I should comment that I have no idea how this would work because there's no existing Microsoft certificate infrastructure in place. Perhaps the same way as ActiveX signing ("Always trust content from Microsoft Corporation?"), but getting that to work right with a private certificate is a big deployment hassle.
Note that the reason Lotus Notes is largely immune from macro virus attacks is that it has a built-in certificate infrastructure (can't login without it). It's unlikely that the Fortune 500's favorite mail system is going to get outlawed. --
Under DOS/Win31/Win9x, I CANNOT RUN ANY PROGRAM IN A SECURE ENVIRONMENT. This is what the M$ supporters Just Don't Get(tm).
Uhh, Windows NT has only been out since 1993. The file permission system is argueably better than unix's.
(If you folks are really interested in effective Linux advocacy, you should take on Windows NT rather than the end-of-the-line, broken-for-backwards-compatibilty Win 9x. It's a more credible comparison, and will make you sound less like a raving moron.) --
Or, to put it another way, if you ask me 20 times a day "Are you SURE you want to do that?", the 21st time, I'll click YES before I've even read the message. Even if this was the one case in which I was making a mistake.
Very good point. Outlook gives you the "virus" warning when opening *.TXT and *.JPG files - enough to drive you nuts.
Also, by default with Win 9x/NT, the file extension is not shown (I don't know if this applys to Outlook). All you see is a little WinZip icon. So it's conceivable that a new users could double-click on the icon not knowing it's an executable.
As for this being an Outlook specific virus, my understanding is that (unlike Melissa), it's not. If the uneducated masses (the "clods") started using Linux, they'd be just as suceptable to "Hey - you don't know me, but run this executable!" form of attack.
The fault really falls on the IT department's shoulders for not educating their user base. The only place Outlook comes in is that it's training costs are supposedly lower, and so many companies think they can get away with reducing that to no training at all. --
Office 2000 (released just now) supposedly contains features which prevents Macro viruses. Perhaps this was unleashed by some unnamed party to speed up Office 2000 deployment.
(All of you paranoid Microsoft haters should feel ashamed that you didn't think of that first!) --
If you think the discussion is over because root is sacred, you should look into how these kinds of viri work.
In an NT system, the virus can only delete the files for which the user has write access. There is no comprimise of "system" security.
The fault lies with poor design on Microsoft's part. The fact that there is no Linux equivalant only proves that noone has a macro-enabled Office suite running on Linux.
Well - look out - here comes Corel Office. Can you execute malicious viruses there? Nobody really knows because they only have like 2% of the market. Although, it might be worth it to someone to teach Linux users a lesson or two. --
Hold your horses -- this isn't an announcement of Linux support on your common Compaq Deskpros, laptops, or home machines.
The annoucement lists AlphaServers, Proliants (x86 servers) and the Professional Workstation XP1000, which is Alpha based. No support even for the Intel workstations.
(As a side note, Compaq has to be about the worst vendor for releasing their machine specifications. I was considering buying a used PPro Professional Workstation, but the most I could get from the spec sheets was "integrated SCSI-2UW" and "integrated NetFlex 10/100 ethernet". (Some digging found that they use different chipsets in the same model line.) In the old days, Compaq made their own very good SCSI and Ethernet equipment, but I guess now they are just trying to delude their customers while packaging cheapo commodity equipment.) --
MSDOS Client for TCP/IP is now difficult to find on the MS website. Of course, anything is hard to find on that website. It's probably still on NT disks.
It is, although it's a horrific install unless you have a network card from 1992 or so. Still highly recommended if you have a Samba enviornment.
AU/X was System V, and there was *no* GNU stuff available, as far as I could tell, apparently due to a FSF boycott.
AU/X was pretty cool for it's day though. I believe the OSX "Blue Box" works essentially the same way that Mac programs (including the Finder) ran on AU/X. --
Yup - companies don't generally make investment decisions based on dejanews or altavista search results and informal e-mail with package maintainers.
