The LIRR homepage is http://www.mta.nyc.ny.us/lirr/. The LIRR is run by the MTA, which is located in NYC, which is a city in NY, which is located in the US. Perfect scheme, and a suprisingly decent application of DNS. Especially for government.
So why suffer with jdeli342.domain.com? Why not a.jdeli.domain.com, b.jdeli.domain.com, etc? In addition to allowing for easier delegation of services, you can set search orders in/etc/resolv.conf so you can simply type ``ssh b'' to hop from host a to host b. That's just golden.
Some other examples..
Mail Exchangers
a.mx.domain.com
b.mx.domain.com
Nameservers
c.ns.fudge.domain.com
d.ns.fudge.domain.com
Web servers
e.web.domain.com
f.web.domain.com
And so on. If you get to z, make the next one aa, and then ab, etc.
Also, functional names should not replace cute names. DNS allows you to assign more than one name to a machine. If a machine is repurposed for another ask, it should still be known by its unique cute name no matter where it goes. At the same time, a single host can have more than one functional name.
No reason barney.domain.com can't also be bc.web.domain.com and e.porn.domain.com.:)
A source of cute names? Oh, uhm, right now I use Roman empererors. There were tons of them.
He spoke at H.O.P.E. many a year ago stating that hackers are "law-abiding citizens who have immense potential to contribute to society". Yes, he is a spook. Or was a spook. He resigned from the CIA out of frustration with their information gathering skills.
He believes that publically available information is often more useful and accurate than information the CIA/NSA/DIA blow huge wads of our cash to collect.
"I had spent eighteen years as a professional intelligence officer," he says, "and discovered that a whole lot of classified data wasn't really there. We just had a whole bunch of facts about Soviet missile silos. Nothing on the Third world, for instance. At the Marin Corps Intelligence Center we were spending $2 million a year on a system for accessing classified data from the CIA, NSA, and DIA--and I found that for $25,000/year I could get beter data from open sources."
I knew it was him as soon as I saw the Slashdot headline. Very unique character.:)
While the jobs I used to have were OK, I never really felt motivated to work extra hard just to maybe see the benefits trickle down to me, the lowly employee.
Having just started my own computer consulting firm, I can say that at least for now it's been a blast. You make your own hours, you can turn away clients that are too stupid to work with, and you basically work to make your life better--direct feedback between what you deliver and how it affects you.
Risks? Sure, there are risks, but ask all of the dot commies who were just laid off about risk.
There's also this myth that businesses are all about luck and most people will try to discourage you from starting one. It's bullshit. If you're smart and clever you can get by just fine. Haven't you ever come across complete idiots who run successful businesses? That's an insult to you if someone tells you that you can't do better.
It's more work than I ever thought would be involved, but in the long run I think it's/so/ worth it.
Still got Amazon.com gift certificates you haven't taken advantage of yet? Why, here's an opportunity to protest this invasion of your privacy and even acquire some interesting midnight reading to boot. Choose from among these exciting titles:
The Anarchist's Cookbook (also try the Anarchist Handbook series)
The Art of Survival
U.S. Army Survival Manual
Boeing 747: Design and Development
Explosives, Propellants, and Pyrotechnics
The Chemistry of Explosives
Explosives
An Illustrated Guide to Rifles and Automatic Weapons
The Los Alamos Primer: The First Lectures on How to Build an Atomic Bomb
Bioterrorism of Anthrax Bacillus Anthracis: Index of New Information and Guide-Book for Consumers, Reference, and Research.
Scourge: The Once and Future Threat of Smallpox
Remember to support your local bookstores.
Disclaimer: US government lackeys tend to be humorless, so I'll make it clear now that I've not read any of these books. I love America more than sliced bread itself. Yeah! Nuke their ass! Take their gas! GOD BLESS AMERICA! Wooo!
End User License Agreements, also known as "shrink-wrap licenses" or "click-through licenses" are not legally binding.
Here's a page that explains further, including citations of court cases where the judge found that they weren't legally binding.
Microsoft updating their EULA means about as much as Steve Ballmer having MSN carry his latest round of whinings and what they wish the world really was.
Just because some of you don't like it doesn't mean no one likes it. I've been searching for something like NetFlix for years. I can't believe it took me so long to find it.
Why I like NetFlix...
I hate Blockbuster. The stores in my area aren't well organized (and the staff doesn't seem to care). Everyone else decides to rent movies when you do resulting in huge lines. Blockbuster also decides on my behalf that they don't need to carry certain contraversial or particularly graphic (or god forbid anti-christian) movies.
Fuck them.
NetFlix has no late fees. I can keep the DVDs for as long as I want, but it's not a problem to return them at all. They come self-addressed postage paid. Just drop it in the mailbox to return it.
You pick about 10 movies you're interested in seeing. They send the first 3 on your list, and each time they receive one back they'll send the next one. Besides requiring minimal user interaction, this allows them to better forecast what movies they're going to need in the next few weeks. Video stores don't have this luxury.
Their recommendations system is great (think Amazon.com). I've seen a lot of movies that I've been meaning to see but completely forgot about.
Yes, there are some disadvantages. You have to plan your movies out in advance. There is a delay between asking for a movie and getting it. For never having to deal with Blockbuster again, that sounds like a great deal to me.
On a serious note, I greatly welcome the 4 billion transaction limit being raised. Sure, it's 126 per second over the period of a year -- but it's one step closer to being the database for a major system.
