I forget who, but some comedian claimed the best kinds of comedy are when you take ordinary things and simply retell them in a different context.
I think that claim is correct. For anybody who reads the above comment, re-read it only imagine you are reading it to, say, your partner or maybe you are in a bar with a couple normal buddies swapping stories.
If you can still read the parent comment with *out* laughing, then there is something wrong with the humor lobe in your brain.
Seriously, I'll pull it out of context right now and just quote it.
[q: Why Do users drop open source apps for proprietary ones?]
I don't see how it's shit, you get the most used buttons people would want, play, stop, pause, next, previous, fullscreen. A easy to use volume control bar and seek bar. A option to use a playlist, equalizer and it's all intergrated with the player window that is completely dynamically resizeable. Then providing a lot more advanced features in a drop down menu which other players don't have. And if you don't like the interface, you can use the built in theme support to make it look like another player you do prefer.
Do I even need to comment? I mean can this guy be serious!?
It is like I stepped into a time warp or something. The exact location on the hard disk holding the timestamp field for your comment must have been hit by some neutrino or something and fiddled the bits so instead of "Sept. 12, 1997" it read "Sept 12, 2009".
I mean seriously, comment is *ancient*. It is like those hippies on Height and Ashbury who are still all dressed up for the 1960's--same signs, same slogans, same everything. Like they are trapped in time.
All they have done is simply went from ignoring OSS to attempting to embrace and extend it.
Move on man. Update your slogans and chants. Embrace and Extend was awesome for its time... back in 1998. It is 2009. The world has moved on. Reading your post fills me with sadness and pity. Find something else to protest or at least come up with pithy new lines.... PS: You should be ever so thankful that the neutrino didn't flip the bit so it was "Feb 31, 2009" or "00-00-0000" because those perfectly valid MySQL dates aren't so valid in the real world:-)
It is a "hack", as you call it because it hacks around deficiencies in the linux driver architecture. Look the goal here is to get shit to work, right? People expect to be able to go to Fry's and buy a wireless NIC and have it work, right? That is a reasonable expectation, right?
Does linux currently meet this expectation? No. In fact, it fails miserably. Why? Because we need "hacks" as you call them to hack around the busted, out dated way linux handles drivers. By "busted and out dated" I mean it does not seem to handle drivers.. every driver seems to be a one-off deal. Or something. Whatever it is doing sucks because hardware support has always sucked on linux.
Maybe instead of blaming the user for having the oh-so-reasonable expectation of having his hardware working, you should redirect your blame toward the one thing that hasn't changed in this equation--the linux kernel. Perhaps the kernel is at fault here.... just a thought.
"Excellent texinfo" my ass. Info sucks buddy. It sucks as a documentation format. The reader sucks. The arrogant way the GNU foundation spews "Man is obsolete, use our info docs" all over their crap.
Info was the second to the last straw that broke the camels back for me. FreeBSD and all BSD's in general have excelent documentation that is versioned right along with the rest of the utilities. All of it written into man pages, as god intended.
You want to know why linux has such shitty, fragmented docs? Blame the GNU foundation declaring the old one obsolete, hawking a shitty new version. They split the community into those who followed the party line and moved their docs into info and those who realized info sucks and kept their stuff as man pages. Thus to this day it is a crapshoot if any of the core utilities will have usable documentation.
And before somebody suggests pinfo or whatever that "easy to use" info reader is named, too late. I switched to FreeBSD and I ain't looking back. Info was a political move and dammit, operating systems should be political.
You what to know what would remove almost *all* of the driver problems literally overnight? Make it trivial to visit "nvidia.com", download a blob, type "./setup.pl" and have it install a binary driver. You know, kind of like how Windows or (I assume) OSX does it.
