If they dropped the annual price to say, $30, then the subscription would make sense. But instead they are saying 'you must buy a new copy of our app every year'. I am so glad these people dont make cars, they'd just crash a year after purchase in order to make you buy a new one. Oh, wait a minute, didnt ford explorers do that...
When people complain about MS business practices, I think these people have never used quicken. I wanted to get (UK) quicken 95 to be y2k compliant, all they would offer me was a (small) discount on a current version. Instead I acquired a friend's copy, only to discover that it was chock-a-block with 'value added services' that were essentially trying to generate sales bounties for intuit.
I think clearcase came out of apollo. I know people who used it to build their OS (hpux), and used to have this fun of changes they made to the filesystem code stopping clearcase from working...there is a boot nightmare.
When I used clearcase I came to like its UI and its branching. But I came to fear its excessive coupling to the OS. It often needed a reboot after something trival (like deleting files), and because it was slower than a normal file system, builds took longer. When I upgraded to winXP from win2K, I lost access to CCase and could only check back everything by mounting my local vob repository from someone elses PC.
Also, it has an atrocious user interface. In some views deleting objects in the list view of parts would delete them from the diagram, in others it would delete them from the entire design. (ratrose 4, BTW). That and the basic bugs convinced me that the RUP was a bogus dev process. If it was a good process, they would not have shipped something so bad.
case #2: clearquest bugtracking. a dog to install, a dog to use. I remember using the web view to fill in a long a detailed bugrep and when I hit submit it told me the session had expired, just because I was being thorough in my filings.
The UK was also the site of the first reactor fire, Windscale, back in1957...Sellafield as it is now know is a popular and free tourist resort near the lake district.
To round it off you could do 3Mile Island and then Chernobyl, though I'd still be pretty reluctant to do the latter.
There is the huge airship hangar and stuff down in San Jose, on the same site as NASA Ames, that should also be worth a visit. Think you have to be a US citizen to get in though.
Then take the Chunnel over to Calais, France and drive south to the V2 launch site from where they managed to take out most of Croydon, South London. Which is probably worth doing again, it being 50 years or so since the last bombardment.
The launch site is interesting as it was actually the final stages of the assembly line: unpack, fueling, QA, arming, fire at London, repeat. Shows how the response times of warfare have changed.
The french make a big thing of the site, "The birthplace of space exploration" or something, but I think the place in Germany where the rockets came from has that distinction. This is more the birthplace of supersonic delivery of explosives onto foreign cities.
CERN in switzerland is definately worth a visit if you can get in, especially if you get to go down one of the pits to see an experiment. Imagine: a 27 km ring of of electrons going one way, positrons going the other and big science detectors (with 80 foot long magnets and the like) to look for interesting outcomes from the collisions. They do visits on saturdays, but I dont know the process for getting in them.
I used to work there, it was quite a laugh. People still step back when I tell them I used to work in anti-matter containment.
yeah, amazon is great. I love the difference in buying cycle between Microsoft, Oracle, and other competitors like Sun and Dell. Why do most of these employees by CEO worship books?
Whenever I encounter a box with any of their helper apps on (sometimes it happens at work with an ignorant user) we deem it contaminated and do a full scrub.
Given the info they admit to getting -shopping card info- we have to do more than this. I mean, with surf watching and email tracking, this app could be an integral part of the new Total Information Awareness program, a kind of "Carnivore@home". Why have the FBI monitor you upstream when your PC does it all for them.
I wonder if there is any way to detect the app and warn on a web site that they need ad-aware. I could do it with an activeX control...imagine what we could do if web sites started putting an activeX version of adaware up on their shopping cart pages 'for security reasons'.
my biggest issue with MS code is that the underlying causes for their security problems are more than the source is closed, or even they shipped without enough testing, but that they built some things that are inherently insecure in the first place.
case 1: activeX. As a reaction to netscape plugins and java it works, but they made it so easy to sign and redist code that even idiots do it...
case 2: Windows scripting host. WTF does my mother need.VBS and.JS executable support on her PC? I dont know, but I do know that Installing IE6 reenabled it after I had helpfully bound both extensions (and some others ) to notepad. So the IE upgrade made her machine more virus vulnerable than before.
case 3: Visual Basic for Applications. WTF does my version of Word need to have a macro language that can call any API call the OS offers, import COM objects to do bad things and create so much mistrust that of you send an office doc with a macro in people panic. The Excel language used to be limited to letting you write formula that ran when you clicked a button and could only affect the document the lived in. But not any more. So much functionality is in excel now that you dont dare use any.
