Unless you edit anonymously or pseudonymously, in which case other editors can be blocked for saying who you really are, and their edits oversighted so that not even sysops can see the evidence. You'd think COI would be an exception, but as far as I can tell, it's not.
Unless they get blocked for policy violations by an uninvolved sysop, or get banned by ArbCom for tendentious editing. It doesn't matter how many buddies you get to spend all day with you trying to argue that the Illuminati control the world or whatever. If the broader community thinks you're being jerks about it, you're going to lose sooner or later. And Wikipedia is too big for anyone to take over the community without being caught.
But on a smaller scale, what you say has some truth to it, of course. Details get worked out by compromise, and that gets decided article-by-article in no small part by how many people there are, how willing they are to compromise, and how long they're willing to argue. You're not going to get Wikipedia to admit that the moon is made of green cheese, but you can certainly change the emphasis of an article significantly.
Which is why they just completed a six million dollar fund raising campaign. With cheap disk space, and cheap bandwidth, and volunteers doing the work... where is the money going?
What's the upshot here: how much bigger is this year's budget compared with last year's? Where are you spending more, and why?
Planned spending totals $5.9 million, which is an increase of $3 million over the 07-08 projected actuals. The single biggest increase is hardware purchases deferred from 07-08, that total $965K.
The second-largest increase is $510K for fundraising expenses: this includes three new positions (Head of Major Gifts, Head of Community Giving, and a Development Associate), as well as an allocation for fundraising expenses (technical help with the database, design support, usability and A/B testing money, fundraising related travel, an allocation for events, etc.).
Other significant increases include increased hosting costs (+$200K), funding for five new technical staff and contractors (+$375K), strengthening our "program" (mission-related) work by hiring staff for public outreach and partnerships roles, plus a Chief Programs Officer (+$221K), an increase in travel costs (+210K), and a new allocation for staff and volunteer development (+$113K).
I'm pretty sure there were links to explanations of why Wikimedia needed the money all throughout the fundraiser.
To quote my main man on the C-Note: "They would trade essential liberty in return for a little temporary safety deserve neither." The B-man was talking about firearms, but it goes for the Intartubes as well.
I work at a pretty serious MySQL user, and we use both MyIsam and InnoDB. Properly tuned and used, Isam is faster. Innodb allegedly has the edge in PK-lookups, but my measurements disagree.
InnoDB also doesn't have to be repaired or checked. MyISAM tables can crash on occasion if you look at them funny, and then you have to spend an inordinate amount of time repairing the tables (possibly days for large data sets). InnoDB supports data clustering, which is extremely useful for disk-bound data sets. And table-level locking in MyISAM is prohibitive for most serious workloads, unless either there are no writes (other than end-of-table inserts) or all of your queries are fast.
I'm curious: how large are the tables at your shop, and how many reads/writes per second do you have? I know that Wikipedia, for instance, would melt if you tried using MyISAM anywhere, and it's no more than a mid-sized MySQL user as far as its database size goes.
We mysqldump the slave, which eliminates that issue. (You can also stop the slave and cp the db files; I think this does not work with Inno).
It does, in my experience (with the usual version-mismatch caveats), but only if you copy the entire MySQL data directory. Some essential parts of the InnoDB data files are shared across all tables and can't be split out by simple filesystem commands.
The official definition of "open source software" (which is published by the Open Source Initiative and too long to cite here) was derived indirectly from our criteria for free software. It is not the same; it is a little looser in some respects, so open source supporters have accepted a few licenses that we consider unacceptably restrictive of the users. Nonetheless, it is fairly close to our definition in practice.
However, the obvious meaning for the expression "open source software" is "You can look at the source code," and most people seem to think that's what it means. That is a much weaker criterion than free software, and much weaker than the official definition of open source. It includes many programs that are neither free nor open source.
Since that obvious meaning for "open source" is not the meaning that its advocates intend, the result is that most people misunderstand the term.
The term open source was coined by the OSI and has always, since its inception, referred to the OSI's Open Source Definition. It has never meant merely that the source code is available. This is a simple misunderstanding, just like misunderstanding "free software" as meaning "software available for no cost".
In fact, "copyright" law should have been named distribution rights law because that is what it does. It doesn't really try to enforce copying like you claim it does. It enforces the authors right to control redistributing the material so he or she can make a profit off of his / her work as if that work were a real physical object. If someone copies a work they purchased for their use (as long as they have the material in their possession), that is within the spirit of copyright law.
