Anything put out, funded, etc by the NSA or any other agency should be considered suspect until PROVEN otherwise...and before anyone here says "but it's open source"...keep in mind there have been numerous instances of serious bugs, weaknesses, etc found many years after various open source programs were released.
Bottom line: Just because a particular program is open source, does NOT automatically mean that particular program can truly be trusted.
The NSA has published several research papers on on SE Linux as well as the OSes leading up to it (Flask, DTOS, DTMach) and it is hard to find malice in what they suggest should be how OSes should be improved security-wise.
If you are so suspicious of SE Linux then don't install it or even better use the benefits of Open Source and actually read through source to see if the code matches what they claim in their research papers. Heck, diff the major source files against a stock distro and see what has changed and why. Open Source is of no benefit if people treat it like closed source and want everything handed to them on a platter.
If a piece of software requires regular patches for serious security problems, that's probably a sign that its basic approach to security is flawed.
But does IIS really need patches as frequently as you imply? Code Red, Code Blue, Nimda et al exploit the same security hole that is almost a year old. The problem is that for every security hole, there are several waves of worms because IIS admins simply never patch their boxes.
If you disbelieve me check out Netcraft's security survey which shows how long several IIS boxes have gone unpatched and that about 12% of SSL sites (meaning they are probably eCommerce related) running IIS have been "rooted".
After I heard about the Gartner report calling for a rewrite of IIS, I couldn't help wondering how a company that is supposed to be full of analysts can miss the mark by such a great deal. The problem with IIS isn't that it needs a rewrite, because a rewritten version will probably still have bugs since it will be a non-trivial piece of software and all software has bugs, but that
Microsoft needs a better way of getting patches out to people. Preferrably something as simple as the apt-get/cron combination.
IIS admins are typically inexperienced and unknowledgable about security and thus never get around to installing a patch even though it was released almost a year ago.
That's exactly the problem. It's called "user-centered system design" for a reason. User experience is upstream from engineering in a user-centered project. You don't bring designers in late in the game to slap some icons on the system. Instead, you have a set of designs that engineers work towards implementing.
The user-centric design depends on the users of your system. The users of a compiler and language runtime are not going to interact with a GUI, so user interface discussions are irrelevant at this time. Secondly any GUI issues that wil be brought to the implementers of the language runtime and the compiler will be technical issues to probably do with performance and not user interface issues.
I believe your assumption is in error. I have seen de Icaza discuss GNOME in exactly the same way -- naming lots of libraries and implementation strategies, but saying almost nothing about user-facing issues. That's why I noted the continuing pattern in my message.
This I cannot agree or disagree with since most of the interviews involving Miguel or articles written by him I have read are about components and the like which I am interested in and not GUIs which I am not.
Does any contributor's goal include a focus on usability issues and user experience design? If so, they weren't apparently worth listing.
Considering that they are currently working on the compiler, the language runtime and base class libraries for Mono I fail to see what user interfaces have to do with anything at this stage in the development process.
On the other hand if this was an interview about GNOME, which it isn't then I assume he would have mentioned the user interface issues.
Your post has shown a lot more insight than that Gartner report which is unsurprising given the typical quality of Gartner's work. The main problem with IIS isn't that there are exploits for it, after all there are exploits for every major piece of server software from BIND to Apache to Sendmail. The problem is that there is no decent pathway to funnel patches to users of IIS.
I foolishly used to go to the Windows Update site to download all the security patches thinking that I was being smart only to find out after being infected by Nimda that Windows Update Doesn't Have IIS patches. Now considering that this is Microsoft's most central and visible update site plus the fact that IIS worms have caused so much damage over the past year, one wonders why IIS patches aren't on the windows update site or at the very least there isn't a site similar to Windows Update just for IIS?
Gartner is wrong for telling people to switch webservers because admins haven't applied a patch that is almost a year old (that's right, the CodeRed/Nimda patch is that old) because it is tackling the symptoms and not the root cause. Gartner should be bitching Microsoft out for not having a sophisticated update system in place similar to apt-get & cron but with a GUI for the clueless admin instead of asking people to blindly switch web servers as if the Ramen worm and Sadmind didn't affect non-MSFT platforms.
The more people who use non-MSFT platforms, the more worms we'll see on non-MSFt platforms. Instead of looking for the web server silver bullet, we shoyld be encouraging admins to take responsibility and do thier freaking jobs.
One big problem Linux development will face is the notion that devs are playing catch-up with MS with projects like Mono. (We blast Microsoft for its claim that it is an innovator, but has there been much innovation in Linux kernel devlelopment lately?) Instead of trying to build a Windows clone, we should build up a system that addresses computing in a way that MS system's dont.
