While they're at it, why don't they forbid the import/export of items that can be used to commit murder? Things like automobiles, tobacco, alcohol... oh, wait; that's right. Anything that dulls the senses is good; anything that sharpens the mind is bad. Silly me, next thing you know, I'll start doubting what Ministry of Truth tells me...
That's the only valid assumption you can make in this type of situation if you want to safeguard your freedom - that, if you give any one person or agency power without any sort of check on that power, eventually someone will misuse it.
As a corrolary, anyone intent on misusing the power that you have granted them will do their damndest to make sure that there is nothing that can stop them from using that power. This has been the hallmark of tyranny and oppression for all of recorded human history.
A developer can be the best person to test his code.
For reasons already repeated elsewhere, I agree that testing your own code (white box or unit testing) is essential, and that 3rd party testing (black box) is also essential. These leave out a middle ground, though, that works surprisingly well: having other developers test your code (and vice versa.)
Typically, if they're working on the same project, they'll have a better understanding of the code that allows them to do deeper tests than a black-box tester could, while avoiding the "can't see teh forest for the trees" problems that you face when you try and test your own code.
Yeah, I know he's trolling... this particular poast, though, didn't have the same flavor as his other trolls; unless he was trolling for clueless moderators, in which case, he was aparently successful.
Found 'em - ISC has the release notes up now. They also have the BIND 9 Administrator's Reference available as a pdf; though it looks like the same docs come with the distribution in html & man format.
User moderation is an extremely difficult problem. Look at/. - they have a fairly good moderation population, and yet, the system still gets abused. All in all, the/. moderatuon system isn't anything to write home to Mom about, but it works after a fashion.
One of the reasons it does is that while moderators may have an axe to grind (pro-Linux, anti-MS, whatever) - at least their particular stance is somewhere in the same ballpark as the majority of the readers. When you open up the moderation to the world at large, though, and anyone can moderate... sorry, that just doesn't work. You end up with to many people, with to many goals, and too many directions they want to pull a ranking in for it to work out.
Most moderation/rating schemes, even if they don't state so, assume that the moderater/rater is going to at least make an attempt to rate something honestly. The sophisticated ones try to account for the possibility of intentionally or unintentionally bad moderation or ratings. These types of systems succeed when the moderating population is somewhat cohesive, and at least shares the same fundamental outlook. The really sophisticated ones even try to deal with the l337 hax0rs trying to skew everything to show sheep pr0n just because they can... but none of them can deal with the idea that a web page or article or whatever can belong to an arbitrary number of groups simultaneously.
I know of (and worked for) one company that did try this, unsuccessfully; if you have a system this sophisticated, it's far too easy to throw a monkey wrnech into the ratings and turn everything into dreck. I'm not saying that such a system couldn't be made to work; but I am saying that it just isn't worth the effort. By the time you had it working, you'd have developed a general purpose expert system; and if you could do that, you sure as hell wouldn't be wasting your time using it to power a search engine.
What amazes me is that corn flakes were an actual, distinged segment of the keyboard-crud population. Noodles, I can understand, but... corn flakes? And where is the "dried coffee/coke stain" category?
I really am not interested in how they, um, <crunch>determined</crunch> exactly what various dessicated bits 'o blackened crud lodged under the keys were...
Republican computer repair: The manufacturer of your computer is not liable, and furthermore, will be suing your under the DMCA for attempting to bypass their "System Down (tm)"security features.
Democrat computer repair: Hmm, yes, your system's down... now, we'll take your money and use it to buy new computers for the needy. You think that's wrong? Oh, sorry - you're right. I forgot to add in the sales tax on that.
Far Right computer repair: It's it's own damn fault. If the lazy subsidized-electicity-sucking scum would just get up the motivation to work, it could pull itself out of this hole.
Far Left computer repair: Don't worry, we'll just pass a law making it a crime for a computer to be down. There! Now, your computer is OK. What do you mean, it's still down? If it were down, you'd be breaking the law, and you don't want me to have to call the police now, do you... good! See, I knew that would fix it.
Libertarian computer repair: I'll fix it if you admit that you screwed it up in the first place.
