The difference between online credit card theft, and someone stealing your card at a local store, is the numbers involved. In one day, this guy compromised 25,000 credit cards, and claims to have a few hundred thousand more. There's every reason to believe he does, too, and that next he will post them all to an IRC channel somewhere, and he probably has already shared them with his friends.
Now, if you are Mastercard, Visa, or AMEX--what do you do now?
It's going to cost a LOT of money to replace 300,000 credit card numbers--especially when you can only identify 25,000 off the bat!
If some guy was stealing cards at a store, he would get caught. The CC security guys run complicated statistics to figure out what the common link is between a group of credit card thefts. They'd find out it was this store, put it under surveillance, and arrest the guy.
In the case of the website--they might be able to find this guy, but even if they do he's in Russia, which probably hasn't got a lot of good internet laws on the books they can use to get at him. He'll probably wind up serving a year in jail, or maybe with all these CC's he can come up with the cash to bribe his way out.
As an individual all you can do is take precautions. The biggest one being you should probably have a CC with a low credit limit just for the purpose of internet shopping.
I agree with the previous poster--a scheme which securely transfers money would be preferable to sending CC's over the internet. The risk on the internet is that a breakin compromises hundreds of thousands of CC's at at time, costing the CC companies BIG money, which they will ultimately pass on to you in the form of extra charges.
(2) A few million poor people starve, and nobody cares
(3) New laws are passed, making "cyber-terrorism" a crime punishable by death, online copyright violation a serious felony, and linking to a website without permission will result in a revocation of your internet privileges (ie: you are cut off from the civilized world).
(4) Black market e-bay style auction sites arise, based on cryptographic tech, and people really do buy and sell organs, child pornography, children (for sex or adoption), and illegal weapons.
(5) Rip off tour promotors sell "sex in space" adventures that turn out to be a cramped, smelly airplane that flies high, and then decends fast enough to make you feel "weightless"
(6) Terrorists finally manage to nuke a major city in America
(7) Several high flying corporations fail trying to figure out how to profit from "open source" software, but then one succeeds, and OSS/free software stops being cool (sorry, I'm in a gloomy mood).
(8) Citizenship becomes unimportant, all that matters is who your insurance company is. The good ones maintain standing armies.
(9) Nobody works. Some people get rich sitting at desks and owning important intellectual property. Everyone else is unemployed. Oh, except for the sex workers--they work hard.
(10) Most of the world decends into a perpetual war, with extremists, fundamentalists, drug lords, and petty criminals battling it out for control over scarce and/or worthless resources in less privileged parts of the world (most of it).
You might think, at first, that this measures the reliability of the OS. However there are some other factors here besides the OS, the main one being the competence of the administrator.
The clue here is that Solaris has a much worse uptime than the other Unixes. Yet we all know that Solaris is a damn fine product, and I've seen some Solaris boxen with amazing uptimes.
So why does it perform so poorly here?
I think the answer is that the average Solaris admin comes from an NT background and believes that reboots solve a problem. You get some of these people in the Linux stats too.
Now look at BSD. Who runs BSD? Old guard Unix people, who generally have their sh*t together, and know the hell what they're doing. These are the kind of people for whom uptime is a point of pride, who take it as a grave personal failing if they have to reboot to solve a software problem.
So while I don't doubt that BSD is a robust and stable OS, I think that to some extent the uptime stats reflect the average level of experience of the admins, and not just the robustness of their OS.
I would guess Solaris makes a much better showing if you can eliminate this effect. BSD would still presumably edge out Linux (since uptime is what BSD developers and users strive for, I think the OS provides it), but not, I think, by a 2:1 margin.
Re:WebMacro, Java servlets, and other comments
on
Java Success Stories
·
· Score: 2
Basically because in order to use JSP you have to give up most of the advantages that the Java language offers you. If you're going to do that, you would be better off using EMBPERL intead.
If you're going to abandon the design capabilities of the Java langauge, and just use it as an embedded script language, you should consider using a different language, such as perl or python, which are really much better scripting languages than Java is.
Java is a powerful *design* language. It's got all kinds of strengths in that area. If you're not going to benefit from those features, why use Java?
WebMacro takes a different approach. WM assumes that you do want to do most of your programming in Java. It steps completely out of your way and allows you to implement all your program logic in standard Java. Java is an excellent, extremely powerful langauge.
What WM does instead is provide you with a set of classes which can be used to load and execute HTML templates. These templates don't contain any program logic, though they might contain some display logic.
What JSP is good at is attracting non-Java programmers to the Java platform. It's modelled after ASP, and ASP programmers are going to find it more familiar than if they'd made a cold leap into the Java language as a whole.
This is good for Java. But it is not necessarily good Java. The ASP programming model isn't well suited to the Java language.
Re:Java is usable in the servlet arena, but...
on
Java Success Stories
·
· Score: 3
WebMacro will gradually kill JSP:-) In fact, it was recently selected in a Java Report survey as one of the best three servlet products of 1999.
JSP is not a good use of the Java langauge. It's non-standard, and requires extra junk in your webserver (whereas WM works in any pure Java environment, without requiring add ons). On top of that, it doesn't take advantage of Java's features. It looks and smells like ASP, and as a result, obscures your ability to write good clean Java code.
If that's the kind of programming you want to do, you should look into EMBPERL. It does a much better job of mixing script codes into HTML.
My view is that you should NEVER mix program logic and HTML together. WebMacro implements a template langauge, the idea being that all your rendering logic and HTML goes in the template--leaving your servlet as pure and simple Java code.
