it.
Debunking that FUD is all well and good, but if people aren't also educated about what open source is and how it works, then they're never going to be able to make an informed decision, one way or the other.
If you can keep the appropriate people focussing their attention on trying to justify themselves, even against rather pointless and ineffectual attacks, they don't get quite as many people thinking "what are they up to?" as they would if they were just getting on with quietly rolling out their.NET plans - they're quite obviously whinging lamely about open source, right?
By giving the more zealous and vocal open source advocates a giant red "Kick Me!" sign to fire at (and fire they will; the target's too good to pass up), then commentary on the other things they're doing might just get lost in the noise.
Welcome to the Machiavellian world of PR. It's a lot more difficult to meta-moderate out there, and Microsoft is trolling.
So, according to Petreley, NC's have withered on the vine because of a massive and insidious FUD campaign by Microsoft to spur everyone not to buy one.
I'm sure the fact that you can buy a complete PC for what a NC cost had nothing to do with their demise.
As far as.NET is concerned the issue of authentication is overblown a little. People seem to focus on the evil-looking parts of.NET like authentication services and ASP software, and forget about what.NET really is. It is a runtime, like Java, that can run code written in several different languages. That part of it will succeed. The authentication stuff however will go down the tubes just like the ASPs are doing now.
There is not a widespread need for third-party authentication. Certainly not enough for there to be widespread services that everyone uses. The ASP model has failed to a large degree as well. If the 3rd party goes down(as MS has often done) or tanks as a business you are hosed. Most people won't risk this.
The part of.NET that will succeed is the programming model, because it does solve a need for a lot of programmers.
So what we have really is 2.NET's, one which will succeed, and one which will not do so well.
--
No, Thursday's out. How about never - is never good for you?
I'm sure the fact that you can buy a complete PC for what a NC cost had nothing to do with their demise.
Just my personal opinion and you've all the right to disagree.:)
The virtue of NC is not on saving hardware cost, rather it aimed at reducing administration time and cost.
During the time when NC were hyped I read an article on how messy is for a company to maintain hundreds of computers which are hard to control and maintain remotely. Consider the cost of fighting virus and illegal/misuse of individual computer within a company the concern is legitimate.
Even now I do think admin hundreds Windows 95/98 is like hell. I could never know what the users would do next, because they could almost do everything. Buying PCAnywhere? That'd add up to the cost. (Yes I know NetBus is free, but I don't want to eat lawsuit. ^_^)
(to be fair, life would be a lot easier if all workstations are NT, but then the cost would be must higher).
I'm sure what you said is true, PC's cost is comparable to NC. A PC is surely more suitable to home user, but for the corporate use I think NC is more appropriate.
Microsoft did everything to crash NC I can see it, and we can understand why. They made a big deal about the cost, and SUN's sales and market was by no mean be able to fight again MS'.:)  _ /. /    |\/| |\/| |\/| / Run, Bill!
Re:Do NOT follow fuckmicrosoft's advice...
by
loraksus
·
· Score: 1
why not? it won't hose your windows box. There is even a "security" program that kills the swap file on boot.
If you have enough ram you shouldn't even be using a swap file (I'm not, and got 768mb of ram in my 2k server box). Though I wouldn't reccomend it with 256mb of ram (although it is possible)
The slashdot 2 minute between postings limit:
Pissing off coffee drinking/.'ers since Spring 2001.
MS has gotten very good at pushing its solutions on the customer.
- When I first brought this home computer home and started it up, the first thing I saw was a screen that dialed up MS and further prompted me to enter data on myself, basically enforced registration. My identity as a new user was logged and stored away. I wonder to this day what information MS has on me, and if it's legal to obtain it. I believe it should. But my point is that I was guided down a narrow path, afraid to not deviate from it, and MS pushed my initial registration on me.
- When I installed Compaq (nee Digital, nee Powerstation) Visual Fortran, I was told that IE was necessary to use their online help (their only help). It promptly downloaded itself on my desktop and became the default for a bunch of files (.gif,.jpg, etc...). Again, I felt I had no choice but to comply, as part of the initialization process.
- Then when I loaded MS Visual basic onto my machine (God help me), I was forced this time (of course I had to use IE, but I was used to that) to establish a Passport account to finish the installation process! I never wanted a Passport account, man...
So, long story short, I got assimilated and now I have this red device sticking out of my ear.
No, wait. My point is is that the average user is also compelled to do all these things, essentially agree to be tracked and registered, just to run their desktop, or do their job at work. The idea of actually owning what you pay for is a distant memory in.NETland. You can flame me for being a sheep, but I don't have time to fight the power every damn time I turn around.
Here is an interesting link. It's IBM's 1995 Annual Report where the CEO talks all about network computing concepts. It's a good insight into what they thought this thing would be before it got all confusing with the dissembling and rambling explanations of what.NET is and isn't. Man, if you ever wanted an example of doublespeak, you only have to read MS press releases. Black and White are what Bill says they are.
-- SDMI: Finally! Music that won't rip or burn! Brought to you by the fine folks at RIAA.
Need I even point this out...
by
cascadefx
·
· Score: 2
NC's are interesting, I'll admit, but give me a computer any day. When that 13 year old decides to DOS the network pipe that I use to get all those lovely.NET apps, I'm screwed on an NC. However, local tools and apps on a full blown PC will allow me to wile away the hours of the attack balancing my checkbook, playing some games and brushing up on Perl by putting Komodo through its paces.
The problem with the NC model is that it relies on a stable, secure, high-bandwidth connection that has 99.9999% uptime. Can anyone tell me of a network that meets these requirements?
The counter argument is that no computer has a 99.9999% uptime either and that any system can fail locally as well. The response to this argument lies in the idea of local control. If my hard drive fails and I have a report due tomorrow, I can choose to put in a new hard drive and could have myself up and running again relatively quickly. The NC model places those decisions and priorities in the locus of control of someone else. Who is to say that they have my best interests in mind? If you want an example, look at the DNS problems Microsoft had a while back. As a network consultant and support technician, I unfortunately have to spend hours digging through the sludge of Microsoft's technical papers and knowledgebase hoping to find answers to this new problem or that. For three days, during the DNS debacle (can anyone figure out why they didn't have an off-site DNS?!?!... The Road Ahead for sure!), people were out of luck when it came to getting access to those resources. Let me tell you, if the phone system of the US was down for three days, there would be congressional hearings and someone would probably be facing jail time. Now, I'm not saying that a company should be held responsible for its website being down for three days, but if that company was also providing "essential services" (as the.NET strategy is hoping companies will), then I believe that the level of accountability should rise in proportion to the critical nature of the services that are provided.
We have a scary future ahead of us my friends. But you guys already know that, don't you?
Re:Renamed: Or, just say the truth...
by
jaga~
·
· Score: 1
besides being a bad joke, all you would do is martyr the fool, and we don't need that. Let him serve his 4 years and embarress the republican party, then hopefully we can get someone to run that a decent human being would actually want to vote for, as opposed to against (like last election)
--
"This is where god would go if he wanted to get off blow!"
If you have an always-on Net connection, and you've got say Sendmail and Apache on it, it's trivial to read your mail from anywhere there's a Web browser (without trusting Hot Mail). Your address book? Just a little Perl or PHP and a database.
Okay, that's a few steps short of having your desktop appear on any terminal for you, but those are relatively short steps. Given an always-on connection at the home end, it's possible to set up a nice package accessible from anywhere. Heck, it can even, as Microsoft bought multi-page ads in the NY Times last week to marvel on, read e-mail addressed to several different accounts, from a single mailbox! Wow.
Basically it looks like Microsoft wins if (1) we don't ever get to always-on being the regular thing and (2) some crafty folks don't put together some standard beginner's collection of largely-already-available stuff into something like a Home Base Linux distro.
No one wants a time share on a mainframe.
-- "with their freedom lost all virtue lose" - Milton
It shows that there is really no knowledge of antisemitism taught in the US schools.
How come they never heard of the Tivoli programme, when it's part of your US history?
White people everywhere should be forced to study antisemitism in detail so they will NEVER AGAIN make the mistakes their forebears made.
There is no excuse for not knowing that Tivoli is a tainted name so I agree that the people behind the Tivoli software should be held criminally accountable under the law on the charge of incitement to hatred against the Chosen People.
Jews are not considered to be white because they have been persecuted by white people for centuries and do not share their shameful history of oppression, slavery, colonisation and genocide.
They share many physical characteristics with the people whom they live amongst, that is why the European jews resemble the whites of Europe and have white sounding names. But there are black jews, middle eastern jews and asian jews as well.
For example Lenny Kravitz is a black jew.
Calling jews white tarnishes them with hatefull events to which they have no part and is therefore an antisemitic remark.
I think that they are doomed to fail as a mainstream "PC replacement" for a reason I haven't seen anyone else cite. That reason is; PCs are cheap.
Another reason: there's a BIG difference between a LAN (which basically is the niche you mentioned) and the Internet. MS's solution amount to trusting every bit you have to Uncle Bill. Bad. On the other hand, having a LAN in your office and lightweight PCs (aka NC) does make a lot of sense.
And it's even less original than the article says: remember those "boot ROMs" for diskless Novell workstations? Windows 3.x installed in the server? That worked, and worked REAL good. I am/used to be a CNE, and did gazillions of installations like that. Everyone was happy. Office ran exactly as fast as in HD installations. It had everything a NC has except buzzword compliance.
And what killed that? The bloat that was Windows 95. Can't have it executed from the server. Bugger.
A different view of MS tactics
by
chompz
·
· Score: 1
I noticed a little inconsistansy in MS's words and actions as well, but with different issues, the pressures they have been placing on AOL. MS has been squabling with AOL about including the new AOL 6.0 with windows XP for quite some time, this did not shock me. However, when they started pressuring AOL to adopt MSN Messenger protocols so "our phone can talk to your phone".
Placing this with all the new opinions from folks such as this writer, I am starting to come up with my own intrepretation of what is happening.
MS is warry of impending breakup, they pray that thier lawyers can get the off on thier appeal, but they are not certain. Because of the threat of seperation, they are trying to strengthen each of the portions of thier company, by increasing market share in the OS market, server market, ISP market, and applications market. They simply do not some small off the wall contender entering the market to take the lead during the confusion of the breakup.
MS isn't trying to control everything forever, they are simply trying to increase thier market share so that thier divided companies will be in good positions after the breakup.
Maybe I'm being paranoid, but MS is really scaring me lately.
Assimilation has been threatened. Beware.
-- Spring is here. Don't believe me, look outside!
What value is free speech if not found (heard)?
by
justin+sane
·
· Score: 1
Taking the "importnatce of being found" concept further: of what value will free speech be in Microsft's world dominant authentication/smart-tag-controlled scheme? Free speech is only as effective as the openess and pervasiveness of the medium. In the original thirteen colonies, street corners and town meetings were fairly pervasive media. Many individuals (except women;-) had access. Many people hoped the internet would be that analog. Hailstorm will ensure it will not BTW, I for one. believe that is why msart tags will not be in Europe--privacy and media dominance issue, not localization. The EU is much less tolerant on M$ hegemony that the materialistic, "what's-good-for-business-is-good-for-the-country" US tone of late.
Actually, gnusnorf 0.13beta and gnufroop-2.73 don't work together without first installing the latest gnufoo library (0.92.1.1.27) and recompiling the sources after 10 pm EST. Unless you're using the Hungarian sources, in which case you need to sprinkle the blood of a dead moose over the CD-ROM or the NIC, depending on how you're obtaining the sources.
hee-hee
--
He who joyfully marches in rank and file has already earned my contempt. - "Big Al" Einstein
Re:Renamed: Or, just say the truth...
by
linzeal
·
· Score: 1
What happens when the person is in another country? Does the secret service only have jurisdiction in this country for investigating assasination plots against the president? I mean bin laden is rumored now to attempt to take out old georgie in the g-8 forum coming up in july, but what if some kid in iceland or some other remote place makes such a threat?
People seem to be of the idea (maybe through the much greater advertising) that you need a huge, powerful PC to get the best out of the "web" or "multimedia".
I agree completely with this. It's not the fault of the users but it marketing that pushes this idea. ("Buy, Buy, BUY!") Look, I am a geek and like computers but I can tell you that my current needs do not exceed a P-II-233 with 128Meg RAM. Please tell me now *where* I can buy for, let's say, 250$ such a "new" PC? Come on, even the smallest Celerons are 500Mhz nowadays. No: don't start with "hey, buy a used PC" but then go and look at the "used" PC prices...Yup...250$ is a P166 or so. P-II's? Forget it, they are just a bit less expensive than the cheapest new Celerons. In that case it is just not *worth* buying a used PC.
Or I live in an expensive country....Could be that.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
You're a whiner..really. There is something usefull called "paper" on which you can write down password/user ID combinations. Just lock away that document somewhere at home and you're safe. Actually all my passwords/userID combinations I even owned are stored safely in my Psion (PDA for the uninformed) and saved with a password. So I only have exactly one password to remember. Since it is regularly synchronized with my PC I nearly have no risk of data loss and I have my PDA all the time with me. This means: you won't get your hands on it to read the passwords without me knowing it.
Second thing (which form security point of view is not ideal, but usefull...depends on your own paranoia) is that you could easily use the same password/userID combination for less important things. I'm not going to secure my slashdot account with a 14-char password because I fear to be 0wn3d and that trolls will start to exploit my account. My root password on the other hand, has 14-chars because I consider it important.
Now, you see: with a bit of discipline and common sense, do you need something like Passport(tm)(c)(r) or even Mozilla/IE5.x remembering your passwords (I disabled it) Oh, *you* don't have common sense. Sorry, forgot I was talking to/.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
MS has a monopoly. MS would like to continue that monopoly in every facet they can. So here we have several things:
MS wants to control software distribution how it sees fit:
SharedSource
.NET
HailStorm
SmartTags
MS must keep the public from knowing it's overall plan if it is to succeed:
IIS hack issues
Calling attention to OpenSource v. SharedSource, etc.
Picking as many fights as they can, publicly.
MS must control the internet and it's content in order to monopolize this next frontier
If MS does monopolize this next frontier, marketing can be forced down the throat of every person on the planet.
If MS does monopolize the internet, they can even have control over the marketing which is done on the internet by using a dynamic pricing structure to attain their goals and keep control over what marketers can/can't do.
These are just things to think about, but if you analyze what they're doing from afar, you will begin to see a clear pattern and direction they are taking in the "cloud of dust". I don't respect MS because they have no integrity, and they don't care about integrity. This is proven because everytime they market something, and lie about things, they just call it marketing and make no amends. Honesty is the best policy now a days. The truth will set us all free. --SuperBug
This guy just sounds bitter about his flopped webzine.
I mean really - if Microsoft comes along with a bunch of NC like services and tries to shove them into clients, the clients are going to make *intelligent decisions* with respect to whether they meet their companies requirements.
I work for an investment bank, and we use Lotus Notes here. I would like to right now register my utter disgust at Lotus Notes. But on we go - the point is that at some stage the IT people made an assessment - Outlook or Notes? Notes did more of the stuff they wanted, hence that is what we have.
We engage, with respect to Microsoft, in a kind of FUD campaign. We convince ourselves they are a threat, always. We automatically assume they are omnipotent, very threatening, and unstoppable, without considering "Hey, is this idea of theirs actually going to work?"
IMHO - micropayment services and storing data off location, using NCs to access it, will not take off. Why? Because companies are just peachy with how everything works currently. My company still uses Office 97. MS will have to cook up something *damn* good to counteract natural corporate inertia. And if they do? Well done MS. They will have proved themselves worthy of the market share they gain.
My 2c.
Luke.
-- Ash OS durbatulk, ash OS gimbatul, ash OS thrakatulk, agh burzum-ishi krimpatul! Uzg-MS-ishi amal fauthut burgulli.
I think you're completely correct about shopping and such, but you're neglecting the fact that although M$ is a monopoly, that monopoly doesn't yet extend to the manufacture of shrink-wrap and glossy paperboard.
RedHat, Mandrake, et al. are doing a decent job of moving into the glossy boxes and no-command-prompt installer territory.
Obviously M$ has quite the marketing machine, but don't make it sound like nobody else can get a glossy box on the shelf.
K45.
-- This signature has eleven vowels.
Re:No, really, I insist.
by
GunFodder
·
· Score: 2
This is a good point. That's why I keep all of my money at home stuffed in my mattress. Most people foolishly trust a bank to hold that money, but who knows what they will do with it? They might mistakenly transfer it to some bozo or accidentally divide my balance by 2.
Some friends tell me it is convenient to use these ATM things, but I can always go home and get more money if I need it, I don't ever want to leave town anyway. And this way I get to set up my own security. They tried to sell me some fancy alarm system, but I just keep the door locked and all the windows except for on the second story, 'cause no one is going to climb into a second story window.
The state of computing has changed somewhat since Ellison and McNealy first started touting the NC. That was about 5 years ago, and if you believe Moore's Law then computers are about 10 times faster today than they were in 1996. That means today you can really use a VM (like JVM) to run programs. In 1996 computers really were just too slow, even with the elusive JIT compilers. Bandwidth to the Internet was different too. Most people had somewhere between 14.4K and 56K. That just wasn't fast enough to realize the NC vision. Today, DSL and Cable are providing 10x to 100x the bandwidth for roughly the same price.
So, we've had a 10x jump in computing power and a 10x jump in bandwidth. I hate to see Microsoft monopolize just as much as the next geek, but timing is everything and their timing is much better. They've kept their powder dry until it was pragmatically feasible and now they're unleashing Hell.
Don't get mad, get even. Or...
None of this would have been possible without the mind-control ray, which has been working beautifully.
Now we know why MS has such a dominant position in the desktop market... They have a mind-control ray... Thats why they have been able to convince the weak minded drones to comply.
First of all, in Linux, you 0wn the system if you want to.
and when you're done with that, you can 0wn every linux box on your cable modem node. thanks, red hat!
--saint ----
Bill Gates going to meet his Waterloo?
by
StarTux
·
· Score: 1
You have to blame my parents for me remembering this:
Line from Abba's song "Waterloo"
"At Waterloo, Napoleon did surrender".
I wonder...
"On the 'Net, Bill Gates did surrender".
Lets hope so....I personnally believe that.Net will be his Waterloo. I do not believe Microsoft would just disappear, but they would change.
Sorry for inflicting Abba on the Slashdot audience...
Sir StarTux
Re:Why government is a *Good Thing*
by
acceleriter
·
· Score: 1
But yet a strict Libertarian would have no problem with Microsoft introducing an MS dominated digital ID--a (shudder).NET driver's license, if you will. And no problem with businesses requiring that you have one of these ID's to transact business with them--after all, you both have the right to free association, right? If you don't like it, you can take your business elsewhere, right?
Then it's OK to have a society in which one can get along without a Microsoft ID in the same way one can get along without any sort of credit or debit card now--not very darn well, in spades.
It may well come to the point at which, due to that right of free association and the fact that the government can't force private businesses to do otherwise, that "no man might buy or sell, save he that had the mark."
Perhaps Bill Gates is the Antichrist.
--
CEE5210S The signal SIGHUP was received.
Do NOT follow fuckmicrosoft's advice...
by
Kasreyn
·
· Score: 2
...deliberately harmful "advice" there which will hose your Windows box. I suspect the site is either a cruel prank or a sarcastic joke, but it's certainly not clear to any poor Windows luser who stumbles by that they shouldn't ACTUALLY delete win386.swp (THE SWAP FILE).
The only "tips" on that page are for clearing temp internet files and other stuff that's only slightly beyond the average AOL luser. Nothing actually worth reading (that is, nothing I didn't discover a month after I started using Windows).
-Kasreyn
-- Kasreyn: Cheerfully playing the part of Devil's Advocate to hairtrigger/. flamers since 1999.
Re:Do NOT follow fuckmicrosoft's advice...
by
ffsnjb
·
· Score: 1
Not using swap kicks ass and makes windows so much faster (mmm, less disk I/O on startup). I'm running 98SE on a p2-233 with 384 megs, of which about 54 megs is used by windows, so there's plenty for everything else. It's a bitch that Q3a won't run without being able to create space in swap, although there might be an option to override this. I didn't have it installed long enough to check.
-- "Why do you consent to live in ignorance and fear?" - Bad Religion
X-Box, PSII, etc... they're all NC!
by
nofud
·
· Score: 2
A NC is just an appliance, with some processing power (not much), broadband access, graphical capabilities and maybe a small harddrive (low-cost storage).
Microsoft has an NC, it's called the X-Box.
Sony tries to play catch-up with the PSII, with the recent agreements with AOL, Real, Macromedia, etc...
Nokia has also a NC in the works (not based on a gaming platform but on an Tivo-like appliance running Linux)
But of those three only one will win, and it's Microsoft. They have as much cash as the others, but they have majors advantages like mindshare in the public (joe won't buy a PSII to check its email, but a microsoft thingy like the one he's got at the office) and a huge base of developers.
Game Over.
-- --
p a n a p i c - panoramas des alpes: Mont-Blanc, Mont-Rose, Cervin, etc...
Funny, I was just reading an article by Bill Gates on.NET. The article explains.NET quite elegantly: "A company offering an online electronic-payment service can expose its service to partners, so that they can deliver it as part of their own offering -- regardless of what platform they are using."
Of course, Microsoft will always push their platform as the "best" one to build Web services on. But I think we should applaud the fact that two major proprietary behemoths have finally started pushing "open standards" -- IBM and Microsoft. Don't forget how unrealistic this would have been only a few years ago.
I think it's time to take a step back from all of this Microsoft-bashing and realize that at least we finally pushed them into a corner. They can't push a Windows-only solution anymore. Sun has cornered the market on "open standards" with Java. Microsoft HAS to counter -- as long as they keep pushing something Windows-only, they will lose customers.
What we are seeing here is what we have been asking for all along -- "Microsoft, will you finally support standards?" Why is it that when they agree to support XML and SOAP, and at least do lip-service to the "open standards" idea, we continue to bash them and whine about how Sun did this 10 years ago?
OMG! Someone on/. actually realized that Microsoft might finally be creating A Good Thing.
.NET is not about storing personal information on M$ servers. Hailstorm is about doing this, and is BUILT using M% technology. Saying.NET is a technology for storing personal information is like saying C++ is a technology for building flight simulators
.NET is about interoperability. It is a development system that can be ported to any platform and is designed to interoperate with other languages using OPEN STANDARDS (i.e. SOAP). This is A Good Thing.