Jeez. I had no idea. If our MySQL server had this limit:
Uptime: 10277498 Threads: 7 Questions: 3678405287 Slow queries: 1584 Opens: 2299222 Flush tables: 1 Open tables: 256 Queries per second avg: 357.909
I'd be receiving a phone call in about a month from my client wondering why the site stopped working.;)
And just to make this look less like flamebait: I use and appreciate both MySQL and PostgreSQL. Do get a life, kids.
I haven't used python, what is it's speed like compared to C?
Python is an extremely expressive, runtime evaluated language. As such, it's probably about 4x slower than perl in cpu bound operations.
People still develop cpu-intensive applications using Python though, even games. The graphics routines/physics are implemented in C, how it all comes together is where Python shines.
Unlike Windows, there are many independent distributions of Linux that may or may not be vulnerable to a security hole. Also unlike Windows, each distribution has shorter release cycles. Futhermore, many Linux distributions come with lots of bundled software that not all sys admins install.
This means that security holes discovered against Windows could be far more devastating because of the uniformity of the installed systems. Code Red/Nimda, etc. would've been much harder to pull off against all variants/distributions of Linux. There's much more paydirt in developing good Windows exploits, since they're likely to work against ALL Windows systems, which means the exploits are likely to be very refined and well tested. Compare to Linux exploits which are usually very hard to get working the first time.
It's also harder to find security holes in Windows since it's closed source (which doesn't make them any less severe). Many security analysts won't even bother since it mostly involves using a debugger to poke at a task for hours, rather than simply grepping source trees for unsafe functions.
But yeah, it is pretty disgusting that Linux in general has this many security holes.
The argument that these things slow down code too much doesn't make much sense, considering that we have to do the runtime bounds checking ourself, everytime, and that we occasionally make mistakes
It's a stupid argument. If you profile all of the programs on freshmeat, 95% of them will be bound by interactive user input, or disk, or network, or memory, not CPU.
Unless you have a specific need or die-hard preference, most programs today should be written in a high level language. If you even have CPU bottlenecks, you can rewrite the hotspots in a lower level language--kind of like how people used to optimize portions of C code by rewriting it in assembly.
I suggest Python.;)
Why software developers write insecure code
on
Why Coding Is Insecure
·
· Score: 3, Insightful
Developers who are more inclined to write secure code seem to come from a background that involves administering free UNIX systems in the mid-90s. This is when we started seeing an explosion in the number of nodes attached to the internet 24/7, most of them running a freenix. We were first to bear security problem onslaughts that everyone now deals with today. A sneak preview.
We had to deal with release after agonizingly insecure release from Berkeley, Washington University, Carnegie Mellon. Deal with urgent "security patches" that simply add bounds checking to strcpy, and praying to god that we get our bugtraq email before the script kiddies have figured out how to uncripple the exploit code.
Servers being attacked just because one user was running an IRC bot in a channel some teenage punk wanted to take over. ISPs being knocked off the net just for running an IRC server. Spammers, denial of service attacks, buffer overflow exploits, rootkits, social engineering, man-in-the-middle attack, password sniffing, brute force cracks,.
Developers who lived through this find that the rest of the world (ie, the people starting to do serious stuff on the internet today) are blissfully unprepared for the security onslaught. More NT servers are connected now than ever, ASPs are coming to the harsh reality that they have 40,000 lines of insecure trash running their web site, home users completely unaware that their broadband "always-on" connection really means "always-vulnerable".
The only common traits we share are cynicism. Cynicism for all developers, all companies, all users, everyone. Hundreds of security holes being introduced every second. Every gadget you buy, every shopping cart you push, your comb could have a buffer overflow, careful! that milk might be sour!, oh no! quiet or the cake won't rise!!! they're crawling all over my skin--get them off get them off, use the ice pick use the ice pick!!$%*)!@!!
If you as a programmer don't see the world that way, don't expect to write anything but insecure garbage. But don't worry, you'll learn your lesson just as we all did. And don't be mad at us if we laugh, because we're laughing with you.
People who use computers for graphics design or sound editing (or any other application software oriented field) tend to need a good set of software.
My siblings, as an example, will come to the conclusion that they need some kind of software. Their purchasing process goes something like this:
Look for free alternatives that do the same thing.
Ask their brother (me) for free alternatives that do the same thing.
Briefly scan the warez scene for the software they want.
Ask their brother (me again) for help scanning the warez scene.
Give up and buy the damned thing.
Definitely a case where a company loses a sale if a freely available, illegal copy exists.
Of course, you can't sum up all illegal copying this way. A good sum of it is teenagers getting thrilled over having the latest 3D Studio. A huge chunk is people who just can't afford it/access it otherwise, and will pay software "pirates" a nominal fee to have it provided (look at cable piracy overseas). Just some are people looking to save their money.
The interesting thing we all know about software is that it replicates so easily.
Unlike most product models, software is not a scarce resource--developer time is, but the end product is not.
Early computer vendors weren't quite as stupid when they said that there was no money in software products. Look at the classifieds for computer programers. 95% of the job listings are to work on custom systems rather than software products.
Successful software product companies are rare (like Microsoft), and many of them have to treat software more like a resource to be licensed, or a service provided, than a product. A very small number of their sales comes from people purchasing retail software.
With something like the internet, if your work can be cloned easily, you're always going to face these problems. Software developers and musicians face the same challenge.
Perhaps one day they will be paid by hardware manufacturers instead of end-users? Perhaps musicians will get a fraction of a cent whenever someone sells a set of speakers? Meh, my head hurts.