This Linux Council provides a way for a company to send over their CEO and VPs and chat about Linux with other bigwigs over a nice lunch. It also allows Linux folks to promote open source development right at the top.
The only real equivalent right now is probably RedHat's marketing department, so a vendor neutral group seems like a good thing. --
Nice analysis, but don't forget that NextStep was near commercial death, with less than 10 ISVs writing Next software (or so I've heard). The 'carbon' API is a necessary evil for those with huge MacOS code bases, such as Adobe, Microsoft, and others.
In the long run, this just forstalls the inevitable, which is Yellow Box/OpenStep. Don't worry - you NeXT people have won. --
Re:Photography is for the nerds.
on
35mm Handbook
·
· Score: 2
You could hit Linus over the head and steal his photography equipment. --
Re:High-end video as a film alternative
on
35mm Handbook
·
· Score: 2
The Canon XL1 is certainly a nice unit - my only fear is that MiniDV is going to be replaced by something better in a couple years. And the firewire port solve the digitzation problem.
Since I don't really need a video camera, I'm sitting back to see how this whole digital TV thing shakes out. In DV's favor, apparently Sony is going to use firewire as the interconnect between all of their home theater components in the future. --
It's good to see that 35mm film could be still considered "news for nerds". In my opinon, film is still much more geeky than digital photography.
Plus, it always gets me when I see a friend with a $500 digital camera that has a crappy plastic lens that looks like it fell out of a box of cracker jacks and picture quality worse than your average 110 camera.
For instant pictures, there's always the Polaroid Instant Slide Processor - usually about $20 on ebay. --
Which doesn't mean they'll do it. If you called up IBM today and said "I want a solution for X, Y, and Z - here's some money, I don't care how you do it."
You would come in the next day and probably find an AS/400 running Lotus Domino and DB2. Expecting a Netfinity running Linux? Sorry!
Linux can be used as more of a tactical approach for accounts that want something that isn't IBM hardware and also isn't necessarily from Microsoft.
(One thing someone should do is a Linux "Small Business Server" like MS and Novell produce. Basically it's a mail server, web server, fax server, firewall, and PPP server all wrapped up and pre-configured with a web admin interface. Basically something that vendors can drop on a small business and then forget about it.) --
So, I figure it's kind of a karma thing for IBM to step up to the plate and help knock down this monster that is largely their own creation.
IBM has already spent a good deal of money trying to get on top of the PC industry, and all of the efforts have pretty much failed (MCA, OS/2, PowerPersonal). Do you really think that IBM is going to take that on again?
Outside of certain shops, IBM does not have alot of credibilty in the desktop space. Just look around your office. The only place that IBM has significant desktop market share is Lotus Notes and ccMail, the latter being a dead product. --
One thing that's become clear over time is that PC operating systems and applications isn't a very profitable business. Sure Microsoft has made a ton of money, but everyone else (Corel, Adobe, Borland, Apple, etc) seems to be just scraping along. If you include MCA and OS/2, IBM probably has a net loss for it's microcomputer endevors, and probably just stays in the business so that they can provide an end-to-end solution.
Instead, IBM (and Oracle, Sun, etc) have realized that the money is really in the middleware and back-end layers, as well as services. Which is why DB2, Lotus Domino, and Tivoli are much more important (and profitable) than ViaVoice or SmartSuite or OS/2 or anything else IBM could possibly dream up in the desktop space. Microsoft of course has figured this out too, and is trying to scale up Windows and MS SQL as fast as it can.
What does this have to do with Linux? I doubt IBM really cares about Linux on the desktop (including MWave drivers, KDE, Gnome, Mesa, etc.). Linux gives IBM a way to push cheap application servers and services while avoiding it's reputation for pushing proprietary products and also the dismal future of becoming a second-tier Microsoft solution provider.