Let's see
Mono has nothing to do with Linux development.
Linux is not trying to be a Windows clone, instead it is a rather successful Unix clone.
An operating system that addresses computing in a way that MSFT's don't? Do you mean like SE Linux or RTLinux?
Yeah, whoever uses FP to produce a web page, according to the EULA, is not allowed to remove the "active links" (advertisements ?) from the thing, you may not use it "in connection" with sites that diaparages M$, MSN, MSNBC, etc (note : nothing about those companies peoples, though).
The first paragraph in that section reads
For purposes of this
section, the Software means the FrontPage Web
components, including the
MSNBC news headline
component, the MSN MoneyCentral Stock Quote
component, and the MSN Search component.
So basically MSFT doesn't want you using their COM objects on sites that perform illegal activities or diss MSFT subsidiaries. This is very different from stating that if you build your site with Front Page then you must conform to those restrictions. As for "active links", these refer to URLs that components may contaion that lead back to MSFT, for instance MSIE ships with links to Hotmail, Windows Update, and Windows Media Player while Netscape ships with links to AOL and Real. All that section is saying is that if you reuse their components then you shouldn't change the links, seems straight forward enough to me.
What constantly stuns me about the American public is how much it seems that few remember their lessons from civics class on why and how the US was formed.
The founders of the US framed the constitution based around the fact that the natural tendency of government is to oppress its people and for this reason there are a number of safeguards in the US constitution (Bill of Rights, Seperation of powers, etc) that are there for the express purpose of preventing the government from oppressing the people. The current trend of assuming that the government knows best and won't abuse its powers runs counter to spirit that originally founded the United States and would have the framers of the constitution rolling in their graves.
Are people really this lazy, or am I missing something?
Passport isn't about saving keystrokes, it's about control, specifically who has access to your personal data and for how long.
As slashdot has reported in the past, Failed Dotcoms Like Selling Private Customer Data, and a most recent example of this is Egghead.com selling its customer list to Fry's Electronics
Twice already I personally have knowingly been bitten by this (CDNow and Egghead) and I have no idea what websites I may have bought a book or CD from in the past that may have failed with my personal info in their databases or haven been sold to a competitor. With a system like Passport, I specify what which websites have information about me, what information they get to see and exactly how long keep this information.
This is just one of dozens of possible Passport usage scenarios.
The author of the paper brings up a good point that ESR overlooked in his original paper Cathedral and Bazaar paper, which is that Bazaar style development does not necessarily mean Open Source and Cathedral style development does not necessarily mean closed source.
It is possible, and actually occurs quite often, that a project may release its source code licensed under an Open Source license but has a development process that is elitist and closed (one has to look no further than the *BSD camp). Similarly it is possible for commercial projects to be developed in a Bazaar style manner especially with the rise of software development techniques like Extreme Programming where no one specifically owns a particular part of the project and people are encouraged to participate in all parts of the code and as well as test and review all parts of the code.
I thought this would be some interesting food for thought.
BBC reported that a US statesman as saying this is the second pearl harbour
It is not
Pearl Harbor was an attack during a time of global war on a military installation that cost a total of 2,403 lives.
This attack occured during a time of peace on civilain installations and the death toll is being estimated at over ten times that of Pearl Harbor (at least).
CNN is a news channel owned by the Time Warner, and now the part of the Time Warner AOL company, their name is not part of either companies name.
Neither is Netscape which is also a subsidiary and isn't part of their name either. I thought it was quite obvious that the name was a joke and they main point of it was to show how big AOL Time Warner is getting.
This also isn't a merger so much as it is one large company buying a share of the assets of another. The rest of AT&Ts opperations would be seperate.
Exactly where is it mentioned that this is a merger? It is mentioned in the Slashdot blurb as well as the linked article that AOL is attempting to buy AT&T's cable network. The slashdot blurb jokes that at the current rate AOL Time Warner will soon own everything except for Microsoft.
I am completely stunned by the fact that not only could you post a comment that implies you don't get what are obvious exagerrations used in a humorous context but the fact that your post is at +5 indicates that a bunch of slashdotters don't either.
As for this guy being a good chess player - good for him, it doesn't mean he's fischer. I'm sure there are people of world-class quality at chess who choose not to go pro for a variety of reasons - again, it doesn't make them bobby fischer.
You're kidding right? This player beat Short a lot worse than Short has been beaten anyone in the world including Garry Kasparov. The likelihood that there is someone out there able to defeat the best players in the world who happens to be so good he plays up to 8 bad moves at the beginning of the game and still defeats them who has never revealed himself is so unlikely as to be absurd.Maybe you'd feel better if you saw exactly what Short had to say about the incident.
