I am actually a huge fan of application specified prefs done correctly. My favorite implementation (I have not used a Mac much) was in BeOS. In Be, every file had attachable attributes that could be as simple as a boolean value up to multimedia files. The supplied API was simple to use and it worked great. Most applications kept their application specific settings in attributes, so that if you moved the app the prefs went with you and kept their system specific prefs in/boot/home/Settings.
All the attributes in BeOS could be accessed, modified, removed or added from the command line with a few simple UNIXy tools too.
I am mostly talking about the applications available for UNIX and UNIX copies (Linux included). A great, great many of the common applications used in **IX now-a-days are open source apps and fit my description above.
If you read my post over, I am not really advocating the use of a single database. I am saying that if that's what people really want (as some other people have posted) then a text based "registry" would work. I have no problem at all with a million different configuration files all in different formats spewed about the filesystem... as long as the program that owns them manages them for me.
In old versions of Windows (pre 95) most programs used.ini files which worked okay. They were generally in \windows or \windows\system but some programs put them in other places, or even used other config file formats. The difference is for most people it didn't matter where they were because the program that made them had a nice little configuration dialog for managing them. THAT is what I would like to see. If I can do everything related to configuration from the program, I could care less how it stores it.
It took MacOS X for people to realize that this was a problem in UNIX? Please.
The reason UNIX and UNIX applications are hard to configure, in most cases, is because Open Source programmers are lazy.
This is obviously a blatent generalization so I will explain.
The old adage is that an Open Source program gets written when a programmer has an "itch" they decide to scratch. The problem is that very few people are itched by configuration. You may write the best web server in the world (Apache!) but by time it comes to writing the configuration manager for it the volunteers start falling away.
It isn't very fun writing a bunch of dialogs, windows, buttons and such to make a nice configuration for a program. It's kinda like documentation (and we all know the state of docs for many UNIX programs).
I see examples of this every day. I have a Mac OS X using friend who sends me the URL of every new program he decides to use. It's incredible how many of them are UNIX ports with a beautiful configuration manager stuck on. Mac programmers hold themselves to a higher level of user experience and UNIX people need to get on the boat.
What's needed isn't a global, all dancing, all singing configuration system. What is needed is responsibility in programming.
P.S. Everyone always whines about the Windows registry because it's binary, you can't edit it blah, blah, blah... But the fact is: It works. The average user never cares to edit it because they config their programs from WITHIN their programs. If something is truly needed, do the Windows registry in text file format. Make it/etc/registry.conf. There is no reason it has to be binary.
That's true and a good point. But! Once the program is released it will be the work of a minute or less to see if it's sending a single integer, or one for each key. (I realize it could be compressed or encrypted, but discount it).
I guess my real point was that their stated goal was not to collect single key statistics, but total key statistics. What they actually do is something else entirely.
I use Windows on all the machines I do any kind of desktop work on, and Linux or Solaris on all my servers. So, I don't know if I would be considered a "Microsoftie" or not, but Slashdot is very important for me.
Also, I don't really come to Slashdot for news on Linux and OpenSource any more, since that's not really what they cover. I am here for the News for Nerds (Geeks), because that's the news I am interested in.
Going back to my original post though... it doesn't really matter where you are when you hit Slashdot. If you are hitting it with Windows that puts you firmly as part of the Windows crowd. That doesn't mean you can't be part of the other crowds, but if you use Windows you use Windows.
I often wonder just how correct "...and most of the Slashdot crowd" relating to Windows vs. Linux (or other non Windows OS) is. Does Rob keep stats somewhere on browsers that hit Slashdot?
Here's a wacky idea. Read the pages before you comment. They don't keep track of which keys and how many times. Just how many keys total. The return ONE integer to the server periodically and that is: Number of total keys pressed since last contact.
I've been paying $30.00 a month (three accounts) for nearly two years to play EverQuest. Some games are just worth it. EQ would be incredibly boring as a single player game, but as a MMORPG it's unbeatable.
Probally the same way any other demo works. It's an animated tour of the OS, the new features, the web, chat and all the other wonderful things that you can do with Windows XP.
Think outside the hat a bit.
IANARSTO (I am not a record store owner) but do record stores really do that? All the CDs I buy have those horrible little stickers along the top edge that I thought came from the factory. Perhaps not, I'd love to know for sure.
This is my favorite part! Usually you cannot return an opened CD (to most stores). Now I can buy all the UMG CDs I want, copy them (once the copy protection is broken, if it's not already) and then return them! All UMG CDs are now free!
Man, what a great bunch of folks there at UMG. My music collection is gonna flourish!
That's about all I can say. It makes me so happy to see Phillips doing this. This is exactly the kind of thing that convinces me to buy a certain company's products. Go Phillips!