Re:True Confession/Rant of Ex Microsoft User!
by
wizardguy
·
· Score: 1
This must be a troll right ? So the W2K TCP/IP stack sucks right ? In the old days of Win 3.1 and WFW there were multiple vendors selling TCP/IP stacks . Did you ever work with them ? getting them to talk to each other ?
Yes COM and NT was good but they suffered limitations. Have you ever built distributed systems based on the Windows DNA model ?
The whole thing fell apart when your consumers were behind firwalls and not in your domain.
SOAP is a godsend in order to fix that problem and.NET Framework provides a more elegent solution (tcp channels) to fix the entire problem of distirbuted computing without using plaintext exchanges. Even CORBA/IIOP is a pain in the neck , try getting it to work with multiple vendors (sorry , you need this version of this TCP/IC stack , wtf is with that ? why can't they just use winsock ?)
My data is already on a server at work...
by
SkimTony
·
· Score: 1
I work in the IS department of a reasonably large medical school (4500 or so network users), and this already happens. We have network shares for each user, and one for each department, and they show up as drive letters in Windows, consistent for each user. The really amazing thing about this? The number of users who don't realize that their data isn't stored on the computer in front of them. "You mean the H: drive isn't in my computer? But it's always here."
Bottom line, you know where your data is, I know where my data is, but we're special. Joe and Jane User may not even notice when M$ starts doing this. When SUN tried to do this in the 90's, they were trying to get sysadmins to buy it. But M$ is selling this to the AOL users who thought that Usenet was part of their service, and the people who see my name on instant messenger and wonder why they can't send mail to my "AOL account."
Bottom line is, the eyes will meet the wool, and Microsoft will probably move forward with this.
Authentication *shuddering* This is the whole reason I will be avoiding Office XP and Windows XP. 2000 does what I need and I will stay with it until it doesn't... and if MS still believes in authentication then I will jump ship to Linux or BeOS where I can be me without worry about getting permission to use my computer.
Why not start an open source verson?
by
bike_head
·
· Score: 1
I was having a discussion with a CTO about Microsoft's.NET and whether it would be successful. My take on it was that the crux of Microsofts success for this is to take control of key data services like authentication.
So what would happen if an open source version of these serives appeared that hooked into the.NET infrastructure? Think of something similar to SAMBA where one reverse engineers the service so that it become feasable to use an alternative to Microsoft servers.
I believe this would be devistating to Microsoft since they will have committed the world to a networked web services where the platform doesn't matter, but lost the control of the key services.
The rest of the.NET infrastructure seems to be easily reproducable by third-party vendors (Microsoft even gives lipservice to this). This opens the door for Linux and other vendors to integrate with this infrastructure and commoditizes it.
Microsoft seems blinded by greed, as so many that have gone before. They don't NEED to tighten the thumbscrews on corporate america. Corporate America has their checkbooks open and their pens dripping with ink for Microsoft.
All Microsoft has to do is provide excellent quality, stable products and top-notch service and support. There is NO better way to maintain the undying loyalty and servitude of your customers. Big businesses that use M$ products are ALREADY addicted - lock, stock, and barrel.
Like so many conquerors throughout history, whose downfall was brought about as they were blinded by greed, Microsoft is shooting itself in the foot. They are defeating the very hegemony they hope to sustain by intensifying the force their will upon the masses in a blind panic to ever increase profit.
I say to you, Alexander The Great, Caesar, Napolean, Hitler, and ye, Bill Gates: You could have won! You could have had it all! You blathering, greedy fools! You shall never know true wealth.
-- Knowledge is like ignorance.. too much can be just as bad as not enough.
but Passport user authentication system which Hailstorm depends on is everywhere. If you don't use it you are on your own.
Gates is looking to take Oracle and SAP to the cleaners, Hailstorm is the smokescreen for that agenda.
Smart admin would avoid their Oracle and SAP servers be able to publicly accessible. E.g. the websites only get a snapshot of the Oracle database image from an internal Oracle server. What.NET does would compromise the security by centalizing the authenication to somewhere else, while putting Oracle and SAP servers at risk of being publicly accessible.
Oracle and SAP see this, but they'll still cooperate with.NET, as there are lots more idiots who believe everything sales said. I know a PHB putting employees database in a public webserver. Microsoft needs customers like him.
Network Computers failed for the very good reason that MIS managers looking to torture their victims
Nothing torture me like admin hundreds Windows 95/98 desktops.
 _ /. /    |\/| |\/| |\/| / Run, Bill!
M$ has done a better job than the competition
by
rfsayre
·
· Score: 3
I think this cat is overlooking how much M$ has done make the idea of NC-type operations palatable to consumers. I'm not a big fan, but they've done a couple useful things.
1.) They make great web browsers. Sure, they've got privacy issues and they're closed, but they work pretty damn well. I type this from IE5 mac, which is a pleasure to use. Making web pages look as good as MS Word documents gives consumers confidence.
2.) They run Hotmail. Everybody's used this at least once. It's a great example of data accessibility. Another great examlpe is Corbis.
Another factor here is connectivity. There's much better and faster Net access now than there used to be. People couldn't see the benefit of NCs when all they had was 10base-T at work and modem everywhere else. At that time, NCs offered little benefit over carrying a floppy over to your co-worker's desk. With the spread of broadband, 802.11b, and faster ethernet, NCs are a much more practical idea.
M$ is also launching services, rather than trying sell you what appears to be a shitty computer. I think this is pretty key. The problem with previous NC initiatives is that they were hardware based. A guiding principle of NC thought should be that "hardware matters little". So why in the world would Sun be interested?
Re:Scary - but it may be Microsoft's downfall
by
baptiste
·
· Score: 2
Why does everybody think households worldwide are just DYING to shell out even MORE moeny for media? I mean come on! We already pay $50/month for cable/satellite, $30/month for Internet access. Why does eveyrone think folks are going to shell out more sizable dollars on reruns and stuff? Video on demand and all this interactive TV BS is a fad and unless its priced to a level folks don't care (say $1 maybe) it won't work and if it is priced that low and they try to convince you they'll 'Make it up on volume' lookup dot.com bubble.
Scary - but it may be Microsoft's downfall
by
baptiste
·
· Score: 4
Lets be realistic here, is this really going to happen? Microsoft sure thinks so but maybe they're going to have another massive project blow up in their face (remember Bob?)
The money is NOT with personal PCs - hell half are using pirated software anyway! Its the business customers. Well, do you think any IT Director with half a brain is going to suggest letting Microsoft a) handle authentication to their sensitive data nad b) allow that data to be stored @ microsoft? I didn't think so. Plus can you imagine the strain on the already overloaded internet pipes of most major companies? Same goes for personal users - till that last mile is fiber - well.NET will just be too slow.
Now MS may make $$$ selling a.NET type package that runs on internal corporate PCs, but ala samba, we'll just emulate it was necessary while adhering to whatever standard comes out of all this.
Personally, I agree with teh author one one point - the NC got shafted. From a corporate view it was an AWESOME idea. Having maanged PC deployments and disk images, etc it was awful. Being able to toss a cokie cutter box onto the network, hit power and it boots up based on serial # and user config - what a dream - too bad nobody could make it work right:(
Re:Scary - but it may be Microsoft's downfall
by
banshee2000
·
· Score: 1
do you think any IT Director with half a brain is going to suggest letting Microsoft a) handle authentication to their sensitive data nad b) allow that data to be stored @ microsoft? I didn't think so
Think again:P. There are a myriad of corporations out there that have IT dirs and mgrs (as well as VPs+) who are complete M$ bigots, read nothing but pro-M$ literature, cannot tolerate any deviance from their stance and will weed-out any employee who suggests any other application other than M$.
What you failed to grasp in your analogy was that money marries money... corps follow what other corps do blindly because in order for monopolies to exist, there has to be complete cooperation among the "old boys".
I'd like to think this a conspiracy theory but cannot. Why else would so many huge corps (and gov't agencies) still hang on to and even upgrade their M$ o/s's no matter the cost or proven lack of support, reliability and speed. It aint rocket science folx.
First of all get your facts straight. Bill Gates donates billions of dollars to charities, and in his will, he's leaving 3 or 4 million dollars to his family, with the rest being donates to charities.
I don't like Microsoft any more than the average slashdot reader, and I don't agree with Microsoft's or Bill Gates' opinions, but that has nothing to do with Bill Gates himself, and what he does with his money.
Pierre Elliot Trudeau, a former Canadian prime-minister said the following, "Never attack the individual. One can be in total disagreement with someone without denigrating him as a consequence"
-- "Knowledge makes us accountable." - Che Guevara
You are damn right the NC is the MIS managers wet dream: try to maintain a site with hundreds of windows PCs, have software installed and upgraded on each one of them, do routine maintenance on each PC's hard disk etc etc. Then we can talk.
Unfortunately the MIS managers tended to be as interested in recovering control over the corporate nervous system as control over costs. Back in the 1980s I made money by writing apps to screen scrape data out of corporate mainframes so the middle managers could feed it into Lotus 1-2-3. The MIS managers could have provided the data but they refused point blank to do so. It was all a power-game.
Besides, you DON'T need an 800MHz PIII, 128MB RAM and a 20Gb hard disk on EVERY PC in your network
But when that setup costs $500 from a computer store the premise that the Network computer would save money by reducing the hardware costs collapsed.
The Network computer failed for many reasons, not least the fact that there was no significant application support for the device. The lack of a hard disk was always going to be a drag on performance though. The idea of eliminating local user storage is not a bad one, end users should probably only have access to a centrally managed file store. The idea of no local long term storage was a complete loser however, as anyone who has used a diskless workstation knows.
It is not suprising that network computers were easy to manage. They could not be used for anything useful. What is more Sun and Oracle appeared to be spending more on idiotic TV ads than on writing aps to make them useful. If Sun had bought Star Office earlier they might have had a point.
Ultimately I see the whole Sun vs. Microsoft thing as denial on the part of Sun. Microsoft is not going to kill Sun, but Intel and Linux will. A high end linux box can be bought for a tenth the cost of the equivalent Sun box.
Also, C# is not an evolution of C++. C# is java under a different name, what microsft thinks java should have been.
Not actually true, If Sun had not behaved as it did then C# might have evolved out of Java. C# is actually built on top of the C++ compiler back end by the C++ team. The feature set is essentially a combination of C, COM and Visual Basic. It is possible to translate from Java into C# but it is also possible to translate from Visual Basic to C# so that hardly makes the languages equivalent. Sun is not the first company ever to suggest a new programming language, nor was Java successful for any new features, even the byte code interpreter has been arround on micros for 25 years (UCSD p system).
Sun's behavior with Java was pretty inexcusable. The idea that we should all be forced to agree to the decisions of one company when it comes to the feature set of a programming language is stupid. Sun deliberately crippled the native language interface for their own purposes. But many of the users of J++ simply wanted a better language than Visual Basic to write one off applications and did not give a monkeys about 'running everywhere'.
--
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
The author of the article does not appear to know anything about.NET, authentication services or much else.
Contrary to the discussions on this board.NET has nothing much in common with Sun's failled Network Computer. The Network Computer was nothing more than a new name for an X-Terminal that can run java apps and a browser locally. That Sun tried it as a bet-the-business strategy was the best corporate joke since the Sinclair C5.
The Network computer concept was for desktop apps. It was an MIS manager's wet dream - take away the employees PCs and give them dumb terminals wired to the nice shiny mainframe. Back to the 1960s.
Network Computers failed for the very good reason that MIS managers looking to torture their victims could do the same job much more cheaply with Citrix without buying Scott McNealy and Larry Ellison more fuel for their corporate jets.
.NET is about information service access. It is the way to hook together e-commerce applications. It has zero to do with Suns clueless hardware platform.
The only intersection between.NET and Sun's effort is that Microsoft has rolled out the JIT compiler technology and Java alternative as part of the package. Neither is core to the.NET idea, or for that matter Sun. C# is merely a logical cleanup of C++, there are some points of comparison to Java but all the ideas have been arround long before Sun used them. If Sun hadn't got all proprietary closed and legal Microsoft might not have created their own, but nobody can really blame them for not being beholden to a standard Sun police ownership of with lawyers.
Hailstorm is only one small part of dotNET, getting all wound up about it is to miss the plot entirely. Gates is looking to take Oracle and SAP to the cleaners, Hailstorm is the smokescreen for that agenda.
As for the GPL bashing being to divert attention from anything, the covert agenda there is more likely to ram home to the analysts the fact that Linux is putting Sun and Solaris out of business and the poor performance of Sun the past few quarters is probably reflecting that dynamic rather than an overall slowdown.
--
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
dont u all see what his master plan is here?!?!?!?
by
the+anti-MS+guy
·
· Score: 1
Bill Gates is only bashing *nix and its uses because for every person that doesnt buy the newest, buggiest, insecure version of windoze, he has unbridled, illegal access to one less computer!(what do u think IE was invented for?) Linux represents a major threat to his ever-expanding empire of evil. He attempted to stall the recruit of new *nix users by putting Winmodems(gasp) in new computers, therefore forcing people like me to still use windows for net(i bought a REAL modem and i havent been happier since under nix). People like da peeps at linmodems.org have tried to fix the problem with device drivers. But this is a war; a war we are fighting for our very idealism and existence. The Linux threat will never go away, Bill. Either ally up now or prepare to get Bs'd.
Personally, if i didnt use windows for gaming, i would erase the drive i have it on, put it in a basket of fireworks, and throw in a pack of lit matches.
*tips his 'red hat' and walks away, strutting as he compiles DeCSS in gcc*
--
The Revolution is coming...
The NC isn't really a failed concept
by
hal9000(jr)
·
· Score: 1
There are two big stumbiling blocks to the NC:
1) Applications tailored to the NC and not simple screen scrapes of Word, Money, or Notes
2) The reliability users rightly expect for an appliance
Where.NET as it is being promoted is making a mistake is expecting users to pay per play. Charge a reasonable flat fee and.NET (Or NC) style apps will have a far better chance of success.
BTW, there is lots of rooom for providers to do interesting things with the.NET strategy that make MS a transport.
But I think.NET will not have the impact envisioned largely because few vendors want to put that much of their business into someone else's hands.
It's not the same. I may have funds in multiple banks. The bank has multiple branches. I have cash in my wallet that'll last me for a day or three; I can write checks, use my Visa card and the funds are federally insured.
If the service provider hosting my apps and data goes out of business, however, or if a forklift operator inadvertently rips out the lines for my DSL line at the office or if some script kiddies decides to DDOS the service provider then my business is effectively closed. We have no applications and no data. No thanks.
Much rather be able to control my own data center. Be able to verify that every server and every hub is power protected, that last night's backup worked and that another copy of the backup is safely tucked in a safe deposit box offsite.
If Microsoft is still in business tomorrow or not is of little concern to me (aside from the 50 shares of stock I own) because my data and applications are safely tucked away on my servers and my hard drives in my data center. Fast, reliable, paid for.
No subscription fees to pay every month. No worrying about whether or not the provider du jour will still be in business next month. No explaining to users why the new system (at ~1.4Mbps) is so much slower than the old system was.
Today if my Internet connection goes down, we lost some useful research capabilities, we lose our Internet e-mail, and our secretaries can't listen to KEWL FM from Minnesota on Internet radio. But my business gets done.
-Coach-
-- Perhaps the world's greatest tragedy is that ignorance is not impotence.
The thing I didn't like about network computing and the thing I don't like about application service providers and the thing I won't like about.NET or other plans for centralized computing is...
...I don't want vendors deciding who will host the customer's (MY) data. I want to host my data. And my applications. I don't want to be wholly dependant upon the bandwidth provided by an outside vendor just to access my basic applications and data.
Currently our enterprise provides applications and data to our users via a 100Mbit, switched, LAN with all of our cabling and physical plant under our direct control. No ISP can provide me with that kind of bandwidth on a cost-effective basis. If a switch goes down we know about it and can repair/replace it immediately. If it's too congested we can upgrade it when we're ready to -- we don't have to beg our provider and wait for them to call us back.
I am very uneasy about allowing other organizations to completely control access to the data and applications we depend upon for our business. What happens when they goof up the billing and cut us off for 3 days because they think we didn't pay the bill? What happens when they misallocate our IP address and we get dropped off the network? I won't leave our company at the mercy of somebody else's clerical error any more than absolutely necessary.
No. We'll keep our essential applications and data in-house. Thanks anyhow.
-Coach-
-- Perhaps the world's greatest tragedy is that ignorance is not impotence.
.Net is tasty and palatable because it has the MS marketing machine behind it.
Pointy-heads and suits like to identify with products, and campaigns..NET is just the thing. They will be much happier purchasing a complete solution is a snazzy, glossy box, with a snazzy, glossy label like ".NET IIAS Server 2002", than cobbling together gnusnorf 0.13beta and gnufroop-2.73 into a custom built app, that performs as well on hardware they already own.
People like to shop, and companies like to drop down bucks on new hardware and shiny new CD's. Tarballs aren't sexy.
As for blind-siding Open Source, pfft. That was just a headline-grabber, nothing more. Online news has discovered that to increase revenues, they need to get posted on/. Just mention the words Microsift and Linux in the same sentence.
C'mon, a full third of this clown's article was devoted to touting his awesome prophetic powers from back in the day.
The security problem of centralized NC
by
The+Milky+Bar+Kid
·
· Score: 1
all the world's secrets
on one server - cracked - not secret.
Just use peer-to-peer.
--
This post is about Truth, Beauty, Freedom, and above all things, Karma.
-- --
This post is about truth, beauty, freedom, and above all things, Karma
Re:More government control...?
by
Thurn+und+Taxis
·
· Score: 1
The point of my original post was *not* (distinctly *not*) to say that it would be a good thing if governments controlled our online identities. Personally, I don't want anyone controlling my online identity but me. And yes, I could (and probably most/.ers could) control it; but my mother couldn't. For that matter, my sister-in-law couldn't. So who would I rather have controlling the information -- the US government, which is restricted by little things like the Constitution and Bill of Rights, or Microsoft, which is restricted by none of those things? I don't think it's a tough choice.
You ARE the Missing Link. Goodbye!
-- On stereophonic equipment, the monaural sound obtained through multiple channels will enhance your listening pleasure.
Why government is a *Good Thing*
by
Thurn+und+Taxis
·
· Score: 3
There's an easy way to prevent Microsoft from controlling our identities. Let the government(s) control them instead. They control our identities now, by issuing licenses and passports. When was the last time you tried to buy a bottle of single-malt scotch with your MSCE certificate as ID?
The way to stop Microsoft from controlling our identities is to convince at least one US state government to legislate the online identification of its citizens. Once digital identification is claimed as a right of the states in the US, it's taken out of the hands of M$. That's gotta be a step up, right?
You ARE the Missing Link. Goodbye!
-- On stereophonic equipment, the monaural sound obtained through multiple channels will enhance your listening pleasure.
Getting off topic, at least in relation to this comment, but when I was reading the article in question I was thinking of a world where Microsoft rules.
Considering the way that Microsoft software "works", I think our world would be like that of Brazil.
Although Sneakers is a good movie too:)
Re:Renamed: Or, just say the truth...
by
Tech187
·
· Score: 1
Now maybe we can see where the Secret Service lies on that scale Microsoft and the Scientologists lay on.
We know Slashdot conceded to the Scientologists and held fast against Microsoft. Will 'hosting a conspiracy to assassinate the president' take 'em down or not?
Or will the Secret Service even take a bunch of monitor-tanned nerds seriously?
Re:Say it enough, they'll listen
by
haruharaharu
·
· Score: 1
Hrm...So, everyone except Nick Petreley said that NCs wouldn't succeed. They didn't.
When it comes to successful ideas in computing, who should we turn to? Nick Petreley, of course.
It seems to me that what MS has in mind is a bit different from the NC as it was discussed a few years ago. Original NC assumed that the applications are running on the server, while the client does only the most basic work presenting the UI to the user. Since clients role is so simple, it can be done on any platform easily.
It seems to me that what MS has in mind is different: data is stored on the server, yet the applications largely still run on the client side. This requires that all the clients are have the necessary MS software. I.e., you will be able to access your Word documents on any PC, assuming that PC has Word 200x installed.
it would make Microsoft seem (and in fact be) that much closer to the Borg we see Bill represented as above. To try diversionary tactics and spending massive money to defame a competitor who, by some opinions, is no real threat, cannot bring much damage... I sincerely hope MS is not stooping to this level. I don't run their software but it would force me to consider moving everyone I know over to like a Redhat in retaliation.
On an off-topic note, I posted a story a few days back, Star in a Jar in the Science section, and typed up a copy of the magazine article it came from - I then lost it and wonder if anyone has a copy, perhaps in their cache somewhere? If so it can be mailed to me at the address above, or just use hye@remove.gulch.nitg.org - thanks.
--
think for yourself, you won't like the results if others do it for you.
Having services like this means
-you have to stay online all the time (or else you cannot reach you files)
-one server breakdown means you cannot access your own stuff
-one clever hack means you get into everyting everyone has made/kept/etc
sounds scary
Identify Authenticate Authorise
by
james(honest)
·
· Score: 3
Absolutely Authentication is the key to everything.
Most computer users do not want to remember a bunch of passwords.
Most users will use an easy system despite rumoured risks.
Most computer users do not understand nor care about the security risks
Most computer users, when it comes to privacy, trust big corporations more than they trust their own government and certainly more than "evil hackers".
"There is not a widespread need for third-party authentication." There is.
The article was dead on about Authentication, but all/. can focus on was how it is wrong about NCs. What an irony.
Most web developers are troubled by finding good solutions to authenticating users, and will use a drop-in solution if it is available, especially if it makes Microsoft liable for errors (or if users have given up all rights by using Passport because of the EULA).
I'd like to respond to various postings I've read here. Whatever your opinions on Network Computing, the article is dead on about Authentication. First, it is the key to monopoly. Second, we are all incredibly easily diverted. We are all failing to get the message about the GPL attack being a diversion because we are all diverted by the NC message in the very article calling our attention to the divertion!
I use the computer a lot. I use it for online banking on all my bank accounts. I use it for bying all my hardware, my CDs, and my books. I am sick sick sick of remembering passwords and I will embrace any technology where the relative risk of putting my credit card details online offsets the day-to-day drudgery of typing in my details every day. Since all my credit cards have online fraud protection, I dont see any problem putting my details into hailstorm. Or rather, I dont see any more problem with it than I do with my Ralphs grocery store card recording what I buy to eat. And neither will most people.