So while IBM might push Linux a bit, it's ultimately just another solution for them to choose from. They certainly aren't going to get into another desktop OS war or try to evangalize any die-hard MS customers. --
Actually, if it would improve the service, most would be happy to pay $100 or more. Charging less than a hardcover book for a domain name only benefits the squatters and overloads the system. --
Hmmm... Office 2K has code-signing for Macros now, and by default it'll jump up and down and shout loudly to get your attention if it comes across an unsigned piece of code. So Macro virii should no longer be a problem.
Do you have a certificate infrastructure for this, or is that Win2000 only?
Being more of a Word 6.0 person myself, I haven't tried the Office 2000 betas, but all of this stuff, plus the Office Server Extentions, plus the upcoming knowledge management server is enough to give me deployment nightmares.
Yes, I know what's in Office Developer. True you get lots of stuff, but have you removed the macro facilities from the standard versions of Word and Excel? If you folks have, I wouldn't be suprised to see big MS Office shops buy the developer version just to keep their VBA-writing user base happy. (Most MS Office applications aren't handled by MIS, in my experience - they're built by normal users to support smaller projects.)
Anyway, thanks for providing a runtime-only version of Access. That will make management much easier.
Actually I should reply to myself and say that Gimp is really a bad example because (1) it exists, and (2) I don't really think it's substandard - it's more of a learning curve issue for me.
Just consider one of the many software types for which there is no open source alternative. Unless you are docternal about open source only, there's probably some price you'd be willing to pay for just about everything you'd use. --
Maybe the shrinkwrap market needs to get over their model of one price = unlimited use.
For example, I know people who do Photoshop work all day, every day. Their company would probably pay $5000 for Photoshop, because they need it. One the other hand, some people use Photoshop to touch up little web graphics (which admittedly they could do with gimp or shareware). Yet Adobe charges both crowds the same $600. This is obviously unacceptable for the low-end of the market, so the honest people scramble to produce free or low-cost alternatives (like the gimp), and the dishonest people just pirate.
Perhaps some sort of CPU-usage accounting model needs to be resurrected. I'd love to have Photoshop as a tool if it only cost me a few dollars now and again. As it is, I'm forced to learn and use other software which is not as good. --
Don't forget about the standard Microsoft/Drug Dealer approach - the first hit's for free. One of these days, the thrid world is going to become a huge goldmine for US software companies.
This applys in the US also. As a college student, I liberally pirated software. As a computer professional, the companies and products have been payed back many times through my recommendations, support, etc. Some companies such as Netscape even make it easy for the unlicenced use of their products by hosting the "warez" right on their own FTP servers.
You're right about this being an artifact of the proprietary software industry, but face it, that's what businesses run on. This involves quite a bit of hypocracy on the software vendors part - they're saying one thing to the government, and another to the (paying and not paying) user base. --
Absolutely - Recall the great copy protection battles of the 1980s, where commercial software companies essentially admitted that piracy was an acceptable loss.
As the software market has gone international, and it turns out that 90% of the software in some places is pirated, guess what? Microsoft and others *still* think its an acceptable loss. If they didn't, they'd be copy protecting the stuff up to the hilt. (They even considered this seriously for Office 2000, but dropped the idea, if I heard correctly.)
Microsoft has the all the cost and benifits of being the standard. This includes being able to charge US customers $1000 for the full version of MS Office 2000, but also implys mass piracy. Lotus and Corel already have their prices down to $200 or so - busting the 3rd world pirates puts the fastest growing parts of the world economy right into their hands. No piracy means MS has to be price competitive.
Don't forget the free advertising factor either. I wish I had the reference handy, but in the old days when WordPerfect had 80% market share, someone from Microsoft essentially admitted that each pirated copy of MS Word was acceptable because it was meant an additonal Windows and Office user.
