Re:Apply the same arguments to other areas of safe
on
PDF Virus Spotted
·
· Score: 1
I know it is a profoundly unpopular idea (and I'm not terribly thrilled with the notion myself), but perhaps it is time for some basic standards of quality and security to be imposed through some form of regulation. The alternative seems to be more of the same, which is clearly not acceptable.
I would love to agree with you on this, but I probably would not have a job anymore if I did. If I took my responsibility as an IT professional seriously, I would tell my users, "No.", if I knew what they wanted would put the company in some jeopardy. Unfortunately the rules of being an IT professional are:
The customer is always right.
Otherwise, see rule #1.
From the parent article: The company (Microsoft) is writing software with features that their customers want--no matter if they pose security risks or not.
By that logic, the GCC people should be raked over the coals as well. They created a compiler suite that allows people to write software with buffer overflows and race conditions.:)
I live in the St. Louis area and have AT&T @Home. Supposedly there have been talks between AT&T and Charter where Charter would take over AT&T's customers for Cable TV and broadband Internet. Supposedly, last I've heard, it's a done deal. Now this story pops up, and I'm getting confused. Is the AT&T-Charter deal now null and void? Will it still happen, but just here locally?
This of course ends the ongoing struggles with Earthweb that has resulted in many subscribers (including me) going without what is one of the best technical journals being published today
Actually, Jon Orwant got TPJ back from Earthweb in April, and the latest issue was published in May. Taco ought to come out of his cave more than once every 4 months. But, then again, who cares about getting the facts straight on/., right?
Because it's GPL'd, and you CAN do that. FreeBSD and NetBSD do as well. Are you going to flame them also?
The GPL does NOT prohibit use of GPL'd code in commercial software. It does say that source must be made available for GPL'd software or derivitive works. Software that you write can be licensed by whatever method you see fit, as Darren Reed would be unhesitant to tell you.
They're thrilled to co-opt code out of BSD (where do you think windows got its network stack)?
Bingo! I was wondering when somebody else would figure this out! BTW, this is where Linux originally got their TCP/IP stack from. Small world.:)
If Microsoft was facing BSD right now in place of Linux, it would just fork it. Embrace and extend, bundle a BSD variant with Explorer and a Win32 API compatability library, and of course half of the office suite buried and hidden in the standard system libraries just like it's in windows now. And it would work.
...And probably work better than what they have now. Why do you think Apple took FreeBSD, wrapped it in so much eye candy, and published it as MacOS X? They wanted something that works at least an order of magnitude better that what they had. If Microsoft decided to do they same thing, I would jump up and shout "About goddamn time! You shoulda done it a long time ago! What you put out before instead was shit!"
Basically, though, I think the GPL is good for its intended purpose. People are just trying to use it for something it was never designed to do, and then, UH OH!
Maybe if you applied some indentation to your code examples so people could read it, I would? If I was your professor, I'd give you an F for the whole project for that alone. I see spaces in your code so obviously the spacebar works on your keyboard; can't use hardware problems as an excuse except maybe the faulty component in front of the keyboard.
Pretty much everything's been done before, in some form or another. This is no exception.
OK, then why does everybody bitch like so many neurotic lesbians with PMS. Who fucking cares? Just use whatever the hell you want, and SHUT THE FUCKING HELL UP!!!
BTW, I think XFCE is great. Keep up the good work.
If you really beleive you have an 'investment' in perl then you need to get a life and become a real programmer.
You obviously have never had to rewrite a whole project from one language to another, right? BTW, *you* might want to invest in a dictionary or a good spellchecker. "'i' before 'e', except after 'c'".
NEVER use a spineless operating system.
Re:Zealotry Sure Helped OS/2...
on
QT Mozilla Port
·
· Score: 1
...and Amiga...and Apple...etc.