JSP's model is the opposite, though they claim you can do MVC programming with it. (A claim they started pushing *after* WM was announced, by the way:-)
With JSP you can do MVC programming, keeping your busines logic separate from your display logic, but you have to enforce it yourself. Every time you do anything everywhere you have to follow self-imposed rules. Late some tired night you'll get fed up and sick some Java into your HTML--like a cancer it'll grow, until the point in separating them is lost.
WebMacro, or any other template system, supports the model/view/controller way of thinking architecturally. It's analogous to doing OO programming in an OO language, as opposed to in C. Separating display from logic in JSP is like doing OO programming in C--it's possible, but the language doesn't really support it.
It is worth repeating that I created WebMacro in response to JSP. I had come from a perl/C++ background, and had made extensive use of good template systems in both langauges. Coming to Java, I naturally expected to have a good template system, so I looked at JSP. When JSP turned out not to be a template oriented system, I naturally wrote one and GPL'd it:-)
Of course I'm biased. However, I will say that the bias caused me to write WM, and not the other way around:-)
Re:Why no private individuals use JAVA/Corba
on
Java Success Stories
·
· Score: 2
This is just nasty propaganda, with hardly any truth to it.
(1) What's this BS about corporations using Java and private individuals using C? Do you have any evidence of it? It seems like a wildly ridiculous claim at face value. My best guess is you are saying all Linux programs are written in C, whereas the websites corporations build are backed up by Java. That's confused and silly, since those are two different kinds of programs.
(2) What happened to perl? Almost everything done on Freshmeat is NOT python. It's mostly perl and C. I think your biases are showing, as is your lack of factual data.
(3) I am a private individual, self-employed in fact, and I use Java and Perl about equally. I even wrote and contributed a template engine for Java servlets, which you can find on freshmeat, called webmacro. It's free under the GPL, go try it out.
Also I don't have any clue why you mentioned CORBA. CORBA certainly has had problems gaining widespread acceptance--but I don't know why you think there is any connection to Java. CORBA is just as well connected to python and C; the Java bindings came fairly late in the process (after python, for example). So while your criticism of CORBA may have a point, it isn't relevant to a discussion on Java.
Re:Java is usable in the servlet arena, but...
on
Java Success Stories
·
· Score: 2
I can't believe you propose to use Python on the server, and in the next sentence you are complaining that Java is slow.
There are lots of great things about Python, it's an amazing lanaguage, and a substantial improvement over Perl. However, speed is not one of it's attributes. Python is dog slow, and Java runs circles around it.
Putting a bytecode interpreter on a PCI card is a bad idea as well. The problem is that you wouldn't have a processor on the card nearly as fast as the one in your PC.
Java is only slow on the server if you compare it with C. Versus any scripting language, it's lighting fast.
With WebMacro servlets I find that I get performance equivalent to what I get out of PERL running as an Apache module.. and WM is doing a lot of work for me.
Re:WebMacro, Java servlets, and other comments
on
Java Success Stories
·
· Score: 2
BTW, WebMacro is actually an HTML template langauge. You write a template that contains some dynamic content, but without knowledge of where that content comes from. These templates look like ordinary HTML documents, with a few extra things dropped in.
In the back end you work with ordinary Java objets, anything vaguely bean-like. You just drop these into a hashtable and WebMacro's introspector figures out how to fit what you've supplied in the hashtable together with what you've asked for in the template.
The goal, of course, is to keep your Java servlet code clean and clear, with no HTML--and similarly to keep your HTML clean and clear, with no program code messing it up.
There are other template solutions for Java servlets besides WebMacro. FreeMarker is one. Another way to go is to use XML with XSLT. I would advise against using JSP. JSP is great if you are familiar with ASP and you're looking for something familiar in the Java world--but I don't think it's a good use of the Java langauge. On the other hand, attracting all these ASP peope to Java is good *for* the Java langauge:-)
WebMacro, Java servlets, and other comments
on
Java Success Stories
·
· Score: 4
I developed and wrote WebMacro which is a free (GPL) Java servlet framework.
I use Java for about half my web projects. The other half of the time I use perl. In my opinion, here are the strengths of Java for server side development:
1-- It allows clean and clear design. Since you can declare compiler-enforced interfaces, you can easily separate out functionality in well defined chunks. This allows you to plan for the long term, hand different parts of the project to different people, and so on. This tends to be what makes me choose Java over Perl: If I want to enforce a long term design (such as re-usable constraints on busisness logic), or break the project up into several different segments, then I choose Java over Perl.
2-- It's fast and scalable. Java is often criticized as being slow, but on the server, it's not. It's fairly fast compared to things like perl (which are usually fast enough to begin with), and add to that the threaded nature of servlets, plus the built in scalability, and you have a big performance gain over other scripted solutions. In particular the ability to automatically distribute a single servlet across multiple webservers, without modifying the servlet itself at all, is a big win. You can be sure that whatever you do will scale.
3-- You do need to make an effort to keep your HTML and your SQL and your Java program code separate form one another. The whole reason for using Java was to get clean, well designed code, and you don't have that when you have HTML obscuring your servlet. This is what prompted me to write WebMacro, which is an HTML template system, but you could also do this with FreeMarker, or XSLT, or if you are very careful, with JSP.
4-- Write once, run anywhere is fairly real on the servlet. I routinely develop under FreeBSD, deploy on FreeBSD, Solaris, and Linux, and I have about half the users of WebMacro running it under NT, even though I myself hardly ever use NT. And it all works.
5-- On the downside, the free Java solutions don't appear to work very well for servlets. I have had lots of trouble with kaffe, and the free JVM's are not as fast as the non-open ones. This is too bad, and it's something I expect will change over the next while. I always try kaffe every time it comes out, but it hasn't yet been stable enough for me.
