When I say catch on I mean will it become mainstream? It isn't going to do so as long as only Opera users have access to this functionality. Very few larger scale applications are going to rely on something less than 5% of all web users have. Nor are they likely to support it even as an optional feature add when only 5% of their customers can take advantage of it.
This is a lot less true in the mobile space of course. It could be successful there, but even then I would say that in general Opera's lack of presence on the desktop holds it back. Most mobile apps are dumbed down versions of web apps designed for desktop use. Once again something that may change.
It is always interesting to watch and see what happens.
The author may be right in the sense that Opera is attempting to find a way to distinguish their product from the competition, but I think he's missing a few points.
There are many reasons why you might want to run a personal web server on your local machine. It can act as a proxy for example. Since it is fairly easy to program it with scripting languages it can do a lot of interesting things. Granted all that functionality could be built into the browser itself, but if you can tap into a lot of existing code and also create a more organized stack for this kind of thing it could be useful. You could do most of the things people use things like Greasemonkey for now, except probably better.
It could be highly useful for web app developers. With some specialized tools designed to help with things like AJAX debugging it could represent a significant draw. This is maybe not a huge market for the bigger browsers, but if Opera can get a bit of penetration into the dev tools market this way it could provide them with a new revenue stream.
It could be highly useful for collaborative web based applications which feature interactivity. For example it makes more sense to send a copy of every event the UI needs to process to a queue on the client side than to force repetitive performance-destroying polling across the net. Now the app need merely check a local queue using a local HTTP request, probably using AJAX. It could also be used to allow processing resources at the clients to be harnessed to do a lot of the work, possibly in parallel.
This is not a new concept, but nobody has really rolled out a useful version of it before. There are going to be issues like NAT firewalls etc, but there are various ways to approach solving them. Afterall, people play online games all the time that require them to open ports, etc for bi-directional communications. All this is doing is extending that capability to the web.
Personally I don't think it will catch on simply because Opera has too small a market share to make it worth people writing a lot of software that depends on it, but the concept itself is not bad. Perhaps Mozilla will experiment with this too, then it might go somewhere, finally.
Well, if you sit down to design the same piece of software for 2 platforms, and one of them has 500% of the processing, memory, etc resources of the other one, you may well be able to implement your software on both of them. The more capable system will require much less work unless the program is fairly trivial. While the developers on the less capable system are trying to figure out some clever way to wedge 2 more things into memory and speed up some code loop enough to be usable (or heaven forbid find 10 concurrency bugs that don't show up on the fatter system because it has less load), the team blessed with that fatter system will instead be doing something else. Like perhaps improving the game itself.
So it is not all so clear cut. Generally games have a fairly fixed budget. If you have to spend most of that budget cramming stuff into the lesser hardware platform you will spend a lot less of it on making a more interesting game.
Not that I have anything against the Wii or think it particularly doesn't have equally good games, but they are going to be increasingly not running the most complex games on it. Basically the Wii will be obsolescent long before the PS3. Maybe Nintendo has a better strategy by getting it out first and concentrating on other features besides horsepower. So far they are going well. Its nice that all of these options exist anyway.
Yup. Having worked on these systems I would be the last person to say that pilots are either better or worse than computers. Either one can either fly a plane when the other would not be able to do so or cause an accident the other would have avoided.
It is also misleading to say that the distinction between Airbus and Boeing systems is anything like as clear cut as the OP makes it out to be. The flight controls of all modern aircraft include features designed to limit the pilot's control inputs within a safe range. It would be misguided to think that a pilot can fly a 757 like some old Sopwith Camel but an A330 is somehow like pushing buttons on your microwave and you get whatever it gives you.
So basically, OP, you need to know more and your feeble rhetoric was lame.
Inkscape uses Cairo for all its rendering. Thus it is not going to be lighter weight than Cairo. There may be code in there that would provide a more useful interface, especially for C++ code. Reuse is always a good idea...
First you need a really huge balloon to lift a human being to that sort of altitude. Secondly getting down again isn't just 'somewhat less safe', it is downright insanely dangerous.
Also, since the flight time is relatively long, you need good life support. A few minutes zooming up to 62 miles really just requires a sealed cabin. Spending 5-6 hours ascending, most of which is above 30,000 feet where you can actually breath, requires temperature control and some amount of regulation of the atmosphere inside the capsule. Overall it may actually be easier to use a space plane, once you know how to build it.