The ending of the dot com boom isn't the resurrection of uninformed companies blindly hiring people waving stacks of paper at them. Good engineers without degrees were getting jobs before the dot com boom. Companies finally started to wake up in the early 1990s and will continue to remain awake now.
The important difference is that now (and before the insanity) only/good/ engineers were getting the good jobs. The people that cut and paste Perl scripts are done with, but that doesn't mean you need a degree any more now than you did 2 years ago.
There will always be companies, and shops that won't let you in the door without a degree... but do you care to work for them? Look for a company that is hiring/people/ and not paper. You will be glad you did.
I agree with you here, but not much can be done. The trouble can be minimized by having the script (servlet in my case) immediatly re-encrypt the data to send to the secure machine, but you are correct, the web server are the weak link.
The secure box is mainly to avoid situations where an attacker can get the entire database of credit cards and is meant to minimize risk. It is also mainly used to stop immediate attacks. I am relying on the fact that with tripwire and such on my web servers I will detect a break in as, or soon after it happens and be able to remove or secure any kind of logger installed.
It's not fool proof, but nothing is. I'd love to hear some ideas on securing the web server weakness though.
I am in the process of designing a similar system and your ideas model mine pretty closely.
The key is the interface used to talk to the "secure" box. The only time a credit card number should ever be transferred across the interface is the initial "input". After that it's hashes to verify when needed and user ids to associate.
I also have the notion to make the "secure" box completely detached from the standard network and use only a serial interface that attaches to your credit card processing interface. In other words, the only way to get a shell on the machine is to walk up to it and sit down. Not even a shell via the serial link.
I have a lot of ideas for this and I get to start implementing it soon, so I am excited. I want to do everything I can to insure that my site is not the next Egghead.com:)
I realize that I am not the most standard benchmark I'll throw in my comments.
I've been using Win2K for about 6 months and I just installed WinXP (Home Edition) a few days ago. So far, I see really no performance difference either good or bad. It's much prettier and there are some nice new features that I'm glad to have. Nothing special either way.
Was it worth the $199? Probally. There is some stuff in it that makes my life a lot easier.
Slashdot Mirror
I am actually a huge fan of application specified prefs done correctly. My favorite implementation (I have not used a Mac much) was in BeOS. In Be, every file had attachable attributes that could be as simple as a boolean value up to multimedia files. The supplied API was simple to use and it worked great. Most applications kept their application specific settings in attributes, so that if you moved the app the prefs went with you and kept their system specific prefs in /boot/home/Settings.
:)
All the attributes in BeOS could be accessed, modified, removed or added from the command line with a few simple UNIXy tools too.
I miss BeOS
I am mostly talking about the applications available for UNIX and UNIX copies (Linux included). A great, great many of the common applications used in **IX now-a-days are open source apps and fit my description above.
If you read my post over, I am not really advocating the use of a single database. I am saying that if that's what people really want (as some other people have posted) then a text based "registry" would work. I have no problem at all with a million different configuration files all in different formats spewed about the filesystem... as long as the program that owns them manages them for me.
.ini files which worked okay. They were generally in \windows or \windows\system but some programs put them in other places, or even used other config file formats. The difference is for most people it didn't matter where they were because the program that made them had a nice little configuration dialog for managing them. THAT is what I would like to see. If I can do everything related to configuration from the program, I could care less how it stores it.
In old versions of Windows (pre 95) most programs used
It took MacOS X for people to realize that this was a problem in UNIX? Please.
/etc/registry.conf. There is no reason it has to be binary.
The reason UNIX and UNIX applications are hard to configure, in most cases, is because Open Source programmers are lazy.
This is obviously a blatent generalization so I will explain.
The old adage is that an Open Source program gets written when a programmer has an "itch" they decide to scratch. The problem is that very few people are itched by configuration. You may write the best web server in the world (Apache!) but by time it comes to writing the configuration manager for it the volunteers start falling away.
It isn't very fun writing a bunch of dialogs, windows, buttons and such to make a nice configuration for a program. It's kinda like documentation (and we all know the state of docs for many UNIX programs).
I see examples of this every day. I have a Mac OS X using friend who sends me the URL of every new program he decides to use. It's incredible how many of them are UNIX ports with a beautiful configuration manager stuck on. Mac programmers hold themselves to a higher level of user experience and UNIX people need to get on the boat.
What's needed isn't a global, all dancing, all singing configuration system. What is needed is responsibility in programming.
P.S. Everyone always whines about the Windows registry because it's binary, you can't edit it blah, blah, blah... But the fact is: It works. The average user never cares to edit it because they config their programs from WITHIN their programs. If something is truly needed, do the Windows registry in text file format. Make it
It's extremely hard to infer anything when you don't read the article, as the original poster did not :)
That's true and a good point. But! Once the program is released it will be the work of a minute or less to see if it's sending a single integer, or one for each key. (I realize it could be compressed or encrypted, but discount it).