6-- You do need an experienced designer around if you are going to use Java. Unlike perl, where your goal is to hack out something working ASAP, in Java the point of the language is to allow you to do clean design. Well you won't get clean design without an experienced designer. Without a good designer you are probably better off with "write-once" perl-code that you throw out and rewrite whenever you need to fix it. While Java allows you to do really good design, I have seen some really nasty Java code. If you aren't going to use it right.. don't use it.
Let's have more integration between *BSD and Linux
on
Intel using FreeBSD
·
· Score: 2
FreeBSD is an exceptionally stable server platform. It generally demands a lot more from the admin than Linux, but in the hands of a competent admin it's solid as a rock. I'm not surprised they're using it. Also worth nothing that the BSD license allows them to take it proprietary, whereas with Linux it would have to stay opensource.
I'd like to see more integration between the FreeBSD and Linux developers. FreeBSD has a purity and focus not found in Linux; whereas Linux has much better documentation and support, and as a result is much easier to use.
It's important to make sure the Unix market doesn't get fragmented. Linux and *BSD developers should co-operate to ensure that they implement common features in a standard way. For example, the high grade NFS stuff (caching, etc.) should be compatible between Linux and *BSD so that you can run a Linux client with a BSD server, or the other way around.
Competition between the different free Unixes is good, so long as it doesn't give MSFT or someone else a wedge to drive between the communities. When two Unixes become incompatible, each loses access to all the developers in the other camp.
The net brought us online daytrading, and now with Red Hat, VA, PERL, etc., the daytraders finally have something to do: get all excited over HOT! HOT! HOT! linux stocks.
This split is great. Previously options on RHAT were just too damn expensive--you buy and sell options in units of 100, and at RHAT's prices that meant the minimum options bet was a couple thousand dollars. Now that RHAT options are affordable, all those daytraders who are furiously reloading their stock screens and trading every five minutes have been given yet another way to blow their life savings away.
Given that the average slashdot reader is obviously a sweaty, shifty-eyed daytrader who spends all agonizing over every 2-3% change in the price of linux stocks, this definately is stuff that matters!
RMS wrote too much code :-)
on
RMS The Coder
·
· Score: 4
I forget who said it, but I recall once some OSS advocate saying he wished he could just ignore RMS and the GNU project and write them off as the radical wing, but that unfortuntely RMS had written far too much code to be ignored.
I think that's a great statement about how in the OSS/FS world your code does wind up being very much where your mouth is. The more code you write, the bigger say you get.
Personally I love the GNU project, and I am very glad that RMS has written so much code that he can't be ignored.
I think I'm finally ready to say that Linux is a credible threat to Microsoft. I think the change in the last week was an import one psychologically as well as financially.
The business world has not only noticed Linux now (that happened last year), they're firmly behind it. Gone are the days when we have to argue that Linux is just as good as a commercial system--now we can just point to a few billion dollars of investments and say "Obviously they believe it." That's a dumb argument, but it's one that carries weight with non-technical people who don't understand the actual merits of one OS over another.
Finally, all this money pouring into Linux is obviously going to translate into a lot of paid development hours and new applications. That should fill in whatever gaps there are missing in the Linux platform.
From now on, the missing functionality is no longer a liability... it's an OPPORTUNITY.
Sun backing Linux is very important. Not only is it a good move on Sun's part, but it will GREATLY help with the consolodation of the Unix market. It will encourage Sun to develop and promote compatibility between Linux and Solaris. Sun is still the biggest commercial Unix vendor, so this is just amazing.
Now all we have to do is ensure compatibility between Linux and BSD. Bill Gates loves to try and drive a wedge between different Unix development teams and claim that the Unix market is fragmented.
If you get hacked because of this bug, please write a nice "thank you" letter to the U.S. Patent Office.
RSAREF is also slow. I think RSA believes their patent enforced monopoly entitles them to write sloppy, slow, poor quality code. The international RSA libraries are much better all around. Not that I would encourage those of you in the US to violate the law by avoiding RSAREF...
But I would like to point out that the RSA patent is about to expire, and those of us in Canada and Europe don't touch RSAREF with a 10 foot pole.
Someone here said everyone else had you filling out long forms and Amazon had "one click technology". This is basically Amazon's line as well.
First, there is nothing very difficult about what Amazon is doing. Second, it's pretty damn obvious. Third, I don't believe Amazon was the first or only site to do this--I think they were just the first to *patent* it.
The main reason why other sites don't do this, or didn't do this, was security concerns. Keeping that much information about you (all your financial data) in a cookie gives a lot of people the willies. If you were on some small web page and it was tracking your credit card, you might worry, and that might incline you not to supply the credit card.
Amazon is just big enough that people trust them to have figured it all out and handled the security issues sensibly. I don't think this is deserving of a patent.
Cookies were *designed* to track your identity between sessions. I don't see where Amazon should get a patent for something invented at Netscape.
Don't understimate our effect. If we can demonstrate the need for this boycott clearly and concisely we can have a very large effect. You have to understand who I mean by "we".
I don't just mean slashdot, I mean a huge, loose, globally connected network of people and groups. Slashdot is an important node in this network, a clearing house which reaches thousands of people. Many of those thousands of people hear about interesting things on Slashdot and turn around and tell their friends about it--with just one level of indirection the number of people involved becomes absolutely enormous.
This is how organizing social action on the Internet works. It's not some single website that co-ordinates action against some adversary; nor is it even a single person. Richard Stallman may start the ball rolling, but MANY people care about the abuse of the patent system.