My girlfriend is as computer illiterate as they can come. I think the only advanced feature she groks is that there are file/folder hierarchies of some kind.
Not only can she effectively use any desktop I switch to--ranging from Ximian GNOME, KDE, Blackbox, vtwm, etc (once I've configured some of the simpler ones)--but I even had her do a Red Hat 7.1 install for fun. She got by flawlessly just reading the instructions, with me acting as the system administrator whenever the instructions told her to contact me about network settings.
Once she finished the install, she was able to log in and use it as normally.
Installing Windows on the other hand was way outside of her capabilities. She got frustrated and gave up. I'm so proud of her.:D
It was a blast. So many nerds in so small a space.
The irrefutible corporate might was a bit staggering at first. HP, Compaq, IBM, Sun, Intel, AMD, etc. all had huge booths extolling how much each of them loves the Linux community. General impressions:
Sun had TV-style ads running constantly in between presentations on Sun/Linux-happy technology. The iPlanet guys gave a really unnerving speech about how they were serious and want to be taken seriously and that they were "Sun's Children" or something. They were creeping me (and everyone else) out.
The guy pimping Intel's ultra-reet compiler was pretty excited about it. Showing a demo of the new SIMD optimizations versus without. Yay, 8x performance increase in a cpu-intensive demo. He wasn't much interested in discussing how this worked with me though--it took him 10 minutes, gladly accepting interruptions, to just say that it was using SIMD stuff to optimize loops.
Compaq was truly everywhere in that show. They had a lot of fun stuff available, including a play area (complete with bean bag couches and video games). I believe Compaq also provided all of the public terminals for checking email/ssh'ing to boxes, etc. If you were there, you also rolled your eyes when you walked past their gameshow/advertisement setup though (hosted by "Dave LinuxMan").
IBM was there, but didn't do much to catch your eye. If you were looking for them, you found them and hung out with them. Otherwise they were all kind of chill and laid back. Same goes for HP really.
The suits were thoroughly awestruck at the Ximian booth (complete with Jungle motif). Good for them.
I'm not sure what Computer Associates thought it was doing there.
AMD had some engineers there--I wasn't nearly competent enough with CPU architecture to have a good talk with them. AMD was definitely trying hard to get over the myth that their processors were incompatible/unreliable, and had a lot of partners there with them to show confidence in AMD. I wish them the best of luck, they were all very cool.
Red Hat's booth was pretty standard. They were showing an interest in embedded and high-end servers. Plenty of competent people there ready to walk the talk.
Despite the sheer eyecandy factor/booth size of the corporate forces at LinuxWorld, the real heart of the show was actually all of the booths lining the edges run by hacker groups, independent projects, charities, etc. That's mostly where the quality conversation happened.
The Window Maker guys put on an asskicking booth despite no significant corporate backing or flashy handouts. They must've had 8 or 9 boxes/laptops running a wide range of UNIXen all sporting wmaker. Their little ibook was even blasting 80s-cheese metal the entire show. They had a friendly rivalry with the GNOME crowd going.
Some NetBSD dudes were there sporting NetBSD on all kinds of hardware. No FreeBSD/OpenBSD people (er, except for BSDMall?). It was nice to see the FSF and EFF there receiving donations.
Only Covalent was giving out T-shirts this year, and you had to sit through a presentation on Apache 2.0 (put on by ryan@covalent, who did a great job), fill out a form, and swipe your card before they give it to you. At least it's comfy.
The Linux on Playstation 2 booth put on by Sony was gnarly. Some Sony rep even interviewed me and I babbled something about how I was insulted that the dev kit cost $200, but then I was less insulted when I realized the dev kit came with a hard disk and ethernet card and other goodies.
Apple who? Didn't see them anywhere.
Fun show. Highly recommended. I'm going to miss all those guys.
Python is by no means unique, heavens no. I just think they're features that are probably most accessible to the masses because of Python's popularity and ease of use.
I couldn't believe it either. I've had Sprint and AT&T and I just kind of lived with the fact that cells suck. Three different people told me to go with Verizon Wireless because they were sick of my bitching.
I've never had problems since. I get service -everywhere- in NYC. Never seen it drop below 3 bars except in the obvious places (sub-basements, etc). It still doesn't sit right with me since Verizon sucks at absolutely everything else. This is something they do right.
Python supports a concept that it calls 'pickling' (which is also known as Object Serialization).
It's extremely easy to save the state of any object along with the objects it references to disk with literally a couple of lines of code (like, 3). You cannot pickle whole processes, but it's effortless to write some skeleton code to resume the process from its last pickle. You can also define specific methods in each object that are called on pickle/unpickle for special cases (restoring network connections, for example).
The fact that it's an interpreted language shouldn't deter you. Python integrates easily with modules compiled from C, allowing you to accelerate time critical aspects of your code while rapidly developing the not so critical aspects.** Python was designed to solve the problems you're working on.
Oh, and if you're short on time, don't worry; Python is extremely easy to learn.
** As most programmers have found, about 90% of their program's execution is spent in 5% of their code.
See how fascist governments control the flow of information? Aren't you glad our government doesn't do this?
Now, when most people think of fascism, they think of Hitler ranting at rallies. They think Panzers rolling over Poland and France. Fascism is actually much less "fundamentally evil".