I should comment that I have no idea how this would work because there's no existing Microsoft certificate infrastructure in place. Perhaps the same way as ActiveX signing ("Always trust content from Microsoft Corporation?"), but getting that to work right with a private certificate is a big deployment hassle.
Note that the reason Lotus Notes is largely immune from macro virus attacks is that it has a built-in certificate infrastructure (can't login without it). It's unlikely that the Fortune 500's favorite mail system is going to get outlawed.
--
Yeah, it's not a "bug-fix", it's a "feature"!
Considering that O2000 comes on two or three CDs, maybe calling it a "patch" is the right word either.
(O2000 allows a developer to sign macro code, so along with the bug-fixes, I'd classify this as a feature.)
--
Under DOS/Win31/Win9x, I CANNOT RUN ANY PROGRAM IN A SECURE ENVIRONMENT. This is what the M$ supporters Just Don't Get(tm).
Uhh, Windows NT has only been out since 1993. The file permission system is argueably better than unix's.
(If you folks are really interested in effective Linux advocacy, you should take on Windows NT rather than the end-of-the-line, broken-for-backwards-compatibilty Win 9x. It's a more credible comparison, and will make you sound less like a raving moron.)
--
Or, to put it another way, if you ask me 20 times a day "Are you SURE you want to do that?", the 21st time, I'll click YES before I've even read the message. Even if this was the one case in which I was making a mistake.
Very good point. Outlook gives you the "virus" warning when opening *.TXT and *.JPG files - enough to drive you nuts.
Also, by default with Win 9x/NT, the file extension is not shown (I don't know if this applys to Outlook). All you see is a little WinZip icon. So it's conceivable that a new users could double-click on the icon not knowing it's an executable.
As for this being an Outlook specific virus, my understanding is that (unlike Melissa), it's not. If the uneducated masses (the "clods") started using Linux, they'd be just as suceptable to "Hey - you don't know me, but run this executable!" form of attack.
The fault really falls on the IT department's shoulders for not educating their user base. The only place Outlook comes in is that it's training costs are supposedly lower, and so many companies think they can get away with reducing that to no training at all.
--
Office 2000 (released just now) supposedly contains features which prevents Macro viruses. Perhaps this was unleashed by some unnamed party to speed up Office 2000 deployment.
(All of you paranoid Microsoft haters should feel ashamed that you didn't think of that first!)
--
If you think the discussion is over because root is sacred, you should look into how these kinds of viri work.
In an NT system, the virus can only delete the files for which the user has write access. There is no comprimise of "system" security.
The fault lies with poor design on Microsoft's part. The fact that there is no Linux equivalant only proves that noone has a macro-enabled Office suite running on Linux.
Well - look out - here comes Corel Office. Can you execute malicious viruses there? Nobody really knows because they only have like 2% of the market. Although, it might be worth it to someone to teach Linux users a lesson or two.
--
Hold your horses -- this isn't an announcement of Linux support on your common Compaq Deskpros, laptops, or home machines.
The annoucement lists AlphaServers, Proliants (x86 servers) and the Professional Workstation XP1000, which is Alpha based. No support even for the Intel workstations.
(As a side note, Compaq has to be about the worst vendor for releasing their machine specifications. I was considering buying a used PPro Professional Workstation, but the most I could get from the spec sheets was "integrated SCSI-2UW" and "integrated NetFlex 10/100 ethernet". (Some digging found that they use different chipsets in the same model line.) In the old days, Compaq made their own very good SCSI and Ethernet equipment, but I guess now they are just trying to delude their customers while packaging cheapo commodity equipment.)
--
MSDOS Client for TCP/IP is now difficult to find on the MS website. Of course, anything is hard to find on that website. It's probably still on NT disks.
It is, although it's a horrific install unless you have a network card from 1992 or so. Still highly recommended if you have a Samba enviornment.
--
AU/X was System V, and there was *no* GNU stuff available, as far as I could tell, apparently due to a FSF boycott.