The time limit was three minutes per player, per game. My unseen opponent
began with some highly irregular, if not totally absurd opening moves -
shifting all his pawns forward one square. These were moves that that no
Grandmaster would ever play. I immediately felt that I was the victim of an
elaborate practical joke. But then I became aware of something else.
From this deliberately unpromising position emerged moves of extraordinary
power. In this first game I was totally crushed. I took a little more care
in the second game, but met with the same result. His openings became even
more cocky - 1....f6 followed by 2...Kf7 and 3...Ke6, exposing his own king
to immediate assault - was one of his bizarre and unprecedented gambits. It
was as if he was deliberately trying to handicap himself. However, I was
beaten again.
I played the man I believe to be Bobby Fischer on a couple of further
occasions - a total of 50 games, the last time in May - never getting
remotely close to scoring 50 per cent. By comparison, I scored 50 per cent
(six points from 12 games) the last time I faced Garry Kasparov at blitz
chess, in France in 1995.
I was going to keep this story a secret, but it has become obvious that
Fischer's activity on the ICC is slowly becoming known. (The English
Grandmaster Jim Plaskett has told me that he, too, has played Fischer on the
ICC. Jim also found that his opponent played fantastically weak openings in
order to create a level playing field, or rather chess board. Alas, Jim,
like me, was crushed like a beetle.) It was only a matter of time before
someone else published something.
XML is a complement to HTML
XML is not a replacement for HTML.
I disagree rather strongly with this. I don't know what your experience is with XML but there are lots of shops that use XML for both presentation and data interchange because of its versatility. An XML document can be presented using an XSLT stylesheet or parsed using a DOM, SAX or whatever API. So the same document that can appear on a website because it has a stylesheet to transform it to HTML to maker it viewable is the same document that is used by your applications as a config file, data file, database updategram, etc. with zero modifications to the file.
This is a very, very powerful aspect of XML. In my opinion, HTML is dead and considering that there's been an XHTML Recommendation for close to two years I wonder why people are still clinging to XHTML (Yes, I know it's because the browser developers have dropped the ball).
I haven't even seen an XBox in the flesh yet. Surely advertising it's predecessor won't do XBox sales any good.
This wasn't an ad, in fact the entire tone of the article smells like a leak especially the part about talking to potential partners who state "you aren't supposed to know abut this". Considering how secretive the X-Box guys were within Microsoft I'm not surprised that I worked there and this is the first I'm hearing of it.
Of course it makes sense, X-Box is just a console. It would be extremely stupid of MSFT not to at least try and leverage the X-Box it to something much more considering the fact that they have content, an ISP, a desktop and server OS, and games.
Open Source is not a business model. You can tell, because Open Source includes no realistic methods of making a profit. The goal of business is profit. Open Source cannot profit. Therefore, Open Source is not a business model.
This isn't quite accurate. I believe Open Source models can work in a few business scenarios (not in the current give away software and make it up on services one though) interestingly all of them involve making sure your company is not the sole company bearing the weight of development.
Hardware Vendor or Service Vendor: These guys need to sell their stuff as cheap as possible since they either make it all up in consulting fees (IBM) or they sell a service (TiVo). Having other people help with their OS instead of licensing one is beneficial.
Consultant Shops: Open Source projects can act as a resume like it has done for Digital Creations and Cygnus then companies can hire you to do custom jobs with your software which is typically maintained and improved by the community.
In-House Development: Open Sourcing internal applications that are useful but non-essential to your business model means you can reap the benefits of community involvement, just look at Perl.
On the other hand, the current practice of paying developers to work on a product that you either do not sell or sell for peanuts then hoping to make it up in services, which require additional costs, means that your services will have to be over priced to make up (guess that's why the RedHat DB is $3,000) for the fact that you gave away the software that you spent money developing.
. E.g., Microsoft research spent a lot of time and money to develop a technique using Baysean probability to analyze what a user was doing and figure out what they were trying to do. The end result of that was the mother-#$! Office Paperclip that popped up whenever you typed the words, "Dear John".
Most people who have worked on both research and real world development can tell you that there are always trade-offs to make between what works under limited conditions in a lab and what works in a production system with dozens of variables. Hypothetically, what if the Paperclip algorithm developed by the researchers actually were pretty smart at learning and predicting the user's behavior but would either eat up too much RAM take up too much time do perform their predictions?
What would you do if you were a PM for Office? Scrap the research opr pare it down to where it works in a reasonable amount of time and uses a reasonable amount of resources but isn't as clever asd you'd like? Real managers and real developers make decisions like this everyday.