And that's the irony. The end result of whatever meeting between marketing and the program managers 'lets make all our office apps COM objects that office macro languages can program'. has given the world a feature that almost nobody uses, but everybody is scared of.
I dont know how to deal with fundamental design errors like that. I guess OSS wins there as I should just be able to build a copy of the office suite without ENABLE_VBA #defined.
'shit code written in a hurry with the ship date given higher priority than security is less secure than code written with security kept in mind from the outset'.
And that's why MS code is so bad. Its not that we cant see the source -that just hides the bugs, its that to meet ship dates imposed by marketing, they rushed things out. The MS process of 'triage the software, cull unfixable features and ship with known unimportant bugs' only works if the bugs are 'minor'. In security, any security hole is major, so you cannot ship with even one.
If you look at IIS, the core server is mostly ok. Its the fact that it ships with too many features turned on, config is a morass of dialogs and the add on stuff (like Internet Printing Protocol support) that introduced the big bugs.
So: I dont think the quality of MS code should be a metric of closed source; SYSV unix was fairly secure, after all...
Interesting to hear about the takeup of linux in DOD embedded, as it is creeping into the rest of the embedded space too. Same reason: Vxworks costs too much, they dont give you the source, annual update fees are silly, etc.
Whereas linux/freebsd not only have lower NRE and distribution costs, you can get much of your code running on your laptop while they are still getting the hardware to work. But I do like the vxworks debuggers, esp. for real time stuff.
Also they dont want the govt to fund or participate in any OSS projects, particularly GPL stuff, as it prevents their 'right' to profit from the developments. Heh. NSA Linux is one case in point...the TIA program will probably have to build the US police state on freebsd instead.
I actually think their argument about OSS code not necessarily being more secure is valid, an OSS project can have security bugs introduced as features, and often they get found by external black box attacks rather than source code walk throughs. But OSS projects can roll out fixes faster, which meant if had a widespread and secure update mechanism we could get those fixes out the door faster too. Compare that to win2K which is still available in the shops in 'Code Red Ready' form.
yes -popups are a dying gasp of advertising funded sites; the popup filter the best selling point I have found for evangelising Mozilla to colleages stuck in IE land.
NB, I have a friend who does the graphic design for a major web site, and he hates popups and the marketing weasel that signs up for them. It ruins the whole effect of a site in his opinion, and even popup revenue is noise compared to affiliate sales.
The PC OEM business is huge to MS. On a low end system, windows costs more $100+ than the CPU ($60-80). Nearly every PC out there pays the MS tax, and it is a nice predictable cash flow: one in the opposite direction to the X-box. It also locks most users into Windows and gets them buying add-on apps from the same vendor.
Margins on Office are higher; the software for all its bloat is quite small and much less complex than an OS. Margins on exchange are probably huge. Interestingly, SQL server is good value -compared to Oracle, which says more about oracle than MS. If MS eliminated oracle then SQL server would suddenly start going up in cost. Of course, Postgres is much cheaper than eithers.
If the phone company is in charge then yes, its value added fees. Like the UK traffic congestion service that vodaphone run, that works out where you are and gives you info on traffic: for a fee. The best bit - I think the network itself provides traffic flow data; if a line of phones are moving across the cells at 80mph, that says a lot about road conditions.
But if our laptops can get location data then we can have some fun. Want to see what films are on nearby? send a lat/long to IMDB and get a listing (they dont do this, though they did informally a while back). Want to know where your friends are: go to your IM server and check their locations. Better yet; your laptop can even change time zone based on where it is -wouldnt that be a good thing.
see my paper on context aware laptops for more ideas.