I *dont* blame the vendors for the lack of drivers on linux. I fully blame the kernel developers for their dogmatic refusal to stabalize the driver framework so it allows binary drivers. By "stabalize" I mean create a driver architecture that works across an entire swath of kernel versions. Most vendor supplied drivers seem have this need to be compiled first and thus require the kernel source before they work. That is bullshit. They should just sit around as a blob and work.
But alas, *that* dream will never happen because of some on the fringes of the open source movement close their ears and scream "not pure! not our fault! not pure!". Which is a shame because that single feature would instantly increase linux driver support hundreds of times over.
It *is not* the fault of hardware vendors. It *is* the fault of the kernel--more lightly, it *is the philosophy and culture of linux* that is what holds it back.
I dunno, I've been here for probably as long as you (just registered a bit late:-) and I fall into the "older" group, I guess.
Are they like the new form of troll on slashdot? Or do they take the bad vibes from RMS seriously? I can't figure it out. It does wear very thin though. Very thin. But I've yet to find a place that is quite like slashdot--which is why I keep coming back:-)
That is actually a good argument for using the google/yui hosted versions of things like jQuery. Wonder if modern browsers read the shared jQuery.js into memory and share it among all the tabs? Kind of like how all operating systems will keep a shared library (.dll/.so) loaded for all to use or how something like mod_perl will load all your CPAN modules once and share the memory on every apache fork.
Slashdot is a technology website dedicated to of people who take great pride and joy in disabling every new bit of technology in their stack.
Personally, I leave all that stuff on. I used to disable javascript out of the same "spite" most of slashdot commenters seem to have--but that was before Kuro5hin came with their fancy dynamic comments in what, 1999? So far, my CPU's have never melted, my power supplies are still purring, and my mice haven't keeled over and died.
Wonder what rigs these people run? 386DX 40mhz's? Orange screen VT100's hooked up to the local time-share in the university basement?... remembers when his public library still had those VT100's.
Use the VGA. It doesn't eat power. Your CPU is what is going to eat power.
The problem is the cost to maintain old hardware is usually higher than just buying new hardware. For starters, my guess is you've got antique IDE drives in there that have seen better days. Those things draw a bit of power, but worse they are nosy. Then you've got the old power hungry CPU and all the loud fans needed to cool it. On top of that, your case is probably old enough that it too has loud fans.
What I'm trying to say is you are better buying a new motherboard that fits into the case. Maybe get one that will take your old ram and has a legacy IDE port on it. Every one of these budget boards will have a vga port on it you can use. Better, the new CPU's and their bios will manage your fans so they are whisper quiet. I know you didn't say "has to be quiet", but for me personally, unless they are going into a data center I try to build all my machines to make zero noise.
No matter how you slice it RS232 is a pain in the ass for an application like yours anyway. You always have to fool with the baud, the XON/XOFF crap, the parity, all that. If you get one of those never-working USB->RS232 adapters you will just add a pile of complexity. I've never had one of those work right--ever.
Do you remember what you had that serial port to? I dont. I'd love to hear how people smarter than me manage to remember what the damn baud rate is on their gear instead of having to fool with minicom for 10 minutes to get to the console on my sun box.
Why don't you just use Lynx or wget? You anti-"bloatware" people seem to make a stink about anything that isn't plain ASCII anyway.. why not just go all out and use the least "bloated" client on earth? I'm serious. Use wget. It seems more your style.
Hell if I know how to reverse a string in place. I'll freeze if you get me to even try. I'm 1) left handed 2) a poor handwriter and 3) sometimes easy to frazzle. Get me in front of a whiteboard and ask me a stupid question like that and I'll freeze.
It is a stupid question anyway. What does solving it really mean? That you are good at writing bit-twiddling code? Screw that. Ask me to solve a problem. Ask me to sketch out a high-level view of the solution. Maybe a couple traces of code tossed in.
But you ask me to fucking reverse a linked list and you are looking for a code monkey who cannot think and cannot solve real problems. If that is what you want, so be it. But it isn't what I want. I solve real problems, bit twiddling is for the machines to solve.