OS/2 was actually a superior OS compared to Windows, but died the death of a thousand cuts due to Microsoft's marketing and lack of third-party application support as well as over-zealous users. When the Amiga finally died, an official at Commodore was quoted as saying, "our over-zealous user base didn't do us any favors". Mac users pretty much defined over-zealousness. BTW, has the Mac market share reached double digits yet?:)
I use FreeBSD and OpenBSD, but I don't go out of my way to evangelize it, nor do I bad mouth any alternatives. I let the product speak for itself. If you like it, fine. If you don't, that's fine, too; use something else.
First, NetBSD was ported to the DreamCast, NOT FreeBSD. FreeBSD is only for Intel and Alpha, but there's lots more apps, support, etc.
Also, BSD, in general, is for people who love Unix. Linux is for people who hate Microsoft.
Otherwise, you're absolutely right. *BSD is for people who love Unix
Linux is for people who hate Microsoft
What languages exist that weren't created in C, C++ or Assembly? At the end of the day, avoiding things written in C/C++ or Assembly, languages or whatever, is rather difficult to do.
Regarding letting the compiler do the work, with regard to this subject, that's not a complete solution either. No matter how good a language or compiler is at preventing these kind of problems, it's not going to prevent a programmer from coding something that's just plain wrong and creating some kind of exploit. Whenever humans are involved, mistakes will happen.
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
I think Tucows know tyheir audience perfectly - enwtwork administrators from the Windows world who heard about Linux and just want to run a stable OS. They find Linux difficult to use and confusing, with some people saying... blah, blah, blah, yackety, shmackety, etc, etc, etc...
Linux isn't more stable than Windows if you can't install it in the first place
Have you ever actually installed any Linux distribution in the last year or so?
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
The finger phone sounds interesting. Quite frankly, I'm still waiting for the Shoe phone from Get Smart or, alternatively, the ComBadge from Star Trek TNG.
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
I was going to register a login with their site just so I could respond to the obvious flame-bait troll article, but I had second thoughts. Why do we allow these people to get our collective blood pressure up and goad us into these flame wars? At the end of the day, it's not going to make one bit of difference into what we use. We'll still be using FreeBSD, OpenBSD, NetBSD, Linux, BeOS as well as QNX when it actually comes out. And, we'll be happy.
QNX is just yet another choice. On the surface, it looks like a very interesting OS. However, is it Open Source? If I wan't to change something in the core OS, can I do so like I can in Linux and *BSD?
The author kind of misses a couple of points. First, QNX was designed for embedded systems and real-time applications; Linux wasn't. She compares apples and oranges when talking about Linux being a monolithic kernel (which it hasn't been for years) and QNX being a modular system. They were made for two different applications. Second, the author says that it's a competitor to Linux for the desktop. Well, they both still have to compete with Windows which still has the monopoly on the desktop.
From www.gnupg.org: "Because it does not use IDEA or RSA it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application."
'Nuff said there
Again from www.gnupg.org: GnuPG compiles and runs on many more systems, but due to the lack of a well tested entropy source, it should be used with some caution. We have positive reports on these systems:
AIX v4.3,
BSDI v4.0.1 with i386,
HPUX v9.x, v10.x and v11.0 with HPPA CPU,
IRIX v6.3 with MIPS R10000 CPU,
MP-RAS v3.02,
OSF1 V4.0 with Alpha CPU,
OS/2 version 2.
SCO UnixWare/7.1.0.
SunOS, Solaris on Sparc and x86,
USL Unixware v1.1.2,
Windows 95 and WNT with x86 CPUs."
Yep, Windows is in there, but so are a lot of "proper" operating systems. 8)
"Why don't you check your facts before posting to this site? Oh, I forgot, this is/. Never mind."
To my previous comment, I can only add this: 8)
This was not meant to get anyone's blood pressure up. Just to point out a few things that I felt your original post misrepresented. It also was meant as a pun on the perceived quality and factual accuracy of discussions here on/. In other words, nothing personal, dude. And, yes I've used and installed both PGP and GPG. I prefer GPG for the same reason I use any GNU software; it's free, in both speech and beer 8).