Fascism, summed up, is a society which gives handouts to the rich. Government defines what should be produced (like during wars) and what is morally "right". Free speech exists, but with restrictions, etc. Effectively, the Government has a focus or direction. When you hear a politician say "our country should move in so and so direction", they're probably fascists.
We've had elements of fascism since inception, but since the Cold War, the size and power of the Federal Government has increased drastically, making us much more totalitarian in the process. The results are mixed, but overall positive since we're still pretty functional.
I think a much better approach would be if companies had their software certified as secure. Just an independent group to come in and audit the release at varying levels of bulletproofedness.
It'd drive up software costs, but if consumers don't care to look for the "Certified Secure!" brand, why should the government force it?
Own a credit card? How about a driver's license? A checking account? If you answered yes to any of these, you have already sacrificed a significant amount of your privacy for the sake of convenience.
None of these things are mandatory. You don't have to get a credit card and no one is holding a gun to your head making you drive. Any (and especially all) of those 3 things gives the state an enormous amount of information. They know where you get your money from, what you spend it on, probably where you live, what kind of car you drive, where you got this car, what you do with it, and can practically learn everything about you without ever meeting you in person.
So, why do we do it? Simple. Try to survive without a credit card. Pretty doable, but it rules out most e-commerce, and makes staying at hotels pretty difficult. No driver's license? Sure, but if you don't live in a city, you're probably fucked without a car.
No checking account? You're going to have to go far out of your way just to perform basic life functions. You expose yourself to great personal risk by mailing cash (and many companies will flat out refuse it). You have to get money orders for everything, and you could never accept money orders because cashing them requires ID. You'll probably fail most credit checks (which are done for everything nowadays; mobile phones, apartment leases, etc)
Beginning to see a trend? To function in society, you need to have some degree of accountability. You forfeit quite a lot of your freedom just so you can function. It's no coincidence that many ultra-privacy/paranoid people are drifters.
Being unknown is entirely your right, but fat lotta good it'll do you. A National ID card is entirely voluntary, so if you want the convenience of speedy airport checkout, you'll do it. And if not, no biggie. Get on the other line.
I'm sure plenty of people use C++ to kick butt, but I personally never appreciated OOP until I used it in more high level languages.
For something that's much more OOey, and easy to learn, try Python. I don't see any reason for new applications to be written solely in C++ nowadays. And the speed issue is irrelevant since you can rewrite portions of code in C (and quite easily, I was pleased to find).
You know what I would have had to do in FreeBSD? I would have had to just turn on Soft Updates. No screaming and pulling hair, just messing with a config file or two.
Messing with a config file or two!? Dear god man, while you're at it, why not build an atomic bomb out of household appliances?!
We don't all have the luxury of beaming our servers up to the Enteprise so Captain Kirk can reconfigure them. Fortunately, we do have Debian:
Since the occasional Slashdot reader is humor impaired [not to claim that I'm funny], the moral of this story is that sys admin tasks are all relative, and difficult to measure fairly. FreeBSD rules, Linux rules, let's all hug and eat pudding.
Oh, your post reminds me. I did leave out some other details such as Verizon incorrectly bills us for the number of lines used constantly, goes ahead and bills our customers for ADSL even though they're signed up through us, and so on. It's come close to litigation several times.
You can become very desensitized to it after awhile. "The sun rises, Verizon is incompetent, etc."
Relatively speaking, Verizon isn't nearly as bad as they used to be. "More cooperative ISP contacts" may be a part of it..
We probably took part in this survey, and we concur with most of the results. As a small NYC based ISP, we depend entirely on Verizon to conduct our business. Perhaps I can lend some views from the inside.
When the dialup market was worth being in, Verizon (which was once in part Bell Atlantic, which was once in part Nynex) took years to increase capacity to our office. We just could not add dialups fast enough to meet the demand. There were many periods where our lines were hopelessly busy and there was very little we could do but harass Verizon.
This is important. We had to work extra hard around Verizon's deficiencies to provide a reasonable quality service. Eventually capacity was increased, but by the time that happened, the dialup market had dried up. Oh well.
We depend on Verizon to network our offices. One business we're involved with is "lighting" buildings with T1s and sharing it with tenants for a reduced price.
Lately, Verizon's been pretty stable and we haven't had any major catastrophes. Several years ago the story was much different. T1s would constantly go down. Adding redundant lines to different locations was in many cases useless (since the redundant lines went down at the same time!), and often quite expensive.
Verizon definitely knows that this is a business they should take care of. They're much more responsive to T1 problems, but there's still room for improvement. They are getting better though. Perhaps we're just lucky?
Our adventures in DSL-land have been.. interesting. We resell Verizon ADSL (but provisioned to our network) and the rate it's sold to us leaves us no choice but to price it higher than Verizon's offerings. This isn't that bad since our customers come to expect that they pay a little more for higher quality service from us, but it must be nightmarish for ISPs trying to sell it as a mass-market commodity.
The most significant value-added feature we offer over Verizon ADSL is that when it goes down, customers simply report it to us and we take care of harassing Verizon to get it fixed. Then we get back to our customers with the progress that's been made.
Talk about innovation!
We partnered with NAS to provide SDSL, and they seem to be the only major DSL carrier that can narrowly avoid bankruptcy. Verizon now offers
SDSL though (to us, for resale) for significantly less, so NAS's future is still uncertain.
Verizon's quality of service has improved noticably in the past few years. It's still very substandard, but they're much more attentive to problems now. Maybe we're just having a good year. Keep up the complaints people, they might actually be listening.