On security, the average user doesnt share our concerns because they literally do not understand what you are saying. jcr says, "Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security." My Dad does not know what you are talking about. My Dad does, however, use online banking.
Now, as a web developer, I have the problem of logging in users and managing sensitive personal data. If I make it to easy for someone who has forgotten their password to get back in, then I run the risk of letting in the wrong person and giving out (in our case) very personal details. If I make it to hard, those same valuable details will suddenly be lost to the legitimate owner, negating their time and investment. One solution is to have a very thorough and very expensive customer support team. A second solution is give up authentication to Microsoft, thereby making Microsoft liable for any breaches. As a business, the ability to give up accountability and hence responsibility is far more valuable than the time and effort I save on development.
So, what is the alternative?
An alternative to Microsoft's hailstorm is one that does basically the same thing but allows for more than one service provider. The service providers then agree to trust each other or not. Just like my local grocery store doesnt take American Express, sure Amazon's IAA server might not take one of my credentials, but I do have another.
Who do you trust with these details? Who has servers to host these services? Where is the software? ISPs and banks. Whether banks would agree to store logons to other banks is a question for them, but they'd soon see the value when faced with competition. Just like my Wells Fargo VISA payment system will accept cards from Mastercard and other VISA banks, similarly my Wells Fargo IAA server will accept authentications from Union Bank.
The question is what software will this be running on, and will it be open source/gpl? It makes sense to be, since open source is much more secure. Plus, it would be nice if people could start their own servers. They might not be trusted by mainstream servers, but they would be trusted by each other.
Nothing new under the sun. Assuming Petreley is right, which he may be, we will see the same old progression:
while (1) {
clueless people sign on with MS;
they sneer at us for being backward, paranoid zealots;
they play with their nifty toys, fat and happy and completely unaware of the precipice they're dancing next to;
MS screws up their stuff, or someone 0wns the system;
they scream;
the brightest 3% wake up and come over to our side;
meanwhile, MS banks another two billion;
}
More government control...?
by
norcal
·
· Score: 1
It always makes my teeth hurt when I see someone react with this kind of knee-jerk mentality.
Sounds like a big problem, well lets pass a few hundred laws and set up a shiny new government body to control it.
The United States government is probably the WORST possible choice for online authentication services, at least at this point in time (and for the foreseeable future.)The various branches of the U.S. government have altogether one of the worst security track records of all time, not to mention terribly antiquated and bloated networks in comparison with the private sector. I would rather let M$ handle a single user authentication system then some specially appointed government body. With M$ we would only have one company controlling our data, but with 'da F3DZ' in control it would simply go to whoever had the best lobbyists and the most money. Not to mention the fact that the government would now be able to keep tabs on us throughout our online adventures.
'Sir, we have a bogey in grid C-A two-zero-four-three-niner who is going for Chinese porn, repeat Chinese porn.'
why does the open source community has to come up with something new if the old method is still the best?
True Confession/Rant of Ex Microsoft User!
by
exMicrosoftJunkie
·
· Score: 2
I'm currently helping a client to switch their internal applications from NT/IIS/ASP/COM to a JVM/JSP-centric solution. In the client's current scenario, NT, IIS, and COM - all Microsoft-specific, proprietary, closed technologies - are required components to support ASP. With JSP, this changes to a scenario in which the JVM and JSP can be deployed on any mainstream operating system and web server, providing a solution which can be sourced by multiple vendors, and for which published standards and source code is usually available. This reduces dependency on a single vendor and makes it possible to solve problems oneself, without being forced to rely on underqualified tech support personnel and a company which has little interest in actually fixing the bugs in their products, as opposed to forcing upgrades to the next entirely new and untested version.
This perspective is based on multiple experiences in which serious bugs in MS products - like memory leaks in IIS/ASP - were never addressed. Being a highly competent developer, it is not acceptable to me to be at the mercy of a company that does not even do a good job of pretending to have my interests as a customer at heart.
Much the same feeling applies to the operating system and OS-level tools. I know experienced Microsoft systems integrators who have had endless problems with Microsoft's tools, Proxy Server being a prominent example. Problems with Exchange are legion and legendary; System Management Server is a spectacular failure; and their DNS server is little more than a joke. MS Service Packs and hotfixes are as likely to break major functionality as to fix bugs - the original Service Pack 6, and the more recent Exchange hotfix are cases in point.
From my perspective, Microsoft peaked at around the time NT 4.0 came out and has been wandering directionless since then, changing acronyms (DNA anyone?) on a regular basis to attempt to hide the lack of any significant innovation.
Two technologies originally led me to be pro-Microsoft: NT itself, and COM. NT was a good product, for its time, when the betas of NT 3.1 came out in 1992 or so. NT 4 made the catastrophic mistake of importing the Windows 95 user interface, and then turning the ever-buggy Internet Explorer into the GUI shell. Since then stability has only deteriorated, and almost no fundamental progress has been made in making NT/2000/XP support some of the more powerful capabilities and configurability long provided by Unix - proper remote administration capabilities not least amongst those.
It seems that any overall vision that had existed at the time NT or COM were conceived have since deteriorated into a mad rush to maintain control in a changing market, driven by the Internet, which is something Microsoft is still trying to control rather than "get". Factions within Microsoft with backgrounds in things like mainframe transaction server systems argue at cross-purposes with advocates of academically pure object-oriented systems. If there's someone with a global vision at Microsoft, I don't know who it is: Nathan Myrhvold left long ago, and Bill Gates has spent too much of his career making billions to be a competent software architect today.
Microsoft has also never quite gotten the hang of TCP/IP - with the possible exception of the core of IIS, its Internet-oriented tools uniformly suck. I've already mentioned Proxy Server and DNS. In Win2K, Microsoft finally gave up the battle in some areas and fell back on pure BSD tools, such as the telnet implementation. The Wall Street Journal's recent story on Microsoft's reliance on open source software gives more examples of this admission of defeat.
But even while they're resorting to open source code, Microsoft seems to completely miss the power of simplicity and interoperability evident in Unix/Internet tools; or this may be a deliberate strategic policy. If tools are too simple, extensible, interoperable, or open, customers will have too much ability to control their own destiny, and thus won't be as easy to suck into a recurring-revenue future in which Microsoft bills its customers annually and provides arbitrarily chosen upgrades in return ("this new dancing paperclip is better than the old one, honest!")
In addition, Microsoft's own insistence on reinventing everything works against it: sucky initial implementations of Winsock led to applications which didn't get the concept of asynchronous communication. You still see this in products like Outlook today: they can lock up for extended periods while doing network access, something that should be completely transparent and in the background. [I'll say one thing positive here though: I/O completion ports are pretty sweet, and I've used them to good effect in some server applications. They've also helped IIS be an excellent performer. But one good API feature isn't enough, especially when the application developers don't understand how to use it.]
It isn't as difficult as one might imagine to convince hard-nosed business-oriented customers of the perspective I'm outlining: Microsoft's threatening lawyer's letters about license compliance, sent blunderbuss-style to all customers regardless of any evidence of lack of compliance, don't win friends amongst IT staff and CxOs. The threat of rental models, browsers which modify the web sites of other companies, and critical coverage of these things from quarters such as the Wall Street Journal, all combine to make you wonder: is Microsoft aware that it will ultimately need to rely on more than its current desktop monopoly, and instead convince customers to buy its products based on their merits, and the quality of service it provides?
There's no long-term strategy there, just an attempt to keep the excessive revenue flowing until the next set of CxOs can take over and inherit the mess. As a profit generator, Microsoft represents an incredible and possibly unprecedented feat, which I can respect from a certain perspective; but that doesn't mean I want to number myself amongst the cattle slaughtered to feed its unholy appetites.
Server software has become a commodity, and Microsoft is desperately trying to tie unrelated components together and avoid standards, so that customers have no option but to accept the entire package, and pay serious money for that which has become freely available elsewhere. This is done at every level of its software offerings, so that in the application area I'm talking about, for example, the operating system is tied to the web server is tied to the transaction server is tied to the template language is tied to the virtual machine is tied to... did I mention the operating system?
Yet you can go and download the source code to systems that do much the same thing - e.g. the Enhydra or Resin application servers - and, as alluded to above, these systems will run on almost any operating system and web server, with no secrets (you have the source), and no lifetime commitment to a development model espoused by exactly one company. And this applies double to commodity products such as file servers, proxy servers, web servers, DNS, email, and the like: the free products are actually significant improvements in terms of functionality and reliablity, over Microsoft's equivalent offerings.
Microsoft has grown too far, too fast, and become way too voracious and greedy. I rode with it to the peak of its wave; that wave has begun crashing, but instead of crashing onto a nice, wide open beach, it's crashing into an inescapable little Microsoft sandbox. I am jumping off to a different wave in which the currents don't work against me as much. I'm don't argue that.NET has no technical merits whatsoever; but the cost of chaining oneself to it is too high.
Slashdot Mirror
is just your standard Slashdot troll with some articulation skills.
Enterprises still want the infrastructure of single sign-on, because they want to only manage one user accounts database. They don't want people to have separate user accounts on every machine. They want global user accounts, and global groups, and the ability to then grant resource access based on membership in those groups. Ideally, they want the ability to partition users/resources into different groups, and then grant admin rights to some people for some of those partitions, without granting admin rights for all of the partitions. Welcome to the "enterprise".
We have a winner! Congratulations, richardmguy, you're the first person to post the tired "First they ignore you" Gandhi quote!
As a reward for your devotion to the fine craft of Slashbotting, we are pleased to offer you some CAFFEINATED MINTS FROM THINKGEEK.COM! That's right -- Thinkgeek.com, your source for everything geek.
Congratulations!
1. The MS's hidden files idiocy has been throughly debunked.& a=tpc&s=50009562&f=48409524&m=3840916991
The guy who wrote it does not have a clue about what he is talking about. Anyone who does have a clue will get a great laugh out of it though. Be grateful idiots like that don't use Linux.
read: http://arstechnica.infopop.net/OpenTopic/page?q=Y
follow the links from there, too. It'll be a struggle to read to the end, it is amazing that someone can run the wrong way for so long without a tiny bit of common sense ever coming in play. If you don't want to read that much retardation (it'll corrode your brain), be assured that the moron gets everything wrong.
2. It's been updated, thankfully. It was even reported on Slashdot.
3. and 4. are both utterly moronic, but believable if you are a rabid MS hater (hello, slashdot!). They are not, from my moderately neutral perspective, not even remotely believable.
In general: The Register has never published an accurate sentence about Microsoft, ever.
The NSA claims have _never_ been backed up by any evidence either. I'm not going to dig up links to rebut it for you, google is your friend. MS don't deny involvement because the claims are so retarded. Why even respond to such drivel? (Something the OSS community should think about in the face of MS FUD.)
MS's past history isn't quite as awful as you seem to think.
I've said this before: there are plenty of genuine reasons to hate/despise MS. Why do people so often ignore the valid reasons and make up bullshit to justify their anti-MS stance?
been extolling the virtues of open source (or whatever we used to call it) before slashdot was on air, unless I'm mistaken :) WHich is possible, however improbable. Senior IT leadership in this very large company have read the Petreley *troll* :) religously for some time. He has a bad habit of providing fairly objective and insightful journalism.
Let's see, shall we?
Anyway, I just might give it a shot (no pun intended). Think about it. I hate the stupid fucker, it'd be doing the world a _huge_ favour, and *poof!* instant celebrity status for me. Fun, fun. Sure, I'd get executed, but I don't happen to place much value on my life. If I can do something worthwhile with it, then I'm happy.
So, what do you guys think is the best way? I can't work out any better plan than the old cliche... sniper scopin'. If anyone has a better idea, lemme know, please.
Unified authentication is not a piece of software. Certainly the software exists, but the information must be shared among different groups for it to be worthwhile.
As far as sensitive transactions on the internet goes, I use eBay, ING (for banking), Paypal, Chapters.ca, Amazon.com etc. I would like to be able to login to my personal computer or to my computer at work and have instant access to any of these services without remembering a password for each one. If I gave these companies permission to share my personal information I would not consider this an invasion of my privacy.
If, on the other hand, Microsoft took control of my personal information implicitly when I signed up for these services I would consider that an invasion of my privacy. Microsoft would, in effect, be saying "if you want to perform sensitive transaction on the internet you deal with me." I don't want to deal with MS.
What is needed is not a piece of software, what is needed is a standard format for sharing sensitive information and a standard legal contract by which you give a company to share your information with whichever companies you want the information shared with. A legal open standard similar to the GPL which would also include instructions on encoding and transmitting sensitive information would make universal authentication practical, with or without NC. We can make a contract that we're comfortable with and boycott companies that don't subscribe to it. This is how we'll beat Microsoft.
I think it's interesting that Peterley didn't mention Passport once in his article. The headline screams out how authentication is key and yet fails to address Microsoft's stategy for actually making authentication happen.
Guess what? Microsoft has already mined MSN and Hotmail and has it combined with Passport to create a ridiculously huge user base. Take a look at the Open Source sites (like any of those owned by VA in its OSDN sites). I think at last count there were something like 16 different sites each with a different name and password. How can a supposedly backward thinking company like Microsoft figure out how to leverage it's online websites and yet a company like VA Linux can't? Why is it that you can buy advertising across the entire OSDN network and yet you have to potentially use a different username and password for each of these sites? Why isn't VA doing a service like Passport that would not only tie OSDN sites together, but could potentially use a PAM module to tie your Linux login back into each of those sites?
It seems like the open source community is only going to 'get it' when people fire up Windows XP the first time and realise that they can login with their Passport/MSN/Hotmail accounts.
> A great example is in Oklahoma we have the 1
> Black Republican JC Watts. How was he elected
> you wonder. He played Quarterback for the
> Oklahoma Sooners college football team,
> therefore he must be qualified.
Add to that he played a number of years of Professional Football up here in Canada, for the Ottawa Rough Riders, where I met him once. Can't remember anything about him, but he was a reasonable Quarterback. As to if that makes him qualified to help run your country down there? I would take a quarterback over an actor!
ttyl
Farrell
CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada h
O.K, with the .Net system, and with Windows/Office XP, MS will be able to charge you for it every year or 6months that you are using it. To me, that sounds like taxes...so we need to put a campain together to fight the new Microsoft Tax! Let's hijack a shipment of Windows XP and dump it in Boston Harbor! No New Taxes!!!!
ttyl
Farrell
CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada h
*holds up cards* 9.9 A truly wonderful troll with a fine, fruity flavor right down to the piquant user-ID: the only flaw is at the very end, where 'Lord Hugh' cannot supply a link. Remember, you don't need to justify any sort of assertion if you're trolling- leaving the last sentence out entirely would have been still better! Ideally the impression you want to convey is, 'but of course everybody knows this'. However, this lapse does not negate the otherwise excellent qualities of the troll, not least the fine efficiency and lack of effort expended in producing it. Kudos and many happy +1 Funny's ;)
That's what we're doing here at work-- Sunrays on the desktop, with Solaris boxes doing the heavy lifting. We've only rolled out a few (about a hundred or so), but we will hopefully have everyone on them soon.
The NC *has* been done right. The Sunray is just the most recent (and perhaps the best) example. And it *is* a grand idea.
It won't work, of course. Even here we feel the pressure to move to MS software. We've resisted so far; but find a corporation-wide financial system that can run exclusively on Unix. Pretty much every financial package has an MS-Windows front-end, even if the database runs on Oracle or DB2.
Petreley was right-- it doesn't exist until Microsoft invents it.
Microsoft is to software what Budweiser is to beer.
In essence, Microsoft is trying to do the same thing RCA tried to do but on a bigger scale. May the same fate befall them.
Wansu, th' chinese sailor
I use memorable phrases,mapped to characters in a n obvious way, but the hint need to give much information about it. For example, the phrase "working on a sex farm plowing through your bean field" could be mapped to w0a5fptybf -- and the hint could be "St. Hubbins". Who could go from the hint to the password? No one.
The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...
yikes...that should have said "the hint need not give much information about it"
The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...
Enjoy!
Rick Moen
rick@linuxmafia.com
If some mugger just happened to rob me, he didn't just walks away with my wallet: he could be walking away with all my belongings!!!
That's why most good security systems are multi-tier. Something you know, something you have kind of stuff.
My ideal security device would be some kind of physical card which contained all my passwords and info I'd like to keep stored out of my head but require a biometric or two (fingerprint, retina scan) and a passphrase to grant access to the info on it. Of course, it'd have a backup in my safety deposit box using a standard (old-tech) key and my standard I.D. to get access to it.
What if I lose a finger? That's where the multiple levels come in. Under some not-yet-determined circumstances (national key, something) the device could be reset to a different biometric, but one at a time. You'd need to have all other info to do it. And you could change your passphrase as often as you like, so long as the matching biometrics were there.
It may just be modern myth, but I do believe that the Secret Service is supposed to investigate any threat seriously. Just as it isn't too bright an idea to joke about having a gun when waiting in line at the security check in an airport, this doesn't sound too bright to me. My guess is that the post was a joke, but I also wouldn't be too surprised if the poster in question gets a little bit of face-to-face time with the Secret Service. If you think that Slashdot would resist the Secret Service, think again. This is exactly the sort of thing that most rational people (particularly the people in a position to obstruct the SS tracking down the poster to a real-live-body) would agree is a valid exception to the anonymity that they may normally defend.
Microsoft is not out to test the validity of the GPL. The last thing that Microsoft wants is to set any precedent that would limit the power of copyright. After all, they rely on the power of copyright to limit the legal use of their software a lot more than the GPL does.
Other than that, I agree. What Microsoft says is always smoke and mirrors. Heck, I wouldn't believe them if they told me the sky was blue (because in the background they would probably be working on changing the color of the sky).
Ah, good point. Of course, that simply means that the information is stored on the file server (of my choice) out on the Internet in an encrypted fashion. The owner of the web site wouldn't need to know what was in this data packet, and wouldn't be able to read it, but I would be able to access it whenever I needed it. Barring that I could carry the information around on a smart card or a PDA. Most importantly, however, would be that I would choose who I shared that information with. My biggest problem with Microsoft's passport service is not that it's centralized, but rather that some other entity has access to my personal data. I would be perfectly happy with Microsoft's service if all they knew about me was that I was storing a blob of encrypted data on their network. As long as they don't have access to my information I don't care who stores it.
It is not like this would be any harder to set up. The reason that Microsoft didn't set passport up this way is that they aren't interested in providing a passport service (even if the users paid fees), they are interested in creating the largest database of marketing data ever compiled. Quite frankly, that scares me.
This is a fairly simple thing to fix as well. LDAP already would allow you to do this, and Mozilla (or whatever you chose as your personal security manager) could easily update a list of sites all at one time if an open protocol like LDAP was used. What's more, since you wouldn't really be interested in the passwords for the individual sites (after all, you would only need to remember the password that unlocked your security manager) the passwords that actually went over the Net could be ridiculously long and complicated. Mozilla could even automatically change all of your remote passwords every day when you first logged in. The user wouldn't even need to notice that this was happening.
And if this blob of information was stored in an encrypted format somewhere on the Internet you could access it from whatever device you happened to be using. More importantly, however, no one else would know what account information you were storing. Right now Microsoft is happily compiling a database of information about everyone that uses their passport services. They know who you are, they know where you live, they know what you buy over the Internet. They know which affiliated sites you visit and when. If Passport was at the center of authentication for the entire Internet then they would know nearly everything about everyone.
The same ease of use features could easily be created without anyone being in the middle (well, your credit card company would get involved when money changed hands). You would keep your own information privately, and could take steps to guarantee that it remained safe.
I can at least back up my hard drive. What happens to my passport credentials when Microsoft decides that I can't use them without paying for an "upgrade," and what happens when Microsoft gets hacked?
Heck, what happens when Microsoft "loses" my passport storage file. Microsoft doesn't guarantee that their site will be up, that they won't lose data, or that they won't be hacked. They don't guarantee that their prices won't go up, or that their service will even be available a year from now.
And if Passport becomes ubiquitous what is to stop Microsoft from using it to spam the lot of us? You think the EULA which specifically states that they can change ther terms of service is going to save us. To be honest, I don't even see Hailstorm as being all that useful. As a developer I personally am not really that interested in having my customers data on Microsoft's servers. I want to control my customers information myself. I want to have their email addresses, and mailing addresses in my database.
I imagine that Microsoft's competitors feel the same way, and now that Microsoft is a full-on media company they have a lot of competitors.
It's already been done. Mozilla will happily remember your usernames and passwords for as many sites as you like. If you wish you can password protect this information store (I believe that IE does something similar as well). This is a much better solution than putting all of the information about everyone in one huge database. Sure, some people will probably lose their passwords when their hard drives crash, and some will have their master password stolen by thieves. But I can guarantee you that if everyone's information was in one net connected database eventually someone would learn to steal that information from everyone (the only trick would be to steal the information slowly enough so that Microsoft wouldn't notice).
Of course, if you put me in charge of the database that would be a different thing altogether. I would never use it for nefarious purposes, and I would be very careful to make sure it never was stolen :).
The funny thing is that this could really work, but not if Microsoft insists on charging money for it. Heck, they should be giving away Windows XP and then hold everyone's data hostage.
The idea is that users can use any computer anywhere, and they access a central location, where their information is stored.
What this will really mean, though, is: people don't buy PCs to put their data on. They buy servers to put their data on. They've finally gotten their 24x7 connection, and they're going to stick a box in the basement next to the other utilities. Then they can go anywhere and get their desktop from their computer at home.
For the first iterations, the box will also be the PC they use, but it will act exactly the same as if it were storing things remotely. Of course, it will act as a thin client for other people who want to use other home machines, and it will be a server for when they're at their friends' houses.
Later, of course, they'll want more places to connect from than they want central stores, and they'll want to upgrade their client capabilities (graphics, raw processing, etc) at a different time from when they upgrade their server (long-term hard drive space), and the server will fall out of use as a client.
All this will be possible in... 1996. At least, that's when I started doing it, at least as far as ssh, and then screen, which covers most of the things I actually want to do with a centralized configuration. MicroSoft will probably end up with a similar model (using proprietary parts, of course, so MS client with MS server does things that either doesn't otherwise do). Being the server is probably a stopgap for people who aren't yet set up to run the servers themselves; after all, serving files for people isn't all that exciting, especially if they get people to use software subscriptions and pay to run the file servers on their own machines.