I don't know about the "spirit" of copyright law, but that certainly isn't what copyright law says (at least in the United States). In general, making any copy of a copyrighted work without permission is illegal, pursuant to 17 USC Â 106(1), whether or not you distribute it. So is preparing any derivative work.
There are, of course, a broad array of exceptions to these basic principles. All the transient copying that occurs in the course of execution of a computer program is specifically exempted from copyright, by 17 USC Â 117. Copies of a computer program (I imagine judges would take this as applying to any digitized work) may be "created as an essential step in the utilization of the computer program in conjunction with a machine".
According to the selfsame section, you're also allowed to create copies for archival or backup purposes if you destroy them when you no longer lawfully own the work. (A good thing, or else installing software on RAID1 would be illegal!) But I'd suspect that that exemption does not extend to, for instance, installing the software on a second machine. That might be fair use or something; IANAL.
How is a normal person going to download Firefox without IE? Gopher (yes I'm an old-timer)? FTP? Where do they get Gopher and FTP clients from, without a browser?
Alan Cox does assure us that Linux is now working on 64-bit time, and the UNIX epoch 'roll-over' would happen about the time that the sun burnt out."
This is just the sort of short-sighted thinking that lead to our recent Y2K hysteria, except this time our poor beleaguered descendents will be in the middle of an exodus from the solar system when all their legacy systems throw simultaneous exceptions. This will of course cause their engine and guidance systems to fail, so that the last dying gasps of humanity will consist of:
[Captain]Captain's log, stardate 1704.4. Ship out of control, spiraling down towards Sol; we have 19 minutes of life left, without engine power or helm control.
[Engineer interrupting] I'll be damned. The clocks on every piece of technology in existence have failed because that damned Brit used a 64 bit counter...
[Captain]COOOOOOOOOOOOOX!!!"
If only they had followed RFC2550, that would never have happened!
What does this model say for Memory Leaks? If the state is persisted... rebooting won't clear the memory. I imagine there must be a "reset state" mechanism. Perhaps this can be done without actually rebooting. I dunno.
You aren't supposed to be able to use C, remember? Memory leaks aren't a serious problem in Java: it's garbage-collected. You'll probably need to be able to somehow reset the program if it gets borked in some other way, though, and I wonder how that would be managed without the clear distinction between persistent state/transient state, disk/RAM.
Then, then it starts talking about C vs Java. WTF is that about? Regardless of how cool the OS' underpinings are, you could write C for it with an OS-specific compiler.
You're assuming that the OS has a routine to execute a binary file of some kind, like exec(). Picture an OS where exec() only supported scripts. The only code that would run would be the kernel itself, and maybe some "special" programs like Java or C# interpreters. Every other program would then need to be written in some supported language, Java or whatever. Of course you could probably still write a kernel module or whatever, but it doesn't have to be possible for normal user-space programs to be written in C.
Picture this scenario: an operating system where programs can only be written in Java (or in other languages, provided they can compile to Java bytecode or run interpreters in Java). Then as long as the Java compiler is secure -- which isn't too much more of a problem than the OS itself being secure -- all programs are trusted. They can't even try to interfere with other programs, because Java bytecode doesn't have any way of encoding that concept.
Then you don't need user mode. Run all code in kernel space, give everything direct memory access and direct device access. Skip all the expensive runtime permissions checking that modern CPUs are forced to implement. There would be no mode switches, just function calls. You wouldn't have to take all the elaborate security measures OSes and CPUs must take, like flushing caches on context switches, or zeroing freed memory pages before giving them to a new process.
Of course, whether this would be worth the performance penalty of running in Java instead of C is questionable. Whether it has anything to do with TFA I have no idea. But it's an interesting idea. I got it from Tanenbaum's Modern Operating Systems, 3rd Ed. -- although I can't find it now, due to the lousy index, I recall the book mentioned that Microsoft was studying the possibility. Probably a dumb idea in practice, but it's interesting to think about radically different paradigms occasionally.
This is why a proper "Password" hash (eg bcrypt, md5-crypt, sha-crypt) includes a "salt" which is randomly generated each time the password is set (and not just the first time). This prevents the rainbow attacks which are possible on plain integrity hashes. But prepending (or appending) the salt is not enough, because since it's effect can be undone mathematically, at least enough so that it presents no real additional barrier.