I guess my real point was that their stated goal was not to collect single key statistics, but total key statistics. What they actually do is something else entirely.
I use Windows on all the machines I do any kind of desktop work on, and Linux or Solaris on all my servers. So, I don't know if I would be considered a "Microsoftie" or not, but Slashdot is very important for me.
Also, I don't really come to Slashdot for news on Linux and OpenSource any more, since that's not really what they cover. I am here for the News for Nerds (Geeks), because that's the news I am interested in.
Going back to my original post though... it doesn't really matter where you are when you hit Slashdot. If you are hitting it with Windows that puts you firmly as part of the Windows crowd. That doesn't mean you can't be part of the other crowds, but if you use Windows you use Windows.
I often wonder just how correct "...and most of the Slashdot crowd" relating to Windows vs. Linux (or other non Windows OS) is. Does Rob keep stats somewhere on browsers that hit Slashdot?
Here's a wacky idea. Read the pages before you comment. They don't keep track of which keys and how many times. Just how many keys total. The return ONE integer to the server periodically and that is: Number of total keys pressed since last contact.
I've been paying $30.00 a month (three accounts) for nearly two years to play EverQuest. Some games are just worth it. EQ would be incredibly boring as a single player game, but as a MMORPG it's unbeatable.
Probally the same way any other demo works. It's an animated tour of the OS, the new features, the web, chat and all the other wonderful things that you can do with Windows XP.
Think outside the hat a bit.
Does your sig mean that Windows is more secure?
;-)
IANARSTO (I am not a record store owner) but do record stores really do that? All the CDs I buy have those horrible little stickers along the top edge that I thought came from the factory. Perhaps not, I'd love to know for sure.
This is my favorite part! Usually you cannot return an opened CD (to most stores). Now I can buy all the UMG CDs I want, copy them (once the copy protection is broken, if it's not already) and then return them! All UMG CDs are now free!
Man, what a great bunch of folks there at UMG. My music collection is gonna flourish!
Hell yea!
That's about all I can say. It makes me so happy to see Phillips doing this. This is exactly the kind of thing that convinces me to buy a certain company's products. Go Phillips!
The ending of the dot com boom isn't the resurrection of uninformed companies blindly hiring people waving stacks of paper at them. Good engineers without degrees were getting jobs before the dot com boom. Companies finally started to wake up in the early 1990s and will continue to remain awake now.
/good/ engineers were getting the good jobs. The people that cut and paste Perl scripts are done with, but that doesn't mean you need a degree any more now than you did 2 years ago.
/people/ and not paper. You will be glad you did.
The important difference is that now (and before the insanity) only
There will always be companies, and shops that won't let you in the door without a degree... but do you care to work for them? Look for a company that is hiring
I agree with you here, but not much can be done. The trouble can be minimized by having the script (servlet in my case) immediatly re-encrypt the data to send to the secure machine, but you are correct, the web server are the weak link.
The secure box is mainly to avoid situations where an attacker can get the entire database of credit cards and is meant to minimize risk. It is also mainly used to stop immediate attacks. I am relying on the fact that with tripwire and such on my web servers I will detect a break in as, or soon after it happens and be able to remove or secure any kind of logger installed.
It's not fool proof, but nothing is. I'd love to hear some ideas on securing the web server weakness though.
I am in the process of designing a similar system and your ideas model mine pretty closely.
:)
The key is the interface used to talk to the "secure" box. The only time a credit card number should ever be transferred across the interface is the initial "input". After that it's hashes to verify when needed and user ids to associate.
I also have the notion to make the "secure" box completely detached from the standard network and use only a serial interface that attaches to your credit card processing interface. In other words, the only way to get a shell on the machine is to walk up to it and sit down. Not even a shell via the serial link.
I have a lot of ideas for this and I get to start implementing it soon, so I am excited. I want to do everything I can to insure that my site is not the next Egghead.com
Whine? Whine whine whine?
Whine whine whine whine whine?
--
It's funny. Laugh. Or die or something.
QuickTime is pretty damn standard on every platform but Linux.
Yep, really.
>>>It also downloads whole files with one click in seconds.
You mean, like, a web browser?
Or a file manager?
What, you thought with the release of Linux 2.4.x.0.1.ac.patch.stable.beta Windows was going away?
Where did you wake up today?
I realize that I am not the most standard benchmark I'll throw in my comments.
I've been using Win2K for about 6 months and I just installed WinXP (Home Edition) a few days ago. So far, I see really no performance difference either good or bad. It's much prettier and there are some nice new features that I'm glad to have. Nothing special either way.
Was it worth the $199? Probally. There is some stuff in it that makes my life a lot easier.
Agreed! I am just not willing to give one to barjam for his response to my post :)
I am not sure, but I don't think I really give a rats ass.