Microsoft Research should be figuring out how to improve the performance of NT's Microkernel architecture, improve virtual memory management on multi-media machines and a host of other useful technologies. But they don't. Go figure.
These are just the ones that address your immediate questions. There are several dozen more cool and worthwhile research areas at MS Research. Of course, being a typical slashdotter it is easier for you to bash them unthinkingly than do an ounce of research.
PS: For those who think Microsoft isn't interested in the work done by MSR, when I was at a presentation at BillG's house this summer he kept on going on and on about the interesting projects being worked on at MSR and about how of all of MSFT that is probably one place where he is familiar with all the projects being worked on.
But still - face it: Open source and free software is hobbyists writing code for their own well-being, because they (we) think it's fun, and/or because we need the software, and feels good about letting other people use and change said software too.
A quick glance at the Membership List of the Apache Software Foundation shows that there are about 63 members of which about 40 represent one company or the other. The same can be said of most of the other major Open Source projects from Mozilla to Linux to Perl. Corporations are beginning to see the benefits of Open Source software and are contributing both a lot more developer resources than anyone would have believed possible just a few years ago.
Ravages of the new economy
on
HP Buys Compaq
·
· Score: 5, Insightful
I just checked out the article and was struck by how negative the articles in the Related News link were:
Hewlett-Packard to Cut 6,000 Jobs (July 27, 2001)
Compaq's Revenue and Income Fall (July 26, 2001)
Hewlett Profit Falls but Beats Expectations (August 17, 2001)
Compaq to Emphasize Computer Services (July 17, 2001)
Market Place: Compaq Announces More Layoffs (July 11, 2001)
Big time mergers are usually between successful companies or at least where one of the companies is having a particular successful run, this looks like a merger of companies are both fucked. Also considering the amount of overlap in their products, expect more layoffs.
What's the difference between this and asking why we need another Operating System when Linus first introduced Linux instead of working on the HURD or why developers should work on mySQL instead of PostgreSQL? If you can answer these questions then you've answered your own question.
Do you have some problem with Mozilla that we should know about?
Mozilla and the Konquerer are slightly similar projects with different goals. Mozilla aims to be a cross platform all-in-one web development/usage platform while Konqueror is part of the KDE component architecture.
Most people with even a passing experience in software know that all software is a combination of various trade-offs and compromises whether performance vs. correctness, space (use lots of mem) vs. time (use lots of CPU) or even ease of use vs. complete control of the system. Thinking that there can be one true product is the kind of fallacy and naivettè that brought us the Man-Month and "OO is a silver bullet".
Did you ever wonder why Mozilla is continually falling behind schedule? Because people like the Konqueror team decide to go off on their own instead of working for the good of the community. Mozilla was there first, and it deserves the support of the community.
This opinion is so wrong headed and biased I'm almost sure that you are trolling. Blaming Konqueror developers for the fact that Mozilla is behind schedule is like blaming dotcomms and software companies for stealing programmers that could have worked at NASA worked on getting people on Mars by now.
If the free software community wants to make a good impression on the business world (and it may already be too late), we must, at all costs, avoid splitting into tiny, useless factions working on useless, duplicate projects.
Seriously, who gives a fuck what the Business World thinks about Free Software? Dotcomm IPOs and get-rich-quick schemes will come and go but Free Software will still be around as long as there are coders with an itch to scratch. Free Software was here before NASDAQ became a topic of breakfast table conversation and it will be here the analysts and MBAs find a new fad to exploit the masses with be it BioTech or Genetic Engineering.
For some reason you are under the impression that Free Software needs big business to survive which is so far from the truth it's almost laughable.
Although certainly having a specially-designed chip for Linux systems would be nice, Linux will forever be fragmented in the nature of its architecture simply because of its open-source design.
The article is not about providing a specially-designed chip that runs Linux. The article is about the fact that chip designers are now getting interested in making sure Linux runs on their chipsets especially now that it looks like Linux due to its Open Source nature will be quicker at supporting new chipsets than Microsoft's offerings as is witnessed by how long Linux supported Itanium versus Microsoft's recent announcement.
Similarly it looks like Linux on the AMD's Hammer chipset is already way underway as a project while according to the article Microsoft has no current plans to support that chipset.
What exactly do you mean by the Linux architecture is too fragmented to ever allow for a chip that runs Linux?
It's rather interesting watching slashbots make smug comments about "Microsoft worms" and "Outlook viruses" when the two most damaging worms that have occured this year could have appeared on any platform.
Code Red The Code Red worm is a typical worm that exploits a buffer overflow just like the Morris Internet Worm and the Ramen worm before it. Either of the aformentioned worms could have done what code red did once they had 0wn3d the boxen, they just happened not to.