FSF computer repair: Hmm. Yeah, I can fix it. Before I do that, though, you'll have to GPL your computer, your brainwaves, your dog, and then beg for forgiveness.
Open Source computer repair: today on/. - Microsoft software can cause overclocked CPUs without cooling fans or heat sinks to burst into flame and email the contents of your hard drive to Redmond.
IANL - consult one on this if you care at all about keeping your job, sanity and/or health.
If you can present the lawers with examples of prior art that forces them to limit or rework their claims, they I don't believe they will have a choice in the matter... they will have to do so, or (eventually) face problems defending their patent in court. Doubly damning, I would think, would be that you, the supposed inventor, were the one who informed them of the areas in which their patent was overly broad. If you do this, though, I'd really make sure you had a new job lined up already.
And the folks at Jonestown followed a version of Christianity... From what I understand, Zen Buddhists are a fairly minor sect, in the same way that Franciscans are a fairly minor sect in the Catholic church (note the choice of Franciscans for comparison: like the followers of Zen, I believe they have an influence on the mainstream religion that is definitely out of proportaion with their numbers.)
On the other hand, the number of mystics, new-age wannabes and other feel-good semi-religious types that have latched onto Zen as a vehicle for their various ideas probably outweighs the number of true practicioners, helping reinforce the image that many have that Zen is nothing more than some sort of mystical snake-oil that only an idiot could believe in. What's worse, they're right, in a way; that particular, watered down, corrupted, I'll-bend-it-to-meet-my-needs type of Zen really isn't really what Zen is like, any more than the folks at Jonestown were really what the vast majority of Christians are like.
So... where *would* a GPL court case be tried, then? Without a doubt, if it ever comes to pass, the legal eagles for the large corporations will do whatever they can and need to do in order to make sure it occurs in a venue as favorable to them as possible.
While I can understand that RMS might be unwilling to place a restriction in the GPL to the effect that any contest of the terms of the GPL would happen in the courts of state X or country Y, would it be possible to add a similar clause that states that legal matters regarding the GPL will be settled in whatever venue the FSF chooses?
I'm not particularly sure that letting your competitors steal truly innovative work simply because the Management is unable to comprehend your inventions counts as "open source"... if that's the case at your current place of employment, I'd suggest finding a company that actually has a clue.
Kudos for giving us a catchy name that the average PHB can understand. If we can just get a lawyer or two to pick it up and turn it into legal jargon, we're golden.
Well said. The traditional *nix environment seems to assume you have a guru around to train you how a system should be run. There's little or no emphasis on giving someone a system where they can start off from a known, safe quantity and (probably slowly) learn what they need in order to become a competent user or user/admin.
I've never run Debian - I have to admit, it looks really attractive, so it may be my next box sometime RSN - so I'm willing to take your (and others) assertions that Sebian doesn't do anything this brain-damaged. There are distros that do... though, for the most part, they are becoming increasingly admin-friendly, instead of assuming that you'll be running a system wide-open in a completely trusted environment.
The above rant wasn't particualrly directed at Debian, but at the assumption that people are not just rational, but almost self-abusively logical - that is, that they will bother to learn exactly what sendmail does before installing it; and that they have the tenacity to keep on searching and asking questions even in the face of "RTFM" and "You don't know that? What the hell makes you think you're competent to even touch a *nix system, you flaming Windows luser!" reponses on mailing lists and newgroups.
Increasingly, the "average" user is using UNIX, or at least being exposed to it. The problem is... how do you learn something about UNIX, if you don't know anything already? As has been pointed out, documentation (installation guides, bug reports, security vulerabilities) are fragmented; quite frankly, there is no way that a new Linux user can set up a secure system, because existing distros are all installed with certain well-known insecurities.
If you think that's untrue, consider someone with a new computer and a copy of RedHat/Debian/whatever, who get's told that all this wonderful security information is available on the net. In order to gain access to it - and read about how to secure their system - they need to install an unsecure system. Of course, this isn't the reality of the situation - most new users aren't aware of security resources on the net, of course, and nobody thinks to mention them to newbies, because, after all, everybody knows about them, right?