Can you give more details on this? What algorithms can be used to do this for common cryptographic hashes (e.g., MD5 or SHA*)? It doesn't accord with what I've heard before on the subject.
Sure, the prompts are, but it also... messes around with various directories that MS have decided are sacred, silently redirecting write operations to other places.
And on your Linux box, can you write to/usr or/etc as an unprivileged user? It's a security trainwreck if you permit unprivileged users to write to program files. Windows is saddled with the legacy of allowing this, all the way back from its single-user non-networked heritage.
In Vista, MS did the right thing and made Program Files non-writable except as admin. To make sure legacy programs still worked, however, they had to allow programs to think that they were writing to the shared files, without actually affecting other users. The only logical way to do this is to allow the change to go through, but only let the user who made the change see it.
It's also worth noting that this is likely to be a transient issue. New programs should be writing per-user customizations (e.g., runtime configuration) into the user's home directory, as Unix has always done. But old programs still have to be supported somehow.
What would you propose that MS do instead of this rewriting? Let all users write to programs in system directories that other users run, or break huge numbers of legacy programs?
Wikipedia has been using Lucene for a few years by now. The recent changes were improvements to how it was used, but it was being used the whole time. Out of the box, MediaWiki uses whatever fulltext search is available from the DBMS being used -- in MySQL's case, that means using MyISAM, which is impossible for a site the size of Wikipedia (all selects, updates, deletes, etc. take out table-level locks).
The grandparent presumably means that gmail.com ends up redirecting you to mail.google.com when you actually log in. This is necessary for cookies to work across all Google sites smoothly: google.com sites can only set or read cookies for google.com or appropriate subdomains thereof, not other domains like gmail.com. If you really use different domains, you need to do something goofy like include content from all your other domains as images/iframes/etc. whenever a user logs in -- Wikipedia does this, logging you into all other Wikimedia sites by including cookie-setting scripts from each other domain as an image.
How relevant this point is to the great-grandparent is debatable, though.
Its a large website, not anywhere near the largest.
Wikipedia is the 7th-largest website in the world according to Alexa. google.com only gets ten times the page views wikipedia.org does (again according to Alexa). It is most definitely "near the largest" website.
Why throw JavaScript in there? The rest are server-side languages, while JavaScript is client-side.
I'm going to bet that most of that C code is not for servers specifically -- it's just for computers. Would you consider GNOME "server-side" or "client-side"? Most programming cannot be viewed through the lens of the web. Some open-source projects are written partly or wholly in JavaScript, and there's no reason to treat them differently because they're designed to run in a web browser.
Excluding JavaScript might be reasonable, but only on the basis that it's almost impossible for non-web projects to use it, and very difficult for serious web projects not to use it. If a project is using JavaScript, that doesn't tell you anything about the project's preferences. It just tells you that it has a not-completely-trivial web-based component, which isn't very useful.
Outdated. Server roles on wikitech is probably more up-to-date: I count over 70 Squids there at least, and 35 DB servers (although not all are listed as used). That's probably not terrible accurate either, though. Ganglia claims 274 hosts up right now, but clearly lists too few Apaches to be correct. Last I heard, anyway, the Apache count was around 300.
At any rate, Wikipedia is certainly an efficient operation, yes. PHP is an awful language, but its efficiency is not much worse than Python or Perl or whatever. The major costs IMO are in development time:
More time reimplementing basic functionality, because libraries aren't available reliably. A ton of critical library functions (e.g., the entire mbstring module, which is necessary for dealing with Unicode) aren't available on all installations -- installing a new module typically requires root access. Thus for code to work reliably, you need to write workalikes for all the major functions. Also, where library functions are reliably available, they're often fairly braindead and you have to write sane workalikes anyway, or wrappers that make their functionality more reasonable. I was just spending time working on an implementation of parse_url() that actually works for URL schemes like mailto: and news: that are absolutely conformant to the URL RFC but don't use "://" as a separator, so PHP evidently doesn't care about them.
Time working around site-specific config settings that can't be changed at runtime. For instance, if magic_quotes_gpc is enabled, you have to write code to strip the quotes yourself, because PHP doesn't provide this. Any app that wants to work across all PHP configurations must implement that from scratch. There are even more horrible settings: mbstring.func_overload is one that's so horrifyingly broken that a sane app has no option but to give up and refuse to run until it's disabled. (It silently replaces all functions like strlen() with UTF-8 versions -- meaning everything that you thought was measuring bytes suddenly measures UTF-8 characters.) MediaWiki actually does this (grep for "func_overload" or "magic_quotes_runtime").