This is not a codec. The spec is a metadata format to describe where on the disk things are (photos, video clips, music), and how they are related. Eg, where 4 different resolution copies of a photo are stored, what the timings of the slideshow should be, etc.
things like which codec to use are separate. For stills it is all jpeg or successor, with whatever music you want.
no, this is not a new CD/DVD format. Its about a file that gets added to an existing iso/udf formatted disk to point to the pictures, the metadata, the different resolution versions of the pictures, the music to go with it all.
then the player: your DVD player, your linux app, reads this and acts on it.
No DRM, no new royalty fees, nothing. This format is to set your home photos free, forever.
DRM: none, go read the spec. Platform support: widespread: go read the spec. WMA is *optional*
This is not a disney-makes-consumer-watches kind of format, this is a you-make-and-send-copies-of-to-your -relatives format, and a your-photos-come-from-kodak/fuji/walmart in this format kind of thing.
Its core is really an XML file atop a normal files system describing what to play, the photos, the full screen versions thereof &c. Which will result in a photo album format that your DVD player will handle, your PC will handle, and 50 years from now, provided a CD reader exists, your home console will still be able to process and read. Think about it: finally all those vendor supplied photo albums will be independent of apps, especially windows ones.
And if everyone supports it, it means that linux boxes will be able to read and write everyones photo albums.
This is definately a good thing
-steve
(disclaimer, worked on related work about a year ago; know lots of people involved, etc).
Most windows developer documentation is a mixture of lies and statements that are either no longer true or statements that are only true in a mysterious parallel universe where things get designed. Whole books about windows are outright lies, like Inside Windows NT, that has whole chapters about things (like the memory manager and how it expands its swap space dynamically) that are blatantly untrue to anyone who has used up their memory space.
Yes, there is a slow boot time as ant parses the xml file. This is a fault of parsing everything before executing; when a rewrite eventually gets done this will go away. and for short things like the 'clean' target in a big project, this shows.
but what if your project is javac stuff, junit test it, deploy it, httpunit test the deployed? There its the stuff you run that is the slowness. Ant can help here by running stuff in VM, but the bottlenecks really are the # of tests you run, and how long it can take for JSP pages to compile. At least with a fully automated process you can do other things while the testing and deployment goes on.
Also, can I point you to the myrmidion prototype underway in the ant-dev group as one possible nextgen ant. Faster and more coherent.
-Steve Loughran
ps. point taken about debugging. I think ant-based projects are getting so complex we need to start doing better. One think make has is the -n option to show what happens without doing it. Ant doesnt have that as it is the tasks that do dependency work, not the core engine.
If the combo of make+unix works for you (as it is the combination, make+DOS is mostly broken), then stick with it. You have more important things to do in your life than tweak build processes, and Ant is no silver bullet. It may be shinier than make, but that is a shine of newness, not necessarily longevity.
But I'm going to argue that Ant brings some things to the table you may want
Integrated unit testing. Thats Junit and junit reporting, plus extensions like cactus (they couldnt call it EJBUnit or sun would sue them) and httpunit.
Deployment: email, ftp, custom tasks for the various app servers out there. Its tasks even smart enough to understand about timestamp dependencies to and from an FTP server, down an http get and other places where makefile is limited.
Xdoclet. Xdoclet turns javadoc tags into code and xml, for those drudge work interfaces (EJB, JMX) and XML deployment descriptors (taglibs, web.xml, EJB, struts, etc). Xdoclet changes how you code. Try it.
Integration with the rest of the open source build tree. I get Ant from CVS every am, then get Axis, and my build process rebuilds axis before i rebuild my own web service. Granted. I am a committer on both so sometimes I fix axis more than my own code, but integration to the core open source projects is convenient. Take a look at the gump to see the nightly build of everything that uses Ant. The gump also shows that ant does scale up nicely
We do look at migrating from make in part of the book, chapter 9 I recall. We talk about migration and encourage co-existence: call ant from make or vice versa, so different sub-projects can use the ones they work with. I dont like mixing ant and make in one project, where a project means a single deliverable artifact (like a jar file). So I take such a level of project, ant-ify it and then have the master file (ant or make) call down to the sub project using ant.