Protest actions organized over the net have the potential to grow exponentially, and reach a huge number of people in a short amount of time. The effect of such an action has been described by the Rand Corporation as an "overwhelming pulse" or a "swarm attack" on the target. A huge number of loosely connected people, groups, organizations, politicians, mailing lists, individuals, etc., all descend on the target all at once, overwhelming it with a short, massive burst of action.
So Slashdot by itself may not be able to succeed in pressuring Amazon--but we can play an important role in generating a huge internet-style swarm all over these morons, overwhelming them before they really figure out what's going on.
Read it on slashdot, then tell your friends, families, co-workers, etc.
Hierarchies and business have not yet really figured out an effective way to respond to this kind of action.
That's how I would describe Network Solutions. They're a bunch of slimeballs who were just getting used to their monopoly on domain names, and now they're doing everything they can to squeeze the last bit of milk out of their cash cow.
They don't care about domain registrants at all, and obviously in this case, even less because the guy didn't register his domain through a method that provided NSOL with the most profits. This fits nicely with their domain dispute policy which basically favours the bigger lawyer, on the theory that NSOL will get sued less often if they side with the money.
DNS is a disaster now. For the last few months any request that isn't accompanied by a check writtn out to NSOL appears to go to/dev/null. I've been trying to change the 2ndaries for a couple of my domains for weeks.. but no luck. People tell me the only way to get stuff done these days is to get a ticket number, then phone network solutions and complain--don't bother waiting for nothing to happen.
It'd be great if we could arrest these guys and charge them with incompetence. Lock them up for 20 years.
I was hoping it would say that patents on DNA were illegal. But it didn't. It said these particular scientists used deception to try and patent something which they didn't invent.
In fact, this is evidence of a disaster.
The patent office obviously didn't do enough work to determine whether the proposed patent was credible--they just rubber stamped it, and left it for the courts to work out. Since the courts are incredibly expensive, that puts a challenge to a patent like this out of reach to the average person. It took a corporate adversary with a legal team to defeat it.
Not something that you and me and your favorite free software development team will benefit from. Well... maybe now that VA and Red Hat are worth a gazillion dollars we can finally get some of those lawyers fighting for the right team:-)
This level of recognition for Linux has been a long time coming. And it's good. This will channel a LOT of money toward Linux projects, and the companies that haven't yet woken up to Linux fever will now catch it in a big way. That's the plus.
The minus is that at these prices it will take a LONG time for the underlying securities to justify their prices. That hasn't stopped the craze surrounding things like Yahoo... but in the case of Linux, there are still some issues around how a Linux company makes huge wads of cash. (It's easy to see how a Linux company can make a reasonable living, but that's different).
You make huge wads of cash when you establish a brand and you take away business from everyone else. Is it really possible for VA and RHAT to become THE linux brandnames? Or does the GPL guarantee that they will always have so much competition that their margins will always be fairly thin. That's the minus.
So I'm not sure I would invest in these companies at these prices... but I certainly have invested my whole career into Linux, and this is very, very good for my career:-)
I was working on building a good anonymous remailer system a few years ago. The idea would be to distribute the anonymizing effect over as many systems as possible, while denying each system in the chain the ability to work out where the message was coming from or where it was going to. There are several variations on this theme, and a couple of implementations of things close to it.
I stopped working on it when it occurred to me that there were people in the world who would probably put up $50k or more to help me build such a system: terrorist organizations, people plotting to kill someone, street gangs, Hells Angels, etc.
I decided I would stop work on it until I figured out whether or not it was a good idea. I still haven't figured it out.
Stretching is very important. Stretch your arms, your forearms, your neck, your back, etc., do it frequently. Don't be too aggressive--mild stretching is the best.
Stretching helps promote healing, and keeps muscles from tightening up. A good massage is also a reasonable preventative measure--work on shoulders and upper back problems as problems here are often are responsible for inefficient use of your fingers, wrists, and forearms.
xwrits is break software. It reminds you to get up from your computer and take a break every so often. It monitors your typing and mouse usage.
Compared to similar programs for windows it's pretty crude. However, it's effective.
One of the most important things you can do to avoid/prevent/cure typing injuries is to make sure you take adequate breaks. This does not mean lunchtime--this means every 10-15 minutes you get up and stretch.
Programs like xwrits remind you it's time for a break.
One more thing.... beware of wrist splints! They give you short term relief by taking the load off the muscles that are bothering you, but they are long term doom.
The danger is that your muscles will atrophy in the splint. Then when you remove it you will re-injure almost immediately--you will probably think you're just not recovered yet, but in fact it is the weakening of your own muscles because of the splint that is causing your trouble!
You have to learn to type properly using all of the muscles in your shoulders arms, forarms, wrists, and fingers, balancing the load so that nothing is overworked. You cannot solve the problem with gimmicks like splints--you actually have to solve the problem with the way you type, and with how much you type.
Instead of using a wrist splint type without one. Type as much as you can WITHOUT symptoms, taking frequent breaks. Try to find out how much you can do before you experience symptons and do just under that much typing. Make sure you keep typing every day--don't lose your endurance. On the other hand, it's a mistake to do exercises to "strengthen" your hand--typing all day long is enough exercise.
If you're having trouble you really should see a doctor who knows something about typing injuries. Many doctors will tell you to use splints--these are the ones who know nothing about typing injuries, go and see someone else--ask to see a specialist.
If you are experiencing pain from typing and mousing an ergonomic keyboard won't help. Not by itself. You are over-using or at least mis-using your muscles and you need to slow down.
A better solution is to install break software like "xwrits" to remind you to take frequent breaks. Say every 10-15 minutes. You should get up out of your chair during these breaks since a lot of problems are actually caused by bad posture and sitting too long.
Ergonomic keyboards might be part of a solution if they help you use your muscles properly--but they cannot be the ONLY thing you do, nor can they be a substitute for taking regular breaks, fixing your posture, etc.