Well for one thing technology has had to "dumbed" down for average consumer, that in itself will dampen big advances like we used to have
That is such an horrible, arrogant viewpoint to have. You think "dumbing down" hinders progress? Really? Seriously? If things weren't "dumbed down" as you say, we'd be so damn busy trying to figure out your stupid interfaces that we'd never get any *real* progress done. We'd be so damn busy trying to use emacs to read info docs that we wouldn't have time to map the human genome. We'd be so damn busy editing your "smart people" text-based config files we would lack the "luxury" of creating better ways to grow crops. We'd be so damn busy fucking around with your crappy multi-window "raster image editors" that we would lack the time to create movies like Wall-E or television shows like the Simpsons.
No wonder open source software sucks. The sooner people with your attidude get weeded out of the labor market, the quicker we can get on with real progress. If you can believe it, a computer is merely a tool on which other progress gets made. The more "dumbed down" the interface is, the quicker we can do our real jobs.
Seriously, rethink your attitude. People with attitudes like yours usually live high-stress lives worrying about people and things they cannot control. Not healthy.
medically we still aren't growing replacement bodies
But we can keep a clinicially dead cadaver live enough to pull its still beating heart out and put it into another patient and save their life. We can do a $500 procedure that zaps your eyeballs with lasers so you never have to wear glasses again.
we have LCD's now but nothing huge has hapenned
Many cas stations now have cheap LCD's on every pump. Your phone has one. Your microwave has one. Your watch has one.
we still mostly use steam for power plants
Because it is proven technology that works. What is wrong with that? If it ain't broke dont fix it.
we can't change one thing in to another (easily)
Are you kidding? We change stuff into other stuff all the time! We can grow enzymes that eat oil spills an turn them into harmless byproducts. We are in the process of using algae to turn nutrients in the water into combustible fuel. Hell, we've long been able to take bacteria and turn sugar into tasty alcoholic beverages.
I haven't seen a huge revoloutionary change to be honest in my lifetime
Because according to your definition, the only true revolutionary technology would be something dropped out of the sky by aliens. But even then, all they did was just take some idea used by the Alpha Centuri three million years ago and made a couple adjustments.
Mobil phones......haven't yet changed much in the way we live
Sure from your western viewpoint, it might seem that way. After all you grew up with a landline.
Go ask farmers who live in areas that never had any kind of reliable way to communicate with the outside world. There are whole cultures of people who went from no phone to mobile phone overnight. They might beg to differ.
The problem with Slashdot "culture" (maybe nerd culture in general) is everything is black and white. Either a technology is magically created out of thin air and overnight changes the world, or it is just a humdrum, silly improvement of some technology that has been around since the romans.
Cluetip: very rarely is any technology truly "pulled out of somebodies ass" revolutionary. Virtually every single thing we have came from decades or even centuries of gradual refinement. But dismissing everything "mainstream" society considers revolutionary because it doesn't fit the exact definition doesn't make you smart, it just makes you a buzzkill.
As for Facebook, there were communities with guestbooks, private messages, galleries and a lot of the "standard" Facebook features in 1999
As you go on to say, what makes facebook much different is that "regular" people use it. Not just any regular people, but the people using it are the people you already know in meatspace. Unlike everything before it, Facebook is a way for you to connect with your offline friends, online. Guestbooks, galleries, private messages, and even Slashdot, are all online people talking to online people. Rarely do the online people in these communities know eachother offline.
That said, the BBS scene was local online people who would meet offline. But the BBS scene didn't include your "regular" friends. And you probably met all your BBS friends on a BBS. You met most of your facebook friends in person and added them to facebook later.
Twitter though... well. That is just a fad. Or a technology that is slightly before its time. It will never be mainstream like Facebook. But maybe it will spawn something better that does go mainstream.