Sircam The Sircam worm spread either through social engineering or across unprotected network shares. Neither of these requires Outlook. It didn't grab addresses out of the address book and instead grabbed them from the user's web cache. Sircam also didn't use the client mailer to mail itself out but instead included it's own mail program.
Thus all Sircam needed to spread was clueless users. This only thing Microsoft-y about this worm is that it ran on Windows.
All the above said, it is truly sad that on almost all popular platforms we are stil dealing with a 30 year old security problem whose causes and solutions have been known from probably before a sizable number of the slashdot population was born.
From the article:
In addition, like Ghostscript, GFS is a technology that has a clear OEM market. GFS has attracted OEM vendors who are embedding the technology into their storage appliances and their commercial software offerings. Under the GPL, these commercial vendors are less likely to provide funding for GFS development and maintenance because of the free-rider problem; competitors who don't pay will directly benefit from those who do. The Sistina Public License solves the free-rider problem by creating a level playing field for all OEMs.
OK, the above partially makes sense if the OEMs have given them this feedback and have shown that this is a way for the company to generate revenue. I'd much rather that Sistina stayed alive and was Open Source instead of Free Software instead of them sticking to their ideological guns and ending up teetering on the brink of death like Caldera, Loki and VA Linux.
On the other hand some of the conditions of the Sistina Public License strike me as excessive. Specifically I point to the section below:
3.2. Additional Sistina Rights. You agree to provide Sistina with a complete copy of the Covered Code and related documentation for Modifications created or contributed by You (according to the procedure set forth at http://www.sistina.com/licensing.html) even if such Modifications are not distributed in Source Code or Executable form.
(a) To the extent you do not distribute the Modifications in Source Code form, You hereby grant Sistina an unrestricted, nonexclusive, worldwide, perpetual, irrevocable, royalty-free right, to use, reproduce, modify, display, perform, sublicense and distribute and otherwise exploit such Modifications, and to grant third parties the right to do so, including without limitation as a part of or with the Covered Code under all intellectual property rights (including any patent rights); and Sistina has the right to license or to otherwise transfer to third parties its rights to such Modifications without notice or any obligation (including without limitation the obligation to account for any profits obtained by Sistina) to You.
(b) To the extent you distribute such Modifications in Source Code form, you hereby assign to Sistina all right, title and interest in and to such Modifications (including the right to sue for past, present and future infringement) under all intellectual property rights (including any copyrights and patent rights).
Slashdot Mirror
Anything put out, funded, etc by the NSA or any other agency should be considered suspect until PROVEN otherwise...and before anyone here says "but it's open source"...keep in mind there have been numerous instances of serious bugs, weaknesses, etc found many years after various open source programs were released.
Bottom line: Just because a particular program is open source, does NOT automatically mean that particular program can truly be trusted.
The NSA has published several research papers on on SE Linux as well as the OSes leading up to it (Flask, DTOS, DTMach) and it is hard to find malice in what they suggest should be how OSes should be improved security-wise.
If you are so suspicious of SE Linux then don't install it or even better use the benefits of Open Source and actually read through source to see if the code matches what they claim in their research papers. Heck, diff the major source files against a stock distro and see what has changed and why. Open Source is of no benefit if people treat it like closed source and want everything handed to them on a platter.
If a piece of software requires regular patches for serious security problems, that's probably a sign that its basic approach to security is flawed.
But does IIS really need patches as frequently as you imply? Code Red, Code Blue, Nimda et al exploit the same security hole that is almost a year old. The problem is that for every security hole, there are several waves of worms because IIS admins simply never patch their boxes.
If you disbelieve me check out Netcraft's security survey which shows how long several IIS boxes have gone unpatched and that about 12% of SSL sites (meaning they are probably eCommerce related) running IIS have been "rooted".
...Scott Mcneally is the CEO of Sun.
That's exactly the problem. It's called "user-centered system design" for a reason. User experience is upstream from engineering in a user-centered project. You don't bring designers in late in the game to slap some icons on the system. Instead, you have a set of designs that engineers work towards implementing.
The user-centric design depends on the users of your system. The users of a compiler and language runtime are not going to interact with a GUI, so user interface discussions are irrelevant at this time. Secondly any GUI issues that wil be brought to the implementers of the language runtime and the compiler will be technical issues to probably do with performance and not user interface issues.
I believe your assumption is in error. I have seen de Icaza discuss GNOME in exactly the same way -- naming lots of libraries and implementation strategies, but saying almost nothing about user-facing issues. That's why I noted the continuing pattern in my message.