Also, a keyboard that works well for you might not work for someone else at all. Personally I tried lots of keyboards and wound up using a really ancient non-ergonomic keyboard because it had the best keys (they press with little effort but you can feel a bit of a click when they get far enough, so you can use minimal force).
Slashdot Mirror
The difference between online credit card theft, and someone stealing your card at a local store, is the numbers involved. In one day, this guy compromised 25,000 credit cards, and claims to have a few hundred thousand more. There's every reason to believe he does, too, and that next he will post them all to an IRC channel somewhere, and he probably has already shared them with his friends.
Now, if you are Mastercard, Visa, or AMEX--what do you do now?
It's going to cost a LOT of money to replace 300,000 credit card numbers--especially when you can only identify 25,000 off the bat!
If some guy was stealing cards at a store, he would get caught. The CC security guys run complicated statistics to figure out what the common link is between a group of credit card thefts. They'd find out it was this store, put it under surveillance, and arrest the guy.
In the case of the website--they might be able to find this guy, but even if they do he's in Russia, which probably hasn't got a lot of good internet laws on the books they can use to get at him. He'll probably wind up serving a year in jail, or maybe with all these CC's he can come up with the cash to bribe his way out.
As an individual all you can do is take precautions. The biggest one being you should probably have a CC with a low credit limit just for the purpose of internet shopping.
I agree with the previous poster--a scheme which securely transfers money would be preferable to sending CC's over the internet. The risk on the internet is that a breakin compromises hundreds of thousands of CC's at at time, costing the CC companies BIG money, which they will ultimately pass on to you in the form of extra charges.
(1) People lose interest in "first post"
(2) A few million poor people starve, and nobody cares
(3) New laws are passed, making "cyber-terrorism" a crime punishable by death, online copyright violation a serious felony, and linking to a website without permission will result in a revocation of your internet privileges (ie: you are cut off from the civilized world).
(4) Black market e-bay style auction sites arise, based on cryptographic tech, and people really do buy and sell organs, child pornography, children (for sex or adoption), and illegal weapons.
(5) Rip off tour promotors sell "sex in space" adventures that turn out to be a cramped, smelly airplane that flies high, and then decends fast enough to make you feel "weightless"
(6) Terrorists finally manage to nuke a major city in America
(7) Several high flying corporations fail trying to figure out how to profit from "open source" software, but then one succeeds, and OSS/free software stops being cool (sorry, I'm in a gloomy mood).
(8) Citizenship becomes unimportant, all that matters is who your insurance company is. The good ones maintain standing armies.
(9) Nobody works. Some people get rich sitting at desks and owning important intellectual property. Everyone else is unemployed. Oh, except for the sex workers--they work hard.
(10) Most of the world decends into a perpetual war, with extremists, fundamentalists, drug lords, and petty criminals battling it out for control over scarce and/or worthless resources in less privileged parts of the world (most of it).
You might think, at first, that this measures the reliability of the OS. However there are some other factors here besides the OS, the main one being the competence of the administrator.
The clue here is that Solaris has a much worse uptime than the other Unixes. Yet we all know that Solaris is a damn fine product, and I've seen some Solaris boxen with amazing uptimes.
So why does it perform so poorly here?
I think the answer is that the average Solaris admin comes from an NT background and believes that reboots solve a problem. You get some of these people in the Linux stats too.
Now look at BSD. Who runs BSD? Old guard Unix people, who generally have their sh*t together, and know the hell what they're doing. These are the kind of people for whom uptime is a point of pride, who take it as a grave personal failing if they have to reboot to solve a software problem.
So while I don't doubt that BSD is a robust and stable OS, I think that to some extent the uptime stats reflect the average level of experience of the admins, and not just the robustness of their OS.
I would guess Solaris makes a much better showing if you can eliminate this effect. BSD would still presumably edge out Linux (since uptime is what BSD developers and users strive for, I think the OS provides it), but not, I think, by a 2:1 margin.
Basically because in order to use JSP you have to give up most of the advantages that the Java language offers you. If you're going to do that, you would be better off using EMBPERL intead.
If you're going to abandon the design capabilities of the Java langauge, and just use it as an embedded script language, you should consider using a different language, such as perl or python, which are really much better scripting languages than Java is.
Java is a powerful *design* language. It's got all kinds of strengths in that area. If you're not going to benefit from those features, why use Java?
WebMacro takes a different approach. WM assumes that you do want to do most of your programming in Java. It steps completely out of your way and allows you to implement all your program logic in standard Java. Java is an excellent, extremely powerful langauge.
What WM does instead is provide you with a set of classes which can be used to load and execute HTML templates. These templates don't contain any program logic, though they might contain some display logic.
What JSP is good at is attracting non-Java programmers to the Java platform. It's modelled after ASP, and ASP programmers are going to find it more familiar than if they'd made a cold leap into the Java language as a whole.
This is good for Java. But it is not necessarily good Java. The ASP programming model isn't well suited to the Java language.
WebMacro will gradually kill JSP :-) In fact, it was recently selected in a Java Report survey as one of the best three servlet products of 1999.
:-)
:-)
:-)
JSP is not a good use of the Java langauge. It's non-standard, and requires extra junk in your webserver (whereas WM works in any pure Java environment, without requiring add ons). On top of that, it doesn't take advantage of Java's features. It looks and smells like ASP, and as a result, obscures your ability to write good clean Java code.
If that's the kind of programming you want to do, you should look into EMBPERL. It does a much better job of mixing script codes into HTML.
My view is that you should NEVER mix program logic and HTML together. WebMacro implements a template langauge, the idea being that all your rendering logic and HTML goes in the template--leaving your servlet as pure and simple Java code.