I find it interesting the various attacks I see upon Microsoft's .Net initiative. Perhaps it is a clever strategy of Microsoft's, but .Net encompasses so many things that these attacks lack focus.
.Net. This is just one small piece, and probably the weakest point of the whole .Net initiative.
.Net programming framework. ASP.NET, VB.NET, C#, Web services, etc.
Petrely attacks the Passport services piece of
Most of us Microsofties are really more interested in the
I do think there is a want for a single signon for internet websites. I have to keep track of some 90 or so names and passwords for various web sites that I have used. It kind of sucks.
I guess the chief complaint I have with Passport is the stupid hotmail.com account. I really don't see why I need or want a free email account, especially since all I get is spam from it.
So if they could develop a system which was interoperable with my email address that I already have, well then. That'd be cool.
I don't know, I guess in a sense I suspect this Passport thing will have some limited success. I don't think it will become all encompassing though mainly because it's not totally desirable.
Similarly with some of the Hailstorm stuff. Truth is, I think these ideas are good, but I think they need to be decentralized, not centralized. I want to be able to access all my email, various files, whatever from anywhere. But I think that I could do that just as easily myself with the right software, or perhaps as a service from my ISP.
In that sense, I think Microsoft should sell the software, not the service.
That doesn't solve the "zillion sites" problem, though.
I used to write all of my passwords on a notebook - just the passwords! There were hundreds of passwords there, all on different parts of the page. Most of the passwords had been changed and forgotten ages ago.
(The reason I stored the passwords was that "reminder" tends to get obscure when all passwords look like b6NqX01xZ and n4s0rN04.... That's how people have told me to choose the passwords, to make hard-cracking harder =)
The problems came when I needed to remember the place where my password was stored. Eventually ended up trying a lot of different combinations...
These days, I use a nifty little PalmOS program that keeps the passwords on one place, encrypted...
The stack most commonly used was Trumpet. Most everyone I knew of obtained it and used it unless they knew nothing about computers or the Internet and bought one of those all-encompassing Internet access packages. Trumpet worked implicitly and almost all applications worked with it correctly unlike the others. Hell, during that time, MS had a TCP/IP stack- but only for ethernet networking and it didn't work worth spit.
By the way, SOAP's not a "godsend"- it's XML RPC for all intents and purposes. For some things, it's a good idea- for others, you're better off using CORBA or something like it. As for the CORBA problems you describe, well, that was the Windows Vendors' problems- not CORBA in general. I mean, there's open source ORBs that plays nicely with nearly every ORB out there- ACE, MICO, OmniORB2... And if you're shopping an ORB and are using C++, ACE is fast, reliable and works across platforms well- and it just uses WinSock2 under Windows.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
...and then hit some site like espn.com.
You'll find that IE doesn't do so well at 640x480 or with larger or smaller fonts. Now, while that's the fault of the HTML work at the site (I've seen sloppier- but not by much...) they're not getting it to look like a Word document. There's TONS of sites out there that don't work right with IE or Netscape- Mozilla, possibly, but it's a huge honking monster that eats memory and HD space like candy (Does it work well? Yes. Do I use it, sometimes. I use Konqeror and Galeon mostly...).
I don't use HOTMAIL. Anyone concerned with their privacy shouldn't use it based on MS' terms of service for that and all their other online services. They lay claim to rights for all of what you put or recieve on their servers.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Wouldn't it be better to just be able to buy things over the net without having to create accounts and spreading your credit card numbers over many databases?
I don't have to login and remember my password each time I shop at Home Depot!
...richie - It is a good day to code.
I think the article is close to the target, but it's not quite there. It's not that authentication by itself is the key, it's the directory services that's part of the authentication which is the key.
... or not found. Heck, even forget the authentication bit -- anyone serious will have their own level of authentication and authorization, probably -- the first step in authentication of a person is *finding* their record.
.com domains, etc. Now suppose Microsoft had the equivalent of the root DNS servers, but for a directory of identities rather than domain names. How much would someone pay to have an identity of "John Doe" rather than "jdoe@someplace.onthe.net"... just type "John Doe" in your MS email program... Windows Messenger... goodness, maybe even your web browser. Now, wouldn't that be something? MS could let you type in 'identities' or keywords (i.e. "John Doe" "Amy Smith" "Microsoft Corporation" "Plumber" "Sun Microsystem") into your browser/Windows Messenger (off-topic, SIP blows chunks) and pop up perhaps their web page, a phone call, an instant message, or what not. Mmm. Do away with all that messy 'domain name' bit, or rather replace it with the Microsoft authenticated identities. Hmm. Interesting idea, isn't it?
Any one remember archie? The difference it made in using FTP? The key part of the phrase "You can find anything on the Internet" is *find*, it's not that any thing and every thing is on the Internet, it's that you can *find* it. (In some way, this is may be what Sun's CEO meant about not having any privacy -- there have always been records kept on people in all sorts of places, just now it is possible to find the records, index them, use them to *find* what you like, or *find* people that like certain things.)
File transfers have been around for a while now. Napster was interesting because it let people, tada, find the files they were looking for that other people have. eBay lets sellers find buyers. Social communities have formed up on the Interent because people have found other people who share similiar interests.
This probably seems all terribly boring, but think about it for a moment. If Microsoft does create a single sign-on authentication system, they will (potentially) have one of (if not the) largest online directory of people (competing with AOL.)
Authentication is just part of it. If Microsoft controls the directory services, they can control who (or what -- i.e. smart tags , etc.) can be found
Just look at the whole DNS root server mess, Network Solutions and such making money off of basically directory services. The battle over whether or not AOL will have an icon on the Windows desktop. Instant messaging -- which is basically the idea of presence (which appears to be one of the big buzzwords coming up), or rather, making it easier to be found.
Take a look at how much money is made from the sale of
Look, if you want to change the face of the network, the killer app is directory services. Online the map is literally the terrain -- the domain name system is the map we use to find things! That is, if you replaced the current DNS system with something new, that could change web browsing, email, all the services that depend on it to find people, places, and things.
There's the CDSA implementation from Apple (OpenSource). They use it for their keychain, a non-centralized cryptographic password store. It should run as-is on Darwin - would probably need a light port to BSD or linux.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Is there such a thing as an amateurnoun or amateurverb ? Or an antinoun or antiverb ?
I see even classic Slashdot is now pretty much unusable on dial up anymore.
there isn't any advantage, that's why I have a strong feeling that they want to eventually force you to use their services...
better control == more money for them.
I am very very afraid.
it will only be monopolized if we continue to let them create this positive spin on the control of our lives!
:(
people are alowly accepting large organizations as the maintainers of databases w/all of our personal information. Do you really want MS to control EVERY single facet of your computer connection? I am scared enough of centralized databases of credit info that companies sell to each other for mass marketing, but I would be ESPECIALLY afraid of MS controlling 90% of every computer remotely...
Bill of Borg is really starting to get closer to reality
from a 2000 single domain forrest/tree set-up, without giving all your data to M$. Single signon can be managed thru Tivoli also on a multi platform environment. Only Solaris presents real problems in the password intercept area, Aix/Tandem/M$/TRU64/VMS and of course LINUX all work well. There are also products out there like ControlSA that handle single signone and multiplatform access well.
None of these are opens source but they are M$ controlled either....
errr....umm...*whooosh* *whoosh* Is this thing on ?
are what we are placing for admins and tellers, COMPAQ makes a case smaller than a VCR that mounts easily just about anywhere. In a corporate environment the PC lifespan is short anyways, and with long term (10year) deal with the PC vendor for 2 year replacement, it is cheaper to replace 20 PC's than 1 decent server that could support 20 working thin clients. Give me a entire giga-bit fiber network and some uptime agreements from M$ and maybe it will make some headway.
errr....umm...*whooosh* *whoosh* Is this thing on ?
I work for the 2nd largest M$ exchange implementation worldwide, and our management along with several other fortune 50 companies told M$ to stick .net where it was safe...Ballmer's deep dark hole. Data security is PARAMOUNT and M$ would not pony up the $$$'s for insurance and bonding nor would they provide ANY sort of IRON CLAD uptime/access agreement. With VPN and broadband so prevalent these days we are going the exact opposite, to the hardware vendors' delight, and deploying PC's everywhere with VPN clients to access our data on our OWN SAFE and SECURE machines. If I were a sales business or some such heavy travel industry I MIGHT be able to see 'some' value in a .net structure but otherwise...NOT.
.net beyond M$'s security and uptime smokescreen ?
Can someone present an argument PRO
errr....umm...*whooosh* *whoosh* Is this thing on ?
Why should I care if MS introduces a digital ID? They should be allowed to produce new products just like everyone else. If people like it and want to use it, that's thier choice. And yes, if businesses don't want to do business with me because I don't have one, fine. They should not be required to do business with anyone, even me. Just as I am not required to do business with them. Do you honestly think that there will not be other businesses ready and waiting for me to give them my money for the same products? I doubt it. If there is money to be made, a business will appear to make it. As long as there are no laws preventing it. Which, as a Libertarian, I feel there should not be.
/.ers.. Probably won't make me a billionare, but I can live with that. The only way to prevent market forces from correcting is to invoke government force. You can help prevent that by talking and writing to your congresspeople. If they don't vote the way you want them to, vote for someone else next time. If government is abusing you, get politicaly active! Find a group that you believe in and back them. At the very least vote and write to your reps. Yes, money talks, but in the end it's because they want to be re-elected. If that is threatened by us, they will reconsider. After all, corps can't vote. Like the other guy said, go read up on the Libertarian Party. If you still disagree, great, it's a free country, for now. Check out some of the writers that write about common misconceptions about the LP.
If there were enough people that were unwilling to get a MSID, and wanted an alternate form of digital ID, some other group or company would make one to use. And I suspect many businesses would support it if it were offered free or cheap to them. Why turn away customers?
There are millions of Americans and billions of others on the earth that do not have credit/debit cards. They seem to get along fine. I didn't have one for the longest time. Even then I got it mostly for convience. I could always go to the bank and withdraw the cash. Or I could be really paranoid and not have a bank account, just carry all my cash everywhere. Not the most brilliant thing in the world to do, but it would work. The same would hold with the MSID. Sure, maybe I would be inconvienced, but that's a choice I can make.
The biblical refference is a red herring. Without government force such a thing could not happen. And if they try it I can see a revolution starting. People don't like to be forced to do things like that.
The right of free association includes the right to no association. They don't have to deal with you, and you don't have to deal with them. In a free market, business WILL provide for those of us who don't want an MSID. Hell, I'll start a business myself in that case to serve my fellow
One really good place to start is Dr. Mary Ruwart.
http://www.ruwart.com/
And her book, available online for free reading, "Healing our World".
http://www.ruwart.com/Healing/register.mgi
It may ask for a name and email, feel free to put bogus info in there if you want.
"Healing" is a great start to answer a lot of questions and concerns people have about the LP. If nothing else, you will be better able to debate Libertarians if you actually understand our beliefs better.
Ahh, but there is. Corps don't all agree on everything. I doubt Sun would enforce such a thing with MSIDs for example. Or IBM... Perhaps they would. But, like I said, others will fill the gap. So maybe you can't buy from Company X.. But Company Y will be happy to take your money. As long as there are no laws requiring something like that there will always be a business willing to work with you. It just means it will be inconvienent for you. So, what are your principles worth?
I don't think the auther wanted NC to be under complete control of SUN or anyone else. What the artical is suggesting is that total control of authentication from any one entity is bad, unless that entity is Open.
I'm tired of carrying dozens of keys. I want to be able to just unlock my house each morning and have all the rest of the doors I encounter all day long to be unlocked.
You know what, it still sounds stupid.
Joe
Joe Batt Solid Design
> Or, alternately, move in with Stallman
Nah, I've been in his office. There's no room.
And now that he's dating again, he might be more inclined to insist on a bit of privacy. (The collective response of the FSF people to Stallman's acquisition of a significant other after all these years was, basically, "Thank God!". This info is a good four months out of date now, though. Dunno how things are going in Boston...)
Sun and IBM don't have a monopoly on the desktop. Think Netscape, but if IE had come out before it did.
--
First off, yes it is true that my example doesn't scale. Cutting 99% is a fairly extreme.
But consider MS Office. Many of the DLL's were statically linked, even when there was no reason too, or if another portion of the same binary required the DLL anyway. Excel 95 did have that flight sim in it. And how much sheer cruft did they have anyway (megs of clipart, the damn paperclip, overlapping functionality, etc). My point is that just about all programs can be put on a huge diet.
Another small point. Look the size of linux binaries. Compare them to equivilent Windows binaries (equivilent! compare CLI picture viewer to CLI picture viewer, compressor to compressor, etc). The linux binaries are almost always much smaller (half or less), for the simple reason that GCC makes very efficient use of shared libs. It almost never generates statically linked code. That cuts down the binaries to what is fairly unique to them. On the other hand, Windows programmers are familiar with DLL hell - the random and undetectable changing of DLL's that their programs require. Becuase it isn't safe to use dynamic linking, almost all 'doze binaries are statically linked, and if they are dynamic, they include a copy of the dll in the distro, and require it to be located in the same directory as the binary to work. They may have code reuse, but there is no binary lib reuse.
But what Hailstorm is is having the same centralized authentication for many separate sites.
If the local NIS server gets 0wn3d, my /. login is still safe. If /. is hacked, my home box is still secure. And my credit card information isn't on any of them.
But if passport is hit, then it's all gone. Even worse, because of the way Passport has to authenticate for other sites, they have to store the tokens there for many sites. With NIS, the local machine passes on my password to the NIS machine, which checks it for validity. The NIS server doesn't know my password, it just is able to positively ID my password. Not necessarily true of Passport.
I re-wrote the code to check it too.
I did #include both fstream.h and iostream.h
What version of g++/the c++ libs are you using? Templates are the reason that C++ code tends to be big, and I'm running a fairly new 2.9whatever (moving to 3.0 as soon as I get around to updating glibc). Different versions of g++ have support templates to varying degrees, with varying effeciency (run-time speed and code size). Also, the compiler flags that are passed can make a big difference. I'm not sure what my default flags are (aliases, environment variables, and the configure options passed at compiler time (compiler compile time)), but they do generate fast code, just not small code. -fno-templates, -s, -no-unroll-loops, etc. affect code size quite a bit.
But really, using the obvious g++ foo.cc on my system generates fairly large binaries when you use C++. I'd would like to know why yours are so small.
Yeah. Switch Hailstorm and Passport as needed. In any case I'm just pointing out the stupidity of massive centralized authentication/data storage. Leaves you with one big fat target to take down.
Here is a little anectdote relating to executable size
I recently recompiled my kernel, and put in the MagicSysRq support. I had been playing with fork, and the killall/nukem-now support it offers was attractive. However, can be dangerous, and as such you have to put a '1' into /proc/sys/kernel/sysrq before it will work. Putting a '0' in instead will also work.
Now, I wanted to be able to turn this on/off from my user account w/out going to root. A script wouldn't do it as /proc isn't world writable, and you can't suid a script safely. Therefore I needed a very simple binary program. Being the lazy person that I am, I wrote it in C++:
int main(){ofstream out;
out.open("/proc/sys/kernel/sysrq");
out << "1";
return 0;
}
Now, when I compiled it, I noticed that the filesize was a whopping 354K. 354K just to write a single character!!! That is way too much. So I decided to put it on a diet. First step: strip. Strip removes all of the debugging information from a file, which can really shrink it's size. It did, but still left a whopping 71K.
I then realized that the problem was using C++. So I switched to C, using file pointers, fopen, putc, and so on. This brought things down to a mere 12K. Stripping this brought a final size reduction to 3276 bytes. A very very slight reduction could be achieved by using the more raw calls to open() write() and close(), but only a couple of bytes.
Now, what is the moral of the story? It was a little harder to write the small version. I had to look up the exact semantics for fopen (I don't use C very often). I had to know about the existence of strip (or the -s flag for gcc will do the same). And I had to have the will to cut the size down. As a result I cut the binary to less than 1% of it's original size.
Now how many end-user apps:
The answer is "a lot"
Network computing is perfectly possible. It just takes a small amount of effort
Just consider for a moment the security implications.
You must remember that this is MS running the servers. Now, last I checked, they didn't exactly have a very good track record on security. Just think of what bad things could happen the first time somebody breaks into the Hailstorm servers and steals millions of people's login info at once. Or credit card info too, as there is talk about using Hailstorm to handle online purchasing too.
The very idea of a centralized single signon is moronic. I would hope that most people on /. realize that by now.
The key is that when Hailstorm gets integrated into applications (instead of being "on the web") people won't feel as uncomfortable with it. They won't even notice its happening.
This reminds me that a lot of people are confused when operating their computer--they aren't quite sure what's going on. For example, an intelligent lady of about 60 recently told me that she avoided using the internet because she wasn't sure whether she was paying for stuff when web pages came up showing products and prices...
In a department store, we all know we haven't paid until we go to the till and it goes ka-ching!
I know I'm paying when I switch on the lights. And I know the bill will come from the electric company. But how the hell am I supposed to keep track of thousands of micro payments to hundreds of companies I've never heard of? Check my system logs??
The "masses" who are unsure of what exactly their computer is doing are not going to be examining their system logs... only the tech savvy will know how, and so only the tech savvy will use this technology--except they know enough not to trust it--while at least now even the average user may venture to type in their credit card number occasionally.
Maybe in 15 years the new generation will grow up accustomed to understanding what's going on in their computer, and know what it's doing at 3am. But in the meantime, technology will have changed even more.
(the only trick would be to steal the information slowly enough so that Microsoft wouldn't notice).
You mean like they noticed their source code to Windows being stolen?
dennis
There's three categories to your list of Sun "accomplishments":
(1) Sun doing something because it's the "right thing to do"; (2) Sun doing something because it costs them nothing and is perceived as (1); and (3) Sun doing something that advances their business and that can be spun as (1).
I'd bet that Sun does most of what Sun does because of #3, some because of #2 and very little as #1. Sun is also motivated to look "good" relative to Microsoft, either to rank-and-file IT who use their product, to PHBs that buy the product or to the "community".
If Sun, IBM or anybody else had a monopoly position like Microsoft's, Sun would probably act no differently than Microsoft does when the day was over. They'd be pursuing the exact same save-my-monopoly routine that Microsoft was doing.
Sun it motivated by its shareholders and board, not by anything else. If you believe that they are motivated by charity or their own "good deeds" you're a victim of their "MS is bad" PR campaign.
Or don't even bother encrypting the file. Do you think anyone really cares about the password to your Burpee account? Or 99% of the other transient accounts you create on the web?
I've been using URLTrack on my Palm, which is designed for this. Lately I've switched over to using a generic database manager just to make it easier to export the data to my PC as a CSV file. I ought to remember to copy that CSV file to my shell account periodically, just in case I'm caught somewhere without my Palm and I desparately need to logon to Slashdot.
Chelloveck
Chelloveck
I give up on debugging. From now on, SIGSEGV is a feature.
Of course, there's still the problem of centralised control. What I would really like to see is a PGP or PGP-like solution where the user has control over their private key and each site grabs the public key when they sign up
SSL with client-side certificates does exactly that. (apart from it doesnt use PGP, just the technologies PGP uses).
Microsoft's PassPort.com allready exists. It was the world's 8'th most visited web-site, last year, the userbase they have collected (*@msn.com,*@passport.com and *@hotmail.com) is enormous!
Most of us are not keeping the "fruits of our labor" tucked into our mattresses. Experience has taught us that "mattresses" burn quite easily and they do not provide a significant barrier to oportunistic thievery. Thus, we put our trust in select others to store and protect the products of our toil. Though we are providing these select others the opportunity for misuse of the "fruits of our labor", this is preferable to the quite likely event that we experience total loss of this fruit.
In summary:
Friday && paycheck && cash in hand == Monday && penury.
||
Friday && paycheck && cash in bank == Monday && solvency.
In all seriousness:
I'm sure the fact that the NC approach looked, smelled, walked, and quacked like the 3270 controller/displays that the PC's had just displaced was another reason NC went nowhere at the time.
What has changed since then is that networking is now ubiquitous and cheap AND the hardware cost/performance ratio is so low and getting lower.
Well, apparently, you only have to fool the majority of people for a little while.
Really?
Who made and opened OpenLook ?
Who donated code to Mozilla ?
Who donated code to OpenOffice ?
Can I download Windows for free just like Solaris?
Did M$ develop something like lxrun?
Could we really expect from Sun the same as from M$?
Does anybody have the right to say that Sun _would_ be as bad as MSFT, _if_ they had the desktop monopoly?
Could it ever be that Sun does not have any monopoly because it is not as bad?
Please remain fair to fair players and hold back unsubstantitated slander.
Disclaimer: I never worked for Sun, do not own Sun shares and I am in no way affiliated with Sun.
This is so wrong its not even funny. Miranda signed a confession about a rape and kidnapping (not murder), exactly the opposite of remaining silent. He conviction was overtuned in the Supreme Court because he was never told he didn't have to talk without council.
See Below:
http://www.mtsd.k12.wi.us/mtsd/district/whacked
Stop spreading lies.
Anm
Micro$oft's ".NET" is a move to send computing back 40 years, back to the bad old days of centralised computing resources and remote users.
I would rather keep control of my own personal computing. I don't want my private data residing on servers outside my control. How do I know that Micro$oft can be trusted with it? How do I know that Micro$oft won't steal it by changing their "terms and conditions" with a bait-and-switch? Micro$soft will as usual disclaim all liability for lost data. For these and other reasons, ".NET" cannot be trusted as a reliable computing alternative.
We should therefore work hard to ensure that ".NET" becomes ".NOT".
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
"You mean the revolver Sir?"
"Yes, Precisely..."
Blar.
It is on DVD, but there's no interesting additional features. I also own it on VHS, but, hell, I may get it on DVD also for the hell of it...:>
MY data is one SOMEONE ELSE's machine.
:(
The problem is that while you're comfortable with data being on your machine, 99% of people (joe consumer) would rather it wasn't. They have no idea how to do backups, are uncomfortable with the idea of disk crashes, and (ironically) are used to the idea that computers just do go wrong even if they have no idea that it's our friends in Redmond that cause it.
So they want someone else to look after their data.
Hmmmm.
Dave
I write a blog now, you should be afraid.