Oh, also! We're lucky enough to be one of the few ISPs to partner with AOL Time Warner. We could be selling cable internet by sometime next year.
But the FTC has to approve the deal. Our tiny less than 20 employee company was being grilled by FTC officials on a whole range of issues. Apparantly this looks very suspicious to them.
AOLTW execs explained to us that they see sound economic advantages in partnering with small ISPs and want to do it despite FTC interference. Whether this is genuine or not will remain to be seen.
But I've already said too much.
Shameless plug time: If anyone's interested, we're New York Connect.Net, Ltd.
Slashdot Mirror
The LIRR homepage is http://www.mta.nyc.ny.us/lirr/. The LIRR is run by the MTA, which is located in NYC, which is a city in NY, which is located in the US. Perfect scheme, and a suprisingly decent application of DNS. Especially for government.
So why suffer with jdeli342.domain.com? Why not a.jdeli.domain.com, b.jdeli.domain.com, etc? In addition to allowing for easier delegation of services, you can set search orders in /etc/resolv.conf so you can simply type ``ssh b'' to hop from host a to host b. That's just golden.
Some other examples..
Mail Exchangers
Nameservers
Web servers
And so on. If you get to z, make the next one aa, and then ab, etc.
Also, functional names should not replace cute names. DNS allows you to assign more than one name to a machine. If a machine is repurposed for another ask, it should still be known by its unique cute name no matter where it goes. At the same time, a single host can have more than one functional name.
No reason barney.domain.com can't also be bc.web.domain.com and e.porn.domain.com. :)
A source of cute names? Oh, uhm, right now I use Roman empererors. There were tons of them.
He spoke at H.O.P.E. many a year ago stating that hackers are "law-abiding citizens who have immense potential to contribute to society". Yes, he is a spook. Or was a spook. He resigned from the CIA out of frustration with their information gathering skills.
He believes that publically available information is often more useful and accurate than information the CIA/NSA/DIA blow huge wads of our cash to collect.
"I had spent eighteen years as a professional intelligence officer," he says, "and discovered that a whole lot of classified data wasn't really there. We just had a whole bunch of facts about Soviet missile silos. Nothing on the Third world, for instance. At the Marin Corps Intelligence Center we were spending $2 million a year on a system for accessing classified data from the CIA, NSA, and DIA--and I found that for $25,000/year I could get beter data from open sources."
I knew it was him as soon as I saw the Slashdot headline. Very unique character. :)
While the jobs I used to have were OK, I never really felt motivated to work extra hard just to maybe see the benefits trickle down to me, the lowly employee.
Having just started my own computer consulting firm, I can say that at least for now it's been a blast. You make your own hours, you can turn away clients that are too stupid to work with, and you basically work to make your life better--direct feedback between what you deliver and how it affects you.
Risks? Sure, there are risks, but ask all of the dot commies who were just laid off about risk. There's also this myth that businesses are all about luck and most people will try to discourage you from starting one. It's bullshit. If you're smart and clever you can get by just fine. Haven't you ever come across complete idiots who run successful businesses? That's an insult to you if someone tells you that you can't do better.
It's more work than I ever thought would be involved, but in the long run I think it's /so/ worth it.
Still got Amazon.com gift certificates you haven't taken advantage of yet? Why, here's an opportunity to protest this invasion of your privacy and even acquire some interesting midnight reading to boot. Choose from among these exciting titles:
Remember to support your local bookstores.
Disclaimer: US government lackeys tend to be humorless, so I'll make it clear now that I've not read any of these books. I love America more than sliced bread itself. Yeah! Nuke their ass! Take their gas! GOD BLESS AMERICA! Wooo!
End User License Agreements, also known as "shrink-wrap licenses" or "click-through licenses" are not legally binding.
Here's a page that explains further, including citations of court cases where the judge found that they weren't legally binding.
Microsoft updating their EULA means about as much as Steve Ballmer having MSN carry his latest round of whinings and what they wish the world really was.
Just because some of you don't like it doesn't mean no one likes it. I've been searching for something like NetFlix for years. I can't believe it took me so long to find it.
Why I like NetFlix...
I hate Blockbuster. The stores in my area aren't well organized (and the staff doesn't seem to care). Everyone else decides to rent movies when you do resulting in huge lines. Blockbuster also decides on my behalf that they don't need to carry certain contraversial or particularly graphic (or god forbid anti-christian) movies. Fuck them.
NetFlix has no late fees. I can keep the DVDs for as long as I want, but it's not a problem to return them at all. They come self-addressed postage paid. Just drop it in the mailbox to return it.
You pick about 10 movies you're interested in seeing. They send the first 3 on your list, and each time they receive one back they'll send the next one. Besides requiring minimal user interaction, this allows them to better forecast what movies they're going to need in the next few weeks. Video stores don't have this luxury.
Their recommendations system is great (think Amazon.com). I've seen a lot of movies that I've been meaning to see but completely forgot about.
Yes, there are some disadvantages. You have to plan your movies out in advance. There is a delay between asking for a movie and getting it. For never having to deal with Blockbuster again, that sounds like a great deal to me.
On a serious note, I greatly welcome the 4 billion transaction limit being raised. Sure, it's 126 per second over the period of a year -- but it's one step closer to being the database for a major system.
Jeez. I had no idea. If our MySQL server had this limit:
I'd be receiving a phone call in about a month from my client wondering why the site stopped working. ;)
And just to make this look less like flamebait: I use and appreciate both MySQL and PostgreSQL. Do get a life, kids.