But seriously, you want to predict the future? We will have cut & cover maglev trains that break the sound barrier. Either the US gets them first on the eastern seaboard, or Japan gets them first. One of the two. My money is on Japan because they are in the midst of an infrastructure upgrade and we are just building ours (after having it all ripped up thanks to our fine auto manufacturers)
Joe runs out of gas and drops 3,000 ft into local celebrity's swimming pool.
I mean, people run out of gas all the time. People don't maintain their vehicles as well as they should. What happens when there is a mechanical failure. Planes don't fall out of the sky that often because there are fewer of them per-capita than cars. Plus they are far more tightly regulated than your vehicle.
Flying cars will never happen. We will invent the teleportation device first.
The number of luddites in the field of software development amazes me.
And the worst part is there are segments of the culture that actively embrace being a luddite and are proud of it. You'll find these people still arguing that images shouldn't be used on a website, or disable javascript out of principle, or bitch about how a program is a 50mb download, or a number of things.
It really, really is amazing. Here I thought most nerds were gadget geeks who bought a new cell phone every week to stay on top of the latest trends and I come to Slashdot and read people bitching about color monitors or how Firefox is evil for no longer supporting their "perfectly good 486" something. What a weird industry we work in.
Perhaps the policy sucks and the people implementing the policy dont understand "security". Places that like to have you change your password once a month. Worse, websites that have you create a password with punctuation and a huge length. These things aren't secure. All they do is force people into writing the password down or saving it as a text file.
"Blame it on the user" is always a cop out. Blame it on the idiot paranoid sysadmin. Blame it on the idiot programmer who can't be assed to design a useful security system. Blame it on anybody, but dont blame it on the user.
Re:Most people simply don't think about security
on
The Myths of Security
·
· Score: 1
knuckle-dragger who loves his FREE PR0N! and VI@GR4
The idea that people buy stuff from spam is a myth rooted back when spammers were small time chumps. Modern spam operations are basically a component of organized crime funded by some mafia or big government. These people don't make money off Pr0n or V1@gr4, they make money off pump and dump schemes and fucking with government and private computer systems.
You think a the mythical "normal joe" is ever going to go "outside the box" and install stuff that isn't in the Ubuntu repository? I doubt it. If Ubuntu suddenly had 50% market share, 49.5% of that market would be installing applications only from the repository.
Web programming is not, nor should it be, something anyone can "whip up" without understanding what they're doing
Sure, in make-believe land this will happen. But here in reality, there are tons of rookie coders writing crap, insecure web programs. Given this will *never* be stopped, the *least* PHP might do is make it feel natural to do the right thing.
For example, if you search "PHP send mail", one of first hits you get has example code that *will* be exploited by spammers. The fact that the *core default way to send mail* does not have a parameter for "From:" has resulted in thousands of websites getting reamed by spammers. Everbody wants to customize the "From:" in an email based on user input! No novice will know how to properly construct a "From: $username" to pass into the additional_headers! They'll gloss over the warning in the link I gave--why? Like most people they will assume the warning only applies to people doing advanced tricks with email like attachments; all they are doing is something "simple" like customizing the From: line! Hell, that is how I got burned. I assumed since I was doing something simple, PHP would do the right thing for me. I was wrong. Live and learn!
The easy to exploit mail function isn't what is happening in the article. That "exploit" isn't even really an exploit but it is what I originally called it--a rookie mistake. That kind of thing can be done in any language and you'd be lying to say your first email form didn't have the exact same problem!
That is why it is called a rookie mistake. And yes, I'll blame PHP. It is a beginner language and should encourage people to do the right thing. Instead, it makes it hard to create a non-exploitable mail form and trivial to make one that is wide open.
a poor craftsman blames his tools
A skilled craftsman knows what constitutes a good tool is and why it might be important. A skilled craftsman also knows when something *is* the fault of the tool. A novice doesn't know a good tool from a bad tool. PHP is a useful tool, but in hands of a novice it can lead to exactly the scenario in this article and *that* makes it a poor tool.