This I cannot agree or disagree with since most of the interviews involving Miguel or articles written by him I have read are about components and the like which I am interested in and not GUIs which I am not.
Does any contributor's goal include a focus on usability issues and user experience design? If so, they weren't apparently worth listing.
Considering that they are currently working on the compiler, the language runtime and base class libraries for Mono I fail to see what user interfaces have to do with anything at this stage in the development process.
On the other hand if this was an interview about GNOME, which it isn't then I assume he would have mentioned the user interface issues.
Your post has shown a lot more insight than that Gartner report which is unsurprising given the typical quality of Gartner's work. The main problem with IIS isn't that there are exploits for it, after all there are exploits for every major piece of server software from BIND to Apache to Sendmail. The problem is that there is no decent pathway to funnel patches to users of IIS.
I foolishly used to go to the Windows Update site to download all the security patches thinking that I was being smart only to find out after being infected by Nimda that Windows Update Doesn't Have IIS patches. Now considering that this is Microsoft's most central and visible update site plus the fact that IIS worms have caused so much damage over the past year, one wonders why IIS patches aren't on the windows update site or at the very least there isn't a site similar to Windows Update just for IIS?
Gartner is wrong for telling people to switch webservers because admins haven't applied a patch that is almost a year old (that's right, the CodeRed/Nimda patch is that old) because it is tackling the symptoms and not the root cause. Gartner should be bitching Microsoft out for not having a sophisticated update system in place similar to apt-get & cron but with a GUI for the clueless admin instead of asking people to blindly switch web servers as if the Ramen worm and Sadmind didn't affect non-MSFT platforms.
The more people who use non-MSFT platforms, the more worms we'll see on non-MSFt platforms. Instead of looking for the web server silver bullet, we shoyld be encouraging admins to take responsibility and do thier freaking jobs.
Let's see
The first paragraph in that section reads So basically MSFT doesn't want you using their COM objects on sites that perform illegal activities or diss MSFT subsidiaries. This is very different from stating that if you build your site with Front Page then you must conform to those restrictions. As for "active links", these refer to URLs that components may contaion that lead back to MSFT, for instance MSIE ships with links to Hotmail, Windows Update, and Windows Media Player while Netscape ships with links to AOL and Real. All that section is saying is that if you reuse their components then you shouldn't change the links, seems straight forward enough to me.
What constantly stuns me about the American public is how much it seems that few remember their lessons from civics class on why and how the US was formed.
The founders of the US framed the constitution based around the fact that the natural tendency of government is to oppress its people and for this reason there are a number of safeguards in the US constitution (Bill of Rights, Seperation of powers, etc) that are there for the express purpose of preventing the government from oppressing the people. The current trend of assuming that the government knows best and won't abuse its powers runs counter to spirit that originally founded the United States and would have the framers of the constitution rolling in their graves.
Are people really this lazy, or am I missing something?
Passport isn't about saving keystrokes, it's about control, specifically who has access to your personal data and for how long.
As slashdot has reported in the past, Failed Dotcoms Like Selling Private Customer Data, and a most recent example of this is Egghead.com selling its customer list to Fry's Electronics Twice already I personally have knowingly been bitten by this (CDNow and Egghead) and I have no idea what websites I may have bought a book or CD from in the past that may have failed with my personal info in their databases or haven been sold to a competitor. With a system like Passport, I specify what which websites have information about me, what information they get to see and exactly how long keep this information.
This is just one of dozens of possible Passport usage scenarios.
The author of the paper brings up a good point that ESR overlooked in his original paper Cathedral and Bazaar paper, which is that Bazaar style development does not necessarily mean Open Source and Cathedral style development does not necessarily mean closed source.
It is possible, and actually occurs quite often, that a project may release its source code licensed under an Open Source license but has a development process that is elitist and closed (one has to look no further than the *BSD camp). Similarly it is possible for commercial projects to be developed in a Bazaar style manner especially with the rise of software development techniques like Extreme Programming where no one specifically owns a particular part of the project and people are encouraged to participate in all parts of the code and as well as test and review all parts of the code.
I thought this would be some interesting food for thought.
BBC reported that a US statesman as saying this is the second pearl harbour
It is not
Pearl Harbor was an attack during a time of global war on a military installation that cost a total of 2,403 lives.
This attack occured during a time of peace on civilain installations and the death toll is being estimated at over ten times that of Pearl Harbor (at least).
CNN is a news channel owned by the Time Warner, and now the part of the Time Warner AOL company, their name is not part of either companies name.
Neither is Netscape which is also a subsidiary and isn't part of their name either. I thought it was quite obvious that the name was a joke and they main point of it was to show how big AOL Time Warner is getting.