The courseware he's talking about is almost certainly Blackboard and up until very recently that was basically the only available product for this kind of stuff. Yep, it is a titanic piece of KAKA, but no matter how clueful a school is, they pretty much don't have a choice. WebCT was somewhat better, but Blackboard bought that a good while back and they don't put new customers on it.
In the last year or two there are some OSS apps that are at the point where they would be a better choice, but switching is also a titanic nightmare and thus the pain goes on...
But then if you are required to comply with certain specifications by contract with DOD, it doesn't actually matter WHAT the rules are. You either comply or you get kicked off the contract.
Besides, there is a lot more to that kind of thing than just EMSEC. Those black areas are highly secure, physically, electronically, etc. Nobody goes in or out with anything on them, no electronics of any kind go in or out, no network links, no phones, no nothing.
There are of course various levels to these things, but you will NOT find classified data scattered around on systems outside a secured area.
You beat me to it. DOD has had a whole system (TEMPEST) for classifying this kind of EM emissions from secured systems at least since the mid 1980's. Nothing new about it at all. I recall working for a particular defense contractor where we had an entire 'black area' of the plant that was TEMPEST rated. Independent filtered power, EMF shielding everywhere, etc. It was pretty expensive to set up too.
Linux has capabilities. You CAN give non-root access to low ports, and you can do it on an account-by-account or binary basis AFAIK.
Between capabilities and SELinux you really should be able to accomplish most any security setup, it is really just a matter of how complex is it to get it to work?
Pretty much solved. No doubt there are modest engineering challenges, but microwaving power is certainly a well understood problem. No basic research seems required.
Honestly I think it is not ridiculous to build a prototype SPS, it will be a useful exercise even if nothing else comes of it. We'll know what the next set of problems will be and at this stage of the space game anything learned is likely to be applicable to a whole slew of other projects.
I just think it is far from proven, and likely VERY optimistic, to think that we're 5 years from commercial deployment of an SPS as these guys are implying. Having worked on some Aerospace projects on the engineering side in the past I think the basic rule of thumb is "if the engineers say it is a 5 year job, then it is a 15-20 year job."
It is probably a bit uncharitable of me to say so, but I actually think these people stand a pretty good chance of setting back SPS by another 20 years, probably a better chance of that than of succeeding. If they sell investors on a 5 year deployment target they are almost SURE to miss badly, and then we'll have a situation where 10 years later when it maybe COULD be done, nobody will touch it with a 10' pole because they lost billions the first time around.
I know their ancillary answer is "well, it just HAS to be done", but that is actually no kind of argument at all. All it says is that we are neck sheep in dip and modern civilization is basically done, stick a fork in it.
All we have to do is put a gigaton or so of unobtainium into geosynchronous orbit and then weave a cable 35,000 miles long out of it, lower it to the Earth, and then figure out how to make a vehicle that can climb a cable for 35,000 miles.
Worse yet, if we fail it is a serious problem. We can't even build suspension bridges with 100% reliability. Whoever thinks we're going to build a beanstalk right on the first try is probably wrong.
I put beanstalks into the 'who knows what might be possible in a century or two' category. Even if we DID know how to make one it would likely take decades or more to build it.
(there are better ideas than beanstalks, launch lines and fountains come to mind).
No, the 15 Terawatt estimate is assuming a fairly good level of efficiency gains already. I'm not going to throw out numbers off the top of my head, but you can easily find this data in various places online. Plenty has been written about it.
So if you want to go much below 15TW then you are going to have to tell people they can't do stuff, and that is what is called an 'unelectable candidate in the USA'.
I understand where you're coming from, and I agree that efficiency is the #1 way to get out of this jam we're in, but I don't really see how that bears on the argument. Either SPS ARE or ARE NOT more cost effective than terrestrial systems. There could be some ancillary advantages, but I don't see many, not unless you start building these things on the Moon or something, and that is a lot more than 30-40 years out. If we don't solve the 30-40 year problem, 100-300 years ain't going to happen, so it is kind of moot.
But don't take everything in that article as gospel either. According to the fairly thorough studies I've seen on the subject PV or STP setups based in the southwestern US CAN supply 100% of our projected needs out to 2050 and beyond.