Xwindows
By which I'm sure you mean 'X' or 'The X Windowing System'.
Any app that deals with text or numbers could run over a 56K modem no sweat. I know this is possible....
Of course its possible; its called xterm (or other telnet client). Anything that can't run in an xterm obviously isn't dealing entirely with text and numbers.
The reason an application like Quake can run so smoothly across a dial-up is because it's performing a very specific, limited task, and the messages being sent are all very simple - shoot, jump, turn left 15 units. The reason the X protocol is so flexible is because its so generalized and non-specific. It doesn't even know what operating system or window manager you are running at the other end of the connection. This means an X client has to send a lot of information to the server at the other end of the connection to describe what it looks like, how it works, what kinds of input it's listening for, etc. This boils down to enough bandwidth use that app sharing with X is "usually" useable on a LAN, but too unwieldy for broad internet use. (I'm reminded of the time at my first Unix job when I innocently ran a full-screen mpeg video player remotely via X and brought down the whole 10-megabit network).
I agree with you that it would be a Good Thing to have a lightweight protocol to run sophisticated apps across a network connection. I like to think that's where XML is headed. But X, while it has its uses, has been around for years and years and plagued by problems of varying implementations, bandwidth use, and general non-acceptance among the MS-Windows crowd. (It also doesn't help that even the commercial X servers I've seen for MS-Windows - like Hummingbird Exceed - are of pretty unexceptional quality.) I suspect that X has been around long enough that if it *were* a magic bullet waiting to be discovered, somebody would've done so by now.
Yeah, right. Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security
You mean Emacs, right? Wasn't there a time when incoming mail opened in Emacs's mail client could execute arbitrary Elisp code?
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
2.) They run Hotmail. Everybody's used this at least once.
/dev/null.
I beg to differ. I'm sure there are many people who do not use and have not used Hotmail. I am one of them.
As a matter of fact, most of the spam I get is from Hotmail accounts. If I could convince two more of my friends to give up Hotmail and switch to something else, I would send all incoming mail from Hotmail accounts to
War is Peace. Freedom is Slavery. Ignorance is Strength. - George Orwell or George Bush?
Problem with number 1 is that the basic laws of capitolism state that the internet retailers would abandon such if the cost rose above what consumers want to pay. And either go back to simple credit card systems, or MS would become a credit card company, and charge the same rates. And people can simply use a 2 click system.
some implementation of LDAP, or its big brother, X.500? maybe in conjunction w/ using certs?
but what does merely having an available open source implementation get you? who's going to run it? someone who you are going trust? just because it's open source certainly doesn't mean someone is going to run it for free in competition against microsoft.
and if not microsoft, what, is petreley implying that sun would have been a better candidate for holding a monopoly position on auth services? pah!
maybe some single, monolith authentication service isn't the direction to be looking to in the first place. seems like trust issues keep cropping up....
That is a rather sickening set of links. He is so sold out, and the product is so hyped and buzzworded. Yuck...
As a POS developer I worry a lot about NCs at POS. I remember many years ago, my dad worked on a back office system for Asda, the UK supermarket chain. All dumb terminals at POS. Something (I think it was a major hardware failure) took out the back office, and left the cashiers asking customers how much they usually spent on groceries, and charging them that amount. Cash only, of course.
Now I have a retail chain of my own (ha!) I am constantly defending the position that no matter how much redundancy you put in the back room, even if you use the sexy multi-transport networking in QNX, something can happen that will knock the register off the network. And when that happens, if it's an NC, you have a blocked lane. If it's a PC, and you've coded it right you can still capture all the barcodes, and the customer's credit card number. You might lose something when the cashier has to guess at how much an item without a tag costs, but when everything comes back up, at least you'll know how much you've lost without having to inventory the whole store.
--
--
E_NOSIG
baptiste wrote:
> The money is NOT with personal PCs - hell half are using pirated software anyway!
> Its the business customers.
Are you kidding? Music, movies, television... that's what this is about; it isn't about "office productivity" anymore, it's the entertainment industry. This is about MSNBC, and Disney, and Sony, and all those people.
What would you suggest then?
I've always thought universities were the perfect certificate authority for their graduates; you would get the service as part of joining the alumni association, along with the bad magazine and the alumni email address. Grads are already using them as an authority every time they request a transcript, and certifying someone completed a degree is a pretty strong claim of identity, more strong than Verisign has to offer.
The idea can be extended to handle people who don't go to college too -- there are enough organizations in this world, from churches to unions to professional organizations to AARP to AAA, most of whom collect money from their members while providing various value-adds. Certs could just be another thing along with the discount health insurance.
Who owns and controls this accounts database?
Are all resources controlled by this accounts database?
I think it comes to something like levels of access (or security classifications). If you have a front-gate, a doorway, and a wall safe, you do not use the same key for all three.
But with all the noise, a few more people do get curious and find out a bit more. The signal to noise ratio may be pretty bad, but any attention is better than no attention. The GPL has been around for a long time. You have to wonder why it is suddenly "bad". Microsoft is worried that the coporate world will discover that GPL'd (or other Open Source) software is their best (maybe only) defence against being locked into incompetent and/or uncooperative vendors. Remember that FUD didn't originate from IBM but from customer's PHB's with a deathly fear that Big Blue would drop effective support (while technically living up to the support agreement). The irony is that the companies that got the best support had multiple vendors pointing fingers at each other and not with a "single number to call".
>>People like to shop, and companies like to drop down bucks on new hardware and shiny new CD's. Tarballs aren't sexy.
Yeah, you can download everything important for free, but you don't get the pretty box!
Actually, the fact that you can download everything for free makes the box all the more attractive.
*Everyone being the larger corporations
That's alright. Remember when they knew precisely squat about the Internet?
In two to three years, Microsoft will have invented those technologies.
--The basis of all love is respect
While the article does make some interesting points (you *did* read it, didn't you?), I'm not quite sure I'd go so far as to see this as a huge consipiracy to draw our attention away from "authentication services".
It's probably true that Microsoft isn't as concerned with the GPL as it appears in previous articles here, but I think their "concern" with it is a pretty good indication that they are taking it seriously. Aside from the fact that this is classic MS FUD-mongering, I'd imagine that before they went and made any such statements that their lawyers had taken a very, very close look at the wording and workings of the GPL.
Rather than the current smear tactics (comparing something a "cancer" is *not* playing nice) being a diversion, I think they are being carried out because Microsoft actually believes that the GPL could stand up in a court of law, and that their corporate lawyers *probably* couldn't fight it effectively.
Of course if you want a real conspiracy, you could even go so far as to conclude that MS has already (secretly) violated the GPL, or is planning to do so...
"Intelligence is the ability to avoid doing work, yet getting the work done".
It's only software!
PAM, Pluggable Authentication Modules.
:-)*
Note that it is not solely for logging your UNIX box. Check out http://pam.sourceforge.net/mod_auth_pam/ for an Apache module.
It's really a pretty cool solution and you can authenticate to almost anything: LDAP, RADIUS, even SMB.
Of course, there's still the problem of centralised control. What I would really like to see is a PGP or PGP-like solution where the user has control over their private key and each site grabs the public key when they sign up (with this, a signing up process could be transparent to the user). That way, you get the common authentication method and there's no need to store complete data about you anywhere but on your computer. Imagine getting a popup: "Whatever site has requested the following information:...." Each piece could be accompanied by a checkbox so the user can accept/deny specific pieces of information.
This is probably doable such that it will easily integrate into current systems, too.
Of course, I could be totally wrong, and I'd expect someone to point that out.
"Why is it that when they agree to support XML and SOAP, and at least do lip-service to the "open standards" idea, we continue to bash them and whine about how Sun did this 10 years ago?"
Because MS always seems to find a way to add proprietary extensions so that you still have to use MS. For example, Kerboros.
Hmmm. Can you say "Microsoft Passport"??
- Necron69
Smaller means quicker?
n yone-else' senses. *Bigger* is faster. *Bigger* has less inertia.
:)
No, no no nooo. This is just another piece of pseudo-physics. In business, smaller does *not* mean 'quicker' -- in either the 'ability-to-change-focus-suddenly' or the 'ability-to-fully-exploit-an-opportunity-before-a
Small companies necessarily have homogenous portfolios -- they focus on one wee lil corner of the market, because they lack the resources to cover more. Any change of direction (or market) jeopardizes the company; hence, alterations in course are 'expensive', probablistically speaking. OTOH big companies can follow a zillion different speculative trails to their logical conclusions *simultaneously*. Think of quantum computing. Now, if 99% of those trails end in failure, so be it; the company naturally 'collapses' its waveform onto the remaining one percent and be extremely successful.
The reason why small companies appear to be quick is the same reason that dust motes seem to be 'everywhere' when you wave a flashlight around in a darkened room: The sheer number of small businesses make it very probable that a handful will be at the right place at the right time for any given opportunity, never mind the hundreds of unlucky failures, floating in the dark!
Now how's that for pseudo-physics?
- undoware.ca
Nice writeup, but free association implies symmetry of power. There ain't no such animal in today's world, and you know it. When there's an oligopoly of corporations telling you they aren't going to deal with you without an MSID, then you aren't going to be able to live without that MSID. It would be free association for them, but not for you.
I agree that government should not mandate the use of an MSID or similar mechanism. I believe, however, that government should mandate that no business may require one as a condition of conducting business. (I also believe this about SSN's.)
If I thought true free association were possible and that businesses engaging in intrusive practices would die on their own, I might think differently. I'm not that optimistic, though.
While we were all vigorously arguing on Slashdot, they snuck in the room and put little black boxes between our network interfaces that record a micropayment for every TCP/IP packet.
Nice diversion!
Sarcasm aside, Microsoft is still a big corporation... and smaller means quicker. So it's not really about Microsoft sneaking anything past us... it's about the quality of our decisions and actions, and how effective they are to counter moves by Microsoft.
But hey, the best solution is to just give in, buy their stock, and move to a remote Pacific island to live off the profits. Or, alternately, move in with Stallman and start amassing the GPL cult that will eventually take over the world like... Pac Man...
I do not know of any open source alternative to the microsoft purposed system. But I have a concept (very off the cuff). What if you used FreeNet as the data-store. Your data would be replicated, cached and encrypted. Once you access it from your place of work, you place of work would have a cached verion of it, when you try to access it from somewhere else, whatever node you are using as your "server" will go out and look for you current information in the FreeNet service, replicating it along the way back. I am not going into details, because I don't know how this might work, is it possible? Anyone with more knowledge of freenet/universal login system care to comment? I just see there being LOTS of servers rather than a centralized few, and once you get your data in the building you are working at, it stays there until you try to access it from somewhere else (home) and then it is replicated. This would use the power of P2P to be the load of a universal login/data storage system to the edges of the network, decentralize control, and allow local administrators to setup Nodes for ther users data, which would become a part of the FreeNet network as needed (accessed). Just a comment, I don't know if it possible or what, just wanted to throw it out there.
The original article in Esquire magazine, October 1971. The Capt'n is still the man. He's the CTO of a company making "The Crunch Box" which is an IDS appliance running on OpenBSD.
How we know is more important than what we know.
As the first article clearly demonstrates, he was always sold out, from day one. John Draper likes money and he aint afraid to say it.
How we know is more important than what we know.
What microsoft has always been good for is successfully implementing the grandiose ideas that nobody else could. Do you remember the Windows 3.1 days? If you had a new graphics card or new printer, what was the only thing that could talk to it? That's right, MS Windows. And MS shared the love by allowing any program running within it to talk to those devices as well.
And now there's network computing, with its related monstrosities, central directory and PKI infrastructure. Many big heads have tried to tackle these; none has come close to success. These are ideas that would expand the usefulness of computers beyond belief, but they can only be pulled off if there's a strong center to hold everything together.
In case you're worrying that "center" means monopoly, think again. The center is shrinking! MS is no longer trying to have a stranglehold on the Apps or the OS, just the authentication and the basic protocol which can be run on any hardware. We should rejoice!
Unlike visa or doubleclick, they're not trying to put themselves in a position to snoop on you. They're trying to give us something that no one else can.
--
>Wasn't there a time when incoming mail opened in Emacs's mail client could execute arbitrary Elisp code?
You *can* configure EMACS to be that stupid, but you have to know what you're doing to make it happen. EMACS doesn't default to running any elisp code it finds in any file you open.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Yeah, right. Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security.
The long and short of it is, MicroSquish knows precisely *squat* about multi-user computing, data security, and crypto.
When Hugh Daniel went up to Redmond to do interoperability testing between FreeS/WAN and their half-assed IPSEC, he asked them which crypto algorithms they'd implemented, and they told him "40-bit DES". Nothing else.
Hugh just left. I would have, too.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
That "Microsoft's Hidden Files" page is a crock. It writes all this sensationalist text in order to point out the existance of caches.
.bash_history files".
It's the same sort of thing as "Linux is conspiring against you and recording your every moves, because it creates
Well, try going "rm *" when you're in your home directory. You will see that .bash_history remains (and so does .profile -- how evil).
Might I contend that no special attention has been given by MS to its cache files; merely that OS processes hold them open, and Windows (unlike Linux) doesn't allow open files to be deleted.
Furthermore, as to file secrecy, I don't want my history files to show up when I am grepping for some text over a directory tree, etc.
I would also suggest that measures like this are in place to stop brainless users accidentally deleting useful files (we've all heard about windows users going around deleting random files because their harddrive is full). Anybody who is wised up, as you clearly are, can remove the files without much trouble.
How did he lose his old articles if they were safely stored on a central server, accessed by a simple NC?
That sounds like the kind of problem you should only have if you use a stand-alone PC where you are responsible for your own backups.
Oh shut the fuck up. I'm no GWB supporter. It made me mad when idiot rednecks said that about Clinton, so I'm not about to tolerate it now. The American people occasionally (read: almost every single damn time) elect really bad people to the office. Deal with it and wait for '04.
In Capitalist America, bank robs you!
And I want that central location to be my residence, which is easily achievable today without special NC boxes. The problem with NCs is that they are strictly inferior(*) to full-featured PCs, and PCs are so cheap that cost isn't much of an issue.
(*)from the consumer's perspective, of course. I'm sure Microsoft and the RIAA are huge fans of the limitations of NCs.
How to solve most of our problems: 1.Lots of nuclear plants. 2.Cure aging.
Im afraid I don't quite see what he was arguing. "Authentication services" is a pretty loose term and was not adequately defined in the article. I assume Nick meant the term to be used as how we can connect to .NET. If so, the article's conclusion that we need to beat 'Microsoft to the punch' makes little sense with a network/platform in which a single company holds all rights.
Imagine what would happen if WalMart suddenly attacked and lobbied against thrift stores or charitable institutions. They could quite easily argue that the very exitance of low-cost/zero-cost goods destroys the industy. They would, however, endure a backlash they likely could not comprehend.
They still haven't addressed the biggest problem with the model -
MY data is one SOMEONE ELSE's machine.
Even if you have a local backup that introduces issues with consistency. And just who is reading your work? Why will people suddenly trust a third party to provide their environment? It didn't work for Sun in the 90s (which although Petreley mentions MS fought, was not a failure because of MS opposition) and it won't work for MS now - in fact this could be the undoing of Microsoft. We have huge, cheap hard drives, great technology like IMAP, and software that works. I can't see the compelling advantage.
Xwindows, Xwindows and more Xwindows. I'm amazed at the untapped potential Xwindows/Xfree has for networked applications. Why is there not a decent GPLed Xwindows server (should be client IMHO) for Microsoft Windows. Screw ASP Java/script even PHP do it with Xwindows. Build into every .NETtish Xwindows app the ability to save locally and or remotely and Microsoft/Sun and the rest could just go get screwed.
I've played around with VNC awhile in an attempt to so this but it isn't designed to do what I'm talking about. It sends a picture of the screen... no good, we need to cache stuff the desktop background, icons etc locally and just pass commands that say (use Greg's background #1 and icon set #7 and let the local PC draw that stuff. Any app that deals with text or numbers could run over a 56K modem no sweat. I know this is possible.... think of Quake... there's a helluvalot going on but only a few bytes get sent across the wire to keep everyone synched up and fraggin.
Imagine a world where you subscribe to a KDE or Gnome desktop running on the local ISP's server with X Office and a few other kickass apps.
True networked applications that would let me start writing a letter, start a quote, fillout an invoice, or whatever at work, go home and pick up right where I left off is what I want.
Microsoft really does inovate... They just twist their inovations to make them money and not help the end user. Instead of playing catchup to Microsoft's glitter, this could be the killer system that puts them in their place. Unfortunately I'm too dim to write something like this.
G
There *is* a standard for distributed authentication.
So, why not use Hesiod ?
Maybe it needs updating for today's environment, but it worked great a few years ago within
a corporate domain I'm familiar with.
shall
"Pay no attention to that man behind the curtain!"
"Can of worms? The can is open... the worms are everywhere."
So what's stopping SUN or IBM or whoever to provide a competing service based on open standards and convince Joe consumers to use THEIR flavor of authentication?
No really. Why should anyone in the free software/open source communities give a rat's ass about what microsoft does? I know that as long as something is made by Microsoft, I won't use it. And as long as there's a free software community I'll share my software with them. Microsoft can go to hell. They can't make me use their software, no matter what they do.
So c'mon people, let's spend less time bitching about microsoft and more time providing ourselves with the software that we want. I can understand journalists, they can't help blabbing on about microsoft vs. open source, it's their job (and I bet they're praising the patron saint of journalism right now for such a long-running and juicy story source as the oss-microsoft war). But us? We have far better things to do...
Network Computing is still a step into the past. Timesharing revisited. A system that ignores the power of user machines in favor of doing as much as possible on servers and to top it of uses only HTML for GUI is seriously broken and I am amazed it is even considered in this day and age. What a waste of the last 40 years of hardware and communication advances! We should be seeing massively P2P architectures and as much work as possible being offloaded to clients that have their configuration managed as automatically as possible.
If MS wants to play the Open Standard game then simply make sure the keeper of the Standard is independent and the standard is really Open and independently certifiable with no bogus gotchas that prevent Open Source implementations from being certified.
If this isn't the most brilliant quote on
Thanks for the laugh.
-Ben
Say what you mean, mean what you say! But please know what #$@% you are talking about!
Privacy implications? How about the fact that most people pick poor passwords. Imagine the amount of damange you could do to a person if you got their password for EVERYTHING.
They're not.. They're just going to make sure that every bit of software running on their OS requires authenticated user credentials to run, and the only place they're going to let you get that authentication is passport.
.sig: Now legally binding!
Gaws, what a fruit-cake! He likes money? What kinda fool likes money? The nerve... /sarcasm
---
Linux: The world's best text-adventure game.
left the cashiers asking customers how much they usually spent on groceries, and charging them that amount.
Geez, the differences between the English and Americans never fails to blow me away. I can't imagine this happening in the US.
Here some smartass 17 year-old chickie would just stare at you while your ice cream melted until you became so disgusted you left.
The other day some guy was talking about "fagging" like that was some everyday thing and I should, naturally, know what it is.
Ahh, you have taken me right back to High School. Our computer lab was full of (hard) diskless . . . I think 286es, maybe 386sxes, with one "big bad" 486 upstairs running the Novell 286 network. Must have saved the school a small fortune in hard disks.
Ah, the hours spent playing Tank Wars off a floppy. The godlike sysop powers I was granted. Ramdisks. 10Base2. Word Perfect 5.1.
I'm not an old school UNIX guy, and I was never into BBSes. This was my early geekdom.
I had a 286 with a 287, and I think two megs, maybe four, of bus ram. Oh, and a bus mouse. And I upgraded to an RLL controller and got 50% more space on my disks. Then, of course I had to re-optimize my interleave with the Norton Disk Utilites . . .
God those were the days. Thanks for sending me down memory lane!
-Peter
I think that NCs will get a niche. Secretaries, POS, stuff that is better off centralized and doesn't benefit from being local.
Out side of that, I think that they are doomed to fail as a mainstream "PC replacement" for a reason I haven't seen anyone else cite. That reason is; PCs are cheap. By the time you buy 10 NCs, with displays, and a bad-ass 4 (or more) way server to service them, you may as well have bought the same 10 displays and 11 PCs, the 11th for file/print sharing.
And I think that NCs have a negative economy of scale. I.e., if you have 100 desks instead of 10 you need 10 times what I described above, plus a SAN, and a bunch of network upgrades to handle the load.
Or, I suppose, you could do a shoddy job. Only buy enough processor power to handle average load. (And have human beings sitting around waiting for the system at peak times. That ain't cheap.) And sit the whole thing on whatever network infrastructure you happen to have. (Hope you've got 100Mb switched, buddy.) Leaving you with a crappy system that cost as much as giving everyone a PC.
And don't give me a bunch of TCO crap. You aren't going to convince me that the army of real admins that will be needed to keep all those terminal servers going is going to be cheaper than running a helpdesk with a Ghost image on hair a trigger.
-Peter
I really like the idea of single sign-on. There are products that do it (and have been doing it for a while). We use NDS (Yeah, I know it's from Novell, but it WORKS!). We have a mixed network with Solaris, Linux, and Windows and it seems to work well. My main concern is that the company is going to be a casualty of Microsoft and Novell's own of marketing. At this point cross platform authentication seems to be their only hope. If they do go under, I really hope they GPL their directory first... Novell seems to have realized that their future lies with authentication services, but the realization may have come too late.
Work at home, work at work, work on the move... your files and programs stay on the same server and nothing travels across the network except GUI events (encrypted, of course). You don't have to store your data on anyone else's machine: you can even download your own browser plugin from your own machine if you need to access your programs from an untrusted PC.
We could do all of this with free software. Most of what we need is already out there; the biggest problem I can see is the availability of broadband connections for home servers. There is no reason this needs to be centralized (by Microsoft or anyone else).
--
It also should be noted that the major victims of Microsofts earlier "update addiction" policies were businesses. The change of formatting between Word95 and Word97 does not really bother John Doe. However, when there are 500 John Does who are responsible for there time, somebody takes notice, and tries to correct the problem (the only way they know how). If one business makes the leap to .NET, other businesses will be compelled to follow either for reasons of cooperation or competition.
.NET will do it for you!" In fact, they probablly won't provide upgrades anyway anymore. Since they're getting a steady flow of fees, they won't need to make needless upgrades anymore. Basic functionally between Office 95, Office 97, Office 2000, and Office XP is almost identical. The only difference is the default file types. Who really uses the new "features" each verison adds? They all are backward compatable, but who is going to remember (or bother) to Save As the file typle that the organization has agreed upon?