BTW, nice FAQ on GPG/PGP.
GPG... uses the same ciphers (and more...) that NAI/PGP uses.
No, it doesn't! PGP uses proprietary patented algorithms. GPG doesn't, never has and never will. THAT'S why it's superior to PGP.
The only problem with GPG is that it should only be used under "proper" operating systems (e.g. any version of UNIX).
NONSENSE! GPG is released under the GPL. You can port it to any operating system you want. Why don't you check your facts before posting to this site? Oh, I forgot, this is/. Never mind.
So, take a #2 or get off the pot, already!
on
X Windows Must Die!
·
· Score: 1
"I frankly don't see much light at the end of the tunnel. X is too deeply embedded in the Unix world to be easily dislodged, and the lack of a GUI standard on the platform doesn't appear likely to be resolved."
So, write something to replace it that runs better. BTW, GUI "standards" have nothing to do with X. It just gives you the basic stuff to do GUIs on. Also BTW, the reason for the lack of a GUI "standard" is because X is not proprietary software like Microsoft's and Apple's.
"Maybe the embedded space can offer some salvation -- programmers will *have* to forgo X to run on smaller devices, and perhaps this will be the wedge that gets X out of all our lives."
Following that logic, maybe future advancements in Rollerblades will offer some salvation for the Automotive industry. Embedded and Desktop are two completely diverse areas; you can't say how or if one will affect the other.
Re:Real Challenge is turning CLI graphical :P
on
Who's Afraid Of C++?
·
· Score: 1
When I first read the above comment I immediately remembered that Novell had a product called, oddly enough, AppWare. It wasn't really component based, but more like logic diagramming. And what components existed were specific to AppWare; I couldn't use components created in some other tool.
However, graphical programming is rather cool. Incompatible component and object formats will probably keep that from becoming a reality for some time. Hopefully the discussions between the folks at GNOME and KDE for making their components interoperate will actually bear fruit.
Yes, there are a lot of paper MCSEs. But, (1) if MS had a concern about MCSEs who didn't know their shit, why didn't they make the cert. process harder in the first place. It's not like they weren't aware of the whole fiasco with paper CNEs years ago. And (2) the whole purpose for getting an MCSE in the first place is to get considered by retarded HR and IS/IT people in the first place who if they don't see that magic acronym on your resume in the first place, it goes in the trash can. Hard to get real-world experience if you can't get a job without being certified. Oh, screw it! Who wants pie!?
BTW, I generally don't hire folks with certification. It doesn't prove a damn thing... but it does tell me a lot about the person who touts such certification as being valuable. The idea of certification is not to get hired, but to get considered in the first place. You can have all the real world experience possible, but if prospective employers dont see that magic acronym on your resume, it's going in the trash. It was the same with Bachelor's degrees years ago. Nowadays, it's MCSEs, Oracle DBAs, A+, etc. How about one for people like me who learned, and are still learning, how to do a lot of things fairly well, but not enough to be considered a "Certified" this-or-that. I propose, CJOATMON; Certified Jack Of All Trades, Master Of None.
The top identity verification service buying the top domain registrar -- personally, it scares the hell out of me.
Care to elaborate?
I can't see what possible good will come out of this. IMO, it's a recipe for disaster and will provide the Clinton administration (or the Gore administration, if he turns out to be Clinton's successor) with just the tool he needs to further his agenda.
I don't buy that. Clinton gets excited over a screensaver. TPIAW, clueless.
Personally, I like the ideas being floated elsewhere in this discussion about the USPS being an issuer of certificates or issuing numbers (for a fee) for "anonymized" postal addresses. Even better would be an international consortium (of which the USPS would be a part) that provides identity verification.
Oh, please! USPS can't even deliver the mail, which is their primary function. And how hard is that; it's got our address right on it.:)
In the words of Rick Moen of Silicon Valley, "But that's just my opinion. I could be wrong."