I haven't used python, what is it's speed like compared to C?
Python is an extremely expressive, runtime evaluated language. As such, it's probably about 4x slower than perl in cpu bound operations.
People still develop cpu-intensive applications using Python though, even games. The graphics routines/physics are implemented in C, how it all comes together is where Python shines.
Unlike Windows, there are many independent distributions of Linux that may or may not be vulnerable to a security hole. Also unlike Windows, each distribution has shorter release cycles. Futhermore, many Linux distributions come with lots of bundled software that not all sys admins install.
This means that security holes discovered against Windows could be far more devastating because of the uniformity of the installed systems. Code Red/Nimda, etc. would've been much harder to pull off against all variants/distributions of Linux. There's much more paydirt in developing good Windows exploits, since they're likely to work against ALL Windows systems, which means the exploits are likely to be very refined and well tested. Compare to Linux exploits which are usually very hard to get working the first time.
It's also harder to find security holes in Windows since it's closed source (which doesn't make them any less severe). Many security analysts won't even bother since it mostly involves using a debugger to poke at a task for hours, rather than simply grepping source trees for unsafe functions.
But yeah, it is pretty disgusting that Linux in general has this many security holes.
The argument that these things slow down code too much doesn't make much sense, considering that we have to do the runtime bounds checking ourself, everytime, and that we occasionally make mistakes
It's a stupid argument. If you profile all of the programs on freshmeat, 95% of them will be bound by interactive user input, or disk, or network, or memory, not CPU.
Unless you have a specific need or die-hard preference, most programs today should be written in a high level language. If you even have CPU bottlenecks, you can rewrite the hotspots in a lower level language--kind of like how people used to optimize portions of C code by rewriting it in assembly.
I suggest Python. ;)
Developers who are more inclined to write secure code seem to come from a background that involves administering free UNIX systems in the mid-90s. This is when we started seeing an explosion in the number of nodes attached to the internet 24/7, most of them running a freenix. We were first to bear security problem onslaughts that everyone now deals with today. A sneak preview.
We had to deal with release after agonizingly insecure release from Berkeley, Washington University, Carnegie Mellon. Deal with urgent "security patches" that simply add bounds checking to strcpy, and praying to god that we get our bugtraq email before the script kiddies have figured out how to uncripple the exploit code.
Servers being attacked just because one user was running an IRC bot in a channel some teenage punk wanted to take over. ISPs being knocked off the net just for running an IRC server. Spammers, denial of service attacks, buffer overflow exploits, rootkits, social engineering, man-in-the-middle attack, password sniffing, brute force cracks, .
Developers who lived through this find that the rest of the world (ie, the people starting to do serious stuff on the internet today) are blissfully unprepared for the security onslaught. More NT servers are connected now than ever, ASPs are coming to the harsh reality that they have 40,000 lines of insecure trash running their web site, home users completely unaware that their broadband "always-on" connection really means "always-vulnerable".
The only common traits we share are cynicism. Cynicism for all developers, all companies, all users, everyone. Hundreds of security holes being introduced every second. Every gadget you buy, every shopping cart you push, your comb could have a buffer overflow, careful! that milk might be sour!, oh no! quiet or the cake won't rise!!! they're crawling all over my skin--get them off get them off, use the ice pick use the ice pick!!$%*)!@!!
If you as a programmer don't see the world that way, don't expect to write anything but insecure garbage. But don't worry, you'll learn your lesson just as we all did. And don't be mad at us if we laugh, because we're laughing with you.
People who use computers for graphics design or sound editing (or any other application software oriented field) tend to need a good set of software.
My siblings, as an example, will come to the conclusion that they need some kind of software. Their purchasing process goes something like this:
Definitely a case where a company loses a sale if a freely available, illegal copy exists.
Of course, you can't sum up all illegal copying this way. A good sum of it is teenagers getting thrilled over having the latest 3D Studio. A huge chunk is people who just can't afford it/access it otherwise, and will pay software "pirates" a nominal fee to have it provided (look at cable piracy overseas). Just some are people looking to save their money.
The interesting thing we all know about software is that it replicates so easily. Unlike most product models, software is not a scarce resource--developer time is, but the end product is not.
Early computer vendors weren't quite as stupid when they said that there was no money in software products. Look at the classifieds for computer programers. 95% of the job listings are to work on custom systems rather than software products.
Successful software product companies are rare (like Microsoft), and many of them have to treat software more like a resource to be licensed, or a service provided, than a product. A very small number of their sales comes from people purchasing retail software.
With something like the internet, if your work can be cloned easily, you're always going to face these problems. Software developers and musicians face the same challenge.
Perhaps one day they will be paid by hardware manufacturers instead of end-users? Perhaps musicians will get a fraction of a cent whenever someone sells a set of speakers? Meh, my head hurts.
My girlfriend is as computer illiterate as they can come. I think the only advanced feature she groks is that there are file/folder hierarchies of some kind.
Not only can she effectively use any desktop I switch to--ranging from Ximian GNOME, KDE, Blackbox, vtwm, etc (once I've configured some of the simpler ones)--but I even had her do a Red Hat 7.1 install for fun. She got by flawlessly just reading the instructions, with me acting as the system administrator whenever the instructions told her to contact me about network settings.
Once she finished the install, she was able to log in and use it as normally.
Installing Windows on the other hand was way outside of her capabilities. She got frustrated and gave up. I'm so proud of her. :D
It was a blast. So many nerds in so small a space.