Time working around bugs caused by PHP language misfeatures. Maybe MediaWiki devs are all just bad at PHP, but there are regular commits to fix bugs caused by the same few language features. For instance, "!$str" to check if a string is empty will fail exactly in the rare (and thus hard-to-track-down) special case that $str is equal to "0". In the same vein, but more uniquely to PHP as far as I know, "random string" will evaluate as equal to zero if compared to an integer, and this periodically causes bugs too. (I would expect them to be unequal if the string can't be cast to an integer, at least, and preferably never equal at all.) These can be solved with discipline, at least, like always using ===.
Three of the world's top 10 websites are PHP-based. Wikipedia, and facebook, along with vast chunks of yahoo.
As far as Wikipedia goes, like half of MediaWiki's active developers (including me) loathe PHP and wish we used a sane language, like Python. I won't dispute that it does work, though. Visual Basic would work too.
That's because the author of the article has no idea what he's talking about. Like most people, he's never heard of Wikimedia projects other than Wikipedia, and so assumes that everything about Wikimedia projects as a whole is about Wikipedia. The changes are actually more or less irrelevant to Wikipedia, which needs few videos and no long ones at all. Any long video is almost certainly not fair use, and therefore should be uploaded to Commons if it can be used at all. (The English Wikipedia allows some fair use, while Commons does not.)
All very nice, but keep in mind: we're talking about a system where a user decided, as root, to install malicious software. In that case, the system is lost. If it's not lost, it's because the software authors either weren't malicious enough or weren't competent enough.
If it were Linux, you could do a thousand things to achieve the same effect. I'm not a systems programmer, but I imagine it would be pretty easy to make it unreasonably difficult to remove your program. Recompile a bunch of randomly-selected system binaries and kernel modules from source with malicious patches. Store the originals in extra files somewhere. Load a kernel module that hooks into all file actions, uses the malicious versions of the files while the kernel is booting, and uses the originals otherwise.
As far as anything in userspace can tell, nothing is wrong. If you boot from a live CD, you won't be fooled, but are you going to check the MD5 of every single binary on the system against distribution defaults? What if the user has manually recompiled some of them, or there's software installed that's not from the distribution? You'll get a mess of false positives. It's not worth it. It will end up being easier to just reinstall the OS.
The problem here is that users should not be giving untrusted or semitrusted software root privileges. Unfortunately, by running an installer as root they effectively do, at least for a brief window, and this is common on Linux just as on Windows. (Not quite as much, admittedly, since Linux users use packaged software for most things.) In this kind of setup, all you have to do is persuade a user to run the installer, which is trivial, and you can take over the system and make it a huge pain for anyone to restore it.
Wikipedia is not the only Wikimedia Foundation project. In particular, the scope of the Wikimedia Commons is "to provide a media file repository . . . that makes available public domain and freely-licensed educational media content to all . ..". All the projects are run from the same servers, and share the same upload servers in particular -- notice how all uploaded images are at upload.wikimedia.org, no matter what the project is. The technical upgrades are of most value to Commons, which has long had trouble accepting in-scope content like high-quality, free educational videos because they're over the file size.
Slashdot Mirror
You can no longer edit the article about your small open-source project without getting slapped for [[WP:COI]]
Unless you edit anonymously or pseudonymously, in which case other editors can be blocked for saying who you really are, and their edits oversighted so that not even sysops can see the evidence. You'd think COI would be an exception, but as far as I can tell, it's not.
Those with the most time on their hands wins.
Unless they get blocked for policy violations by an uninvolved sysop, or get banned by ArbCom for tendentious editing. It doesn't matter how many buddies you get to spend all day with you trying to argue that the Illuminati control the world or whatever. If the broader community thinks you're being jerks about it, you're going to lose sooner or later. And Wikipedia is too big for anyone to take over the community without being caught.
But on a smaller scale, what you say has some truth to it, of course. Details get worked out by compromise, and that gets decided article-by-article in no small part by how many people there are, how willing they are to compromise, and how long they're willing to argue. You're not going to get Wikipedia to admit that the moon is made of green cheese, but you can certainly change the emphasis of an article significantly.