JSP's model is the opposite, though they claim you can do MVC programming with it. (A claim they started pushing *after* WM was announced, by the way
With JSP you can do MVC programming, keeping your busines logic separate from your display logic, but you have to enforce it yourself. Every time you do anything everywhere you have to follow self-imposed rules. Late some tired night you'll get fed up and sick some Java into your HTML--like a cancer it'll grow, until the point in separating them is lost.
WebMacro, or any other template system, supports the model/view/controller way of thinking architecturally. It's analogous to doing OO programming in an OO language, as opposed to in C. Separating display from logic in JSP is like doing OO programming in C--it's possible, but the language doesn't really support it.
It is worth repeating that I created WebMacro in response to JSP. I had come from a perl/C++ background, and had made extensive use of good template systems in both langauges. Coming to Java, I naturally expected to have a good template system, so I looked at JSP. When JSP turned out not to be a template oriented system, I naturally wrote one and GPL'd it
Of course I'm biased. However, I will say that the bias caused me to write WM, and not the other way around
This is just nasty propaganda, with hardly any truth to it.
(1) What's this BS about corporations using Java and private individuals using C? Do you have any evidence of it? It seems like a wildly ridiculous claim at face value. My best guess is you are saying all Linux programs are written in C, whereas the websites corporations build are backed up by Java. That's confused and silly, since those are two different kinds of programs.
(2) What happened to perl? Almost everything done on Freshmeat is NOT python. It's mostly perl and C. I think your biases are showing, as is your lack of factual data.
(3) I am a private individual, self-employed in fact, and I use Java and Perl about equally. I even wrote and contributed a template engine for Java servlets, which you can find on freshmeat, called webmacro. It's free under the GPL, go try it out.
Also I don't have any clue why you mentioned CORBA. CORBA certainly has had problems gaining widespread acceptance--but I don't know why you think there is any connection to Java. CORBA is just as well connected to python and C; the Java bindings came fairly late in the process (after python, for example). So while your criticism of CORBA may have a point, it isn't relevant to a discussion on Java.
I can't believe you propose to use Python on the server, and in the next sentence you are complaining that Java is slow.
There are lots of great things about Python, it's an amazing lanaguage, and a substantial improvement over Perl. However, speed is not one of it's attributes. Python is dog slow, and Java runs circles around it.
Putting a bytecode interpreter on a PCI card is a bad idea as well. The problem is that you wouldn't have a processor on the card nearly as fast as the one in your PC.
Java is only slow on the server if you compare it with C. Versus any scripting language, it's lighting fast.
With WebMacro servlets I find that I get performance equivalent to what I get out of PERL running as an Apache module.. and WM is doing a lot of work for me.
BTW, WebMacro is actually an HTML template langauge. You write a template that contains some dynamic content, but without knowledge of where that content comes from. These templates look like ordinary HTML documents, with a few extra things dropped in.
:-)
In the back end you work with ordinary Java objets, anything vaguely bean-like. You just drop these into a hashtable and WebMacro's introspector figures out how to fit what you've supplied in the hashtable together with what you've asked for in the template.
The goal, of course, is to keep your Java servlet code clean and clear, with no HTML--and similarly to keep your HTML clean and clear, with no program code messing it up.
There are other template solutions for Java servlets besides WebMacro. FreeMarker is one. Another way to go is to use XML with XSLT. I would advise against using JSP. JSP is great if you are familiar with ASP and you're looking for something familiar in the Java world--but I don't think it's a good use of the Java langauge. On the other hand, attracting all these ASP peope to Java is good *for* the Java langauge
I developed and wrote WebMacro which is a free (GPL) Java servlet framework.
I use Java for about half my web projects. The other half of the time I use perl. In my opinion, here are the strengths of Java for server side development:
1-- It allows clean and clear design. Since you can declare compiler-enforced interfaces, you can easily separate out functionality in well defined chunks. This allows you to plan for the long term, hand different parts of the project to different people, and so on. This tends to be what makes me choose Java over Perl: If I want to enforce a long term design (such as re-usable constraints on busisness logic), or break the project up into several different segments, then I choose Java over Perl.
2-- It's fast and scalable. Java is often criticized as being slow, but on the server, it's not. It's fairly fast compared to things like perl (which are usually fast enough to begin with), and add to that the threaded nature of servlets, plus the built in scalability, and you have a big performance gain over other scripted solutions. In particular the ability to automatically distribute a single servlet across multiple webservers, without modifying the servlet itself at all, is a big win. You can be sure that whatever you do will scale.
3-- You do need to make an effort to keep your HTML and your SQL and your Java program code separate form one another. The whole reason for using Java was to get clean, well designed code, and you don't have that when you have HTML obscuring your servlet. This is what prompted me to write WebMacro, which is an HTML template system, but you could also do this with FreeMarker, or XSLT, or if you are very careful, with JSP.
4-- Write once, run anywhere is fairly real on the servlet. I routinely develop under FreeBSD, deploy on FreeBSD, Solaris, and Linux, and I have about half the users of WebMacro running it under NT, even though I myself hardly ever use NT. And it all works.
5-- On the downside, the free Java solutions don't appear to work very well for servlets. I have had lots of trouble with kaffe, and the free JVM's are not as fast as the non-open ones. This is too bad, and it's something I expect will change over the next while. I always try kaffe every time it comes out, but it hasn't yet been stable enough for me.