AU/X was pretty cool for it's day though. I believe the OSX "Blue Box" works essentially the same way that Mac programs (including the Finder) ran on AU/X.
--
Yup - companies don't generally make investment decisions based on dejanews or altavista search results and informal e-mail with package maintainers.
This Linux Council provides a way for a company to send over their CEO and VPs and chat about Linux with other bigwigs over a nice lunch. It also allows Linux folks to promote open source development right at the top.
The only real equivalent right now is probably RedHat's marketing department, so a vendor neutral group seems like a good thing.
--
Nice analysis, but don't forget that NextStep was near commercial death, with less than 10 ISVs writing Next software (or so I've heard). The 'carbon' API is a necessary evil for those with huge MacOS code bases, such as Adobe, Microsoft, and others.
In the long run, this just forstalls the inevitable, which is Yellow Box/OpenStep. Don't worry - you NeXT people have won.
--
You could hit Linus over the head and steal his photography equipment.
--
The Canon XL1 is certainly a nice unit - my only fear is that MiniDV is going to be replaced by something better in a couple years. And the firewire port solve the digitzation problem.
Since I don't really need a video camera, I'm sitting back to see how this whole digital TV thing shakes out. In DV's favor, apparently Sony is going to use firewire as the interconnect between all of their home theater components in the future.
--
It's good to see that 35mm film could be still considered "news for nerds". In my opinon, film is still much more geeky than digital photography.
Plus, it always gets me when I see a friend with a $500 digital camera that has a crappy plastic lens that looks like it fell out of a box of cracker jacks and picture quality worse than your average 110 camera.
For instant pictures, there's always the Polaroid Instant Slide Processor - usually about $20 on ebay.
--
Which doesn't mean they'll do it. If you called up IBM today and said "I want a solution for X, Y, and Z - here's some money, I don't care how you do it."
You would come in the next day and probably find an AS/400 running Lotus Domino and DB2. Expecting a Netfinity running Linux? Sorry!
Linux can be used as more of a tactical approach for accounts that want something that isn't IBM hardware and also isn't necessarily from Microsoft.
(One thing someone should do is a Linux "Small Business Server" like MS and Novell produce. Basically it's a mail server, web server, fax server, firewall, and PPP server all wrapped up and pre-configured with a web admin interface. Basically something that vendors can drop on a small business and then forget about it.)
--
So, I figure it's kind of a karma thing for IBM to step up to the plate and help knock down this monster that is largely their own creation.
IBM has already spent a good deal of money trying to get on top of the PC industry, and all of the efforts have pretty much failed (MCA, OS/2, PowerPersonal). Do you really think that IBM is going to take that on again?
Outside of certain shops, IBM does not have alot of credibilty in the desktop space. Just look around your office. The only place that IBM has significant desktop market share is Lotus Notes and ccMail, the latter being a dead product.
--
One thing that's become clear over time is that PC operating systems and applications isn't a very profitable business. Sure Microsoft has made a ton of money, but everyone else (Corel, Adobe, Borland, Apple, etc) seems to be just scraping along. If you include MCA and OS/2, IBM probably has a net loss for it's microcomputer endevors, and probably just stays in the business so that they can provide an end-to-end solution.
Instead, IBM (and Oracle, Sun, etc) have realized that the money is really in the middleware and back-end layers, as well as services. Which is why DB2, Lotus Domino, and Tivoli are much more important (and profitable) than ViaVoice or SmartSuite or OS/2 or anything else IBM could possibly dream up in the desktop space. Microsoft of course has figured this out too, and is trying to scale up Windows and MS SQL as fast as it can.
What does this have to do with Linux? I doubt IBM really cares about Linux on the desktop (including MWave drivers, KDE, Gnome, Mesa, etc.). Linux gives IBM a way to push cheap application servers and services while avoiding it's reputation for pushing proprietary products and also the dismal future of becoming a second-tier Microsoft solution provider.