Who here can honestly say the first couple email forms they created *did not* get shut down by spammers? The first I created looked almost like the one linked in this article--no security checks, no throttling and the ability to completely alter the message and subject.
The the second one I created let you add extra headers in the mail message--course part of that was thanks to the shitty, insecure mail api provided by PHP. Their API is more than happy to let you add linefeeds in the "From" or "To" parameters and thus let you add extra headers (say BCC). The reason it was my fault was for using PHP in the first place!
No sir, we've all done this. Every developer who ever created something that let the public generate email has created a gateway for spammers at least once.
Slashdot Mirror
I forget who, but some comedian claimed the best kinds of comedy are when you take ordinary things and simply retell them in a different context.
I think that claim is correct. For anybody who reads the above comment, re-read it only imagine you are reading it to, say, your partner or maybe you are in a bar with a couple normal buddies swapping stories.
If you can still read the parent comment with *out* laughing, then there is something wrong with the humor lobe in your brain.
Seriously, I'll pull it out of context right now and just quote it.
Do I even need to comment? I mean can this guy be serious!?
It is like I stepped into a time warp or something. The exact location on the hard disk holding the timestamp field for your comment must have been hit by some neutrino or something and fiddled the bits so instead of "Sept. 12, 1997" it read "Sept 12, 2009".
I mean seriously, comment is *ancient*. It is like those hippies on Height and Ashbury who are still all dressed up for the 1960's--same signs, same slogans, same everything. Like they are trapped in time.
Move on man. Update your slogans and chants. Embrace and Extend was awesome for its time... back in 1998. It is 2009. The world has moved on. Reading your post fills me with sadness and pity. Find something else to protest or at least come up with pithy new lines. ... PS: You should be ever so thankful that the neutrino didn't flip the bit so it was "Feb 31, 2009" or "00-00-0000" because those perfectly valid MySQL dates aren't so valid in the real world :-)
It is a "hack", as you call it because it hacks around deficiencies in the linux driver architecture. Look the goal here is to get shit to work, right? People expect to be able to go to Fry's and buy a wireless NIC and have it work, right? That is a reasonable expectation, right?
Does linux currently meet this expectation? No. In fact, it fails miserably. Why? Because we need "hacks" as you call them to hack around the busted, out dated way linux handles drivers. By "busted and out dated" I mean it does not seem to handle drivers.. every driver seems to be a one-off deal. Or something. Whatever it is doing sucks because hardware support has always sucked on linux.
Maybe instead of blaming the user for having the oh-so-reasonable expectation of having his hardware working, you should redirect your blame toward the one thing that hasn't changed in this equation--the linux kernel. Perhaps the kernel is at fault here. ... just a thought.
I hope to god you are trolling.
"Excellent texinfo" my ass. Info sucks buddy. It sucks as a documentation format. The reader sucks. The arrogant way the GNU foundation spews "Man is obsolete, use our info docs" all over their crap.
Info was the second to the last straw that broke the camels back for me. FreeBSD and all BSD's in general have excelent documentation that is versioned right along with the rest of the utilities. All of it written into man pages, as god intended.
You want to know why linux has such shitty, fragmented docs? Blame the GNU foundation declaring the old one obsolete, hawking a shitty new version. They split the community into those who followed the party line and moved their docs into info and those who realized info sucks and kept their stuff as man pages. Thus to this day it is a crapshoot if any of the core utilities will have usable documentation.
And before somebody suggests pinfo or whatever that "easy to use" info reader is named, too late. I switched to FreeBSD and I ain't looking back. Info was a political move and dammit, operating systems should be political.
You what to know what would remove almost *all* of the driver problems literally overnight? Make it trivial to visit "nvidia.com", download a blob, type "./setup.pl" and have it install a binary driver. You know, kind of like how Windows or (I assume) OSX does it.