Which is why they just completed a six million dollar fund raising campaign. With cheap disk space, and cheap bandwidth, and volunteers doing the work... where is the money going?
You can just read the various financial statements on the Wikimedia Foundation's website. For instance, you can look at the page 2008-2009 Annual Plan Questions and Answers:
I'm pretty sure there were links to explanations of why Wikimedia needed the money all throughout the fundraiser.
To quote my main man on the C-Note: "They would trade essential liberty in return for a little temporary safety deserve neither." The B-man was talking about firearms, but it goes for the Intartubes as well.
The correct quote is "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." The quote is in the context of Massachusetts resisting the amendment of its laws by Parliament, and doesn't seem to have anything to do with gun control.
I work at a pretty serious MySQL user, and we use both MyIsam and InnoDB. Properly tuned and used, Isam is faster. Innodb allegedly has the edge in PK-lookups, but my measurements disagree.
InnoDB also doesn't have to be repaired or checked. MyISAM tables can crash on occasion if you look at them funny, and then you have to spend an inordinate amount of time repairing the tables (possibly days for large data sets). InnoDB supports data clustering, which is extremely useful for disk-bound data sets. And table-level locking in MyISAM is prohibitive for most serious workloads, unless either there are no writes (other than end-of-table inserts) or all of your queries are fast.
I'm curious: how large are the tables at your shop, and how many reads/writes per second do you have? I know that Wikipedia, for instance, would melt if you tried using MyISAM anywhere, and it's no more than a mid-sized MySQL user as far as its database size goes.
We mysqldump the slave, which eliminates that issue. (You can also stop the slave and cp the db files; I think this does not work with Inno).
It does, in my experience (with the usual version-mismatch caveats), but only if you copy the entire MySQL data directory. Some essential parts of the InnoDB data files are shared across all tables and can't be split out by simple filesystem commands.
If you don't fulfill that you are not asking for a Free License, you are asking for an OPEN SOURCE license (which contrary to popular belief means ONLY that the source code is available, not that you automatically have the right to do with it as you please).
Your own link contradicts you:
The term open source was coined by the OSI and has always, since its inception, referred to the OSI's Open Source Definition. It has never meant merely that the source code is available. This is a simple misunderstanding, just like misunderstanding "free software" as meaning "software available for no cost".
Â
That was entered as U+00A7 SECTION SIGN. Guess Slashdot hasn't figured out what Unicode is yet? Good job, guys.
In fact, "copyright" law should have been named distribution rights law because that is what it does. It doesn't really try to enforce copying like you claim it does. It enforces the authors right to control redistributing the material so he or she can make a profit off of his / her work as if that work were a real physical object. If someone copies a work they purchased for their use (as long as they have the material in their possession), that is within the spirit of copyright law.
I don't know about the "spirit" of copyright law, but that certainly isn't what copyright law says (at least in the United States). In general, making any copy of a copyrighted work without permission is illegal, pursuant to 17 USC Â 106(1), whether or not you distribute it. So is preparing any derivative work.
There are, of course, a broad array of exceptions to these basic principles. All the transient copying that occurs in the course of execution of a computer program is specifically exempted from copyright, by 17 USC Â 117. Copies of a computer program (I imagine judges would take this as applying to any digitized work) may be "created as an essential step in the utilization of the computer program in conjunction with a machine".
According to the selfsame section, you're also allowed to create copies for archival or backup purposes if you destroy them when you no longer lawfully own the work. (A good thing, or else installing software on RAID1 would be illegal!) But I'd suspect that that exemption does not extend to, for instance, installing the software on a second machine. That might be fair use or something; IANAL.
Where mysqldump locks half your database
FWIW, if you use it with InnoDB (and almost any serious MySQL shop uses InnoDB exclusively), mysqldump --single-transaction is lockless.
How is a normal person going to download Firefox without IE? Gopher (yes I'm an old-timer)? FTP? Where do they get Gopher and FTP clients from, without a browser?
C:\>telnet www.getfirefox.com 80
If Mozilla were to end up with 95% of the market like IE once had, Opera would no doubt accuse them of price dumping.
That's been tried before. It didn't work so well.
Alan Cox does assure us that Linux is now working on 64-bit time, and the UNIX epoch 'roll-over' would happen about the time that the sun burnt out."