If there was a bug in login that allowed someone to gain root access to your system if a common file (installed by default) existed in/etc, there would be no question - this is a security flaw, and it must be fixed. Saying "Everyone knows that's a problem - if you really know UNIX, you just make sure you remove that file after you do an install" wouldn't cut it.
The same holds true in this case; installing services - like sendmail - that have blatantly stupid default settings and open up a box to potential abuses, just because "everyone knows" that you need to change the default configuration to prevent it, isn't an answer. The systems should install locked down tighter than a miser's wallet, and require a user to gain knowledge in order to expose new capabilities.
There's an excellent bit of commentary about this in "The Puzzle Palace" - aparently, the CIA and various defense intellegence agencies have established listening outposts there, precisely because of the lack of RF interference.
Re:One good point -- too much C in open software
on
KDE Strikes Back
·
· Score: 2
In my experience, the exact opposite is true; the most memory- and resource-related problems come from C developers. I'll also point out that finding leaks in C code (dmalloc, Electric Fence, BoundsChecker, Purify) is also a major industry, and has been for some time. I'd trust a developer who didn't use these tools about as much as a carpenter who claimed noto not need a level.
Note that I'm more than willing to admit that my assertion about C developers having more problems with memory and resource management is not because of the language. Up until a few years ago, C was the prefered langauge used in CS courses. As a result, there are still far more C developers than C++ developers, so that you have a better chance of encountering an abysimal C developer who thinks that a core dump is an acceptable error reporting mechanism.
What's worse, these same developers - who never bothered to learn decent programming habits in C - read a book on C++, write something a little more complicated than "Hello, world!" and now think they've mastered the intricacies of C++. Or, they come across the open source "release early, release often" philosophy and thinks that means it absolves them of the need to do any sort of testing.
In short: the problem isn't the languages, it's the people who use them. The worst developers are the same type of people who thinks that because they've gone hang gliding a couple of times, they should be able to step into the cockpit of a 747 and be an effective pilot because hey! - they know how to fly, right?
In most cases these "mandatory" code reviews turn into farcical meetings where the topic is about how code reviews are a waste of time. It becomes a self-fulfilling prophecy.
Sounds like they didn't even try to follow the basic rules of reviews:
...in my mind, had nothing at all to do with the current Inprise/Firebird situation:
Looked at this way, open source licensing is just a formal way of stating that the only asset that any company or project has is the people involved in it.
My point is that MS could release Office for Linux, but no one would want to use it if it _required_ an MS distro.
That's the thing, though - unless they break the GPL, there's no way they can lock you down to one distribution. Oh, it might be difficult to get another distro to play nice with Office or whatever; but doing so would certainly be easier than, say, the Wine project. In the long run, too, if MS followed this path, it would pay for them to support as many distros as possible - remember, they'd be making their real money off of support for their apps, not the OS itself. I'm sure they wouldn't want to support every flavor of distro out there, but they would certainly want to support the major ones - probably charging a premium for "non-standard" (non-MSLinux) distros.
They can't port something that unstable onto linux.
<sarcasm> Oh? Wow! Where can I take a look at the code that prevents crappy applications from running on a Linux box? I can't seem to find it in my source tree... </sarcasm>
There is nothing that would make it impossible - or even difficult - to port Office to Linux; take a look at the various Win32-on-Unix suites that are out there. It's been done already; there may even be a Linux version of one of 'em.
*nix hackers seem to think there's something magical about the OS that makes code written for a *nix box oh-so-much more "correct" than code written on another OS.
Bullshit.
*nix hackers can be and often are just as sloppy, just as careless, just as stupid as the worst VB troglodyte you can think of. The fact that Linux, BSD, etc. are open source allow the very best developers to clean up after the really horrible hacks inflicted on the code base by clueless dolts. [1] These people would write kick-ass code on whatever system they chose to work on; many of 'em can and do support Windows ports, so this includes Windows, as well.
Unless, Office for Linux ultimately requires that you run it on MSLinux 2001.