Slashdot Mirror
If they dropped the annual price to say, $30, then the subscription would make sense. But instead they are saying 'you must buy a new copy of our app every year'. I am so glad these people dont make cars, they'd just crash a year after purchase in order to make you buy a new one. Oh, wait a minute, didnt ford explorers do that...
When people complain about MS business practices, I think these people have never used quicken. I wanted to get (UK) quicken 95 to be y2k compliant, all they would offer me was a (small) discount on a current version. Instead I acquired a friend's copy, only to discover that it was chock-a-block with 'value added services' that were essentially trying to generate sales bounties for intuit.
I would never touch any of their products again.
I think clearcase came out of apollo. I know people who used it to build their OS (hpux), and used to have this fun of changes they made to the filesystem code stopping clearcase from working...there is a boot nightmare.
When I used clearcase I came to like its UI and its branching. But I came to fear its excessive coupling to the OS. It often needed a reboot after something trival (like deleting files), and because it was slower than a normal file system, builds took longer. When I upgraded to winXP from win2K, I lost access to CCase and could only check back everything by mounting my local vob repository from someone elses PC.
I have yet to see an SCM system I really like.
Also, it has an atrocious user interface. In some views deleting objects in the list view of parts would delete them from the diagram, in others it would delete them from the entire design. (ratrose 4, BTW). That and the basic bugs convinced me that the RUP was a bogus dev process. If it was a good process, they would not have shipped something so bad.
case #2: clearquest bugtracking. a dog to install, a dog to use. I remember using the web view to fill in a long a detailed bugrep and when I hit submit it told me the session had expired, just because I was being thorough in my filings.
The UK was also the site of the first reactor fire, Windscale, back in1957...Sellafield as it is now know is a popular and free tourist resort near the lake district.
To round it off you could do 3Mile Island and then Chernobyl, though I'd still be pretty reluctant to do the latter.
There is the huge airship hangar and stuff down in San Jose, on the same site as NASA Ames, that should also be worth a visit. Think you have to be a US citizen to get in though.
Then take the Chunnel over to Calais, France and drive south to the V2 launch site from where they managed to take out most of Croydon, South London. Which is probably worth doing again, it being 50 years or so since the last bombardment.
The launch site is interesting as it was actually the final stages of the assembly line: unpack, fueling, QA, arming, fire at London, repeat. Shows how the response times of warfare have changed.
The french make a big thing of the site, "The birthplace of space exploration" or something, but I think the place in Germany where the rockets came from has that distinction. This is more the birthplace of supersonic delivery of explosives onto foreign cities.
CERN in switzerland is definately worth a visit if you can get in, especially if you get to go down one of the pits to see an experiment. Imagine: a 27 km ring of of electrons going one way, positrons going the other and big science detectors (with 80 foot long magnets and the like) to look for interesting outcomes from the collisions. They do visits on saturdays, but I dont know the process for getting in them.
I used to work there, it was quite a laugh. People still step back when I tell them I used to work in anti-matter containment.
yeah, amazon is great. I love the difference in buying cycle between
Microsoft,
Oracle,
and other competitors like Sun and Dell. Why do most of these employees by CEO worship books?
Whenever I encounter a box with any of their helper apps on (sometimes it happens at work with an ignorant user) we deem it contaminated and do a full scrub.
Given the info they admit to getting -shopping card info- we have to do more than this. I mean, with surf watching and email tracking, this app could be an integral part of the new Total Information Awareness program, a kind of "Carnivore@home". Why have the FBI monitor you upstream when your PC does it all for them.