6-- You do need an experienced designer around if you are going to use Java. Unlike perl, where your goal is to hack out something working ASAP, in Java the point of the language is to allow you to do clean design. Well you won't get clean design without an experienced designer. Without a good designer you are probably better off with "write-once" perl-code that you throw out and rewrite whenever you need to fix it. While Java allows you to do really good design, I have seen some really nasty Java code. If you aren't going to use it right.. don't use it.
FreeBSD is an exceptionally stable server platform. It generally demands a lot more from the admin than Linux, but in the hands of a competent admin it's solid as a rock. I'm not surprised they're using it. Also worth nothing that the BSD license allows them to take it proprietary, whereas with Linux it would have to stay opensource.
I'd like to see more integration between the FreeBSD and Linux developers. FreeBSD has a purity and focus not found in Linux; whereas Linux has much better documentation and support, and as a result is much easier to use.
It's important to make sure the Unix market doesn't get fragmented. Linux and *BSD developers should co-operate to ensure that they implement common features in a standard way. For example, the high grade NFS stuff (caching, etc.) should be compatible between Linux and *BSD so that you can run a Linux client with a BSD server, or the other way around.
Competition between the different free Unixes is good, so long as it doesn't give MSFT or someone else a wedge to drive between the communities. When two Unixes become incompatible, each loses access to all the developers in the other camp.
The net brought us online daytrading, and now with Red Hat, VA, PERL, etc., the daytraders finally have something to do: get all excited over HOT! HOT! HOT! linux stocks.
This split is great. Previously options on RHAT were just too damn expensive--you buy and sell options in units of 100, and at RHAT's prices that meant the minimum options bet was a couple thousand dollars. Now that RHAT options are affordable, all those daytraders who are furiously reloading their stock screens and trading every five minutes have been given yet another way to blow their life savings away.
Given that the average slashdot reader is obviously a sweaty, shifty-eyed daytrader who spends all agonizing over every 2-3% change in the price of linux stocks, this definately is stuff that matters!
I forget who said it, but I recall once some OSS advocate saying he wished he could just ignore RMS and the GNU project and write them off as the radical wing, but that unfortuntely RMS had written far too much code to be ignored.
I think that's a great statement about how in the OSS/FS world your code does wind up being very much where your mouth is. The more code you write, the bigger say you get.
Personally I love the GNU project, and I am very glad that RMS has written so much code that he can't be ignored.
I think I'm finally ready to say that Linux is a credible threat to Microsoft. I think the change in the last week was an import one psychologically as well as financially.
The business world has not only noticed Linux now (that happened last year), they're firmly behind it. Gone are the days when we have to argue that Linux is just as good as a commercial system--now we can just point to a few billion dollars of investments and say "Obviously they believe it." That's a dumb argument, but it's one that carries weight with non-technical people who don't understand the actual merits of one OS over another.
Finally, all this money pouring into Linux is obviously going to translate into a lot of paid development hours and new applications. That should fill in whatever gaps there are missing in the Linux platform.
From now on, the missing functionality is no longer a liability... it's an OPPORTUNITY.
Sun backing Linux is very important. Not only is it a good move on Sun's part, but it will GREATLY help with the consolodation of the Unix market. It will encourage Sun to develop and promote compatibility between Linux and Solaris. Sun is still the biggest commercial Unix vendor, so this is just amazing.
Now all we have to do is ensure compatibility between Linux and BSD. Bill Gates loves to try and drive a wedge between different Unix development teams and claim that the Unix market is fragmented.
I think he can shut up now
If you get hacked because of this bug, please write a nice "thank you" letter to the U.S. Patent Office.
RSAREF is also slow. I think RSA believes their patent enforced monopoly entitles them to write sloppy, slow, poor quality code. The international RSA libraries are much better all around. Not that I would encourage those of you in the US to violate the law by avoiding RSAREF...
But I would like to point out that the RSA patent is about to expire, and those of us in Canada and Europe don't touch RSAREF with a 10 foot pole.
Someone here said everyone else had you filling out long forms and Amazon had "one click technology". This is basically Amazon's line as well.
First, there is nothing very difficult about what Amazon is doing. Second, it's pretty damn obvious. Third, I don't believe Amazon was the first or only site to do this--I think they were just the first to *patent* it.
The main reason why other sites don't do this, or didn't do this, was security concerns. Keeping that much information about you (all your financial data) in a cookie gives a lot of people the willies. If you were on some small web page and it was tracking your credit card, you might worry, and that might incline you not to supply the credit card.
Amazon is just big enough that people trust them to have figured it all out and handled the security issues sensibly. I don't think this is deserving of a patent.
Cookies were *designed* to track your identity between sessions. I don't see where Amazon should get a patent for something invented at Netscape.
Don't understimate our effect. If we can demonstrate the need for this boycott clearly and concisely we can have a very large effect. You have to understand who I mean by "we".
I don't just mean slashdot, I mean a huge, loose, globally connected network of people and groups. Slashdot is an important node in this network, a clearing house which reaches thousands of people. Many of those thousands of people hear about interesting things on Slashdot and turn around and tell their friends about it--with just one level of indirection the number of people involved becomes absolutely enormous.
This is how organizing social action on the Internet works. It's not some single website that co-ordinates action against some adversary; nor is it even a single person. Richard Stallman may start the ball rolling, but MANY people care about the abuse of the patent system.
Protest actions organized over the net have the potential to grow exponentially, and reach a huge number of people in a short amount of time. The effect of such an action has been described by the Rand Corporation as an "overwhelming pulse" or a "swarm attack" on the target. A huge number of loosely connected people, groups, organizations, politicians, mailing lists, individuals, etc., all descend on the target all at once, overwhelming it with a short, massive burst of action.
So Slashdot by itself may not be able to succeed in pressuring Amazon--but we can play an important role in generating a huge internet-style swarm all over these morons, overwhelming them before they really figure out what's going on.