This also isn't a merger so much as it is one large company buying a share of the assets of another. The rest of AT&Ts opperations would be seperate.
Exactly where is it mentioned that this is a merger? It is mentioned in the Slashdot blurb as well as the linked article that AOL is attempting to buy AT&T's cable network. The slashdot blurb jokes that at the current rate AOL Time Warner will soon own everything except for Microsoft.
I am completely stunned by the fact that not only could you post a comment that implies you don't get what are obvious exagerrations used in a humorous context but the fact that your post is at +5 indicates that a bunch of slashdotters don't either.
You're kidding right? This player beat Short a lot worse than Short has been beaten anyone in the world including Garry Kasparov. The likelihood that there is someone out there able to defeat the best players in the world who happens to be so good he plays up to 8 bad moves at the beginning of the game and still defeats them who has never revealed himself is so unlikely as to be absurd.Maybe you'd feel better if you saw exactly what Short had to say about the incident.
XML is a complement to HTML
XML is not a replacement for HTML.
I disagree rather strongly with this. I don't know what your experience is with XML but there are lots of shops that use XML for both presentation and data interchange because of its versatility. An XML document can be presented using an XSLT stylesheet or parsed using a DOM, SAX or whatever API. So the same document that can appear on a website because it has a stylesheet to transform it to HTML to maker it viewable is the same document that is used by your applications as a config file, data file, database updategram, etc. with zero modifications to the file.
This is a very, very powerful aspect of XML. In my opinion, HTML is dead and considering that there's been an XHTML Recommendation for close to two years I wonder why people are still clinging to XHTML (Yes, I know it's because the browser developers have dropped the ball).
I haven't even seen an XBox in the flesh yet. Surely advertising it's predecessor won't do XBox sales any good.
This wasn't an ad, in fact the entire tone of the article smells like a leak especially the part about talking to potential partners who state "you aren't supposed to know abut this". Considering how secretive the X-Box guys were within Microsoft I'm not surprised that I worked there and this is the first I'm hearing of it.
Of course it makes sense, X-Box is just a console. It would be extremely stupid of MSFT not to at least try and leverage the X-Box it to something much more considering the fact that they have content, an ISP, a desktop and server OS, and games.
This isn't quite accurate. I believe Open Source models can work in a few business scenarios (not in the current give away software and make it up on services one though) interestingly all of them involve making sure your company is not the sole company bearing the weight of development.
On the other hand, the current practice of paying developers to work on a product that you either do not sell or sell for peanuts then hoping to make it up in services, which require additional costs, means that your services will have to be over priced to make up (guess that's why the RedHat DB is $3,000) for the fact that you gave away the software that you spent money developing.
Most people who have worked on both research and real world development can tell you that there are always trade-offs to make between what works under limited conditions in a lab and what works in a production system with dozens of variables. Hypothetically, what if the Paperclip algorithm developed by the researchers actually were pretty smart at learning and predicting the user's behavior but would either eat up too much RAM take up too much time do perform their predictions?
What would you do if you were a PM for Office? Scrap the research opr pare it down to where it works in a reasonable amount of time and uses a reasonable amount of resources but isn't as clever asd you'd like? Real managers and real developers make decisions like this everyday.
Microsoft Research should be figuring out how to improve the performance of NT's Microkernel architecture, improve virtual memory management on multi-media machines and a host of other useful technologies. But they don't. Go figure.
I just looked at the MS Research page which lists the current research areas and noticed the following
- Research into Systems and Networking
- Research into Systems and Performance
- Research into Advanced Compiler Technology
- Research into Collaborative and Multimedia Technologies
- Research into Security
These are just the ones that address your immediate questions. There are several dozen more cool and worthwhile research areas at MS Research. Of course, being a typical slashdotter it is easier for you to bash them unthinkingly than do an ounce of research.PS: For those who think Microsoft isn't interested in the work done by MSR, when I was at a presentation at BillG's house this summer he kept on going on and on about the interesting projects being worked on at MSR and about how of all of MSFT that is probably one place where he is familiar with all the projects being worked on.
But still - face it: Open source and free software is hobbyists writing code for their own well-being, because they (we) think it's fun, and/or because we need the software, and feels good about letting other people use and change said software too.
A quick glance at the Membership List of the Apache Software Foundation shows that there are about 63 members of which about 40 represent one company or the other. The same can be said of most of the other major Open Source projects from Mozilla to Linux to Perl. Corporations are beginning to see the benefits of Open Source software and are contributing both a lot more developer resources than anyone would have believed possible just a few years ago.