Dennis Miller, actually, and I am NEVER wrong; I'm just not right all the time.:)
Slashdot Mirror
I know it is a profoundly unpopular idea (and I'm not terribly thrilled with the notion myself), but perhaps it is time for some basic standards of quality and security to be imposed through some form of regulation. The alternative seems to be more of the same, which is clearly not acceptable.
I would love to agree with you on this, but I probably would not have a job anymore if I did. If I took my responsibility as an IT professional seriously, I would tell my users, "No.", if I knew what they wanted would put the company in some jeopardy. Unfortunately the rules of being an IT professional are:
From the parent article: The company (Microsoft) is writing software with features that their customers want--no matter if they pose security risks or not.
By that logic, the GCC people should be raked over the coals as well. They created a compiler suite that allows people to write software with buffer overflows and race conditions. :)
We flame, we're ideological, if we're not flaming ideologues then what are we?
Trolls.
NEVER use a spineless operating system.
I live in the St. Louis area and have AT&T @Home. Supposedly there have been talks between AT&T and Charter where Charter would take over AT&T's customers for Cable TV and broadband Internet. Supposedly, last I've heard, it's a done deal. Now this story pops up, and I'm getting confused. Is the AT&T-Charter deal now null and void? Will it still happen, but just here locally?
NEVER use a spineless operating system.
Actually, Jon Orwant got TPJ back from Earthweb in April, and the latest issue was published in May. Taco ought to come out of his cave more than once every 4 months. But, then again, who cares about getting the facts straight on /., right?
NEVER use a spineless operating system.
Because it's GPL'd, and you CAN do that. FreeBSD and NetBSD do as well. Are you going to flame them also?
The GPL does NOT prohibit use of GPL'd code in commercial software. It does say that source must be made available for GPL'd software or derivitive works. Software that you write can be licensed by whatever method you see fit, as Darren Reed would be unhesitant to tell you.
I suggest you read http://www.openbsd.org/goals.html and http://www.openbsd.org/policy.html for more information on this.
NEVER use a spineless operating system.
They're thrilled to co-opt code out of BSD (where do you think windows got its network stack)?
Bingo! I was wondering when somebody else would figure this out! BTW, this is where Linux originally got their TCP/IP stack from. Small world. :)
If Microsoft was facing BSD right now in place of Linux, it would just fork it. Embrace and extend, bundle a BSD variant with Explorer and a Win32 API compatability library, and of course half of the office suite buried and hidden in the standard system libraries just like it's in windows now. And it would work.
...And probably work better than what they have now. Why do you think Apple took FreeBSD, wrapped it in so much eye candy, and published it as MacOS X? They wanted something that works at least an order of magnitude better that what they had. If Microsoft decided to do they same thing, I would jump up and shout "About goddamn time! You shoulda done it a long time ago! What you put out before instead was shit!"
Basically, though, I think the GPL is good for its intended purpose. People are just trying to use it for something it was never designed to do, and then, UH OH!
NEVER use a spineless operating system.
Maybe if you applied some indentation to your code examples so people could read it, I would? If I was your professor, I'd give you an F for the whole project for that alone. I see spaces in your code so obviously the spacebar works on your keyboard; can't use hardware problems as an excuse except maybe the faulty component in front of the keyboard.
NEVER use a spineless operating system.
Pretty much everything's been done before, in some form or another. This is no exception.
OK, then why does everybody bitch like so many neurotic lesbians with PMS. Who fucking cares? Just use whatever the hell you want, and SHUT THE FUCKING HELL UP!!!
BTW, I think XFCE is great. Keep up the good work.
NEVER use a spineless operating system.
If you really beleive you have an 'investment' in perl then you need to get a life and become a real programmer.
You obviously have never had to rewrite a whole project from one language to another, right? BTW, *you* might want to invest in a dictionary or a good spellchecker. "'i' before 'e', except after 'c'".