The irrefutible corporate might was a bit staggering at first. HP, Compaq, IBM, Sun, Intel, AMD, etc. all had huge booths extolling how much each of them loves the Linux community. General impressions:
Sun had TV-style ads running constantly in between presentations on Sun/Linux-happy technology. The iPlanet guys gave a really unnerving speech about how they were serious and want to be taken seriously and that they were "Sun's Children" or something. They were creeping me (and everyone else) out.
The guy pimping Intel's ultra-reet compiler was pretty excited about it. Showing a demo of the new SIMD optimizations versus without. Yay, 8x performance increase in a cpu-intensive demo. He wasn't much interested in discussing how this worked with me though--it took him 10 minutes, gladly accepting interruptions, to just say that it was using SIMD stuff to optimize loops.
Compaq was truly everywhere in that show. They had a lot of fun stuff available, including a play area (complete with bean bag couches and video games). I believe Compaq also provided all of the public terminals for checking email/ssh'ing to boxes, etc. If you were there, you also rolled your eyes when you walked past their gameshow/advertisement setup though (hosted by "Dave LinuxMan").
IBM was there, but didn't do much to catch your eye. If you were looking for them, you found them and hung out with them. Otherwise they were all kind of chill and laid back. Same goes for HP really.
The suits were thoroughly awestruck at the Ximian booth (complete with Jungle motif). Good for them.
I'm not sure what Computer Associates thought it was doing there.
AMD had some engineers there--I wasn't nearly competent enough with CPU architecture to have a good talk with them. AMD was definitely trying hard to get over the myth that their processors were incompatible/unreliable, and had a lot of partners there with them to show confidence in AMD. I wish them the best of luck, they were all very cool.
Red Hat's booth was pretty standard. They were showing an interest in embedded and high-end servers. Plenty of competent people there ready to walk the talk.
Despite the sheer eyecandy factor/booth size of the corporate forces at LinuxWorld, the real heart of the show was actually all of the booths lining the edges run by hacker groups, independent projects, charities, etc. That's mostly where the quality conversation happened.
The Window Maker guys put on an asskicking booth despite no significant corporate backing or flashy handouts. They must've had 8 or 9 boxes/laptops running a wide range of UNIXen all sporting wmaker. Their little ibook was even blasting 80s-cheese metal the entire show. They had a friendly rivalry with the GNOME crowd going.
Some NetBSD dudes were there sporting NetBSD on all kinds of hardware. No FreeBSD/OpenBSD people (er, except for BSDMall?). It was nice to see the FSF and EFF there receiving donations.
Only Covalent was giving out T-shirts this year, and you had to sit through a presentation on Apache 2.0 (put on by ryan@covalent, who did a great job), fill out a form, and swipe your card before they give it to you. At least it's comfy.
The Linux on Playstation 2 booth put on by Sony was gnarly. Some Sony rep even interviewed me and I babbled something about how I was insulted that the dev kit cost $200, but then I was less insulted when I realized the dev kit came with a hard disk and ethernet card and other goodies.
Apple who? Didn't see them anywhere.
Fun show. Highly recommended. I'm going to miss all those guys.
Python is by no means unique, heavens no. I just think they're features that are probably most accessible to the masses because of Python's popularity and ease of use.
I really ought to get my hands on Squeak.
Yeah, knock Verizon for everything but Wireless.
I couldn't believe it either. I've had Sprint and AT&T and I just kind of lived with the fact that cells suck. Three different people told me to go with Verizon Wireless because they were sick of my bitching.
I've never had problems since. I get service -everywhere- in NYC. Never seen it drop below 3 bars except in the obvious places (sub-basements, etc). It still doesn't sit right with me since Verizon sucks at absolutely everything else. This is something they do right.
Python supports a concept that it calls 'pickling' (which is also known as Object Serialization).
It's extremely easy to save the state of any object along with the objects it references to disk with literally a couple of lines of code (like, 3). You cannot pickle whole processes, but it's effortless to write some skeleton code to resume the process from its last pickle. You can also define specific methods in each object that are called on pickle/unpickle for special cases (restoring network connections, for example).
The fact that it's an interpreted language shouldn't deter you. Python integrates easily with modules compiled from C, allowing you to accelerate time critical aspects of your code while rapidly developing the not so critical aspects.** Python was designed to solve the problems you're working on.
Oh, and if you're short on time, don't worry; Python is extremely easy to learn.
** As most programmers have found, about 90% of their program's execution is spent in 5% of their code.
See how fascist governments control the flow of information? Aren't you glad our government doesn't do this?
Now, when most people think of fascism, they think of Hitler ranting at rallies. They think Panzers rolling over Poland and France. Fascism is actually much less "fundamentally evil".
Fascism, summed up, is a society which gives handouts to the rich. Government defines what should be produced (like during wars) and what is morally "right". Free speech exists, but with restrictions, etc. Effectively, the Government has a focus or direction. When you hear a politician say "our country should move in so and so direction", they're probably fascists.
We've had elements of fascism since inception, but since the Cold War, the size and power of the Federal Government has increased drastically, making us much more totalitarian in the process. The results are mixed, but overall positive since we're still pretty functional.
I think in all seriousness it'd be cheaper for people in Asian markets to just learn english than pay $600.
I think a much better approach would be if companies had their software certified as secure. Just an independent group to come in and audit the release at varying levels of bulletproofedness.
It'd drive up software costs, but if consumers don't care to look for the "Certified Secure!" brand, why should the government force it?