I *dont* blame the vendors for the lack of drivers on linux. I fully blame the kernel developers for their dogmatic refusal to stabalize the driver framework so it allows binary drivers. By "stabalize" I mean create a driver architecture that works across an entire swath of kernel versions. Most vendor supplied drivers seem have this need to be compiled first and thus require the kernel source before they work. That is bullshit. They should just sit around as a blob and work.
But alas, *that* dream will never happen because of some on the fringes of the open source movement close their ears and scream "not pure! not our fault! not pure!". Which is a shame because that single feature would instantly increase linux driver support hundreds of times over.
It *is not* the fault of hardware vendors. It *is* the fault of the kernel--more lightly, it *is the philosophy and culture of linux* that is what holds it back.
I dunno, I've been here for probably as long as you (just registered a bit late :-) and I fall into the "older" group, I guess.
Are they like the new form of troll on slashdot? Or do they take the bad vibes from RMS seriously? I can't figure it out. It does wear very thin though. Very thin. But I've yet to find a place that is quite like slashdot--which is why I keep coming back :-)
That is actually a good argument for using the google/yui hosted versions of things like jQuery. Wonder if modern browsers read the shared jQuery.js into memory and share it among all the tabs? Kind of like how all operating systems will keep a shared library (.dll/.so) loaded for all to use or how something like mod_perl will load all your CPAN modules once and share the memory on every apache fork.
Slashdot is a technology website dedicated to of people who take great pride and joy in disabling every new bit of technology in their stack.
Personally, I leave all that stuff on. I used to disable javascript out of the same "spite" most of slashdot commenters seem to have--but that was before Kuro5hin came with their fancy dynamic comments in what, 1999? So far, my CPU's have never melted, my power supplies are still purring, and my mice haven't keeled over and died.
Wonder what rigs these people run? 386DX 40mhz's? Orange screen VT100's hooked up to the local time-share in the university basement? ... remembers when his public library still had those VT100's.
(and wow, I guess I replied to a comment instead of to the story... not trying to hijack you, just need my tea)
Use the VGA. It doesn't eat power. Your CPU is what is going to eat power.
The problem is the cost to maintain old hardware is usually higher than just buying new hardware. For starters, my guess is you've got antique IDE drives in there that have seen better days. Those things draw a bit of power, but worse they are nosy. Then you've got the old power hungry CPU and all the loud fans needed to cool it. On top of that, your case is probably old enough that it too has loud fans.
What I'm trying to say is you are better buying a new motherboard that fits into the case. Maybe get one that will take your old ram and has a legacy IDE port on it. Every one of these budget boards will have a vga port on it you can use. Better, the new CPU's and their bios will manage your fans so they are whisper quiet. I know you didn't say "has to be quiet", but for me personally, unless they are going into a data center I try to build all my machines to make zero noise.
No matter how you slice it RS232 is a pain in the ass for an application like yours anyway. You always have to fool with the baud, the XON/XOFF crap, the parity, all that. If you get one of those never-working USB->RS232 adapters you will just add a pile of complexity. I've never had one of those work right--ever.
Do you remember what you had that serial port to? I dont. I'd love to hear how people smarter than me manage to remember what the damn baud rate is on their gear instead of having to fool with minicom for 10 minutes to get to the console on my sun box.
Why don't you just use Lynx or wget? You anti-"bloatware" people seem to make a stink about anything that isn't plain ASCII anyway.. why not just go all out and use the least "bloated" client on earth? I'm serious. Use wget. It seems more your style.
Hell if I know how to reverse a string in place. I'll freeze if you get me to even try. I'm 1) left handed 2) a poor handwriter and 3) sometimes easy to frazzle. Get me in front of a whiteboard and ask me a stupid question like that and I'll freeze.
It is a stupid question anyway. What does solving it really mean? That you are good at writing bit-twiddling code? Screw that. Ask me to solve a problem. Ask me to sketch out a high-level view of the solution. Maybe a couple traces of code tossed in.