NEVER use a spineless operating system.
...and Amiga...and Apple...etc.
OS/2 was actually a superior OS compared to Windows, but died the death of a thousand cuts due to Microsoft's marketing and lack of third-party application support as well as over-zealous users. When the Amiga finally died, an official at Commodore was quoted as saying, "our over-zealous user base didn't do us any favors". Mac users pretty much defined over-zealousness. BTW, has the Mac market share reached double digits yet? :)
I use FreeBSD and OpenBSD, but I don't go out of my way to evangelize it, nor do I bad mouth any alternatives. I let the product speak for itself. If you like it, fine. If you don't, that's fine, too; use something else.
NEVER use a spineless operating system.
BSD is a complete OS. Linux is just a kernel.
*BSD is for people who love Unix
Linux is for people who hate Microsoft
First, NetBSD was ported to the DreamCast, NOT FreeBSD. FreeBSD is only for Intel and Alpha, but there's lots more apps, support, etc. Also, BSD, in general, is for people who love Unix. Linux is for people who hate Microsoft. Otherwise, you're absolutely right.
*BSD is for people who love Unix
Linux is for people who hate Microsoft
What languages exist that weren't created in C, C++ or Assembly? At the end of the day, avoiding things written in C/C++ or Assembly, languages or whatever, is rather difficult to do.
Regarding letting the compiler do the work, with regard to this subject, that's not a complete solution either. No matter how good a language or compiler is at preventing these kind of problems, it's not going to prevent a programmer from coding something that's just plain wrong and creating some kind of exploit. Whenever humans are involved, mistakes will happen.
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
I think Tucows know tyheir audience perfectly - enwtwork administrators from the Windows world who heard about Linux and just want to run a stable OS. They find Linux difficult to use and confusing, with some people saying ... blah, blah, blah, yackety, shmackety, etc, etc, etc ...
Linux isn't more stable than Windows if you can't install it in the first place
Have you ever actually installed any Linux distribution in the last year or so?
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
It was a jab at: 1) Windows users and 2) Tucows for not knowing their audience.
True on BOTH counts. But mostly the latter.
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
You can download nightly builds of Nautilus at nautilus.eazel.com. Hardly vaporware.
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
The finger phone sounds interesting. Quite frankly, I'm still waiting for the Shoe phone from Get Smart or, alternatively, the ComBadge from Star Trek TNG.
Sensual: Running a feather down your lover's body
Kinky: Using the whole chicken
QNX is just yet another choice. On the surface, it looks like a very interesting OS. However, is it Open Source? If I wan't to change something in the core OS, can I do so like I can in Linux and *BSD?
The author kind of misses a couple of points. First, QNX was designed for embedded systems and real-time applications; Linux wasn't. She compares apples and oranges when talking about Linux being a monolithic kernel (which it hasn't been for years) and QNX being a modular system. They were made for two different applications. Second, the author says that it's a competitor to Linux for the desktop. Well, they both still have to compete with Windows which still has the monopoly on the desktop.
From www.gnupg.org: /. Never mind." /. In other words, nothing personal, dude. And, yes I've used and installed both PGP and GPG. I prefer GPG for the same reason I use any GNU software; it's free, in both speech and beer 8).
BTW, nice FAQ on GPG/PGP.
"Because it does not use IDEA or RSA it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application."
'Nuff said there Again from www.gnupg.org:
GnuPG compiles and runs on many more systems, but due to the lack of a well tested entropy source, it should be used with some caution. We have positive reports on these systems:
AIX v4.3,
BSDI v4.0.1 with i386,
HPUX v9.x, v10.x and v11.0 with HPPA CPU,
IRIX v6.3 with MIPS R10000 CPU,
MP-RAS v3.02,
OSF1 V4.0 with Alpha CPU,
OS/2 version 2.
SCO UnixWare/7.1.0.