Exactly. The upgrade push is what Microsoft will use. It will be something like "You won't need to worry about upgrades anymore,
It also should be noted that the major victims of Microsofts earlier "update addiction" policies were businesses. The change of formatting between Word95 and Word97 does not really bother John Doe. However, when there are 500 John Does who are responsible for there time, somebody takes notice, and tries to correct the problem (the only way they know how). If one business makes the leap to .NET, other businesses will be compelled to follow either for reasons of cooperation or competition.
.NET will do it for you!" In fact, they probablly won't provide upgrades anyway anymore. Since they're getting a steady flow of fees, they won't need to make needless upgrades anymore. Basic functionally between Office 95, Office 97, Office 2000, and Office XP is almost identical. The only difference is the default file types. Who really uses the new "features" each verison adds? They all are backward compatable, but who is going to remember (or bother) to Save As the file typle that the organization has agreed upon?
Exactly. The upgrade push is what Microsoft will use. It will be something like "You won't need to worry about upgrades anymore,
They put a certificate of authenticity in every windows box. Hey, it works for the franklin mint.
A piece of software is not enough so just having an open source alternatvie is not the issue. We are talking about a user's data here and what is going to be done with it. Sure, you could do it with open source tools, but who is going to actually store the info and handle the authentication?
I can see a private company (or more than one) coming forward to accept user's details and provide authentication to web sites, but they are likely to be just as bad or worse than MS.
The other problem is trust - you can build it, but why would users register their important info with someone they've never heard of before. You and I may not trust MS, but plenty of people will (and do).
What is needed is a large, recognised group which can provide authentication, funded by micropayments, advertising or contributions and backed by names that people will come to trust. I think this would be a perfect service for the government to provide, although I imagine many people here will be pretty dirty on that idea. But what the hell, they already have all your info and at least they wont play silly buggers with preferred partners and closed standards.
The only other possibility is an open consortium or perhaps financial companies (someone like paypal), but the possibility will still be there for abuse.
Unless someone can come up with a way of using a decentralised system like freenet to provide secure authentication, but I can't see people trusting that either.
Check out the AuthXML project - it's an open standard that allows for completely decentralized authentication between sites, businesses, etc., single sign-on, blah blah blah.. Completely platform, application, and corporation-independant, and prevents the need to entrust ALL your data to MS (or any other single entity).
- Hidden Files: This makes me laugh. The author complains about cache files, and can't figure out the ASCII encoding of his attachments by Outlook Express. Pure paranoia.
-
Passport Terms of Use: They've been changed to correct this misunderstanding.
-
Spying: This is unconscionable, and would be illegal in the US because spam faxes are banned. Is this legal in the UK? If not, I highly doubt that this story is true.
-
Stealing information: Who knows what misunderstanding could have made some Taiwanese companies think this in '98. It's unsubstantiated, but I can't discount it.
-
NSA key: MS did deny NSA involvement. That key is there because the NSA required it for export purposes. Specifically, MS had to validate its crypto routines to make it harder for people to plug in strong crypto modules in violation of US export laws. MS signed crypto routines to tell the OS what strength it was. First of all, it was a signing key. Second of all, the NSA never had a copy of the keys. So yes, MS did deny NSA involvement. Third of all, I get the impression that MS doesn't care if you defeat this mechanism, since it's only there because the stupid US gov had dumb export laws, which have now been changed anyway.
portege00, you're a Slashdot M$ basher.WinXP comes with a personal firewall. I'd happily hang that ass on the net, but that's a totally different conversation (win9x does suck, I agree. NT is the one that compares to linux).
I can guarantee you that if everyone's information was in one net connected database eventually someone would learn to steal that information from everyone (the only trick would be to steal the information slowly enough so that Microsoft wouldn't notice).
Yeah, I'm thinking about all those handy-dandy little kiosks that run some variant of Windows with some browser that is all set up for traveling fools like myself to look at our email back home. Yes, indeed, that https and SSL insures traffic is invisible between 2 points, but there's little to insure that my starting point is not the real authentication widget, but rather some trojan harvesting my authentication for later fun. (Or that the trojan makes me feel better by displaying the https URL where it invisibly proxies my session over to some 3733t 0\/\/n3d z0mbi3 box.
I wonder if the unidirectional control freaks at MS who are implementing all this authentication with unswerving attention to insuring that Joe User is a paying licensed software renter have given any thought to my concerns.
That is, is this friendly-looking screen what it looks like?
Before I authenticate against a self-described authority, I want to know that authority is authentic in a way that I trust. A generic Windows screen confirming that all the rent payments have been kept up on this software won't convince me that it's trustworthy.
On the same issue - has anyone developed a challenge/response program that one could run like xdm/gdm/kdm that users could interact with securely to see if they were talking to a known system prior to entering a passwd?
"Provided by the management for your protection."
If MS is selling authentication services, what are the open source equivalents?
Surely someone somewhere in GPL land has written some code that let's you do what their passport software does. If so let's hear about it!
A good point.
Some authentication services surely do exist, but not to the same level of centralization as in the Hailstorm model.
The nature of most open source and free software is such that the concept of a secure infrastruture for collecting charges for renting software is alien, almost anathema.
Authentication mechanisms to secure private communication are reasonably well-developed (PGP, GPG) and it looks as if Freenet may expand on this somewhat, but the glaring absence of monetary transactions for software use has guaranteed that such services will be slower to arrive in the world of free and open software.
That said, I don't look to MS Hailstorm authentication as anything I want to use. They're really playing with dynamite with this thing.
Like many others roaming the wild and wooly internet, I'd just as soon be able to adopt a secure pseudonym at will, rather than have every damn site know my real name, address, SSN, and how much Jack Daniels and hemorrhoid cream I bought last month.
"Provided by the management for your protection."
Having a single sign-on has real benefits from the point of view of a non-technical user
Firstly, there's no need to "sign on" to anything. Authentication is what matters, not "signing on", not identification, and there's a whole pile of work out there on how to do this without either of the others. Why should you need to identify yourself to watch some web content, when instead you can simply demonstrate the right (which you might have paid for earlier) to view it ? Identification serves the marketers more than it serves the users; we don't need it, we don't want it, and they can shove it right up their IDispatchs!
Secondly, server-based sign-on has real problems. Microsoft Hailstorm is a complete crock; WTF should I use a server-based system to validate users before I serve them content when there are innumerable P2P systems that are as good, or even better ? If I do choose a server-based process (in some fit of madness), then why on earth should I use M$oft technology (or even services!), from a company that has a limited and so-far pathetic track record in supplying this sort of service ?
Thirdly, single-point "sign-on" is a potentially dangerous situation that only looks appealing threough laziness or lack of understanding. Compromising this one point invalidates all other services. If one of those is your credit card, then you could well find the situation of an eBay dispute over PayPal stopping you putting petrol in the car. How many /. readers run multiple CC's, just to avoid this sort of hassle ? I know I do.
MS are hoping to win big in server space by offering a better programming environment and a better toolchain, making it faster and easier to write server-based applets, and faster and easier to re-use existing experience and code fragments from single-user single-desktop projects. That is the challenge for the rest of the industry and the open-source community: to provide as easy to use an environment for knocking together web apps as users have become accustomed to when putting together join-the-dots VB apps in a visual environment, and as seamless a transition path.
Similarly if end-users can transparently convert back and forwards -- using the visual tools they already know -- between the existing page and form designs they already have in current existing standalone apps, and the pages' direct equivalents as web-served content, this could be another big draw, another big chance for MS to leverage on their existing user base.
The free software community needs to wake up: MS's Common Runtime environment, and its associated (very extensive) service libraries, are a much bigger proposition to compete with than just another clunky java clone.
All this latest flaming and full frontal attacks from Microsoft is totally out of character. And its worked. Nearly everyone has stopped thinking about .NET and is taking notice of these comments from MS. I know I did for one.
.NET platoon out-flanks and out-manuvers the OpenSource community.
MS are very smart in this regard. They know that people have a lot of pride in the OpenSource community and by attacking OpenSource directly, people will instantly react. Everyone moves to take on these attacks from Microsoft while the
The only way to resolve this is to ignore Microsoft's public comments like this. Instead, concentrate on what they're actually producing, not what they're flaming. Let guys like RMS throw the mud back (I suggest him because he does it so well) and let the rest of us carry on doing what we do best... Building a great community, pretty damn excellent software and something that everyone can use freely and openly without fear of "The Man".
If it weren't for work, I'd be totally free of MS software and their crap. If I didn't have to keep up with issues about their software, I'd completely ignore them altogether. Nothing I do in my own time has anything to do with them, my software isn't trying to use or emulate their 'standards', just provide an alternative that does what I want the way I want it to.
Those that can, I strongly suggest that you ignore the statements MS make like this. Just keep an eye on the products they actually produce (its not smart to not know what "the other side" is doing).
Only MS is seasoned enough to provide such services
Oh so not true!!! IBM, Sun, Novell are all capable of doing exactly the same thing. IBM would never get the 'job' because its always been likened to Big Brother ever since Apple's famous SuperBowl add in the 80's (Either Steve Jobs was a great forward thinker, or he fluked that one). Lotus Notes/Domino could quite easily be modified to be very much along the same lines as .NET is intending, it just doesn't have the advertising budget or the market share to make it worth while.
Sun.... Well, they tried... But everyone was against it then so it didn't happen.
Novell... OneNET is actually functional and you could use it right now if you wanted. But its biggest hurdle is market share and advertising. Every ad I've seen from Novell is about the company and what it can do, not about individual products.
Microsoft are not the only ones, they're just the ones that have made it seem like a good idea and have put a huge (as they always do) marketing hype to push it forward quite outstandingly.
Until NC's can deliver the same punch as a PC continuously (in terms of performance and customizability), people will continue to purchase PC's.
-- The Hollow Man
-- The Hollow Man
Non illegitimati carborundum
Maybe if this happens, Microsoft might be considered a basic, essential utility and have to be regulated by the government... After all, it's no good to let a power company arbitrarily set prices.
That was an amazingly cool movie. Sure some of the stuff they did was a little sketchy (ie wiring up that box to the computer and being able to watch the screens of data "decrypt" in front of their eyes), but the cast was great and they really pulled it off.
On the other hand I can agree partly with the article. In case that we will have service oriented software, the authentication is likely to get monopolized and thus who will win the authentication services is going to dictate terms similar to the way when you control the platform. Although this monopoly might not be so stable and we should definitely go for open standards to prevent it.
If programs would be read like poetry, most programmers would be Vogons.
These types of actions on Microsoft's behalf is exactly the reason why I bought an Apple iBook with OS X recently, learned how to use Unix over the last four years, and put a LINUX firewall between my Microsoft machines and the Internet--I don't trust M$ products enough to hang a Winbox's bare ass off the network like I would Linux or OpenBSD.
I don't mean to sound like a Slashdot M$ basher. I have my reasons...
I can't find the link right now, but Microsoft and the NSA have backdoors into your system. Microsoft doesn't deny NSA involvement, either.
Given their past history, anyone who uses .NET is either ignorant, foolish, or just doesn't care.
Where do you want to be violated today?
Trolls make great pets. Adopt one today!
Every time I hear about a faked moon landing, or mutilated cattle, I think of Dan Ackroyd. Every time I try to be cool and leap over a waist-high barrier, I think of Robert Redford. Every time I see a beautiful SWAT team woman, I think of River Phoenix getting that gal's phone number as his "one wish". It's an incredible movie on so many different levels.
--SC
You read fiction? I write it! Lemme know what you th
Are you really sure that it has a) real beneficts and b) that strong appeal??
First the beneficts are there when you think of something like surfing the web... (oh no another portal, another login, another password) and when the most things sites can track is metainformation (I usualy don't feel the forms with real values, just a valid email if I don't feel confortable). Ok, sometimes is needed the full information and there I take great care to try to hold my privacy close.
But if you think in broader terms, *why* do I want (I as in a non-technical user) to have the same login to that news portal I visit sometime and for instance my *medical records*??? It's the same thing to have a key that opens my car, my house, my locker at college, my vault in the bank, my office door at work! Why do someone want that? I really don't think I wanted that!
If some mugger just happened to rob me, he didn't just walks away with my wallet: he could be walking away with all my belongings!!!
While we don't have a technical solution good enough to face a centralized atack on the key and survive (maybe it cames from biometry, don't know..) probably it's not going to have that strong appeal....
My guess is that this sort of global "one ID everywhere" solution only makes sense (and money) when you have a large, locked-in user base.
Microsoft probably hopes to integrate, MSN, Hotmail, Explorer, .NET, and Subscription Licenses under one monolithic service umbrella, with global access to "everything you could ever want or need" provided by Passport.
The open source community doesn't have anything like this because of the prohibitive costs of trying to integrate too many disparate - and often competing - services under one centralized authentication solution.
Any sufficiently well-organized community is indistinguishable from Government.
What has changed since then is that networking is now ubiquitous and cheap
Unless you have to move house ($100,000+) to be able to even get Internet access faster than dial-up.
Will I retire or break 10K?
at least at some businesses, admins don't even like employees to keep data on their desktops, but only on servers - that way no one loses data when the random desktop goes blooey.
Yes, but there's a difference between working across a LAN and working across the Internet. For one thing, office LANs are 100 megabit/s Ethernet, but as rgmoore pointed out, try getting 100 KILObit/s out of your dial-up PPP connection. The characteristics of telephone lines make it just not possible. Businesses can also afford to maintain a few smb/nfs/ftp/webdav servers and a couple hundred workstations; home users would have a bit more trouble affording $100,000 to move the family to an area where high-speed Internet access is available, $50/mo for the high speed Internet connection that Hailstorm would require to make it even remotely usable, and $25/mo (based on previous retail license price divided by 36 months) for Hailstorm service itself.
Will I retire or break 10K?
Enter directory services: the way to manage identities, profiles, and use-rights over network accessible resources. Could be client/server, could be P2P, still needs management.
Novell, with eDirectory, understands this. Eric Schmidt understands this. eDirectory can scale: a billion users publically demonstrated, 3 billion in house. Brilliant DirXML interface. Years ahead of Active Directory.
But Microsoft knows how to market, and over the last year Chief Software Architect Bill Gates has realized this. The .NET term has entered the media in a way that neither NDS, eDirectory, or digitalME ever was able to.
Personal Directory Services are the killer app of the post-web net. Personal, not consumer, not business, because each of us has many consumer, business, community, family, and other faces. And as we live in the net, we need to protect and expose our faces differentially. So this is the key battlefield of the Matrix: is it personal control over my identity, or is my identity a consumer item managed by Microsoft or some neo-Matrix-cartel including Microsoft, which knows better what's good for me?
I don't think there's going to be any escaping the necessity to use Directory Services: if you're on the web you have identity, even as an Anonymous Coward. Question is: are you in control?
And if this is such fundamental infrastructure, should it be Open Source? Is it sane for core infrastructure to be anything but Open Source and publicly controlled?
Surely someone somewhere in GPL land has written some code that let's you do what their passport software does. If so let's hear about it!
I agree that single sign on is something that we really need to work on. That's why I started the Webwide discussion group to try and hash out an open standard and some open source implementations. We haven't seen much action yet, but you're welcome to join.
As for storage, something like OceanStore would probably be best, but no full implementation exists yet, to my knowledge.
So let's get cracking!
It's so funny to read all the posts comparing Sun and Oracle's Net PCs to "time shared computers of the past" and "glorified x-terminals".
Just how many of those dumb PC magazines do you people get at work?
Nick may be a little off here and there ("benificient dictator" as opposed to "benevolent...") but that's no biggie.
I don't know or care about MS products and services.I've seen them fuck too many good people, whether employee or owner, government and private, for me to ever care what Microsoft thinks/does/shits.
But I can say that I've worked on a distributed system for a few years, and there is such a thing as a NC...not PCs, not timeshared, not NFS, not X-terminals, and probably what MS would like to see the Xbox evolve into.
Good God, I wish some of the Microsoft sheep that hang out around here would stop reading their "PC Wanker" magazines and start thinking once in awhile.
Treatment, not tyranny. End the drug war and free our American POWs.
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
From then on all you'll see is a dialog box that pops up saying "Do you want to buy this? YES NO" Peopel will just hit yes and barely think about. Since all the info is already in Hailstorm, you won't need to retype your cc.
Better yet why bother with the dialog box? You click it you've bought it...errr leased it... Goes even futher towards making your forget you're paying every time you open a file or watch a video.
In the past that is. When you eventually have some money to spend and think of buying stock, which stock would you buy? a) the one that made a lot of money for brokers 2 years ago or b) the one that will probably make you a lot of money because they have their things worked out ok and are making it better every day?
--
Never underestimate the relief of true separation of Religion and State.
while I appreciate raising the alarm - this is an insightful piece - I couldn't help but wonder why he thinks NC would have been good under Sun's control. Clearly .NET will be a nightmare under the monopolistic control of M$ - but Sun is just as hungry for monopoly as Microsoft, and would hardly have shepherded the concept any more benevolently than M$ would. The NC *was* a failed concept and for good reason!
Don't blame me - I voted for Howard Dean. http://dean2004.blogspot.com
I think MS has a good chance of making this happen. Its not a certainty but it is very possible. IMHO it all starts from the desktop monopoly.
The key is that when Hailstorm gets integrated into applications (instead of being "on the web") people won't feel as uncomfortable with it. They won't even notice its happening.
Imagine that some music distribution company offers a jukebox like system where you pay a small amount of money to instantly play a song. If they teamed up with MS, they could install this ability in MS Media Player to log you into Hailstorm so you could "securely" transmit finaical information neccesary to get the song. And the normal user barely even notices becasue all the info gets typed into regular windows dialog boxes that don't look anything like the "scary, unsafe" web. For the music industry its great because they don't have to worry about keeping user accounts and the security. For MS its great becasue they get money even though they have nothing to do with music. Hell, that might even make it easy for artists to directly charge for music. Easy distribution, and easy money collection. It works with anything. Like the MLB's plan to charge people for the game broadcasts.
Its all perception. People get scared only when they take out their credit card and type it into the computer. Imagine MLB get you to type in your credit card just once into Hailstorm. From then on all you'll see is a dialog box that pops up saying "Do you want to buy this? YES NO" Peopel will just hit yes and barely think about. Since all the info is already in Hailstorm, you won't need to retype your cc.
Once people are in the system and comfortable with it other companies will dive in. Make the same modification to Internet Explorer and then companies can sell you stuff over the internet using Hailstorm as the payment scheme (a la PayPal)Companies probably won't even give you any option other than paying via Hailstorm since its a lot easier for them.
And this is exactly what the article is getting to. MS suddenly becomes the doorway to a whole host of services. In other words _everyone_ is dependant on MS. MS can raise prices however they see fit since comapanies would need the MS user db to conduct transactions.
Sure, end users may like this idea, but if those running the computer systems don't go for it, it won't fly. I would think those who know and love UNIX and its 'many tools' philosophy will be aprehensive about .NET's one really big monolithic (bloated?) tool.
Go green: turn off your refrigerator.
Yeah, but all that cool auto-managing software that NCs used could have run even better if it was installed on a real PC instead of an underpowered NC. Management is a software problem, so solve it with software, not hardware.
What, me worry?
Maybe it's easier to see things before the revolution and total flood of a certain status quo or what not. Or maybe I'm totally wrong, maybe the statement was meant to be completely crazy just movie talk. Excellent movie nonetheless.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
Did i mention that the Microsoft-Bank will not assume responsability for losing your money?
Having a single sign-on has real benefits from the point of view of a non-technical user. End users want the experience that Hailstorm theoretically offers (at least some of the time). They are tired of remembering dozens of separate password. Unfortunately, lots of people don't worry that much about the privacy implications.
Is there a good open source alternative that can provide the same experience?
** The opinions expressed here are my own, and do not reflect those of my employers - past, present, or future**
Enough said?
Hmm... Can someone tell me again who loses?
Who is the bigger fool: the fool, or the fool who believes what the fool is saying?
Who is Microsoft trying to sell .NET to? It can't be ordinary consumers, because if everything is going to brought down off of the internet they'll have to contend with the fact that most users still use odinary dial up internet access. And will continue to do so for MANY years to come.
Not only that but they REFUSE to pay more for speedier internet access. I use my mom as an example. She ordered a second line specifically for dial up internet access. She has cable. Here in the Denver metro area cable is provided by AT&T. He phone service is AT&T. She could get cable modem service for $40/month but instead gets the second line for $10/month with $4/month dial up access with AT&T worldnet. She is content.
I personally can't live without my cable modem service. But this .NET stuff is going to REQUIRE some sort of broadband access to be useful at all, but most of this great country of ours still can't get any kind of broadband. In this area sometimes you can get DSL and cable service, sometimes you can get one or the other, a lot of time you can't get either for whatever reason.
I have a friend that couldn't even get basic cable in his area because "there's nothing but poor people in your area, why would we have cable in your area when there's no money there". That was when it was still TCI, not sure what the current attitude is toward Central City nowaways...still full of welfare cases though...
My point is, I guess, that until everybody and I mean everybody, has broadband this netpc or .NET or whatever, is not going to fly too well.
And it takes time to change infrastructure. Here in Colorado US West was sued for taking, sometimes, up to a YEAR to get BASIC PHONE SERVICE to new houses. Upgrading the old infrastucture in the old US West 14 state region just might be put on the back burner until they can deal with more basic issues
If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
There are a number of open source, GPL Government projects going on today, and a number of others where people are working to retrofit the GPL to existing codebases. I'm participating in one that's struggling to get started in HLA, the Defense Modeling & Simulation Office's High Level Architecture, which is the DOD standard for interoperating networked simulations.
A large number of very influential corporations would be tickled pink if the code that they developed using the taxpayers' money stays locked in their own private safes. Microsoft is simply the point man on this effort to perpetuate a whole apparatus of sweetheart deals and fraud against the American taxpayer.
The argument that GPL is somehow un-American seems absurd your average /. reader. In fact, we may be wondering why they would bother to even give an argument like that. Simple. That argument carries a lot of weight with program officers for the military who have to contend with superiors who really do see a Commie under every bed.
Never, never doubt that Microsoft means precisely what it says.
Did the scriptwriter or director intend all of those? Any of them? I'd be surprised. But that's what makes it art: It resonates with us on levels far surpassing the conscious intent of the artist.