But you ask me to fucking reverse a linked list and you are looking for a code monkey who cannot think and cannot solve real problems. If that is what you want, so be it. But it isn't what I want. I solve real problems, bit twiddling is for the machines to solve.
That is such an horrible, arrogant viewpoint to have. You think "dumbing down" hinders progress? Really? Seriously? If things weren't "dumbed down" as you say, we'd be so damn busy trying to figure out your stupid interfaces that we'd never get any *real* progress done. We'd be so damn busy trying to use emacs to read info docs that we wouldn't have time to map the human genome. We'd be so damn busy editing your "smart people" text-based config files we would lack the "luxury" of creating better ways to grow crops. We'd be so damn busy fucking around with your crappy multi-window "raster image editors" that we would lack the time to create movies like Wall-E or television shows like the Simpsons.
No wonder open source software sucks. The sooner people with your attidude get weeded out of the labor market, the quicker we can get on with real progress. If you can believe it, a computer is merely a tool on which other progress gets made. The more "dumbed down" the interface is, the quicker we can do our real jobs.
Seriously, rethink your attitude. People with attitudes like yours usually live high-stress lives worrying about people and things they cannot control. Not healthy.
But we can keep a clinicially dead cadaver live enough to pull its still beating heart out and put it into another patient and save their life. We can do a $500 procedure that zaps your eyeballs with lasers so you never have to wear glasses again.
Many cas stations now have cheap LCD's on every pump. Your phone has one. Your microwave has one. Your watch has one.
Because it is proven technology that works. What is wrong with that? If it ain't broke dont fix it.
Are you kidding? We change stuff into other stuff all the time! We can grow enzymes that eat oil spills an turn them into harmless byproducts. We are in the process of using algae to turn nutrients in the water into combustible fuel. Hell, we've long been able to take bacteria and turn sugar into tasty alcoholic beverages.
Because according to your definition, the only true revolutionary technology would be something dropped out of the sky by aliens. But even then, all they did was just take some idea used by the Alpha Centuri three million years ago and made a couple adjustments.
Sure from your western viewpoint, it might seem that way. After all you grew up with a landline.
Go ask farmers who live in areas that never had any kind of reliable way to communicate with the outside world. There are whole cultures of people who went from no phone to mobile phone overnight. They might beg to differ.
The problem with Slashdot "culture" (maybe nerd culture in general) is everything is black and white. Either a technology is magically created out of thin air and overnight changes the world, or it is just a humdrum, silly improvement of some technology that has been around since the romans.
Cluetip: very rarely is any technology truly "pulled out of somebodies ass" revolutionary. Virtually every single thing we have came from decades or even centuries of gradual refinement. But dismissing everything "mainstream" society considers revolutionary because it doesn't fit the exact definition doesn't make you smart, it just makes you a buzzkill.
As you go on to say, what makes facebook much different is that "regular" people use it. Not just any regular people, but the people using it are the people you already know in meatspace. Unlike everything before it, Facebook is a way for you to connect with your offline friends, online. Guestbooks, galleries, private messages, and even Slashdot, are all online people talking to online people. Rarely do the online people in these communities know eachother offline.
That said, the BBS scene was local online people who would meet offline. But the BBS scene didn't include your "regular" friends. And you probably met all your BBS friends on a BBS. You met most of your facebook friends in person and added them to facebook later.
Twitter though... well. That is just a fad. Or a technology that is slightly before its time. It will never be mainstream like Facebook. But maybe it will spawn something better that does go mainstream.
That is what she said.
But seriously, you want to predict the future? We will have cut & cover maglev trains that break the sound barrier. Either the US gets them first on the eastern seaboard, or Japan gets them first. One of the two. My money is on Japan because they are in the midst of an infrastructure upgrade and we are just building ours (after having it all ripped up thanks to our fine auto manufacturers)
Joe runs out of gas and drops 3,000 ft into local celebrity's swimming pool.
