No more Java geeks who think that people actually want to use Java applications. Speaking as a Mac/Linux user, I can say that having portability is simply not worth the bloat and hideousness of a Java application. I'll hold out for native apps in GTK/Qt or Cocoa, thanks. And I know that Windows users are not exactly hurting for native applications. So what the hell is the point? The only people who seem to actually like using Java applications are Java developers. The problem is that you lose so much OS integration by building a one-size-fits-all application.
And now indeed the browser is everything: news, maps, banking, gambling, shopping, marketplaces, advertising, forums (ever heard of Slashdot?),
Everything, eh? I've got 7 applications open right now. Guess how many of them are web browsers. The browser is not everything.
It's not perfect, but then again are any other GUI toolkits?
Relative to what is available to web app developers, yes. Web GUI toolkits are at least a decade behind what is available to modern desktop programmers. There really isn't even much comparison.
Oh shut up. Writely blows and Google spreadsheet sucks. Stripped down alternatives to Office have been around forever. Sandboxing such stripped down Office alternatives in a browser and using clunky Javascript/HTML UI isn't going to tip the scales. Google isn't going toe to toe with anyone here. They're just providing wank material for geeks who cream their pants over anything "AJAX."
if Google provided 90% of the functionality that current excel users in corporate world use, if upgrades occurred in one spot not across countless workstations, and they did this at a cost the was drastically less then a Corporate License from MS for office....game over.
90% of Excel's functionality out of a web app? You are kidding right? What the hell is it with Slashdot? Have you people ever even tried to make a web app before? Have you never even used some of hte more advanced features of Excel? Do you even realize WHY Office is so bloated? Because it does a lot of shit! You're never going to get anywhere near Office with HTML, CSS, and Javascript sandboxed in a browser. You people are so fucking deluded.
God damn it. Every time some shitty AJAX driven appliction comes out, you all cream your pants. And if it is done by Google, you cream yourself twice and beg for more.
What sucks about combining so many devices is that when you want to upgrade one, you have to upgrade them all and risk not getting so lucky with the particular combination and overall satisfaction.
What Google Spreadsheets has that Excel doesn't is simple collaboration -- no need to install SharePoint servers or any of that other Microsoft lock-in garbage required. Just add a few emails to a field and you're done. That is ideal for a whole host of simple, small projects. Say you're running a small business and want to have online schedules -- would you use Excel and some expensive Microsoft server setup, or just make a simple spreadsheet with Google and share it amongst your employees? It seems pretty easy to guess which one is the easiest and least painful option to someone without an IT budget.
Hmm, shared spreadsheets in a small business... ever heard of a file server? Need something a little more dynamic and multiuser? Try a simple Access database.
Sorry, I see an extremely limited market for a crippled online spreadsheet app. Minimal spreadsheet programs have been around forever. It is nothing new. If people really couldn't afford office, they could download one of those minimal ones. But the fact is that most businesses already have Office installed. Why wouldn't they just fire that up and do a spreadsheet? In my experience, users don't really care if a program is bloated. They just use whatever they've been trained to use.
Because it isn't AJAX, silly. Everyone knows that AJAX web applcations, no matter how primitive and slow, will eventually bring Microsoft to its knees. Nobody actually USES teh features of MS Office. Nobody needs proper OS integration. Sandboxing your productivity applications in a browser is just fine. Nobody ever needs to work offline. Office users are just deluded. They'll see the Google light eventually....
But small, minimal spreadsheet programs and word processors (with spell check) have been around for years. There are many of them for all platforms. What makes the Google version so special? Oh yeah, it is "AJAX," I forgot. Anything AJAX has to be cool, right?
NAT however, just requires a few forged packets, and you have very easy access. As I said in my first post: "I imagine the automatic tools to do that are in most of the script kiddies' arsenels by now"
Just a few forged packets, eh? Care to describe these packets? Most ISPs block source routed packets and, really, any packet destined for a private address. How exactly who you forge the packets?
Yes, and that would still work perfectly. My DSL provider has me on a/32 network. Getting access to any one of those 253 machines would get you easy access through my NAT box, if I didn't have stateful packet filtering.
I think you mean a/24 network. And it sounds like you do one-to-one NAT. In this case, i admit that it is trivial to access the machines behind NAT. But most people don't have this. Most people have their home computers behind port/address translation which is not trivial to bypass from the internet.
I did. I already explained I'm not going to type up a paper on circumventing NATs here, just to prove to every anonymous, loud mouthed, networking-ignorant person on/. that says it can't be done. You can do your own research, I'm not getting paid to teach you.
You didn't explain anything. You made a claim about source routed packets and we both agreed that it wouldn't really work because source routed packets are commonly blocked. And if source routed packets aren't blocked, packets desgined/sourced with non-routable IPs more definitly are. You're the loud mouth making claims. Either support them or quit responding.
No, it provides a trivially small hurdle.
Trivial or not, it is still a hurdle. All of security is just hurdles that a wannabe hacker has to find some way around or over. Nothing is perfectly secure. Even with a super-duper-stateful-firewalls, there are still ways of getting accesses to machines behind it. Get a user to download a trojan, perhaps. Or maybe do a little social engineering. Both of which would probably be EASIER than to trying to get past even a PAT router.
Better know as "obscurity".
Wrong. Security through obscurity is when you merely keep details about your systems secret or use some obscure software in hopes that nobody knows how to hack it. Puting your computers behind a router which statefully translates packets is not "obscurity." While not as good as a full fledged firewall, it is indeed security and it is better than nothing.
It provides no real security, and the commonality of them surely makes them a rip target for available attacks.
It doesn't seem to zap any of the parts of the brain that are known to cause long term problems. Yes - I am sure that over time there will be side effects, as there is in almost everything. But hey - say you stay awake for 4 days out of seven, keep on top of your work, socialise more, exercise more in all that extra time, do you think the long term side effects will be worse after 10 years than the stress and obesity induced heart attack?
I'm not talking about side effects from the drug. Staying awake 4 days of 7 is stressful in and of itself. The drug just masks the fatigue. Your body NEEDs downtime to rest.
But is it fair? If I'm able to use this time to ramp up like that, will it force others to do so as well? Is it fair to my colleagues if I'm able to do half of their jobs (time permitting)? If I'm awake 24 hours at a stretch, and don't mind putting in an extra four hours since I have eight more than usual, am I putting their jobs at risk? And what happens to me when the next person comes along who is not only taking modafinil, but also a memory booster?
It isn't about fair. It is about your own health. Go ahead and try. You won't be able to sustain it for long. You'll only be hurting yourself. At the end of a 5 day work week of tweaking, you're going to need a lot more than 10-12 hours to reset and it'll eventually catch up with you.
It isn't about what is more appealing, it is about what is sustainable. Stimulant abuse beyond caffeine really isn't very sustainable. Maybe it'll work for a college student for a couple of years, but a career programmer simply couldn't sustain it. They'd either burn out or get a nasty addiction on their hands. Stimulant addictions will mess you up pretty bad. Moderate recreational drug use like pot, on the other hand, is quite managable.
Actually, I think he was referring to DXM containing cough medicine. The kind kids chug/eat to "trip." But yeah, I'd rather see them smoking a little pot. DXM is a little more dangerous.
Were you homeschooled or something? Seriously, if you dont' know how kids (especially colledge students) get drugs, who are you to suggest who to punish?
There are MANY ways to accomplish this, most of which are rather complex.
Same with firewalls.
The simplest way would be to ping 10.255.255.255, specifying a source route of the NAT's public IP address. Of course source-routed packets are commonly blocked (and ICMP packets are being blocked more and more often these days), but that's just one way to do it.
You're right, the source routed method won't work because it woudl be blocked. Now describe a method that would work in the real world.
Getting access to ANOTHER machine on the same network as the NAT box, and setting the NAT (NAPT/PAT/PT/etc) box as your default gateway, will also allow you to just directly ping the private addresses. I do this all the time at work. It is much quicker and easier than setting up a new port-forwarding rule every time I need to access any machines behind a NAT box.
We're talking about getting access to a machien behind a PAT router from the internet. Now please, Mr. Uberhacker, describe a method besides sourced base routing for doing that. The fact that you are having such a hard time suggest that PAT really does provide some level of security. I'm not saying PAT is perfectly secure and that one shoudl just not use a firewall. I'm just saying that given the choice between using PAT-only and putting a group of computers (Windows in particular) directly on the internet, I'd go with PAT. The fact is that simple address translation will protect your average Windows box from many of the most common threats. And I'm sick of people like you you who think they know some theory say otherwise.
You are being completely unrealistic. If he can mog together a layout with a few tables, I'm sure management would prefer that to hiring additional people or contractors.
Or just fire the graphics designer and hire a web designer. Who you fire/hire certinainly depends on the situation, of course, but a good web designer will ultimately come up with a better design than either a graphics designer or a programmer. Not only that, a good CSS based layout is MUCH more flexible than the table design. When management comes down and says "we'd prefer the page look more like this..." it might take a couple hours to change it with CSS (as long as it isn't all absolute positioned crap) where it will often require days to overhaul a table layout. Certainly management can understand that.
Anyway, it is stupid to argue for table based layouts based on how poorly assembled some web development teams are. Fix the teams. Get the right people do do the job(s).
No, it doesn't. Seeing as web programming is my job, I can tell yout that tables - horrible as they may be - make a better layout tool than CSS. I can't tell you how many times I have to tell graphic designers that one of the elements of their design (like equal length columns) is a major pain in the neck to implement in CSS. Of course, IE's horribly buggy CSS2 support doesn't help, but there are so many things in CSS that seem - well - stupid. CSS was designed around an idealistic view of the web - a web where pages were designed by web developers. In the real world, this is rarely the case
Then that needs to be fixed.
- it is the graphic designers who lay out the page, and the web programmers get stuck trying to implement their design. CSS utterly fails in that regard.
What you need, then are web designers, not graphics designers. As a programmer, you should not be stuck with the task of implementing a design. That is not your job. It should be implemented, CSS and all, for you. And you just plug it into your application/site. Yes, that is ideal. But I can assure you it is attainable. I currently work in such an environment.
I'd love to be wrong about this. But I've finally come to the conclusion that sound technical judgement does not stop absurdity from happening.
Fortunately, I think the bottom line will prevent the absurd from happening in this case. If I understand correctly, licensing for each node will cost something like $465. That can really add up. And given existing free and relatively mature alternatives (Rocks, OSCAR), I don't see the draw of the MS solution. The main reason MS was able to penetrate the server market originally was because they owned the desktop. They have no such foot in the door here. Compute clusters are largely isolated systems, AFAIK.
The nature of PAT (port/address translation) is that it is stateful. Thus, PAT (the most common form of NAT) DOES provide security and it is NOT trivailly easy to work around. If there is no existing outbound connection from a machine behind a PAT gateway, there is no way to communicate with it from the internet because the router doesn't know who to send your uberhacker packets to. And even when there is an existing outbound connection for a machine, it is only for a partocular address and port combination. It wouldnt' do a hacker any good.
I'm right with you. I don't know what I would do with myself if I didn't work at least 30 hours a week. I know that sounds kinda sad, but I do enjoy my job. I manage to travel a bit (foreign and domestic), but you can only do that so much. I could go to school for fun, I suppose. I don't really have any hobbies that require too much of a time investment.
I guess that leads to a potential "Ask Slashdot." What would you do if you didn't have to work? Do most people really have so many hobbies and interests that would keep them active if they didn't have to work? I know I'd get bored.
Slashdot Mirror
No more Java geeks who think that people actually want to use Java applications. Speaking as a Mac/Linux user, I can say that having portability is simply not worth the bloat and hideousness of a Java application. I'll hold out for native apps in GTK/Qt or Cocoa, thanks. And I know that Windows users are not exactly hurting for native applications. So what the hell is the point? The only people who seem to actually like using Java applications are Java developers. The problem is that you lose so much OS integration by building a one-size-fits-all application.
-matthew
Everything, eh? I've got 7 applications open right now. Guess how many of them are web browsers. The browser is not everything.
Relative to what is available to web app developers, yes. Web GUI toolkits are at least a decade behind what is available to modern desktop programmers. There really isn't even much comparison.
-matthew
Oh shut up. Writely blows and Google spreadsheet sucks. Stripped down alternatives to Office have been around forever. Sandboxing such stripped down Office alternatives in a browser and using clunky Javascript/HTML UI isn't going to tip the scales. Google isn't going toe to toe with anyone here. They're just providing wank material for geeks who cream their pants over anything "AJAX."
-matthew
if Google provided 90% of the functionality that current excel users in corporate world use, if upgrades occurred in one spot not across countless workstations, and they did this at a cost the was drastically less then a Corporate License from MS for office....game over.
90% of Excel's functionality out of a web app? You are kidding right? What the hell is it with Slashdot? Have you people ever even tried to make a web app before? Have you never even used some of hte more advanced features of Excel? Do you even realize WHY Office is so bloated? Because it does a lot of shit! You're never going to get anywhere near Office with HTML, CSS, and Javascript sandboxed in a browser. You people are so fucking deluded.
God damn it. Every time some shitty AJAX driven appliction comes out, you all cream your pants. And if it is done by Google, you cream yourself twice and beg for more.
-matthew
What sucks about combining so many devices is that when you want to upgrade one, you have to upgrade them all and risk not getting so lucky with the particular combination and overall satisfaction.
-matthew
Hmm, shared spreadsheets in a small business... ever heard of a file server? Need something a little more dynamic and multiuser? Try a simple Access database.
Sorry, I see an extremely limited market for a crippled online spreadsheet app. Minimal spreadsheet programs have been around forever. It is nothing new. If people really couldn't afford office, they could download one of those minimal ones. But the fact is that most businesses already have Office installed. Why wouldn't they just fire that up and do a spreadsheet? In my experience, users don't really care if a program is bloated. They just use whatever they've been trained to use.
-matthew
Because it isn't AJAX, silly. Everyone knows that AJAX web applcations, no matter how primitive and slow, will eventually bring Microsoft to its knees. Nobody actually USES teh features of MS Office. Nobody needs proper OS integration. Sandboxing your productivity applications in a browser is just fine. Nobody ever needs to work offline. Office users are just deluded. They'll see the Google light eventually....
-matthew
But small, minimal spreadsheet programs and word processors (with spell check) have been around for years. There are many of them for all platforms. What makes the Google version so special? Oh yeah, it is "AJAX," I forgot. Anything AJAX has to be cool, right?
-matthew
NAT however, just requires a few forged packets, and you have very easy access. As I said in my first post: "I imagine the automatic tools to do that are in most of the script kiddies' arsenels by now"
/32 network. Getting access to any one of those 253 machines would get you easy access through my NAT box, if I didn't have stateful packet filtering.
/24 network. And it sounds like you do one-to-one NAT. In this case, i admit that it is trivial to access the machines behind NAT. But most people don't have this. Most people have their home computers behind port/address translation which is not trivial to bypass from the internet.
/. that says it can't be done. You can do your own research, I'm not getting paid to teach you.
Just a few forged packets, eh? Care to describe these packets? Most ISPs block source routed packets and, really, any packet destined for a private address. How exactly who you forge the packets?
Yes, and that would still work perfectly. My DSL provider has me on a
I think you mean a
I did. I already explained I'm not going to type up a paper on circumventing NATs here, just to prove to every anonymous, loud mouthed, networking-ignorant person on
You didn't explain anything. You made a claim about source routed packets and we both agreed that it wouldn't really work because source routed packets are commonly blocked. And if source routed packets aren't blocked, packets desgined/sourced with non-routable IPs more definitly are. You're the loud mouth making claims. Either support them or quit responding.
No, it provides a trivially small hurdle.
Trivial or not, it is still a hurdle. All of security is just hurdles that a wannabe hacker has to find some way around or over. Nothing is perfectly secure. Even with a super-duper-stateful-firewalls, there are still ways of getting accesses to machines behind it. Get a user to download a trojan, perhaps. Or maybe do a little social engineering. Both of which would probably be EASIER than to trying to get past even a PAT router.
Better know as "obscurity".
Wrong. Security through obscurity is when you merely keep details about your systems secret or use some obscure software in hopes that nobody knows how to hack it. Puting your computers behind a router which statefully translates packets is not "obscurity." While not as good as a full fledged firewall, it is indeed security and it is better than nothing.
It provides no real security, and the commonality of them surely makes them a rip target for available attacks.
What is "real" security, Mr. Uberhacker?
-matthew
Why not? If caffeine use is sustainable, why aren't other things as well?
Because caffeine is a relatively mild stimulant which doesn't mess with dopamine levels and cause brain damage with high, sustained dosing.
Have you tried any of them?
Yes.
Iknow several people who have been taking adderall for years. They seem to be fine, and are actually very successful people.
What are their usage patterns? Are they pulling all-nighters and otherwise not getting sleep they need or are they just managing ADHD?
Again, just about everyone deals with at least mild caffeine addiction and we're all fine.
Caffeine is not amphetamines.
There is nothing inherently wrong with the idea of using drugs to alter one's chemistry.
Indeed. I'm not talking about wrong vs. right. Just about what is healthy.
The worse part of illegal drug addiction is that it is so expensive/hard to get.
Depends on the drug, of course, but with methamphetamine addiction, the worst part is the brain damage.
-matthew
It is interesting that you compare ex-mil with recent college grads.
-matthew
Why not?
I'm not talking about side effects from the drug. Staying awake 4 days of 7 is stressful in and of itself. The drug just masks the fatigue. Your body NEEDs downtime to rest.
-matthew
"The Masters make the rules for the wise man and the fool." -Bob Dylan
It isn't about fair. It is about your own health. Go ahead and try. You won't be able to sustain it for long. You'll only be hurting yourself. At the end of a 5 day work week of tweaking, you're going to need a lot more than 10-12 hours to reset and it'll eventually catch up with you.
-matthew
It isn't about what is more appealing, it is about what is sustainable. Stimulant abuse beyond caffeine really isn't very sustainable. Maybe it'll work for a college student for a couple of years, but a career programmer simply couldn't sustain it. They'd either burn out or get a nasty addiction on their hands. Stimulant addictions will mess you up pretty bad. Moderate recreational drug use like pot, on the other hand, is quite managable.
-matthew
Actually, I think he was referring to DXM containing cough medicine. The kind kids chug/eat to "trip." But yeah, I'd rather see them smoking a little pot. DXM is a little more dangerous.
-matthew
Were you homeschooled or something? Seriously, if you dont' know how kids (especially colledge students) get drugs, who are you to suggest who to punish?
Same with firewalls.
You're right, the source routed method won't work because it woudl be blocked. Now describe a method that would work in the real world.
We're talking about getting access to a machien behind a PAT router from the internet. Now please, Mr. Uberhacker, describe a method besides sourced base routing for doing that. The fact that you are having such a hard time suggest that PAT really does provide some level of security. I'm not saying PAT is perfectly secure and that one shoudl just not use a firewall. I'm just saying that given the choice between using PAT-only and putting a group of computers (Windows in particular) directly on the internet, I'd go with PAT. The fact is that simple address translation will protect your average Windows box from many of the most common threats. And I'm sick of people like you you who think they know some theory say otherwise.
-matthew
Or just fire the graphics designer and hire a web designer. Who you fire/hire certinainly depends on the situation, of course, but a good web designer will ultimately come up with a better design than either a graphics designer or a programmer. Not only that, a good CSS based layout is MUCH more flexible than the table design. When management comes down and says "we'd prefer the page look more like this..." it might take a couple hours to change it with CSS (as long as it isn't all absolute positioned crap) where it will often require days to overhaul a table layout. Certainly management can understand that.
Anyway, it is stupid to argue for table based layouts based on how poorly assembled some web development teams are. Fix the teams. Get the right people do do the job(s).
-matthew
Then that needs to be fixed.
What you need, then are web designers, not graphics designers. As a programmer, you should not be stuck with the task of implementing a design. That is not your job. It should be implemented, CSS and all, for you. And you just plug it into your application/site. Yes, that is ideal. But I can assure you it is attainable. I currently work in such an environment.
-matthew
Fortunately, I think the bottom line will prevent the absurd from happening in this case. If I understand correctly, licensing for each node will cost something like $465. That can really add up. And given existing free and relatively mature alternatives (Rocks, OSCAR), I don't see the draw of the MS solution. The main reason MS was able to penetrate the server market originally was because they owned the desktop. They have no such foot in the door here. Compute clusters are largely isolated systems, AFAIK.
-matthew
The nature of PAT (port/address translation) is that it is stateful. Thus, PAT (the most common form of NAT) DOES provide security and it is NOT trivailly easy to work around. If there is no existing outbound connection from a machine behind a PAT gateway, there is no way to communicate with it from the internet because the router doesn't know who to send your uberhacker packets to. And even when there is an existing outbound connection for a machine, it is only for a partocular address and port combination. It wouldnt' do a hacker any good.
-matthew
I'm right with you. I don't know what I would do with myself if I didn't work at least 30 hours a week. I know that sounds kinda sad, but I do enjoy my job. I manage to travel a bit (foreign and domestic), but you can only do that so much. I could go to school for fun, I suppose. I don't really have any hobbies that require too much of a time investment.
I guess that leads to a potential "Ask Slashdot." What would you do if you didn't have to work? Do most people really have so many hobbies and interests that would keep them active if they didn't have to work? I know I'd get bored.
-matthew
Win9x itself was a mistake. The GUI was an extension of the 16-bit GUI presented in Win3.x.
;-)
Win32 API in general is just an extension to Win16.
The Operating system core was built on DOS, an 8-bit non-multitasking operating system.
Windows 95 was a 32 bit extension to a 16 bit shell for an 8 bit operating system designed for a 4 bit CPU by a 2 bit company.
-matthew