The Mongrel Dogs Who Teach
The film was about 10 years too early, but it amazes me how much it captured.
The Mongrel Dogs Who Teach
I think the main difference there is that the everyday person-on-the-street knows thrift stores and charitable institutions. They understand them, and recognise what they do. To most people, open source is something they don't know or understand, and their main source of information about it has been FUD marketed to them by people who don't like it.
Debunking that FUD is all well and good, but if people aren't also educated about what open source is and how it works, then they're never going to be able to make an informed decision, one way or the other.
If you can keep the appropriate people focussing their attention on trying to justify themselves, even against rather pointless and ineffectual attacks, they don't get quite as many people thinking "what are they up to?" as they would if they were just getting on with quietly rolling out their .NET plans - they're quite obviously whinging lamely about open source, right?
By giving the more zealous and vocal open source advocates a giant red "Kick Me!" sign to fire at (and fire they will; the target's too good to pass up), then commentary on the other things they're doing might just get lost in the noise.
Welcome to the Machiavellian world of PR. It's a lot more difficult to meta-moderate out there, and Microsoft is trolling.
I'm sure the fact that you can buy a complete PC for what a NC cost had nothing to do with their demise.
As far as .NET is concerned the issue of authentication is overblown a little. People seem to focus on the evil-looking parts of .NET like authentication services and ASP software, and forget about what .NET really is. It is a runtime, like Java, that can run code written in several different languages. That part of it will succeed. The authentication stuff however will go down the tubes just like the ASPs are doing now.
There is not a widespread need for third-party authentication. Certainly not enough for there to be widespread services that everyone uses. The ASP model has failed to a large degree as well. If the 3rd party goes down(as MS has often done) or tanks as a business you are hosed. Most people won't risk this.
The part of .NET that will succeed is the programming model, because it does solve a need for a lot of programmers.
So what we have really is 2 .NET's, one which will succeed, and one which will not do so well.
No, Thursday's out. How about never - is never good for you?
If you have enough ram you shouldn't even be using a swap file (I'm not, and got 768mb of ram in my 2k server box). Though I wouldn't reccomend it with 256mb of ram (although it is possible)
The slashdot 2 minute between postings limit: /.'ers since Spring 2001.
Pissing off coffee drinking
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
- When I first brought this home computer home and started it up, the first thing I saw was a screen that dialed up MS and further prompted me to enter data on myself, basically enforced registration. My identity as a new user was logged and stored away. I wonder to this day what information MS has on me, and if it's legal to obtain it. I believe it should. But my point is that I was guided down a narrow path, afraid to not deviate from it, and MS pushed my initial registration on me.
- When I installed Compaq (nee Digital, nee Powerstation) Visual Fortran, I was told that IE was necessary to use their online help (their only help). It promptly downloaded itself on my desktop and became the default for a bunch of files (.gif, .jpg, etc...). Again, I felt I had no choice but to comply, as part of the initialization process.
- Then when I loaded MS Visual basic onto my machine (God help me), I was forced this time (of course I had to use IE, but I was used to that) to establish a Passport account to finish the installation process! I never wanted a Passport account, man...
So, long story short, I got assimilated and now I have this red device sticking out of my ear.
No, wait. My point is is that the average user is also compelled to do all these things, essentially agree to be tracked and registered, just to run their desktop, or do their job at work. The idea of actually owning what you pay for is a distant memory in .NETland. You can flame me for being a sheep, but I don't have time to fight the power every damn time I turn around.
Here is an interesting link. It's IBM's 1995 Annual Report where the CEO talks all about network computing concepts. It's a good insight into what they thought this thing would be before it got all confusing with the dissembling and rambling explanations of what .NET is and isn't. Man, if you ever wanted an example of doublespeak, you only have to read MS press releases. Black and White are what Bill says they are.
SDMI: Finally! Music that won't rip or burn! Brought to you by the fine folks at RIAA.
The problem with the NC model is that it relies on a stable, secure, high-bandwidth connection that has 99.9999% uptime. Can anyone tell me of a network that meets these requirements?
The counter argument is that no computer has a 99.9999% uptime either and that any system can fail locally as well. The response to this argument lies in the idea of local control. If my hard drive fails and I have a report due tomorrow, I can choose to put in a new hard drive and could have myself up and running again relatively quickly. The NC model places those decisions and priorities in the locus of control of someone else. Who is to say that they have my best interests in mind? If you want an example, look at the DNS problems Microsoft had a while back. As a network consultant and support technician, I unfortunately have to spend hours digging through the sludge of Microsoft's technical papers and knowledgebase hoping to find answers to this new problem or that. For three days, during the DNS debacle (can anyone figure out why they didn't have an off-site DNS?!?!... The Road Ahead for sure!), people were out of luck when it came to getting access to those resources. Let me tell you, if the phone system of the US was down for three days, there would be congressional hearings and someone would probably be facing jail time. Now, I'm not saying that a company should be held responsible for its website being down for three days, but if that company was also providing "essential services" (as the .NET strategy is hoping companies will), then I believe that the level of accountability should rise in proportion to the critical nature of the services that are provided.
We have a scary future ahead of us my friends. But you guys already know that, don't you?
besides being a bad joke, all you would do is martyr the fool, and we don't need that. Let him serve his 4 years and embarress the republican party, then hopefully we can get someone to run that a decent human being would actually want to vote for, as opposed to against (like last election)
"This is where god would go if he wanted to get off blow!"
Comment removed based on user account deletion
If you have an always-on Net connection, and you've got say Sendmail and Apache on it, it's trivial to read your mail from anywhere there's a Web browser (without trusting Hot Mail). Your address book? Just a little Perl or PHP and a database.
Okay, that's a few steps short of having your desktop appear on any terminal for you, but those are relatively short steps. Given an always-on connection at the home end, it's possible to set up a nice package accessible from anywhere. Heck, it can even, as Microsoft bought multi-page ads in the NY Times last week to marvel on, read e-mail addressed to several different accounts, from a single mailbox! Wow.
Basically it looks like Microsoft wins if (1) we don't ever get to always-on being the regular thing and (2) some crafty folks don't put together some standard beginner's collection of largely-already-available stuff into something like a Home Base Linux distro.
No one wants a time share on a mainframe.
"with their freedom lost all virtue lose" - Milton
It shows that there is really no knowledge of antisemitism taught in the US schools.
How come they never heard of the Tivoli programme, when it's part of your US history?
White people everywhere should be forced to study antisemitism in detail so they will NEVER AGAIN make the mistakes their forebears made.
There is no excuse for not knowing that Tivoli is a tainted name so I agree that the people behind the Tivoli software should be held criminally accountable under the law on the charge of incitement to hatred against the Chosen People.
Another reason: there's a BIG difference between a LAN (which basically is the niche you mentioned) and the Internet. MS's solution amount to trusting every bit you have to Uncle Bill. Bad. On the other hand, having a LAN in your office and lightweight PCs (aka NC) does make a lot of sense.
And it's even less original than the article says: remember those "boot ROMs" for diskless Novell workstations? Windows 3.x installed in the server? That worked, and worked REAL good. I am/used to be a CNE, and did gazillions of installations like that. Everyone was happy. Office ran exactly as fast as in HD installations. It had everything a NC has except buzzword compliance.
And what killed that? The bloat that was Windows 95. Can't have it executed from the server. Bugger.
I noticed a little inconsistansy in MS's words and actions as well, but with different issues, the pressures they have been placing on AOL. MS has been squabling with AOL about including the new AOL 6.0 with windows XP for quite some time, this did not shock me. However, when they started pressuring AOL to adopt MSN Messenger protocols so "our phone can talk to your phone".
Placing this with all the new opinions from folks such as this writer, I am starting to come up with my own intrepretation of what is happening.
MS is warry of impending breakup, they pray that thier lawyers can get the off on thier appeal, but they are not certain. Because of the threat of seperation, they are trying to strengthen each of the portions of thier company, by increasing market share in the OS market, server market, ISP market, and applications market. They simply do not some small off the wall contender entering the market to take the lead during the confusion of the breakup.
MS isn't trying to control everything forever, they are simply trying to increase thier market share so that thier divided companies will be in good positions after the breakup.
Maybe I'm being paranoid, but MS is really scaring me lately.
Assimilation has been threatened. Beware.
Spring is here. Don't believe me, look outside!
Taking the "importnatce of being found" concept further: of what value will free speech be in Microsft's world dominant authentication/smart-tag-controlled scheme? Free speech is only as effective as the openess and pervasiveness of the medium. In the original thirteen colonies, street corners and town meetings were fairly pervasive media. Many individuals (except women ;-) had access. Many people hoped the internet would be that analog. Hailstorm will ensure it will not BTW, I for one. believe that is why msart tags will not be in Europe--privacy and media dominance issue, not localization. The EU is much less tolerant on M$ hegemony that the materialistic, "what's-good-for-business-is-good-for-the-country" US tone of late.
Actually, gnusnorf 0.13beta and gnufroop-2.73 don't work together without first installing the latest gnufoo library (0.92.1.1.27) and recompiling the sources after 10 pm EST. Unless you're using the Hungarian sources, in which case you need to sprinkle the blood of a dead moose over the CD-ROM or the NIC, depending on how you're obtaining the sources.
hee-hee
He who joyfully marches in rank and file has already earned my contempt. - "Big Al" Einstein
What happens when the person is in another country? Does the secret service only have jurisdiction in this country for investigating assasination plots against the president? I mean bin laden is rumored now to attempt to take out old georgie in the g-8 forum coming up in july, but what if some kid in iceland or some other remote place makes such a threat?
An Education is the Font of All Liberty
I agree completely with this. It's not the fault of the users but it marketing that pushes this idea. ("Buy, Buy, BUY!") Look, I am a geek and like computers but I can tell you that my current needs do not exceed a P-II-233 with 128Meg RAM. Please tell me now *where* I can buy for, let's say, 250$ such a "new" PC? Come on, even the smallest Celerons are 500Mhz nowadays. No: don't start with "hey, buy a used PC" but then go and look at the "used" PC prices...Yup...250$ is a P166 or so. P-II's? Forget it, they are just a bit less expensive than the cheapest new Celerons. In that case it is just not *worth* buying a used PC.
Or I live in an expensive country....Could be that.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Actually all my passwords/userID combinations I even owned are stored safely in my Psion (PDA for the uninformed) and saved with a password. So I only have exactly one password to remember. Since it is regularly synchronized with my PC I nearly have no risk of data loss and I have my PDA all the time with me. This means: you won't get your hands on it to read the passwords without me knowing it.
Second thing (which form security point of view is not ideal, but usefull...depends on your own paranoia) is that you could easily use the same password/userID combination for less important things. I'm not going to secure my slashdot account with a 14-char password because I fear to be 0wn3d and that trolls will start to exploit my account. My root password on the other hand, has 14-chars because I consider it important. /.
Now, you see: with a bit of discipline and common sense, do you need something like Passport(tm)(c)(r) or even Mozilla/IE5.x remembering your passwords (I disabled it) Oh, *you* don't have common sense. Sorry, forgot I was talking to
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Parent is "+5, funny"? More like "+5, deadly accurate".
These are just things to think about, but if you analyze what they're doing from afar, you will begin to see a clear pattern and direction they are taking in the "cloud of dust".
I don't respect MS because they have no integrity, and they don't care about integrity. This is proven because everytime they market something, and lie about things, they just call it marketing and make no amends. Honesty is the best policy now a days. The truth will set us all free. --SuperBug
--SuperBug
This guy just sounds bitter about his flopped webzine.
I mean really - if Microsoft comes along with a bunch of NC like services and tries to shove them into clients, the clients are going to make *intelligent decisions* with respect to whether they meet their companies requirements.
I work for an investment bank, and we use Lotus Notes here. I would like to right now register my utter disgust at Lotus Notes. But on we go - the point is that at some stage the IT people made an assessment - Outlook or Notes? Notes did more of the stuff they wanted, hence that is what we have.
We engage, with respect to Microsoft, in a kind of FUD campaign. We convince ourselves they are a threat, always. We automatically assume they are omnipotent, very threatening, and unstoppable, without considering "Hey, is this idea of theirs actually going to work?"
IMHO - micropayment services and storing data off location, using NCs to access it, will not take off. Why? Because companies are just peachy with how everything works currently. My company still uses Office 97. MS will have to cook up something *damn* good to counteract natural corporate inertia. And if they do? Well done MS. They will have proved themselves worthy of the market share they gain.
My 2c.
Luke.
Ash OS durbatulk, ash OS gimbatul, ash OS thrakatulk, agh burzum-ishi krimpatul! Uzg-MS-ishi amal fauthut burgulli.
I think you're completely correct about shopping and such, but you're neglecting the fact that although M$ is a monopoly, that monopoly doesn't yet extend to the manufacture of shrink-wrap and glossy paperboard.
RedHat, Mandrake, et al. are doing a decent job of moving into the glossy boxes and no-command-prompt installer territory.
Obviously M$ has quite the marketing machine, but don't make it sound like nobody else can get a glossy box on the shelf.
K45.
This signature has eleven vowels.
Some friends tell me it is convenient to use these ATM things, but I can always go home and get more money if I need it, I don't ever want to leave town anyway. And this way I get to set up my own security. They tried to sell me some fancy alarm system, but I just keep the door locked and all the windows except for on the second story, 'cause no one is going to climb into a second story window.
The state of computing has changed somewhat since Ellison and McNealy first started touting the NC. That was about 5 years ago, and if you believe Moore's Law then computers are about 10 times faster today than they were in 1996. That means today you can really use a VM (like JVM) to run programs. In 1996 computers really were just too slow, even with the elusive JIT compilers. Bandwidth to the Internet was different too. Most people had somewhere between 14.4K and 56K. That just wasn't fast enough to realize the NC vision. Today, DSL and Cable are providing 10x to 100x the bandwidth for roughly the same price. So, we've had a 10x jump in computing power and a 10x jump in bandwidth. I hate to see Microsoft monopolize just as much as the next geek, but timing is everything and their timing is much better. They've kept their powder dry until it was pragmatically feasible and now they're unleashing Hell. Don't get mad, get even. Or...
Now we know why MS has such a dominant position in the desktop market... They have a mind-control ray... Thats why they have been able to convince the weak minded drones to comply.
Does it go on forever?
There's a similar article called Why Microsoft is Wary of Open Source by Joe Wilcox and Stephen Shankland on CNET.
First of all, in Linux, you 0wn the system if you want to.
and when you're done with that, you can 0wn every linux box on your cable modem node. thanks, red hat!
--saint----
You have to blame my parents for me remembering this:
.Net will be his Waterloo. I do not believe Microsoft would just disappear, but they would change.
Line from Abba's song "Waterloo"
"At Waterloo, Napoleon did surrender".
I wonder...
"On the 'Net, Bill Gates did surrender".
Lets hope so....I personnally believe that
Sorry for inflicting Abba on the Slashdot audience...
Sir StarTux
Then it's OK to have a society in which one can get along without a Microsoft ID in the same way one can get along without any sort of credit or debit card now--not very darn well, in spades.
It may well come to the point at which, due to that right of free association and the fact that the government can't force private businesses to do otherwise, that "no man might buy or sell, save he that had the mark."
Perhaps Bill Gates is the Antichrist.
CEE5210S The signal SIGHUP was received.
...deliberately harmful "advice" there which will hose your Windows box. I suspect the site is either a cruel prank or a sarcastic joke, but it's certainly not clear to any poor Windows luser who stumbles by that they shouldn't ACTUALLY delete win386.swp (THE SWAP FILE).
The only "tips" on that page are for clearing temp internet files and other stuff that's only slightly beyond the average AOL luser. Nothing actually worth reading (that is, nothing I didn't discover a month after I started using Windows).
-Kasreyn
Kasreyn: Cheerfully playing the part of Devil's Advocate to hairtrigger
A NC is just an appliance, with some processing power (not much), broadband access, graphical capabilities and maybe a small harddrive (low-cost storage).
Microsoft has an NC, it's called the X-Box.
Sony tries to play catch-up with the PSII, with the recent agreements with AOL, Real, Macromedia, etc...
Nokia has also a NC in the works (not based on a gaming platform but on an Tivo-like appliance running Linux)
But of those three only one will win, and it's Microsoft. They have as much cash as the others, but they have majors advantages like mindshare in the public (joe won't buy a PSII to check its email, but a microsoft thingy like the one he's got at the office) and a huge base of developers.
Game Over.
-- p a n a p i c - panoramas des alpes: Mont-Blanc, Mont-Rose, Cervin, etc...
Funny, I was just reading an article by Bill Gates on .NET. The article explains .NET quite elegantly: "A company offering an online electronic-payment service can expose its service to partners, so that they can deliver it as part of their own offering -- regardless of what platform they are using."
Of course, Microsoft will always push their platform as the "best" one to build Web services on. But I think we should applaud the fact that two major proprietary behemoths have finally started pushing "open standards" -- IBM and Microsoft. Don't forget how unrealistic this would have been only a few years ago.
I think it's time to take a step back from all of this Microsoft-bashing and realize that at least we finally pushed them into a corner. They can't push a Windows-only solution anymore. Sun has cornered the market on "open standards" with Java. Microsoft HAS to counter -- as long as they keep pushing something Windows-only, they will lose customers.
What we are seeing here is what we have been asking for all along -- "Microsoft, will you finally support standards?" Why is it that when they agree to support XML and SOAP, and at least do lip-service to the "open standards" idea, we continue to bash them and whine about how Sun did this 10 years ago?
This must be a troll right ? So the W2K TCP/IP stack sucks right ? In the old days of Win 3.1 and WFW there were multiple vendors selling TCP/IP stacks . Did you ever work with them ? getting them to talk to each other ? Yes COM and NT was good but they suffered limitations. Have you ever built distributed systems based on the Windows DNA model ? The whole thing fell apart when your consumers were behind firwalls and not in your domain. SOAP is a godsend in order to fix that problem and .NET Framework provides a more elegent solution (tcp channels) to fix the entire problem of distirbuted computing without using plaintext exchanges. Even CORBA/IIOP is a pain in the neck , try getting it to work with multiple vendors (sorry , you need this version of this TCP/IC stack , wtf is with that ? why can't they just use winsock ?)
I work in the IS department of a reasonably large medical school (4500 or so network users), and this already happens. We have network shares for each user, and one for each department, and they show up as drive letters in Windows, consistent for each user. The really amazing thing about this? The number of users who don't realize that their data isn't stored on the computer in front of them. "You mean the H: drive isn't in my computer? But it's always here."
Bottom line, you know where your data is, I know where my data is, but we're special. Joe and Jane User may not even notice when M$ starts doing this. When SUN tried to do this in the 90's, they were trying to get sysadmins to buy it. But M$ is selling this to the AOL users who thought that Usenet was part of their service, and the people who see my name on instant messenger and wonder why they can't send mail to my "AOL account."
Bottom line is, the eyes will meet the wool, and Microsoft will probably move forward with this.
Authentication *shuddering* This is the whole reason I will be avoiding Office XP and Windows XP. 2000 does what I need and I will stay with it until it doesn't ... and if MS still believes in authentication then I will jump ship to Linux or BeOS where I can be me without worry about getting permission to use my computer.
Help Brendan pay off his student loans
So what would happen if an open source version of these serives appeared that hooked into the .NET infrastructure? Think of something similar to SAMBA where one reverse engineers the service so that it become feasable to use an alternative to Microsoft servers.
I believe this would be devistating to Microsoft since they will have committed the world to a networked web services where the platform doesn't matter, but lost the control of the key services.
The rest of the .NET infrastructure seems to be easily reproducable by third-party vendors (Microsoft even gives lipservice to this). This opens the door for Linux and other vendors to integrate with this infrastructure and commoditizes it.
All Microsoft has to do is provide excellent quality, stable products and top-notch service and support. There is NO better way to maintain the undying loyalty and servitude of your customers. Big businesses that use M$ products are ALREADY addicted - lock, stock, and barrel.
Like so many conquerors throughout history, whose downfall was brought about as they were blinded by greed, Microsoft is shooting itself in the foot. They are defeating the very hegemony they hope to sustain by intensifying the force their will upon the masses in a blind panic to ever increase profit.
I say to you, Alexander The Great, Caesar, Napolean, Hitler, and ye, Bill Gates: You could have won! You could have had it all! You blathering, greedy fools! You shall never know true wealth.
Knowledge is like ignorance.. too much can be just as bad as not enough.
Why pro Microsoft always talk last? Anyway.
.NET does would compromise the security by centalizing the authenication to somewhere else, while putting Oracle and SAP servers at risk of being publicly accessible.
.NET, as there are lots more idiots who believe everything sales said. I know a PHB putting employees database in a public webserver. Microsoft needs customers like him.
/. /    |\/| |\/| |\/| / Run, Bill!
Hailstorm is only one small part of dotNET
but Passport user authentication system which Hailstorm depends on is everywhere. If you don't use it you are on your own.
Gates is looking to take Oracle and SAP to the cleaners, Hailstorm is the smokescreen for that agenda.
Smart admin would avoid their Oracle and SAP servers be able to publicly accessible. E.g. the websites only get a snapshot of the Oracle database image from an internal Oracle server. What
Oracle and SAP see this, but they'll still cooperate with
Network Computers failed for the very good reason that MIS managers looking to torture their victims
Nothing torture me like admin hundreds Windows 95/98 desktops.
 _
1.) They make great web browsers. Sure, they've got privacy issues and they're closed, but they work pretty damn well. I type this from IE5 mac, which is a pleasure to use. Making web pages look as good as MS Word documents gives consumers confidence.
2.) They run Hotmail. Everybody's used this at least once. It's a great example of data accessibility. Another great examlpe is Corbis.
Another factor here is connectivity. There's much better and faster Net access now than there used to be. People couldn't see the benefit of NCs when all they had was 10base-T at work and modem everywhere else. At that time, NCs offered little benefit over carrying a floppy over to your co-worker's desk. With the spread of broadband, 802.11b, and faster ethernet, NCs are a much more practical idea.
M$ is also launching services, rather than trying sell you what appears to be a shitty computer. I think this is pretty key. The problem with previous NC initiatives is that they were hardware based. A guiding principle of NC thought should be that "hardware matters little". So why in the world would Sun be interested?