This is just the sort of short-sighted thinking that lead to our recent Y2K hysteria, except this time our poor beleaguered descendents will be in the middle of an exodus from the solar system when all their legacy systems throw simultaneous exceptions. This will of course cause their engine and guidance systems to fail, so that the last dying gasps of humanity will consist of:
If only they had followed RFC2550, that would never have happened!
What does this model say for Memory Leaks? If the state is persisted... rebooting won't clear the memory. I imagine there must be a "reset state" mechanism. Perhaps this can be done without actually rebooting. I dunno.
You aren't supposed to be able to use C, remember? Memory leaks aren't a serious problem in Java: it's garbage-collected. You'll probably need to be able to somehow reset the program if it gets borked in some other way, though, and I wonder how that would be managed without the clear distinction between persistent state/transient state, disk/RAM.
Then, then it starts talking about C vs Java. WTF is that about? Regardless of how cool the OS' underpinings are, you could write C for it with an OS-specific compiler.
You're assuming that the OS has a routine to execute a binary file of some kind, like exec(). Picture an OS where exec() only supported scripts. The only code that would run would be the kernel itself, and maybe some "special" programs like Java or C# interpreters. Every other program would then need to be written in some supported language, Java or whatever. Of course you could probably still write a kernel module or whatever, but it doesn't have to be possible for normal user-space programs to be written in C.
Picture this scenario: an operating system where programs can only be written in Java (or in other languages, provided they can compile to Java bytecode or run interpreters in Java). Then as long as the Java compiler is secure -- which isn't too much more of a problem than the OS itself being secure -- all programs are trusted. They can't even try to interfere with other programs, because Java bytecode doesn't have any way of encoding that concept.
Then you don't need user mode. Run all code in kernel space, give everything direct memory access and direct device access. Skip all the expensive runtime permissions checking that modern CPUs are forced to implement. There would be no mode switches, just function calls. You wouldn't have to take all the elaborate security measures OSes and CPUs must take, like flushing caches on context switches, or zeroing freed memory pages before giving them to a new process.
Of course, whether this would be worth the performance penalty of running in Java instead of C is questionable. Whether it has anything to do with TFA I have no idea. But it's an interesting idea. I got it from Tanenbaum's Modern Operating Systems, 3rd Ed. -- although I can't find it now, due to the lousy index, I recall the book mentioned that Microsoft was studying the possibility. Probably a dumb idea in practice, but it's interesting to think about radically different paradigms occasionally.
This is why a proper "Password" hash (eg bcrypt, md5-crypt, sha-crypt) includes a "salt" which is randomly generated each time the password is set (and not just the first time). This prevents the rainbow attacks which are possible on plain integrity hashes. But prepending (or appending) the salt is not enough, because since it's effect can be undone mathematically, at least enough so that it presents no real additional barrier.
Can you give more details on this? What algorithms can be used to do this for common cryptographic hashes (e.g., MD5 or SHA*)? It doesn't accord with what I've heard before on the subject.
Sure, the prompts are, but it also ... messes around with various directories that MS have decided are sacred, silently redirecting write operations to other places.
And on your Linux box, can you write to /usr or /etc as an unprivileged user? It's a security trainwreck if you permit unprivileged users to write to program files. Windows is saddled with the legacy of allowing this, all the way back from its single-user non-networked heritage.
In Vista, MS did the right thing and made Program Files non-writable except as admin. To make sure legacy programs still worked, however, they had to allow programs to think that they were writing to the shared files, without actually affecting other users. The only logical way to do this is to allow the change to go through, but only let the user who made the change see it.
It's also worth noting that this is likely to be a transient issue. New programs should be writing per-user customizations (e.g., runtime configuration) into the user's home directory, as Unix has always done. But old programs still have to be supported somehow.
What would you propose that MS do instead of this rewriting? Let all users write to programs in system directories that other users run, or break huge numbers of legacy programs?
Wikipedia has been using Lucene for a few years by now. The recent changes were improvements to how it was used, but it was being used the whole time. Out of the box, MediaWiki uses whatever fulltext search is available from the DBMS being used -- in MySQL's case, that means using MyISAM, which is impossible for a site the size of Wikipedia (all selects, updates, deletes, etc. take out table-level locks).