I mean, people run out of gas all the time. People don't maintain their vehicles as well as they should. What happens when there is a mechanical failure. Planes don't fall out of the sky that often because there are fewer of them per-capita than cars. Plus they are far more tightly regulated than your vehicle.
Flying cars will never happen. We will invent the teleportation device first.
And the worst part is there are segments of the culture that actively embrace being a luddite and are proud of it. You'll find these people still arguing that images shouldn't be used on a website, or disable javascript out of principle, or bitch about how a program is a 50mb download, or a number of things.
It really, really is amazing. Here I thought most nerds were gadget geeks who bought a new cell phone every week to stay on top of the latest trends and I come to Slashdot and read people bitching about color monitors or how Firefox is evil for no longer supporting their "perfectly good 486" something. What a weird industry we work in.
Perhaps the policy sucks and the people implementing the policy dont understand "security". Places that like to have you change your password once a month. Worse, websites that have you create a password with punctuation and a huge length. These things aren't secure. All they do is force people into writing the password down or saving it as a text file.
"Blame it on the user" is always a cop out. Blame it on the idiot paranoid sysadmin. Blame it on the idiot programmer who can't be assed to design a useful security system. Blame it on anybody, but dont blame it on the user.
The idea that people buy stuff from spam is a myth rooted back when spammers were small time chumps. Modern spam operations are basically a component of organized crime funded by some mafia or big government. These people don't make money off Pr0n or V1@gr4, they make money off pump and dump schemes and fucking with government and private computer systems.
You think a the mythical "normal joe" is ever going to go "outside the box" and install stuff that isn't in the Ubuntu repository? I doubt it. If Ubuntu suddenly had 50% market share, 49.5% of that market would be installing applications only from the repository.
Sure, in make-believe land this will happen. But here in reality, there are tons of rookie coders writing crap, insecure web programs. Given this will *never* be stopped, the *least* PHP might do is make it feel natural to do the right thing.
For example, if you search "PHP send mail", one of first hits you get has example code that *will* be exploited by spammers. The fact that the *core default way to send mail* does not have a parameter for "From:" has resulted in thousands of websites getting reamed by spammers. Everbody wants to customize the "From:" in an email based on user input! No novice will know how to properly construct a "From: $username" to pass into the additional_headers! They'll gloss over the warning in the link I gave--why? Like most people they will assume the warning only applies to people doing advanced tricks with email like attachments; all they are doing is something "simple" like customizing the From: line! Hell, that is how I got burned. I assumed since I was doing something simple, PHP would do the right thing for me. I was wrong. Live and learn!
The easy to exploit mail function isn't what is happening in the article. That "exploit" isn't even really an exploit but it is what I originally called it--a rookie mistake. That kind of thing can be done in any language and you'd be lying to say your first email form didn't have the exact same problem!
That is why it is called a rookie mistake. And yes, I'll blame PHP. It is a beginner language and should encourage people to do the right thing. Instead, it makes it hard to create a non-exploitable mail form and trivial to make one that is wide open.
A skilled craftsman knows what constitutes a good tool is and why it might be important. A skilled craftsman also knows when something *is* the fault of the tool. A novice doesn't know a good tool from a bad tool. PHP is a useful tool, but in hands of a novice it can lead to exactly the scenario in this article and *that* makes it a poor tool.
Who here can honestly say the first couple email forms they created *did not* get shut down by spammers? The first I created looked almost like the one linked in this article--no security checks, no throttling and the ability to completely alter the message and subject.
The the second one I created let you add extra headers in the mail message--course part of that was thanks to the shitty, insecure mail api provided by PHP. Their API is more than happy to let you add linefeeds in the "From" or "To" parameters and thus let you add extra headers (say BCC). The reason it was my fault was for using PHP in the first place!
No sir, we've all done this. Every developer who ever created something that let the public generate email has created a gateway for spammers at least once.
My hunch is an intern did this :-)