I wonder if there is any way to detect the app and warn on a web site that they need ad-aware. I could do it with an activeX control...imagine what we could do if web sites started putting an activeX version of adaware up on their shopping cart pages 'for security reasons'.
my biggest issue with MS code is that the underlying causes for their security problems are more than the source is closed, or even they shipped without enough testing, but that they built some things that are inherently insecure in the first place.
.VBS and .JS executable support on her PC? I dont know, but I do know that Installing IE6 reenabled it after I had helpfully bound both extensions (and some others ) to notepad. So the IE upgrade made her machine more virus vulnerable than before.
case 1: activeX. As a reaction to netscape plugins and java it works, but they made it so easy to sign and redist code that even idiots do it...
case 2: Windows scripting host. WTF does my mother need
case 3: Visual Basic for Applications. WTF does my version of Word need to have a macro language that can call any API call the OS offers, import COM objects to do bad things and create so much mistrust that of you send an office doc with a macro in people panic. The Excel language used to be limited to letting you write formula that ran when you clicked a button and could only affect the document the lived in. But not any more. So much functionality is in excel now that you dont dare use any.
And that's the irony. The end result of whatever meeting between marketing and the program managers 'lets make all our office apps COM objects that office macro languages can program'. has given the world a feature that almost nobody uses, but everybody is scared of.
I dont know how to deal with fundamental design errors like that. I guess OSS wins there as I should just be able to build a copy of the office suite without ENABLE_VBA #defined.
I was thinking, maybe the issue is
'shit code written in a hurry with the ship date given higher priority than security is less secure than code written with security kept in mind from the outset'.
And that's why MS code is so bad. Its not that we cant see the source -that just hides the bugs, its that to meet ship dates imposed by marketing, they rushed things out. The MS process of 'triage the software, cull unfixable features and ship with known unimportant bugs' only works if the bugs are 'minor'. In security, any security hole is major, so you cannot ship with even one.
If you look at IIS, the core server is mostly ok. Its the fact that it ships with too many features turned on, config is a morass of dialogs and the add on stuff (like Internet Printing Protocol support) that introduced the big bugs.
So: I dont think the quality of MS code should be a metric of closed source; SYSV unix was fairly secure, after all...
Interesting to hear about the takeup of linux in DOD embedded, as it is creeping into the rest of the embedded space too. Same reason: Vxworks costs too much, they dont give you the source, annual update fees are silly, etc.
Whereas linux/freebsd not only have lower NRE and distribution costs, you can get much of your code running on your laptop while they are still getting the hardware to work. But I do like the vxworks debuggers, esp. for real time stuff.
-steve
Also they dont want the govt to fund or participate in any OSS projects, particularly GPL stuff, as it prevents their 'right' to profit from the developments. Heh. NSA Linux is one case in point...the TIA program will probably have to build the US police state on freebsd instead.
I actually think their argument about OSS code not necessarily being more secure is valid, an OSS project can have security bugs introduced as features, and often they get found by external black box attacks rather than source code walk throughs. But OSS projects can roll out fixes faster, which meant if had a widespread and secure update mechanism we could get those fixes out the door faster too. Compare that to win2K which is still available in the shops in 'Code Red Ready' form.
yes -popups are a dying gasp of advertising funded sites; the popup filter the best selling point I have found for evangelising Mozilla to colleages stuck in IE land.
NB, I have a friend who does the graphic design for a major web site, and he hates popups and the marketing weasel that signs up for them. It ruins the whole effect of a site in his opinion, and even popup revenue is noise compared to affiliate sales.
The PC OEM business is huge to MS. On a low end system, windows costs more $100+ than the CPU ($60-80). Nearly every PC out there pays the MS tax, and it is a nice predictable cash flow: one in the opposite direction to the X-box. It also locks most users into Windows and gets them buying add-on apps from the same vendor.
Margins on Office are higher; the software for all its bloat is quite small and much less complex than an OS. Margins on exchange are probably huge. Interestingly, SQL server is good value -compared to Oracle, which says more about oracle than MS. If MS eliminated oracle then SQL server would suddenly start going up in cost. Of course, Postgres is much cheaper than eithers.