Read it on slashdot, then tell your friends, families, co-workers, etc.
Hierarchies and business have not yet really figured out an effective way to respond to this kind of action.
That's how I would describe Network Solutions. They're a bunch of slimeballs who were just getting used to their monopoly on domain names, and now they're doing everything they can to squeeze the last bit of milk out of their cash cow.
/dev/null. I've been trying to change the 2ndaries for a couple of my domains for weeks.. but no luck. People tell me the only way to get stuff done these days is to get a ticket number, then phone network solutions and complain--don't bother waiting for nothing to happen.
They don't care about domain registrants at all, and obviously in this case, even less because the guy didn't register his domain through a method that provided NSOL with the most profits. This fits nicely with their domain dispute policy which basically favours the bigger lawyer, on the theory that NSOL will get sued less often if they side with the money.
DNS is a disaster now. For the last few months any request that isn't accompanied by a check writtn out to NSOL appears to go to
It'd be great if we could arrest these guys and charge them with incompetence. Lock them up for 20 years.
I was hoping it would say that patents on DNA were illegal. But it didn't. It said these particular scientists used deception to try and patent something which they didn't invent.
:-)
In fact, this is evidence of a disaster.
The patent office obviously didn't do enough work to determine whether the proposed patent was credible--they just rubber stamped it, and left it for the courts to work out. Since the courts are incredibly expensive, that puts a challenge to a patent like this out of reach to the average person. It took a corporate adversary with a legal team to defeat it.
Not something that you and me and your favorite free software development team will benefit from. Well... maybe now that VA and Red Hat are worth a gazillion dollars we can finally get some of those lawyers fighting for the right team
This level of recognition for Linux has been a long time coming. And it's good. This will channel a LOT of money toward Linux projects, and the companies that haven't yet woken up to Linux fever will now catch it in a big way. That's the plus.
:-)
The minus is that at these prices it will take a LONG time for the underlying securities to justify their prices. That hasn't stopped the craze surrounding things like Yahoo... but in the case of Linux, there are still some issues around how a Linux company makes huge wads of cash. (It's easy to see how a Linux company can make a reasonable living, but that's different).
You make huge wads of cash when you establish a brand and you take away business from everyone else. Is it really possible for VA and RHAT to become THE linux brandnames? Or does the GPL guarantee that they will always have so much competition that their margins will always be fairly thin. That's the minus.
So I'm not sure I would invest in these companies at these prices... but I certainly have invested my whole career into Linux, and this is very, very good for my career
I was working on building a good anonymous remailer system a few years ago. The idea would be to distribute the anonymizing effect over as many systems as possible, while denying each system in the chain the ability to work out where the message was coming from or where it was going to. There are several variations on this theme, and a couple of implementations of things close to it.
I stopped working on it when it occurred to me that there were people in the world who would probably put up $50k or more to help me build such a system: terrorist organizations, people plotting to kill someone, street gangs, Hells Angels, etc.
I decided I would stop work on it until I figured out whether or not it was a good idea. I still haven't figured it out.
Stretching is very important. Stretch your arms, your forearms, your neck, your back, etc., do it frequently. Don't be too aggressive--mild stretching is the best.
Stretching helps promote healing, and keeps muscles from tightening up. A good massage is also a reasonable preventative measure--work on shoulders and upper back problems as problems here are often are responsible for inefficient use of your fingers, wrists, and forearms.
xwrits is break software. It reminds you to get up from your computer and take a break every so often. It monitors your typing and mouse usage.
Compared to similar programs for windows it's pretty crude. However, it's effective.
One of the most important things you can do to avoid/prevent/cure typing injuries is to make sure you take adequate breaks. This does not mean lunchtime--this means every 10-15 minutes you get up and stretch.
Programs like xwrits remind you it's time for a break.
One more thing.... beware of wrist splints! They give you short term relief by taking the load off the muscles that are bothering you, but they are long term doom.
The danger is that your muscles will atrophy in the splint. Then when you remove it you will re-injure almost immediately--you will probably think you're just not recovered yet, but in fact it is the weakening of your own muscles because of the splint that is causing your trouble!
You have to learn to type properly using all of the muscles in your shoulders arms, forarms, wrists, and fingers, balancing the load so that nothing is overworked. You cannot solve the problem with gimmicks like splints--you actually have to solve the problem with the way you type, and with how much you type.
Instead of using a wrist splint type without one. Type as much as you can WITHOUT symptoms, taking frequent breaks. Try to find out how much you can do before you experience symptons and do just under that much typing. Make sure you keep typing every day--don't lose your endurance. On the other hand, it's a mistake to do exercises to "strengthen" your hand--typing all day long is enough exercise.
If you're having trouble you really should see a doctor who knows something about typing injuries. Many doctors will tell you to use splints--these are the ones who know nothing about typing injuries, go and see someone else--ask to see a specialist.
If you are experiencing pain from typing and mousing an ergonomic keyboard won't help. Not by itself. You are over-using or at least mis-using your muscles and you need to slow down.
A better solution is to install break software like "xwrits" to remind you to take frequent breaks. Say every 10-15 minutes. You should get up out of your chair during these breaks since a lot of problems are actually caused by bad posture and sitting too long.
Ergonomic keyboards might be part of a solution if they help you use your muscles properly--but they cannot be the ONLY thing you do, nor can they be a substitute for taking regular breaks, fixing your posture, etc.
Also, a keyboard that works well for you might not work for someone else at all. Personally I tried lots of keyboards and wound up using a really ancient non-ergonomic keyboard because it had the best keys (they press with little effort but you can feel a bit of a click when they get far enough, so you can use minimal force).