Like I say, SPS is a neat concept and I'm not against it, but the research that needs to be done on it is more about 'how do you efficiently get into space' than anything SPS specific. We ARE already doing that.
Notice how there were NO numbers anywhere attached to this SPS firm's site at all? Nothing about ROI or lifecycle costs, etc. There were some fuzzy statements about how its all so easy to do, but frankly I am in serious doubt and I wouldn't put badly needed research dollars into that bin if it meant taking them out of something else.
Best spend the money on making our PV arrays REALLY efficient because wherever you want to use them, space or ground, you'll want that anyway.
Oh, I think it would have all kinds of uses. Not knocking the concept of SPS. I think it is just that we need renewable energy NOW, not 30 or 40 years from now...
If we don't solve THAT problem, there isn't going to be any going to Mars. Instead we'll be worrying about whether or not we can even survive on Earth.
First figure that the cost of putting a kilo in orbit is NOT going to go below $300, period. Not if you're lifting stuff into space with any sort of chemical rocket. So the cost of a kilowatt of SPS power is going to be MUCH higher. OK, you're PV cells are lets say 400% more efficient, but then you also have to build a giant rectenna or 10 and losses beaming power back to Earth then eats up 50% of your efficiency gains, so hey, it is only 10x more expensive than putting it in Nevada!
The other problem is we still have no idea how to build really large structures in space. Obviously it can be done, but anyone who thinks the basic engineering of that solution will not cost 100's of billions of $ is well, another O'Neil, and if he was even order of magnitude on with his numbers it would be happening now. It is a lot harder than people think. It is a lot harder than engineers think (who usually only underestimate by about 300%).
What we need is HUGE quantities of power. The US needs 15 TERAWATTS of renewable energy installed base in the next 20 years. The gating factor is cost, not efficiency. Instead of screwing around for 20 years figuring out how to build it in space, for no clear benefit, we need to just BUILD IT NOW. Time is a wasting.
"Apparently, even though Microsoft's IE8 team is doing the 'right' thing by finally making IE more standards-compliant, they are risking 'fixing the Web' because the vast majority of Web sites are still written to work incorrectly with previous, non-standards-compliant versions of IE."
And when someone adds some javascript to that site which shouldn't be there (XSS vuln) then their code is running from the place authorized to look at your local data.
It really ISN'T that earth shattering, there is no 'new' vulnerability, just a new feature of javascript that the attacker can exploit once he has his script running on your browser.
Obviously, if a site is perfectly secure then it has no problems. My point was, there isn't a new vulnerability here, just a wider scope for exactly the same old ones to do more. EVERY additional feature javascript gets is one more thing an XSS exploit can do. Doesn't make it a new exploit any more than adding a new table to your database makes an SQLI exploit "new", it just means there is more data there to be messed with.
In essence it isn't a NEW vulnerability, just whenever javaScript can do some new thing on your browser then hey presto! So can someone else's javascript do that marvy new thing. Just proves that XSS attacks live on, and always will.
Yeah, I agree that farm subsidies are monsterously stupid. The logic, in theory, is that if you simply allow agriculture in this country to go the way of manufacturing (which it might well do given lower labor costs elsewhere) then it becomes a national security issue. Not sure I BUY that argument, but it is one of the core arguments for them.
I agree totally with the sentiment of letting the bad banks fail. Of course it would have brought down the whole house of cards that is our financial system these days. The 'solution' that was arrived at was horrible of course, and maybe even worse than just letting the whole rotten edifice fail, but there would have been rioting in the streets of course. Maybe what should happen is that the equity of the shareholders in these large banks, and their managements, should be liquidated. Then the large banks could be broken down into smaller banks, etc. Still probably does require a hand from government in some fashion. Ideally it wouldn't be needed, but we've gotten ourselves into this mess and getting out now may require some less than perfect fixes.
But as for the highway system. If we NEED these roads so much to move stuff to the cities, then maybe the cost should be born by the goods that need to be moved. I'm not really suggesting that all these roads should be abandoned, just that the costs should be allocated where they belong. That MIGHT indeed mean a lot of those roads would go away, and be replaced by something more efficient. That would be a good thing. But look at Vermont where I am, 90% of the roads in this state exist because a few people wanted to live out in the countryside, not because of any economic reason. Heck, you can't even find a farm in this state practically that MAKES money, IN SPITE of the fact that they get subsidized. It is like some kind of hobby, and I'm paying for someone else's hobby. Do they pay for mine?