If the phone company is in charge then yes, its value added fees. Like the UK traffic congestion service that vodaphone run, that works out where you are and gives you info on traffic: for a fee. The best bit - I think the network itself provides traffic flow data; if a line of phones are moving across the cells at 80mph, that says a lot about road conditions.
But if our laptops can get location data then we can have some fun. Want to see what films are on nearby? send a lat/long to IMDB and get a listing (they dont do this, though they did informally a while back). Want to know where your friends are: go to your IM server and check their locations. Better yet; your laptop can even change time zone based on where it is -wouldnt that be a good thing.
see my paper on
context aware laptops for more ideas.
-steve
This is not a codec. The spec is a metadata format to describe where on the disk things are (photos, video clips, music), and how they are related. Eg, where 4 different resolution copies of a photo are stored, what the timings of the slideshow should be, etc.
things like which codec to use are separate. For stills it is all jpeg or successor, with whatever music you want.
no fees, no restrictions. This is for home photos, not cinema content. Read the spec if you dont believe me.
no, this is not a new CD/DVD format. Its about a file that gets added to an existing iso/udf formatted disk to point to the pictures, the metadata, the different resolution versions of the pictures, the music to go with it all.
then the player: your DVD player, your linux app, reads this and acts on it.
No DRM, no new royalty fees, nothing. This format is to set your home photos free, forever.
DRM: none, go read the spec. Platform support: widespread: go read the spec. WMA is *optional*
This is not a disney-makes-consumer-watches kind of format, this is a you-make-and-send-copies-of-to-your -relatives format, and a your-photos-come-from-kodak/fuji/walmart in this format kind of thing.
Its core is really an XML file atop a normal files system describing what to play, the photos, the full screen versions thereof &c. Which will result in a photo album format that your DVD player will handle, your PC will handle, and 50 years from now, provided a CD reader exists, your home console will still be able to process and read. Think about it: finally all those vendor supplied photo albums will be independent of apps, especially windows ones.
And if everyone supports it, it means that linux boxes will be able to read and write everyones photo albums.
This is definately a good thing
-steve
(disclaimer, worked on related work about a year ago; know lots of people involved, etc).
Most windows developer documentation is a mixture of lies and statements that are either no longer true or statements that are only true in a mysterious parallel universe where things get designed. Whole books about windows are outright lies, like Inside Windows NT, that has whole chapters about things (like the memory manager and how it expands its swap space dynamically) that are blatantly untrue to anyone who has used up their memory space.
Welcome ot the worlds of windows programming.
Ha! this is funny.
Yes, there is a slow boot time as ant parses the xml file. This is a fault of parsing everything before executing; when a rewrite eventually gets done this will go away. and for short things like the 'clean' target in a big project, this shows.
but what if your project is javac stuff, junit test it, deploy it, httpunit test the deployed? There its the stuff you run that is the slowness. Ant can help here by running stuff in VM, but the bottlenecks really are the # of tests you run, and how long it can take for JSP pages to compile. At least with a fully automated process you can do other things while the testing and deployment goes on.
Also, can I point you to the myrmidion prototype underway in the ant-dev group as one possible nextgen ant. Faster and more coherent.
-Steve Loughran
ps. point taken about debugging. I think ant-based projects are getting so complex we need to start doing better. One think make has is the -n option to show what happens without doing it. Ant doesnt have that as it is the tasks that do dependency work, not the core engine.
But I'm going to argue that Ant brings some things to the table you may want
the gump to see the nightly build of everything that uses Ant. The gump also shows that ant does scale up nicely
We do look at migrating from make in part of the book, chapter 9 I recall. We talk about migration and encourage co-existence: call ant from make or vice versa, so different sub-projects can use the ones they work with. I dont like mixing ant and make in one project, where a project means a single deliverable artifact (like a jar file). So I take such a level of project, ant-ify it and then have the master file (ant or make) call down to the sub project using ant.
Steve Loughran.
I meant to say the task does proper depends checking; didnt escape the angle brackets before posting.