The grandparent presumably means that gmail.com ends up redirecting you to mail.google.com when you actually log in. This is necessary for cookies to work across all Google sites smoothly: google.com sites can only set or read cookies for google.com or appropriate subdomains thereof, not other domains like gmail.com. If you really use different domains, you need to do something goofy like include content from all your other domains as images/iframes/etc. whenever a user logs in -- Wikipedia does this, logging you into all other Wikimedia sites by including cookie-setting scripts from each other domain as an image.
How relevant this point is to the great-grandparent is debatable, though.
Its a large website, not anywhere near the largest.
Wikipedia is the 7th-largest website in the world according to Alexa. google.com only gets ten times the page views wikipedia.org does (again according to Alexa). It is most definitely "near the largest" website.
Why throw JavaScript in there? The rest are server-side languages, while JavaScript is client-side.
I'm going to bet that most of that C code is not for servers specifically -- it's just for computers. Would you consider GNOME "server-side" or "client-side"? Most programming cannot be viewed through the lens of the web. Some open-source projects are written partly or wholly in JavaScript, and there's no reason to treat them differently because they're designed to run in a web browser.
Excluding JavaScript might be reasonable, but only on the basis that it's almost impossible for non-web projects to use it, and very difficult for serious web projects not to use it. If a project is using JavaScript, that doesn't tell you anything about the project's preferences. It just tells you that it has a not-completely-trivial web-based component, which isn't very useful.
Outdated. Server roles on wikitech is probably more up-to-date: I count over 70 Squids there at least, and 35 DB servers (although not all are listed as used). That's probably not terrible accurate either, though. Ganglia claims 274 hosts up right now, but clearly lists too few Apaches to be correct. Last I heard, anyway, the Apache count was around 300.
At any rate, Wikipedia is certainly an efficient operation, yes. PHP is an awful language, but its efficiency is not much worse than Python or Perl or whatever. The major costs IMO are in development time:
Three of the world's top 10 websites are PHP-based. Wikipedia, and facebook, along with vast chunks of yahoo.
As far as Wikipedia goes, like half of MediaWiki's active developers (including me) loathe PHP and wish we used a sane language, like Python. I won't dispute that it does work, though. Visual Basic would work too.
That's because the author of the article has no idea what he's talking about. Like most people, he's never heard of Wikimedia projects other than Wikipedia, and so assumes that everything about Wikimedia projects as a whole is about Wikipedia. The changes are actually more or less irrelevant to Wikipedia, which needs few videos and no long ones at all. Any long video is almost certainly not fair use, and therefore should be uploaded to Commons if it can be used at all. (The English Wikipedia allows some fair use, while Commons does not.)
All very nice, but keep in mind: we're talking about a system where a user decided, as root, to install malicious software. In that case, the system is lost. If it's not lost, it's because the software authors either weren't malicious enough or weren't competent enough.
If it were Linux, you could do a thousand things to achieve the same effect. I'm not a systems programmer, but I imagine it would be pretty easy to make it unreasonably difficult to remove your program. Recompile a bunch of randomly-selected system binaries and kernel modules from source with malicious patches. Store the originals in extra files somewhere. Load a kernel module that hooks into all file actions, uses the malicious versions of the files while the kernel is booting, and uses the originals otherwise.
As far as anything in userspace can tell, nothing is wrong. If you boot from a live CD, you won't be fooled, but are you going to check the MD5 of every single binary on the system against distribution defaults? What if the user has manually recompiled some of them, or there's software installed that's not from the distribution? You'll get a mess of false positives. It's not worth it. It will end up being easier to just reinstall the OS.
The problem here is that users should not be giving untrusted or semitrusted software root privileges. Unfortunately, by running an installer as root they effectively do, at least for a brief window, and this is common on Linux just as on Windows. (Not quite as much, admittedly, since Linux users use packaged software for most things.) In this kind of setup, all you have to do is persuade a user to run the installer, which is trivial, and you can take over the system and make it a huge pain for anyone to restore it.
Wikipedia is not the only Wikimedia Foundation project. In particular, the scope of the Wikimedia Commons is "to provide a media file repository . . . that makes available public domain and freely-licensed educational media content to all . . .". All the projects are run from the same servers, and share the same upload servers in particular -- notice how all uploaded images are at upload.wikimedia.org, no matter what the project is. The technical upgrades are of most value to Commons, which has long had trouble accepting in-scope content like high-quality, free educational videos because they're over the file size.