No, forking is always a seriously ugly prospect and as you say it wouldn't really get a fix in people's hands. On the other hand, every distribution ships its own patched version of the Linux kernel. If a feature can be supported with a simple patch there is ample precedence for distributions to patch the upstream and distribute a version that's got the fixes in it they want. That puts a lot of pressure on the upstream to get off its butt too.
I don't know all the issues, but if a patch can exist that is binary compatible with the existing version of xorg then I am hard pressed to understand why it shouldn't be done. Yes, it is more work, but a distro like Ubuntu that is so desktop focused should have INFINITE motive to expend that extra work, and in the grand scheme of things it isn't all that much. Lotta bang for the buck so to speak.
As for ff3 slowness on Linux. I'm still running Mandriva 2007.1 and there just seems to be no slowness here whatsoever. ff 3.0.6 runs quite fast, and it SURE isn't due to a superabundance of fast hardware. This machine is a good 5 years off the cutting edge. I wonder if people are just insisting on using Linux features like compositing that kill performance?
The first thing is I just don't see the whole 'firefox is so slow on Linux' thing. Maybe its just me, I don't use windows, but on my crufty old machine ff3 seems pretty quick. Even if it is rendering 4x slower than on windows I am just not sure what people are bitching about. Of course it could be faster, but calling it slow is a real overstatement IMHO. If I hit CTRL-+ any given page rerenders in 1-2 seconds, tops.
And secondly, if Render is slow and it doesn't seem to be getting faster as rapidly as everyone wants, then why aren't more resources being directed to that? xorg's progress seems glacial. If people already HAVE faster code, then get it in there. Between Intel, RH, Novel, IBM, Google, etc the resources needed to do that would appear to me to be trivial. 5 or 6 guys could be added to that effort without anyone even breaking a sweat. And if it is just all political, then screw the politics. Running code always trumps politics. If whoever is(n't) making progress on it now doesn't like that, to friggin bad for them, this stuff just has to get done and if they cannot deliver then they need to be sidelined.
Slashdot Mirror
When I say catch on I mean will it become mainstream? It isn't going to do so as long as only Opera users have access to this functionality. Very few larger scale applications are going to rely on something less than 5% of all web users have. Nor are they likely to support it even as an optional feature add when only 5% of their customers can take advantage of it.
This is a lot less true in the mobile space of course. It could be successful there, but even then I would say that in general Opera's lack of presence on the desktop holds it back. Most mobile apps are dumbed down versions of web apps designed for desktop use. Once again something that may change.
It is always interesting to watch and see what happens.
The author may be right in the sense that Opera is attempting to find a way to distinguish their product from the competition, but I think he's missing a few points.
There are many reasons why you might want to run a personal web server on your local machine. It can act as a proxy for example. Since it is fairly easy to program it with scripting languages it can do a lot of interesting things. Granted all that functionality could be built into the browser itself, but if you can tap into a lot of existing code and also create a more organized stack for this kind of thing it could be useful. You could do most of the things people use things like Greasemonkey for now, except probably better.
It could be highly useful for web app developers. With some specialized tools designed to help with things like AJAX debugging it could represent a significant draw. This is maybe not a huge market for the bigger browsers, but if Opera can get a bit of penetration into the dev tools market this way it could provide them with a new revenue stream.
It could be highly useful for collaborative web based applications which feature interactivity. For example it makes more sense to send a copy of every event the UI needs to process to a queue on the client side than to force repetitive performance-destroying polling across the net. Now the app need merely check a local queue using a local HTTP request, probably using AJAX. It could also be used to allow processing resources at the clients to be harnessed to do a lot of the work, possibly in parallel.
This is not a new concept, but nobody has really rolled out a useful version of it before. There are going to be issues like NAT firewalls etc, but there are various ways to approach solving them. Afterall, people play online games all the time that require them to open ports, etc for bi-directional communications. All this is doing is extending that capability to the web.
Personally I don't think it will catch on simply because Opera has too small a market share to make it worth people writing a lot of software that depends on it, but the concept itself is not bad. Perhaps Mozilla will experiment with this too, then it might go somewhere, finally.