So while IBM might push Linux a bit, it's ultimately just another solution for them to choose from. They certainly aren't going to get into another desktop OS war or try to evangalize any die-hard MS customers.
--
Actually, if it would improve the service, most would be happy to pay $100 or more. Charging less than a hardcover book for a domain name only benefits the squatters and overloads the system.
--
Hmmm... Office 2K has code-signing for Macros now, and by default it'll jump up and down and shout loudly to get your attention if it comes across an unsigned piece of code. So Macro virii should no longer be a problem.
Do you have a certificate infrastructure for this, or is that Win2000 only?
Being more of a Word 6.0 person myself, I haven't tried the Office 2000 betas, but all of this stuff, plus the Office Server Extentions, plus the upcoming knowledge management server is enough to give me deployment nightmares.
--
Yes, I know what's in Office Developer. True you get lots of stuff, but have you removed the macro facilities from the standard versions of Word and Excel? If you folks have, I wouldn't be suprised to see big MS Office shops buy the developer version just to keep their VBA-writing user base happy. (Most MS Office applications aren't handled by MIS, in my experience - they're built by normal users to support smaller projects.)
Anyway, thanks for providing a runtime-only version of Access. That will make management much easier.
--
Actually I should reply to myself and say that Gimp is really a bad example because (1) it exists, and (2) I don't really think it's substandard - it's more of a learning curve issue for me.
Just consider one of the many software types for which there is no open source alternative. Unless you are docternal about open source only, there's probably some price you'd be willing to pay for just about everything you'd use.
--
Maybe the shrinkwrap market needs to get over their model of one price = unlimited use.
For example, I know people who do Photoshop work all day, every day. Their company would probably pay $5000 for Photoshop, because they need it. One the other hand, some people use Photoshop to touch up little web graphics (which admittedly they could do with gimp or shareware). Yet Adobe charges both crowds the same $600. This is obviously unacceptable for the low-end of the market, so the honest people scramble to produce free or low-cost alternatives (like the gimp), and the dishonest people just pirate.
Perhaps some sort of CPU-usage accounting model needs to be resurrected. I'd love to have Photoshop as a tool if it only cost me a few dollars now and again. As it is, I'm forced to learn and use other software which is not as good.
--
Don't forget about the standard Microsoft/Drug Dealer approach - the first hit's for free. One of these days, the thrid world is going to become a huge goldmine for US software companies.
This applys in the US also. As a college student, I liberally pirated software. As a computer professional, the companies and products have been payed back many times through my recommendations, support, etc. Some companies such as Netscape even make it easy for the unlicenced use of their products by hosting the "warez" right on their own FTP servers.
You're right about this being an artifact of the proprietary software industry, but face it, that's what businesses run on. This involves quite a bit of hypocracy on the software vendors part - they're saying one thing to the government, and another to the (paying and not paying) user base.
--
Plagiarism is necessary - progress demands it.
--
Absolutely - Recall the great copy protection battles of the 1980s, where commercial software companies essentially admitted that piracy was an acceptable loss.
As the software market has gone international, and it turns out that 90% of the software in some places is pirated, guess what? Microsoft and others *still* think its an acceptable loss. If they didn't, they'd be copy protecting the stuff up to the hilt. (They even considered this seriously for Office 2000, but dropped the idea, if I heard correctly.)
Microsoft has the all the cost and benifits of being the standard. This includes being able to charge US customers $1000 for the full version of MS Office 2000, but also implys mass piracy. Lotus and Corel already have their prices down to $200 or so - busting the 3rd world pirates puts the fastest growing parts of the world economy right into their hands. No piracy means MS has to be price competitive.
Don't forget the free advertising factor either. I wish I had the reference handy, but in the old days when WordPerfect had 80% market share, someone from Microsoft essentially admitted that each pirated copy of MS Word was acceptable because it was meant an additonal Windows and Office user.
--