Own a credit card? How about a driver's license? A checking account? If you answered yes to any of these, you have already sacrificed a significant amount of your privacy for the sake of convenience.
None of these things are mandatory. You don't have to get a credit card and no one is holding a gun to your head making you drive. Any (and especially all) of those 3 things gives the state an enormous amount of information. They know where you get your money from, what you spend it on, probably where you live, what kind of car you drive, where you got this car, what you do with it, and can practically learn everything about you without ever meeting you in person.
So, why do we do it? Simple. Try to survive without a credit card. Pretty doable, but it rules out most e-commerce, and makes staying at hotels pretty difficult. No driver's license? Sure, but if you don't live in a city, you're probably fucked without a car.
No checking account? You're going to have to go far out of your way just to perform basic life functions. You expose yourself to great personal risk by mailing cash (and many companies will flat out refuse it). You have to get money orders for everything, and you could never accept money orders because cashing them requires ID. You'll probably fail most credit checks (which are done for everything nowadays; mobile phones, apartment leases, etc)
Beginning to see a trend? To function in society, you need to have some degree of accountability. You forfeit quite a lot of your freedom just so you can function. It's no coincidence that many ultra-privacy/paranoid people are drifters.
Being unknown is entirely your right, but fat lotta good it'll do you. A National ID card is entirely voluntary, so if you want the convenience of speedy airport checkout, you'll do it. And if not, no biggie. Get on the other line.
I'm sure plenty of people use C++ to kick butt, but I personally never appreciated OOP until I used it in more high level languages.
For something that's much more OOey, and easy to learn, try Python. I don't see any reason for new applications to be written solely in C++ nowadays. And the speed issue is irrelevant since you can rewrite portions of code in C (and quite easily, I was pleased to find).
You know what I would have had to do in FreeBSD? I would have had to just turn on Soft Updates. No screaming and pulling hair, just messing with a config file or two.
Messing with a config file or two!? Dear god man, while you're at it, why not build an atomic bomb out of household appliances?!
We don't all have the luxury of beaming our servers up to the Enteprise so Captain Kirk can reconfigure them. Fortunately, we do have Debian:
Since the occasional Slashdot reader is humor impaired [not to claim that I'm funny], the moral of this story is that sys admin tasks are all relative, and difficult to measure fairly. FreeBSD rules, Linux rules, let's all hug and eat pudding.
Oh, your post reminds me. I did leave out some other details such as Verizon incorrectly bills us for the number of lines used constantly, goes ahead and bills our customers for ADSL even though they're signed up through us, and so on. It's come close to litigation several times.
You can become very desensitized to it after awhile. "The sun rises, Verizon is incompetent, etc."
Relatively speaking, Verizon isn't nearly as bad as they used to be. "More cooperative ISP contacts" may be a part of it..
We probably took part in this survey, and we concur with most of the results. As a small NYC based ISP, we depend entirely on Verizon to conduct our business. Perhaps I can lend some views from the inside.
When the dialup market was worth being in, Verizon (which was once in part Bell Atlantic, which was once in part Nynex) took years to increase capacity to our office. We just could not add dialups fast enough to meet the demand. There were many periods where our lines were hopelessly busy and there was very little we could do but harass Verizon.
This is important. We had to work extra hard around Verizon's deficiencies to provide a reasonable quality service. Eventually capacity was increased, but by the time that happened, the dialup market had dried up. Oh well.
We depend on Verizon to network our offices. One business we're involved with is "lighting" buildings with T1s and sharing it with tenants for a reduced price.
Lately, Verizon's been pretty stable and we haven't had any major catastrophes. Several years ago the story was much different. T1s would constantly go down. Adding redundant lines to different locations was in many cases useless (since the redundant lines went down at the same time!), and often quite expensive.
Verizon definitely knows that this is a business they should take care of. They're much more responsive to T1 problems, but there's still room for improvement. They are getting better though. Perhaps we're just lucky?
Our adventures in DSL-land have been.. interesting. We resell Verizon ADSL (but provisioned to our network) and the rate it's sold to us leaves us no choice but to price it higher than Verizon's offerings. This isn't that bad since our customers come to expect that they pay a little more for higher quality service from us, but it must be nightmarish for ISPs trying to sell it as a mass-market commodity.
The most significant value-added feature we offer over Verizon ADSL is that when it goes down, customers simply report it to us and we take care of harassing Verizon to get it fixed. Then we get back to our customers with the progress that's been made.
Talk about innovation!
We partnered with NAS to provide SDSL, and they seem to be the only major DSL carrier that can narrowly avoid bankruptcy. Verizon now offers SDSL though (to us, for resale) for significantly less, so NAS's future is still uncertain.
Verizon's quality of service has improved noticably in the past few years. It's still very substandard, but they're much more attentive to problems now. Maybe we're just having a good year. Keep up the complaints people, they might actually be listening.
Oh, also! We're lucky enough to be one of the few ISPs to partner with AOL Time Warner. We could be selling cable internet by sometime next year.
But the FTC has to approve the deal. Our tiny less than 20 employee company was being grilled by FTC officials on a whole range of issues. Apparantly this looks very suspicious to them.
AOLTW execs explained to us that they see sound economic advantages in partnering with small ISPs and want to do it despite FTC interference. Whether this is genuine or not will remain to be seen.
But I've already said too much.
Shameless plug time: If anyone's interested, we're New York Connect.Net, Ltd.