Well, if you sit down to design the same piece of software for 2 platforms, and one of them has 500% of the processing, memory, etc resources of the other one, you may well be able to implement your software on both of them. The more capable system will require much less work unless the program is fairly trivial. While the developers on the less capable system are trying to figure out some clever way to wedge 2 more things into memory and speed up some code loop enough to be usable (or heaven forbid find 10 concurrency bugs that don't show up on the fatter system because it has less load), the team blessed with that fatter system will instead be doing something else. Like perhaps improving the game itself.
So it is not all so clear cut. Generally games have a fairly fixed budget. If you have to spend most of that budget cramming stuff into the lesser hardware platform you will spend a lot less of it on making a more interesting game.
Not that I have anything against the Wii or think it particularly doesn't have equally good games, but they are going to be increasingly not running the most complex games on it. Basically the Wii will be obsolescent long before the PS3. Maybe Nintendo has a better strategy by getting it out first and concentrating on other features besides horsepower. So far they are going well. Its nice that all of these options exist anyway.
Yup. Having worked on these systems I would be the last person to say that pilots are either better or worse than computers. Either one can either fly a plane when the other would not be able to do so or cause an accident the other would have avoided.
It is also misleading to say that the distinction between Airbus and Boeing systems is anything like as clear cut as the OP makes it out to be. The flight controls of all modern aircraft include features designed to limit the pilot's control inputs within a safe range. It would be misguided to think that a pilot can fly a 757 like some old Sopwith Camel but an A330 is somehow like pushing buttons on your microwave and you get whatever it gives you.
So basically, OP, you need to know more and your feeble rhetoric was lame.
Inkscape uses Cairo for all its rendering. Thus it is not going to be lighter weight than Cairo. There may be code in there that would provide a more useful interface, especially for C++ code. Reuse is always a good idea...
First you need a really huge balloon to lift a human being to that sort of altitude. Secondly getting down again isn't just 'somewhat less safe', it is downright insanely dangerous.
Also, since the flight time is relatively long, you need good life support. A few minutes zooming up to 62 miles really just requires a sealed cabin. Spending 5-6 hours ascending, most of which is above 30,000 feet where you can actually breath, requires temperature control and some amount of regulation of the atmosphere inside the capsule. Overall it may actually be easier to use a space plane, once you know how to build it.
Wow, as if someone had to ask. All you gotta do is...
The courseware he's talking about is almost certainly Blackboard and up until very recently that was basically the only available product for this kind of stuff. Yep, it is a titanic piece of KAKA, but no matter how clueful a school is, they pretty much don't have a choice. WebCT was somewhat better, but Blackboard bought that a good while back and they don't put new customers on it.
In the last year or two there are some OSS apps that are at the point where they would be a better choice, but switching is also a titanic nightmare and thus the pain goes on...
But then if you are required to comply with certain specifications by contract with DOD, it doesn't actually matter WHAT the rules are. You either comply or you get kicked off the contract.
Besides, there is a lot more to that kind of thing than just EMSEC. Those black areas are highly secure, physically, electronically, etc. Nobody goes in or out with anything on them, no electronics of any kind go in or out, no network links, no phones, no nothing.
There are of course various levels to these things, but you will NOT find classified data scattered around on systems outside a secured area.
You beat me to it. DOD has had a whole system (TEMPEST) for classifying this kind of EM emissions from secured systems at least since the mid 1980's. Nothing new about it at all. I recall working for a particular defense contractor where we had an entire 'black area' of the plant that was TEMPEST rated. Independent filtered power, EMF shielding everywhere, etc. It was pretty expensive to set up too.
Linux has capabilities. You CAN give non-root access to low ports, and you can do it on an account-by-account or binary basis AFAIK.
Between capabilities and SELinux you really should be able to accomplish most any security setup, it is really just a matter of how complex is it to get it to work?
Pretty much solved. No doubt there are modest engineering challenges, but microwaving power is certainly a well understood problem. No basic research seems required.
Honestly I think it is not ridiculous to build a prototype SPS, it will be a useful exercise even if nothing else comes of it. We'll know what the next set of problems will be and at this stage of the space game anything learned is likely to be applicable to a whole slew of other projects.
I just think it is far from proven, and likely VERY optimistic, to think that we're 5 years from commercial deployment of an SPS as these guys are implying. Having worked on some Aerospace projects on the engineering side in the past I think the basic rule of thumb is "if the engineers say it is a 5 year job, then it is a 15-20 year job."