SunOS, Solaris on Sparc and x86,
USL Unixware v1.1.2,
Windows 95 and WNT with x86 CPUs."
Yep, Windows is in there, but so are a lot of "proper" operating systems. 8) "Why don't you check your facts before posting to this site? Oh, I forgot, this is
To my previous comment, I can only add this: 8)
This was not meant to get anyone's blood pressure up. Just to point out a few things that I felt your original post misrepresented. It also was meant as a pun on the perceived quality and factual accuracy of discussions here on
GPG ... uses the same ciphers (and more...) that NAI/PGP uses. /. Never mind.
No, it doesn't! PGP uses proprietary patented algorithms. GPG doesn't, never has and never will. THAT'S why it's superior to PGP. The only problem with GPG is that it should only be used under "proper" operating systems (e.g. any version of UNIX).
NONSENSE! GPG is released under the GPL. You can port it to any operating system you want. Why don't you check your facts before posting to this site? Oh, I forgot, this is
So, write something to replace it that runs better. BTW, GUI "standards" have nothing to do with X. It just gives you the basic stuff to do GUIs on. Also BTW, the reason for the lack of a GUI "standard" is because X is not proprietary software like Microsoft's and Apple's.
"Maybe the embedded space can offer some salvation -- programmers will *have* to forgo X to run on smaller devices, and perhaps this will be the wedge that gets X out of all our lives."
Following that logic, maybe future advancements in Rollerblades will offer some salvation for the Automotive industry. Embedded and Desktop are two completely diverse areas; you can't say how or if one will affect the other.
When I first read the above comment I immediately remembered that Novell had a product called, oddly enough, AppWare. It wasn't really component based, but more like logic diagramming. And what components existed were specific to AppWare; I couldn't use components created in some other tool.
However, graphical programming is rather cool. Incompatible component and object formats will probably keep that from becoming a reality for some time. Hopefully the discussions between the folks at GNOME and KDE for making their components interoperate will actually bear fruit.
Yes, there are a lot of paper MCSEs. But, (1) if MS had a concern about MCSEs who didn't know their shit, why didn't they make the cert. process harder in the first place. It's not like they weren't aware of the whole fiasco with paper CNEs years ago. And (2) the whole purpose for getting an MCSE in the first place is to get considered by retarded HR and IS/IT people in the first place who if they don't see that magic acronym on your resume in the first place, it goes in the trash can. Hard to get real-world experience if you can't get a job without being certified. Oh, screw it! Who wants pie!?
BTW, I generally don't hire folks with certification. It doesn't prove a damn thing... but it does tell me a lot about the person who touts such certification as being valuable. The idea of certification is not to get hired, but to get considered in the first place. You can have all the real world experience possible, but if prospective employers dont see that magic acronym on your resume, it's going in the trash. It was the same with Bachelor's degrees years ago. Nowadays, it's MCSEs, Oracle DBAs, A+, etc. How about one for people like me who learned, and are still learning, how to do a lot of things fairly well, but not enough to be considered a "Certified" this-or-that. I propose, CJOATMON; Certified Jack Of All Trades, Master Of None.
Care to elaborate?
I can't see what possible good will come out of this. IMO, it's a recipe for disaster and will provide the Clinton administration (or the Gore administration, if he turns out to be Clinton's successor) with just the tool he needs to further his agenda.
I don't buy that. Clinton gets excited over a screensaver. TPIAW, clueless.
Personally, I like the ideas being floated elsewhere in this discussion about the USPS being an issuer of certificates or issuing numbers (for a fee) for "anonymized" postal addresses. Even better would be an international consortium (of which the USPS would be a part) that provides identity verification.
Oh, please! USPS can't even deliver the mail, which is their primary function. And how hard is that; it's got our address right on it. :)
In the words of Rick Moen of Silicon Valley, "But that's just my opinion. I could be wrong."
Dennis Miller, actually, and I am NEVER wrong; I'm just not right all the time. :)