Why not? Anyone can put together a distribution. MS sure as heck could spare a few score people to pull together MSLinux. Yeah, they'd have to live with the restrictions the GPL imposes... so what? RedHat, Caldrea, and the like seem to be making a go of it.
So they have to make it freely available... and your point would be? They already overcharge on their OS sales by around 500%. So, let's say $2 to press a CD, $3 for packaging and simple manuals, and, oh, $100 for a 5-incident support contract. Sound familiar? MS already makes a habit out of charging for support; this would allow them to really turn it into a profit center.
With a little effort, they get some great PR, and can quit spending all that money on Windows 2002 or whatever it is - hey, why pay to build an OS when you can get one for free?
Slashdot Mirror
While they're at it, why don't they forbid the import/export of items that can be used to commit murder? Things like automobiles, tobacco, alcohol... oh, wait; that's right. Anything that dulls the senses is good; anything that sharpens the mind is bad. Silly me, next thing you know, I'll start doubting what Ministry of Truth tells me...
No, nay, never...
That's the only valid assumption you can make in this type of situation if you want to safeguard your freedom - that, if you give any one person or agency power without any sort of check on that power, eventually someone will misuse it.
As a corrolary, anyone intent on misusing the power that you have granted them will do their damndest to make sure that there is nothing that can stop them from using that power. This has been the hallmark of tyranny and oppression for all of recorded human history.
For reasons already repeated elsewhere, I agree that testing your own code (white box or unit testing) is essential, and that 3rd party testing (black box) is also essential. These leave out a middle ground, though, that works surprisingly well: having other developers test your code (and vice versa.)
Typically, if they're working on the same project, they'll have a better understanding of the code that allows them to do deeper tests than a black-box tester could, while avoiding the "can't see teh forest for the trees" problems that you face when you try and test your own code.
Yeah, I know he's trolling... this particular poast, though, didn't have the same flavor as his other trolls; unless he was trolling for clueless moderators, in which case, he was aparently successful.
Found 'em - ISC has the release notes up now. They also have the BIND 9 Administrator's Reference available as a pdf; though it looks like the same docs come with the distribution in html & man format.
Sigh. Whoever moderated this post as a troll either lacks a fundamental sense of humor, or (more than likely) just doesn't understand what BIND is...
For the record: Yes, it is news for nerds, it is important software, and BIND quite literally does hold the net together.
Shoeboy's post wasn't a troll, it was a fairly good parody of the "Why was this article posted?" trolls.
I was able to find ISC's plans for BIND 9, but not any realease notes - anyone made them available online yet?
User moderation is an extremely difficult problem. Look at /. - they have a fairly good moderation population, and yet, the system still gets abused. All in all, the /. moderatuon system isn't anything to write home to Mom about, but it works after a fashion.
One of the reasons it does is that while moderators may have an axe to grind (pro-Linux, anti-MS, whatever) - at least their particular stance is somewhere in the same ballpark as the majority of the readers. When you open up the moderation to the world at large, though, and anyone can moderate... sorry, that just doesn't work. You end up with to many people, with to many goals, and too many directions they want to pull a ranking in for it to work out.
Most moderation/rating schemes, even if they don't state so, assume that the moderater/rater is going to at least make an attempt to rate something honestly. The sophisticated ones try to account for the possibility of intentionally or unintentionally bad moderation or ratings. These types of systems succeed when the moderating population is somewhat cohesive, and at least shares the same fundamental outlook. The really sophisticated ones even try to deal with the l337 hax0rs trying to skew everything to show sheep pr0n just because they can... but none of them can deal with the idea that a web page or article or whatever can belong to an arbitrary number of groups simultaneously.
I know of (and worked for) one company that did try this, unsuccessfully; if you have a system this sophisticated, it's far too easy to throw a monkey wrnech into the ratings and turn everything into dreck. I'm not saying that such a system couldn't be made to work; but I am saying that it just isn't worth the effort. By the time you had it working, you'd have developed a general purpose expert system; and if you could do that, you sure as hell wouldn't be wasting your time using it to power a search engine.
What amazes me is that corn flakes were an actual, distinged segment of the keyboard-crud population. Noodles, I can understand, but... corn flakes? And where is the "dried coffee/coke stain" category?
I really am not interested in how they, um, <crunch>determined</crunch> exactly what various dessicated bits 'o blackened crud lodged under the keys were...
IANL - consult one on this if you care at all about keeping your job, sanity and/or health.
If you can present the lawers with examples of prior art that forces them to limit or rework their claims, they I don't believe they will have a choice in the matter... they will have to do so, or (eventually) face problems defending their patent in court. Doubly damning, I would think, would be that you, the supposed inventor, were the one who informed them of the areas in which their patent was overly broad. If you do this, though, I'd really make sure you had a new job lined up already.
And the folks at Jonestown followed a version of Christianity... From what I understand, Zen Buddhists are a fairly minor sect, in the same way that Franciscans are a fairly minor sect in the Catholic church (note the choice of Franciscans for comparison: like the followers of Zen, I believe they have an influence on the mainstream religion that is definitely out of proportaion with their numbers.)
On the other hand, the number of mystics, new-age wannabes and other feel-good semi-religious types that have latched onto Zen as a vehicle for their various ideas probably outweighs the number of true practicioners, helping reinforce the image that many have that Zen is nothing more than some sort of mystical snake-oil that only an idiot could believe in. What's worse, they're right, in a way; that particular, watered down, corrupted, I'll-bend-it-to-meet-my-needs type of Zen really isn't really what Zen is like, any more than the folks at Jonestown were really what the vast majority of Christians are like.
So... where *would* a GPL court case be tried, then? Without a doubt, if it ever comes to pass, the legal eagles for the large corporations will do whatever they can and need to do in order to make sure it occurs in a venue as favorable to them as possible.
While I can understand that RMS might be unwilling to place a restriction in the GPL to the effect that any contest of the terms of the GPL would happen in the courts of state X or country Y, would it be possible to add a similar clause that states that legal matters regarding the GPL will be settled in whatever venue the FSF chooses?
I'm not particularly sure that letting your competitors steal truly innovative work simply because the Management is unable to comprehend your inventions counts as "open source"... if that's the case at your current place of employment, I'd suggest finding a company that actually has a clue.
Kudos for giving us a catchy name that the average PHB can understand. If we can just get a lawyer or two to pick it up and turn it into legal jargon, we're golden.
Well said. The traditional *nix environment seems to assume you have a guru around to train you how a system should be run. There's little or no emphasis on giving someone a system where they can start off from a known, safe quantity and (probably slowly) learn what they need in order to become a competent user or user/admin.
I've never run Debian - I have to admit, it looks really attractive, so it may be my next box sometime RSN - so I'm willing to take your (and others) assertions that Sebian doesn't do anything this brain-damaged. There are distros that do... though, for the most part, they are becoming increasingly admin-friendly, instead of assuming that you'll be running a system wide-open in a completely trusted environment.
The above rant wasn't particualrly directed at Debian, but at the assumption that people are not just rational, but almost self-abusively logical - that is, that they will bother to learn exactly what sendmail does before installing it; and that they have the tenacity to keep on searching and asking questions even in the face of "RTFM" and "You don't know that? What the hell makes you think you're competent to even touch a *nix system, you flaming Windows luser!" reponses on mailing lists and newgroups.
Increasingly, the "average" user is using UNIX, or at least being exposed to it. The problem is... how do you learn something about UNIX, if you don't know anything already? As has been pointed out, documentation (installation guides, bug reports, security vulerabilities) are fragmented; quite frankly, there is no way that a new Linux user can set up a secure system, because existing distros are all installed with certain well-known insecurities.
If you think that's untrue, consider someone with a new computer and a copy of RedHat/Debian/whatever, who get's told that all this wonderful security information is available on the net. In order to gain access to it - and read about how to secure their system - they need to install an unsecure system. Of course, this isn't the reality of the situation - most new users aren't aware of security resources on the net, of course, and nobody thinks to mention them to newbies, because, after all, everybody knows about them, right?
If there was a bug in login that allowed someone to gain root access to your system if a common file (installed by default) existed in /etc, there would be no question - this is a security flaw, and it must be fixed. Saying "Everyone knows that's a problem - if you really know UNIX, you just make sure you remove that file after you do an install" wouldn't cut it.
The same holds true in this case; installing services - like sendmail - that have blatantly stupid default settings and open up a box to potential abuses, just because "everyone knows" that you need to change the default configuration to prevent it, isn't an answer. The systems should install locked down tighter than a miser's wallet, and require a user to gain knowledge in order to expose new capabilities.
There's an excellent bit of commentary about this in "The Puzzle Palace" - aparently, the CIA and various defense intellegence agencies have established listening outposts there, precisely because of the lack of RF interference.
In my experience, the exact opposite is true; the most memory- and resource-related problems come from C developers. I'll also point out that finding leaks in C code (dmalloc, Electric Fence, BoundsChecker, Purify) is also a major industry, and has been for some time. I'd trust a developer who didn't use these tools about as much as a carpenter who claimed noto not need a level.
Note that I'm more than willing to admit that my assertion about C developers having more problems with memory and resource management is not because of the language. Up until a few years ago, C was the prefered langauge used in CS courses. As a result, there are still far more C developers than C++ developers, so that you have a better chance of encountering an abysimal C developer who thinks that a core dump is an acceptable error reporting mechanism.
What's worse, these same developers - who never bothered to learn decent programming habits in C - read a book on C++, write something a little more complicated than "Hello, world!" and now think they've mastered the intricacies of C++. Or, they come across the open source "release early, release often" philosophy and thinks that means it absolves them of the need to do any sort of testing.
In short: the problem isn't the languages, it's the people who use them. The worst developers are the same type of people who thinks that because they've gone hang gliding a couple of times, they should be able to step into the cockpit of a 747 and be an effective pilot because hey! - they know how to fly, right?
Sounds like they didn't even try to follow the basic rules of reviews:
...in my mind, had nothing at all to do with the current Inprise/Firebird situation:
That's the thing, though - unless they break the GPL, there's no way they can lock you down to one distribution. Oh, it might be difficult to get another distro to play nice with Office or whatever; but doing so would certainly be easier than, say, the Wine project. In the long run, too, if MS followed this path, it would pay for them to support as many distros as possible - remember, they'd be making their real money off of support for their apps, not the OS itself. I'm sure they wouldn't want to support every flavor of distro out there, but they would certainly want to support the major ones - probably charging a premium for "non-standard" (non-MSLinux) distros.
<sarcasm>
Oh? Wow! Where can I take a look at the code that prevents crappy applications from running on a Linux box? I can't seem to find it in my source tree...
</sarcasm>
There is nothing that would make it impossible - or even difficult - to port Office to Linux; take a look at the various Win32-on-Unix suites that are out there. It's been done already; there may even be a Linux version of one of 'em.
*nix hackers seem to think there's something magical about the OS that makes code written for a *nix box oh-so-much more "correct" than code written on another OS.
Bullshit.
*nix hackers can be and often are just as sloppy, just as careless, just as stupid as the worst VB troglodyte you can think of. The fact that Linux, BSD, etc. are open source allow the very best developers to clean up after the really horrible hacks inflicted on the code base by clueless dolts. [1] These people would write kick-ass code on whatever system they chose to work on; many of 'em can and do support Windows ports, so this includes Windows, as well.
[1] And I've been one of those dolts in my time.
Why not? Anyone can put together a distribution. MS sure as heck could spare a few score people to pull together MSLinux. Yeah, they'd have to live with the restrictions the GPL imposes... so what? RedHat, Caldrea, and the like seem to be making a go of it.
So they have to make it freely available... and your point would be? They already overcharge on their OS sales by around 500%. So, let's say $2 to press a CD, $3 for packaging and simple manuals, and, oh, $100 for a 5-incident support contract. Sound familiar? MS already makes a habit out of charging for support; this would allow them to really turn it into a profit center.
With a little effort, they get some great PR, and can quit spending all that money on Windows 2002 or whatever it is - hey, why pay to build an OS when you can get one for free?