It is probably a bit uncharitable of me to say so, but I actually think these people stand a pretty good chance of setting back SPS by another 20 years, probably a better chance of that than of succeeding. If they sell investors on a 5 year deployment target they are almost SURE to miss badly, and then we'll have a situation where 10 years later when it maybe COULD be done, nobody will touch it with a 10' pole because they lost billions the first time around.
I know their ancillary answer is "well, it just HAS to be done", but that is actually no kind of argument at all. All it says is that we are neck sheep in dip and modern civilization is basically done, stick a fork in it.
All we have to do is put a gigaton or so of unobtainium into geosynchronous orbit and then weave a cable 35,000 miles long out of it, lower it to the Earth, and then figure out how to make a vehicle that can climb a cable for 35,000 miles.
Worse yet, if we fail it is a serious problem. We can't even build suspension bridges with 100% reliability. Whoever thinks we're going to build a beanstalk right on the first try is probably wrong.
I put beanstalks into the 'who knows what might be possible in a century or two' category. Even if we DID know how to make one it would likely take decades or more to build it.
(there are better ideas than beanstalks, launch lines and fountains come to mind).
No, the 15 Terawatt estimate is assuming a fairly good level of efficiency gains already. I'm not going to throw out numbers off the top of my head, but you can easily find this data in various places online. Plenty has been written about it.
So if you want to go much below 15TW then you are going to have to tell people they can't do stuff, and that is what is called an 'unelectable candidate in the USA'.
I understand where you're coming from, and I agree that efficiency is the #1 way to get out of this jam we're in, but I don't really see how that bears on the argument. Either SPS ARE or ARE NOT more cost effective than terrestrial systems. There could be some ancillary advantages, but I don't see many, not unless you start building these things on the Moon or something, and that is a lot more than 30-40 years out. If we don't solve the 30-40 year problem, 100-300 years ain't going to happen, so it is kind of moot.
But don't take everything in that article as gospel either. According to the fairly thorough studies I've seen on the subject PV or STP setups based in the southwestern US CAN supply 100% of our projected needs out to 2050 and beyond.
Like I say, SPS is a neat concept and I'm not against it, but the research that needs to be done on it is more about 'how do you efficiently get into space' than anything SPS specific. We ARE already doing that.
Notice how there were NO numbers anywhere attached to this SPS firm's site at all? Nothing about ROI or lifecycle costs, etc. There were some fuzzy statements about how its all so easy to do, but frankly I am in serious doubt and I wouldn't put badly needed research dollars into that bin if it meant taking them out of something else.
Best spend the money on making our PV arrays REALLY efficient because wherever you want to use them, space or ground, you'll want that anyway.
Oh, I think it would have all kinds of uses. Not knocking the concept of SPS. I think it is just that we need renewable energy NOW, not 30 or 40 years from now...
If we don't solve THAT problem, there isn't going to be any going to Mars. Instead we'll be worrying about whether or not we can even survive on Earth.
First figure that the cost of putting a kilo in orbit is NOT going to go below $300, period. Not if you're lifting stuff into space with any sort of chemical rocket. So the cost of a kilowatt of SPS power is going to be MUCH higher. OK, you're PV cells are lets say 400% more efficient, but then you also have to build a giant rectenna or 10 and losses beaming power back to Earth then eats up 50% of your efficiency gains, so hey, it is only 10x more expensive than putting it in Nevada!
The other problem is we still have no idea how to build really large structures in space. Obviously it can be done, but anyone who thinks the basic engineering of that solution will not cost 100's of billions of $ is well, another O'Neil, and if he was even order of magnitude on with his numbers it would be happening now. It is a lot harder than people think. It is a lot harder than engineers think (who usually only underestimate by about 300%).
What we need is HUGE quantities of power. The US needs 15 TERAWATTS of renewable energy installed base in the next 20 years. The gating factor is cost, not efficiency. Instead of screwing around for 20 years figuring out how to build it in space, for no clear benefit, we need to just BUILD IT NOW. Time is a wasting.
"Apparently, even though Microsoft's IE8 team is doing the 'right' thing by finally making IE more standards-compliant, they are risking 'fixing the Web' because the vast majority of Web sites are still written to work incorrectly with previous, non-standards-compliant versions of IE."
created it.
And when someone adds some javascript to that site which shouldn't be there (XSS vuln) then their code is running from the place authorized to look at your local data.
It really ISN'T that earth shattering, there is no 'new' vulnerability, just a new feature of javascript that the attacker can exploit once he has his script running on your browser.
Obviously, if a site is perfectly secure then it has no problems. My point was, there isn't a new vulnerability here, just a wider scope for exactly the same old ones to do more. EVERY additional feature javascript gets is one more thing an XSS exploit can do. Doesn't make it a new exploit any more than adding a new table to your database makes an SQLI exploit "new", it just means there is more data there to be messed with.
In essence it isn't a NEW vulnerability, just whenever javaScript can do some new thing on your browser then hey presto! So can someone else's javascript do that marvy new thing. Just proves that XSS attacks live on, and always will.
Yeah, I agree that farm subsidies are monsterously stupid. The logic, in theory, is that if you simply allow agriculture in this country to go the way of manufacturing (which it might well do given lower labor costs elsewhere) then it becomes a national security issue. Not sure I BUY that argument, but it is one of the core arguments for them.
I agree totally with the sentiment of letting the bad banks fail. Of course it would have brought down the whole house of cards that is our financial system these days. The 'solution' that was arrived at was horrible of course, and maybe even worse than just letting the whole rotten edifice fail, but there would have been rioting in the streets of course. Maybe what should happen is that the equity of the shareholders in these large banks, and their managements, should be liquidated. Then the large banks could be broken down into smaller banks, etc. Still probably does require a hand from government in some fashion. Ideally it wouldn't be needed, but we've gotten ourselves into this mess and getting out now may require some less than perfect fixes.
But as for the highway system. If we NEED these roads so much to move stuff to the cities, then maybe the cost should be born by the goods that need to be moved. I'm not really suggesting that all these roads should be abandoned, just that the costs should be allocated where they belong. That MIGHT indeed mean a lot of those roads would go away, and be replaced by something more efficient. That would be a good thing. But look at Vermont where I am, 90% of the roads in this state exist because a few people wanted to live out in the countryside, not because of any economic reason. Heck, you can't even find a farm in this state practically that MAKES money, IN SPITE of the fact that they get subsidized. It is like some kind of hobby, and I'm paying for someone else's hobby. Do they pay for mine?
No, forking is always a seriously ugly prospect and as you say it wouldn't really get a fix in people's hands. On the other hand, every distribution ships its own patched version of the Linux kernel. If a feature can be supported with a simple patch there is ample precedence for distributions to patch the upstream and distribute a version that's got the fixes in it they want. That puts a lot of pressure on the upstream to get off its butt too.
I don't know all the issues, but if a patch can exist that is binary compatible with the existing version of xorg then I am hard pressed to understand why it shouldn't be done. Yes, it is more work, but a distro like Ubuntu that is so desktop focused should have INFINITE motive to expend that extra work, and in the grand scheme of things it isn't all that much. Lotta bang for the buck so to speak.
As for ff3 slowness on Linux. I'm still running Mandriva 2007.1 and there just seems to be no slowness here whatsoever. ff 3.0.6 runs quite fast, and it SURE isn't due to a superabundance of fast hardware. This machine is a good 5 years off the cutting edge. I wonder if people are just insisting on using Linux features like compositing that kill performance?
Yeah, the whole 'seed fern' thing was a bit outlandish ;).
The first thing is I just don't see the whole 'firefox is so slow on Linux' thing. Maybe its just me, I don't use windows, but on my crufty old machine ff3 seems pretty quick. Even if it is rendering 4x slower than on windows I am just not sure what people are bitching about. Of course it could be faster, but calling it slow is a real overstatement IMHO. If I hit CTRL-+ any given page rerenders in 1-2 seconds, tops.
And secondly, if Render is slow and it doesn't seem to be getting faster as rapidly as everyone wants, then why aren't more resources being directed to that? xorg's progress seems glacial. If people already HAVE faster code, then get it in there. Between Intel, RH, Novel, IBM, Google, etc the resources needed to do that would appear to me to be trivial. 5 or 6 guys could be added to that effort without anyone even breaking a sweat. And if it is just all political, then screw the politics. Running code always trumps politics. If whoever is(n't) making progress on it now doesn't like that, to friggin bad for them, this stuff just has to get done and if they cannot deliver then they need to be sidelined.