Art At Home
Why does everybody think households worldwide are just DYING to shell out even MORE moeny for media? I mean come on! We already pay $50/month for cable/satellite, $30/month for Internet access. Why does eveyrone think folks are going to shell out more sizable dollars on reruns and stuff? Video on demand and all this interactive TV BS is a fad and unless its priced to a level folks don't care (say $1 maybe) it won't work and if it is priced that low and they try to convince you they'll 'Make it up on volume' lookup dot.com bubble.
Top Most Bizarre/Disturbing Error Messages
The money is NOT with personal PCs - hell half are using pirated software anyway! Its the business customers. Well, do you think any IT Director with half a brain is going to suggest letting Microsoft a) handle authentication to their sensitive data nad b) allow that data to be stored @ microsoft? I didn't think so. Plus can you imagine the strain on the already overloaded internet pipes of most major companies? Same goes for personal users - till that last mile is fiber - well .NET will just be too slow.
Now MS may make $$$ selling a .NET type package that runs on internal corporate PCs, but ala samba, we'll just emulate it was necessary while adhering to whatever standard comes out of all this.
Personally, I agree with teh author one one point - the NC got shafted. From a corporate view it was an AWESOME idea. Having maanged PC deployments and disk images, etc it was awful. Being able to toss a cokie cutter box onto the network, hit power and it boots up based on serial # and user config - what a dream - too bad nobody could make it work right :(
Top Most Bizarre/Disturbing Error Messages
First of all get your facts straight. Bill Gates donates billions of dollars to charities, and in his will, he's leaving 3 or 4 million dollars to his family, with the rest being donates to charities. I don't like Microsoft any more than the average slashdot reader, and I don't agree with Microsoft's or Bill Gates' opinions, but that has nothing to do with Bill Gates himself, and what he does with his money. Pierre Elliot Trudeau, a former Canadian prime-minister said the following, "Never attack the individual. One can be in total disagreement with someone without denigrating him as a consequence"
"Knowledge makes us accountable." - Che Guevara
Anybody notice that lately lots of Suns come with card readers. What's this for? Will we be able to get rid of stupid passwords soon? -ted
Unfortunately the MIS managers tended to be as interested in recovering control over the corporate nervous system as control over costs. Back in the 1980s I made money by writing apps to screen scrape data out of corporate mainframes so the middle managers could feed it into Lotus 1-2-3. The MIS managers could have provided the data but they refused point blank to do so. It was all a power-game.
Besides, you DON'T need an 800MHz PIII, 128MB RAM and a 20Gb hard disk on EVERY PC in your network
But when that setup costs $500 from a computer store the premise that the Network computer would save money by reducing the hardware costs collapsed.
The Network computer failed for many reasons, not least the fact that there was no significant application support for the device. The lack of a hard disk was always going to be a drag on performance though. The idea of eliminating local user storage is not a bad one, end users should probably only have access to a centrally managed file store. The idea of no local long term storage was a complete loser however, as anyone who has used a diskless workstation knows.
It is not suprising that network computers were easy to manage. They could not be used for anything useful. What is more Sun and Oracle appeared to be spending more on idiotic TV ads than on writing aps to make them useful. If Sun had bought Star Office earlier they might have had a point.
Ultimately I see the whole Sun vs. Microsoft thing as denial on the part of Sun. Microsoft is not going to kill Sun, but Intel and Linux will. A high end linux box can be bought for a tenth the cost of the equivalent Sun box.
Also, C# is not an evolution of C++. C# is java under a different name, what microsft thinks java should have been.
Not actually true, If Sun had not behaved as it did then C# might have evolved out of Java. C# is actually built on top of the C++ compiler back end by the C++ team. The feature set is essentially a combination of C, COM and Visual Basic. It is possible to translate from Java into C# but it is also possible to translate from Visual Basic to C# so that hardly makes the languages equivalent. Sun is not the first company ever to suggest a new programming language, nor was Java successful for any new features, even the byte code interpreter has been arround on micros for 25 years (UCSD p system).
Sun's behavior with Java was pretty inexcusable. The idea that we should all be forced to agree to the decisions of one company when it comes to the feature set of a programming language is stupid. Sun deliberately crippled the native language interface for their own purposes. But many of the users of J++ simply wanted a better language than Visual Basic to write one off applications and did not give a monkeys about 'running everywhere'.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Contrary to the discussions on this board .NET has nothing much in common with Sun's failled Network Computer. The Network Computer was nothing more than a new name for an X-Terminal that can run java apps and a browser locally. That Sun tried it as a bet-the-business strategy was the best corporate joke since the Sinclair C5.
The Network computer concept was for desktop apps. It was an MIS manager's wet dream - take away the employees PCs and give them dumb terminals wired to the nice shiny mainframe. Back to the 1960s.
Network Computers failed for the very good reason that MIS managers looking to torture their victims could do the same job much more cheaply with Citrix without buying Scott McNealy and Larry Ellison more fuel for their corporate jets.
.NET is about information service access. It is the way to hook together e-commerce applications. It has zero to do with Suns clueless hardware platform.
The only intersection between .NET and Sun's effort is that Microsoft has rolled out the JIT compiler technology and Java alternative as part of the package. Neither is core to the .NET idea, or for that matter Sun. C# is merely a logical cleanup of C++, there are some points of comparison to Java but all the ideas have been arround long before Sun used them. If Sun hadn't got all proprietary closed and legal Microsoft might not have created their own, but nobody can really blame them for not being beholden to a standard Sun police ownership of with lawyers.
Hailstorm is only one small part of dotNET, getting all wound up about it is to miss the plot entirely. Gates is looking to take Oracle and SAP to the cleaners, Hailstorm is the smokescreen for that agenda.
As for the GPL bashing being to divert attention from anything, the covert agenda there is more likely to ram home to the analysts the fact that Linux is putting Sun and Solaris out of business and the poor performance of Sun the past few quarters is probably reflecting that dynamic rather than an overall slowdown.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Bill Gates is only bashing *nix and its uses because for every person that doesnt buy the newest, buggiest, insecure version of windoze, he has unbridled, illegal access to one less computer!(what do u think IE was invented for?) Linux represents a major threat to his ever-expanding empire of evil. He attempted to stall the recruit of new *nix users by putting Winmodems(gasp) in new computers, therefore forcing people like me to still use windows for net(i bought a REAL modem and i havent been happier since under nix). People like da peeps at linmodems.org have tried to fix the problem with device drivers. But this is a war; a war we are fighting for our very idealism and existence. The Linux threat will never go away, Bill. Either ally up now or prepare to get Bs'd.
Personally, if i didnt use windows for gaming, i would erase the drive i have it on, put it in a basket of fireworks, and throw in a pack of lit matches.
*tips his 'red hat' and walks away, strutting as he compiles DeCSS in gcc*
The Revolution is coming...
There are two big stumbiling blocks to the NC: .NET as it is being promoted is making a mistake is expecting users to pay per play. Charge a reasonable flat fee and .NET (Or NC) style apps will have a far better chance of success.
.NET strategy that make MS a transport.
.NET will not have the impact envisioned largely because few vendors want to put that much of their business into someone else's hands.
1) Applications tailored to the NC and not simple screen scrapes of Word, Money, or Notes
2) The reliability users rightly expect for an appliance
Where
BTW, there is lots of rooom for providers to do interesting things with the
But I think
If the service provider hosting my apps and data goes out of business, however, or if a forklift operator inadvertently rips out the lines for my DSL line at the office or if some script kiddies decides to DDOS the service provider then my business is effectively closed. We have no applications and no data. No thanks.
Much rather be able to control my own data center. Be able to verify that every server and every hub is power protected, that last night's backup worked and that another copy of the backup is safely tucked in a safe deposit box offsite.
If Microsoft is still in business tomorrow or not is of little concern to me (aside from the 50 shares of stock I own) because my data and applications are safely tucked away on my servers and my hard drives in my data center. Fast, reliable, paid for.
No subscription fees to pay every month. No worrying about whether or not the provider du jour will still be in business next month. No explaining to users why the new system (at ~1.4Mbps) is so much slower than the old system was.
Today if my Internet connection goes down, we lost some useful research capabilities, we lose our Internet e-mail, and our secretaries can't listen to KEWL FM from Minnesota on Internet radio. But my business gets done.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
...I don't want vendors deciding who will host the customer's (MY) data. I want to host my data. And my applications. I don't want to be wholly dependant upon the bandwidth provided by an outside vendor just to access my basic applications and data.
Currently our enterprise provides applications and data to our users via a 100Mbit, switched, LAN with all of our cabling and physical plant under our direct control. No ISP can provide me with that kind of bandwidth on a cost-effective basis. If a switch goes down we know about it and can repair/replace it immediately. If it's too congested we can upgrade it when we're ready to -- we don't have to beg our provider and wait for them to call us back.
I am very uneasy about allowing other organizations to completely control access to the data and applications we depend upon for our business. What happens when they goof up the billing and cut us off for 3 days because they think we didn't pay the bill? What happens when they misallocate our IP address and we get dropped off the network? I won't leave our company at the mercy of somebody else's clerical error any more than absolutely necessary.
No. We'll keep our essential applications and data in-house. Thanks anyhow.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
People like to shop, and companies like to drop down bucks on new hardware and shiny new CD's. Tarballs aren't sexy.
As for blind-siding Open Source, pfft. That was just a headline-grabber, nothing more. Online news has discovered that to increase revenues, they need to get posted on /. Just mention the words Microsift and Linux in the same sentence.
C'mon, a full third of this clown's article was devoted to touting his awesome prophetic powers from back in the day.
all the world's secrets
on one server - cracked - not secret.
Just use peer-to-peer.
--
This post is about Truth, Beauty, Freedom, and above all things, Karma.
-- This post is about truth, beauty, freedom, and above all things, Karma
The point of my original post was *not* (distinctly *not*) to say that it would be a good thing if governments controlled our online identities. Personally, I don't want anyone controlling my online identity but me. And yes, I could (and probably most /.ers could) control it; but my mother couldn't. For that matter, my sister-in-law couldn't. So who would I rather have controlling the information -- the US government, which is restricted by little things like the Constitution and Bill of Rights, or Microsoft, which is restricted by none of those things? I don't think it's a tough choice.
You ARE the Missing Link. Goodbye!
On stereophonic equipment, the monaural sound obtained through multiple channels will enhance your listening pleasure.
There's an easy way to prevent Microsoft from controlling our identities. Let the government(s) control them instead. They control our identities now, by issuing licenses and passports. When was the last time you tried to buy a bottle of single-malt scotch with your MSCE certificate as ID? The way to stop Microsoft from controlling our identities is to convince at least one US state government to legislate the online identification of its citizens. Once digital identification is claimed as a right of the states in the US, it's taken out of the hands of M$. That's gotta be a step up, right?
You ARE the Missing Link. Goodbye!
On stereophonic equipment, the monaural sound obtained through multiple channels will enhance your listening pleasure.
Getting off topic, at least in relation to this comment, but when I was reading the article in question I was thinking of a world where Microsoft rules.
:)
Considering the way that Microsoft software "works", I think our world would be like that of Brazil.
Although Sneakers is a good movie too
Now maybe we can see where the Secret Service lies on that scale Microsoft and the Scientologists lay on.
We know Slashdot conceded to the Scientologists and held fast against Microsoft. Will 'hosting a conspiracy to assassinate the president' take 'em down or not?
Or will the Secret Service even take a bunch of monitor-tanned nerds seriously?
Bob Dobbs, Who else?
Reboot macht Frei.
Hrm...So, everyone except Nick Petreley said that NCs wouldn't succeed. They didn't.
When it comes to successful ideas in computing, who should we turn to? Nick Petreley, of course.
What would happen if somebody launched a massive DDoS attack against a Hailstorm/Passport server?
...
string* plamenessFilter =
*plamenessFilter = "Flaming Death!!";
It seems to me that what MS has in mind is different: data is stored on the server, yet the applications largely still run on the client side. This requires that all the clients are have the necessary MS software. I.e., you will be able to access your Word documents on any PC, assuming that PC has Word 200x installed.
Or is that wrong understanding of .NET?
it would make Microsoft seem (and in fact be) that much closer to the Borg we see Bill represented as above. To try diversionary tactics and spending massive money to defame a competitor who, by some opinions, is no real threat, cannot bring much damage... I sincerely hope MS is not stooping to this level. I don't run their software but it would force me to consider moving everyone I know over to like a Redhat in retaliation.
On an off-topic note, I posted a story a few days back, Star in a Jar in the Science section, and typed up a copy of the magazine article it came from - I then lost it and wonder if anyone has a copy, perhaps in their cache somewhere? If so it can be mailed to me at the address above, or just use hye@remove.gulch.nitg.org - thanks.
think for yourself, you won't like the results if others do it for you.
Having services like this means
-you have to stay online all the time (or else you cannot reach you files)
-one server breakdown means you cannot access your own stuff
-one clever hack means you get into everyting everyone has made/kept/etc
sounds scary
Absolutely Authentication is the key to everything.
Most computer users do not want to remember a bunch of passwords.
Most users will use an easy system despite rumoured risks.
Most computer users do not understand nor care about the security risks
Most computer users, when it comes to privacy, trust big corporations more than they trust their own government and certainly more than "evil hackers".
"There is not a widespread need for third-party authentication." There is.
The article was dead on about Authentication, but all /. can focus on was how it is wrong about NCs. What an irony.
Most web developers are troubled by finding good solutions to authenticating users, and will use a drop-in solution if it is available, especially if it makes Microsoft liable for errors (or if users have given up all rights by using Passport because of the EULA).
I'd like to respond to various postings I've read here. Whatever your opinions on Network Computing, the article is dead on about Authentication. First, it is the key to monopoly. Second, we are all incredibly easily diverted. We are all failing to get the message about the GPL attack being a diversion because we are all diverted by the NC message in the very article calling our attention to the divertion!
I use the computer a lot. I use it for online banking on all my bank accounts. I use it for bying all my hardware, my CDs, and my books. I am sick sick sick of remembering passwords and I will embrace any technology where the relative risk of putting my credit card details online offsets the day-to-day drudgery of typing in my details every day. Since all my credit cards have online fraud protection, I dont see any problem putting my details into hailstorm. Or rather, I dont see any more problem with it than I do with my Ralphs grocery store card recording what I buy to eat. And neither will most people.
On security, the average user doesnt share our concerns because they literally do not understand what you are saying. jcr says, "Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security." My Dad does not know what you are talking about. My Dad does, however, use online banking.
Now, as a web developer, I have the problem of logging in users and managing sensitive personal data. If I make it to easy for someone who has forgotten their password to get back in, then I run the risk of letting in the wrong person and giving out (in our case) very personal details. If I make it to hard, those same valuable details will suddenly be lost to the legitimate owner, negating their time and investment. One solution is to have a very thorough and very expensive customer support team. A second solution is give up authentication to Microsoft, thereby making Microsoft liable for any breaches. As a business, the ability to give up accountability and hence responsibility is far more valuable than the time and effort I save on development.
So, what is the alternative?
An alternative to Microsoft's hailstorm is one that does basically the same thing but allows for more than one service provider. The service providers then agree to trust each other or not. Just like my local grocery store doesnt take American Express, sure Amazon's IAA server might not take one of my credentials, but I do have another.
Who do you trust with these details? Who has servers to host these services? Where is the software? ISPs and banks. Whether banks would agree to store logons to other banks is a question for them, but they'd soon see the value when faced with competition. Just like my Wells Fargo VISA payment system will accept cards from Mastercard and other VISA banks, similarly my Wells Fargo IAA server will accept authentications from Union Bank.
The question is what software will this be running on, and will it be open source/gpl? It makes sense to be, since open source is much more secure. Plus, it would be nice if people could start their own servers. They might not be trusted by mainstream servers, but they would be trusted by each other.
Jamie
Simple comment: I don't think the word "attack" is appropriate. It sounds almost conspiracy-theorish.
Sounds similar to how George W won the election, he kept saying "I'm the president-elect," and he got the office.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
No, he didn't.
Doesn't work if you just do it yourself; you've got to get the media to do it with you. Not to mention the Supreme Court.
--
#/usr/bin/perl
require 6.0;
sed 's/In Soviet Russia/In NSA America/g' < yakov-smirnoff-jokes.txt
while (1) {
clueless people sign on with MS;
they sneer at us for being backward, paranoid zealots;
they play with their nifty toys, fat and happy and completely unaware of the precipice they're dancing next to;
MS screws up their stuff, or someone 0wns the system;
they scream;
the brightest 3% wake up and come over to our side;
meanwhile, MS banks another two billion;
}
Sounds like a big problem, well lets pass a few hundred laws and set up a shiny new government body to control it.
The United States government is probably the WORST possible choice for online authentication services, at least at this point in time (and for the foreseeable future.)The various branches of the U.S. government have altogether one of the worst security track records of all time, not to mention terribly antiquated and bloated networks in comparison with the private sector. I would rather let M$ handle a single user authentication system then some specially appointed government body. With M$ we would only have one company controlling our data, but with 'da F3DZ' in control it would simply go to whoever had the best lobbyists and the most money. Not to mention the fact that the government would now be able to keep tabs on us throughout our online adventures.
'Sir, we have a bogey in grid C-A two-zero-four-three-niner who is going for Chinese porn, repeat Chinese porn.'
Maybe we could call the project Carnivore II...
why does the open source community has to come up with something new if the old method is still the best?
This perspective is based on multiple experiences in which serious bugs in MS products - like memory leaks in IIS/ASP - were never addressed. Being a highly competent developer, it is not acceptable to me to be at the mercy of a company that does not even do a good job of pretending to have my interests as a customer at heart.
Much the same feeling applies to the operating system and OS-level tools. I know experienced Microsoft systems integrators who have had endless problems with Microsoft's tools, Proxy Server being a prominent example. Problems with Exchange are legion and legendary; System Management Server is a spectacular failure; and their DNS server is little more than a joke. MS Service Packs and hotfixes are as likely to break major functionality as to fix bugs - the original Service Pack 6, and the more recent Exchange hotfix are cases in point.
From my perspective, Microsoft peaked at around the time NT 4.0 came out and has been wandering directionless since then, changing acronyms (DNA anyone?) on a regular basis to attempt to hide the lack of any significant innovation.
Two technologies originally led me to be pro-Microsoft: NT itself, and COM. NT was a good product, for its time, when the betas of NT 3.1 came out in 1992 or so. NT 4 made the catastrophic mistake of importing the Windows 95 user interface, and then turning the ever-buggy Internet Explorer into the GUI shell. Since then stability has only deteriorated, and almost no fundamental progress has been made in making NT/2000/XP support some of the more powerful capabilities and configurability long provided by Unix - proper remote administration capabilities not least amongst those.
It seems that any overall vision that had existed at the time NT or COM were conceived have since deteriorated into a mad rush to maintain control in a changing market, driven by the Internet, which is something Microsoft is still trying to control rather than "get". Factions within Microsoft with backgrounds in things like mainframe transaction server systems argue at cross-purposes with advocates of academically pure object-oriented systems. If there's someone with a global vision at Microsoft, I don't know who it is: Nathan Myrhvold left long ago, and Bill Gates has spent too much of his career making billions to be a competent software architect today.
Microsoft has also never quite gotten the hang of TCP/IP - with the possible exception of the core of IIS, its Internet-oriented tools uniformly suck. I've already mentioned Proxy Server and DNS. In Win2K, Microsoft finally gave up the battle in some areas and fell back on pure BSD tools, such as the telnet implementation. The Wall Street Journal's recent story on Microsoft's reliance on open source software gives more examples of this admission of defeat.
But even while they're resorting to open source code, Microsoft seems to completely miss the power of simplicity and interoperability evident in Unix/Internet tools; or this may be a deliberate strategic policy. If tools are too simple, extensible, interoperable, or open, customers will have too much ability to control their own destiny, and thus won't be as easy to suck into a recurring-revenue future in which Microsoft bills its customers annually and provides arbitrarily chosen upgrades in return ("this new dancing paperclip is better than the old one, honest!")
In addition, Microsoft's own insistence on reinventing everything works against it: sucky initial implementations of Winsock led to applications which didn't get the concept of asynchronous communication. You still see this in products like Outlook today: they can lock up for extended periods while doing network access, something that should be completely transparent and in the background. [I'll say one thing positive here though: I/O completion ports are pretty sweet, and I've used them to good effect in some server applications. They've also helped IIS be an excellent performer. But one good API feature isn't enough, especially when the application developers don't understand how to use it.]
It isn't as difficult as one might imagine to convince hard-nosed business-oriented customers of the perspective I'm outlining: Microsoft's threatening lawyer's letters about license compliance, sent blunderbuss-style to all customers regardless of any evidence of lack of compliance, don't win friends amongst IT staff and CxOs. The threat of rental models, browsers which modify the web sites of other companies, and critical coverage of these things from quarters such as the Wall Street Journal, all combine to make you wonder: is Microsoft aware that it will ultimately need to rely on more than its current desktop monopoly, and instead convince customers to buy its products based on their merits, and the quality of service it provides?
There's no long-term strategy there, just an attempt to keep the excessive revenue flowing until the next set of CxOs can take over and inherit the mess. As a profit generator, Microsoft represents an incredible and possibly unprecedented feat, which I can respect from a certain perspective; but that doesn't mean I want to number myself amongst the cattle slaughtered to feed its unholy appetites.
Server software has become a commodity, and Microsoft is desperately trying to tie unrelated components together and avoid standards, so that customers have no option but to accept the entire package, and pay serious money for that which has become freely available elsewhere. This is done at every level of its software offerings, so that in the application area I'm talking about, for example, the operating system is tied to the web server is tied to the transaction server is tied to the template language is tied to the virtual machine is tied to... did I mention the operating system?
Yet you can go and download the source code to systems that do much the same thing - e.g. the Enhydra or Resin application servers - and, as alluded to above, these systems will run on almost any operating system and web server, with no secrets (you have the source), and no lifetime commitment to a development model espoused by exactly one company. And this applies double to commodity products such as file servers, proxy servers, web servers, DNS, email, and the like: the free products are actually significant improvements in terms of functionality and reliablity, over Microsoft's equivalent offerings.
Microsoft has grown too far, too fast, and become way too voracious and greedy. I rode with it to the peak of its wave; that wave has begun crashing, but instead of crashing onto a nice, wide open beach, it's crashing into an inescapable little Microsoft sandbox. I am jumping off to a different wave in which the currents don't work against me as much. I'm don't argue that .NET has no technical merits whatsoever; but the cost of chaining oneself to it is too high.