- Hewlett-Packard to Cut 6,000 Jobs (July 27, 2001)
- Compaq's Revenue and Income Fall (July 26, 2001)
- Hewlett Profit Falls but Beats Expectations (August 17, 2001)
- Compaq to Emphasize Computer Services (July 17, 2001)
- Market Place: Compaq Announces More Layoffs (July 11, 2001)
Big time mergers are usually between successful companies or at least where one of the companies is having a particular successful run, this looks like a merger of companies are both fucked. Also considering the amount of overlap in their products, expect more layoffs.Sad, indeed.
Why do we need another web browser?
What's the difference between this and asking why we need another Operating System when Linus first introduced Linux instead of working on the HURD or why developers should work on mySQL instead of PostgreSQL? If you can answer these questions then you've answered your own question.
Do you have some problem with Mozilla that we should know about?
Mozilla and the Konquerer are slightly similar projects with different goals. Mozilla aims to be a cross platform all-in-one web development/usage platform while Konqueror is part of the KDE component architecture.
Most people with even a passing experience in software know that all software is a combination of various trade-offs and compromises whether performance vs. correctness, space (use lots of mem) vs. time (use lots of CPU) or even ease of use vs. complete control of the system. Thinking that there can be one true product is the kind of fallacy and naivettè that brought us the Man-Month and "OO is a silver bullet".
Did you ever wonder why Mozilla is continually falling behind schedule? Because people like the Konqueror team decide to go off on their own instead of working for the good of the community. Mozilla was there first, and it deserves the support of the community.
This opinion is so wrong headed and biased I'm almost sure that you are trolling. Blaming Konqueror developers for the fact that Mozilla is behind schedule is like blaming dotcomms and software companies for stealing programmers that could have worked at NASA worked on getting people on Mars by now.
If the free software community wants to make a good impression on the business world (and it may already be too late), we must, at all costs, avoid splitting into tiny, useless factions working on useless, duplicate projects.
Seriously, who gives a fuck what the Business World thinks about Free Software? Dotcomm IPOs and get-rich-quick schemes will come and go but Free Software will still be around as long as there are coders with an itch to scratch. Free Software was here before NASDAQ became a topic of breakfast table conversation and it will be here the analysts and MBAs find a new fad to exploit the masses with be it BioTech or Genetic Engineering.
For some reason you are under the impression that Free Software needs big business to survive which is so far from the truth it's almost laughable.
Similarly it looks like Linux on the AMD's Hammer chipset is already way underway as a project while according to the article Microsoft has no current plans to support that chipset.
It's rather interesting watching slashbots make smug comments about "Microsoft worms" and "Outlook viruses" when the two most damaging worms that have occured this year could have appeared on any platform.
Code Red
The Code Red worm is a typical worm that exploits a buffer overflow just like the Morris Internet Worm and the Ramen worm before it. Either of the aformentioned worms could have done what code red did once they had 0wn3d the boxen, they just happened not to.
Heck, I've toyed with writing a proof of concept *nix verison of Code Red using wu-ftp vulnerabilities, rpc.statd vulnerabilities, telnetd vulnerabilities, sendmail vulnerabilities and even BIND vulnerabilities. Of course, I haven't gone much further than deciding what exploits to use and glancing at some source since I'm busy with school at the moment and more importantly I don't want to go to jail.
Sircam
The Sircam worm spread either through social engineering or across unprotected network shares. Neither of these requires Outlook. It didn't grab addresses out of the address book and instead grabbed them from the user's web cache. Sircam also didn't use the client mailer to mail itself out but instead included it's own mail program.
Thus all Sircam needed to spread was clueless users. This only thing Microsoft-y about this worm is that it ran on Windows.
All the above said, it is truly sad that on almost all popular platforms we are stil dealing with a 30 year old security problem whose causes and solutions have been known from probably before a sizable number of the slashdot population was born.
In addition, like Ghostscript, GFS is a technology that has a clear OEM market. GFS has attracted OEM vendors who are embedding the technology into their storage appliances and their commercial software offerings. Under the GPL, these commercial vendors are less likely to provide funding for GFS development and maintenance because of the free-rider problem; competitors who don't pay will directly benefit from those who do. The Sistina Public License solves the free-rider problem by creating a level playing field for all OEMs.
OK, the above partially makes sense if the OEMs have given them this feedback and have shown that this is a way for the company to generate revenue. I'd much rather that Sistina stayed alive and was Open Source instead of Free Software instead of them sticking to their ideological guns and ending up teetering on the brink of death like Caldera, Loki and VA Linux.
On the other hand some of the conditions of the Sistina Public License strike me as excessive. Specifically I point to the section below: