While they don't give specifics on which extension/content type combo exhibits the behaviour, I don't believe it would be too difficult to test. I remember reading an old MSDN article explaining how to spoof mime types to force IE to render your content using an unexpected application.
At any rate, here is an article explaining the tests IE uses to determine the mime type. Furthermore, one can manipulate the mime type reported by an IIS server simply by changing the text listed in the Folder Options > File Types property page in Explorer on the web server.
I have mod points today but I've just gotta post here. In the interests of full disclosure, I run Windows 2000 Server on my main development box and Windows XP Pro on my personal/multimedia box. I'm quite pleased with both. I also run RedHat and Slackware distros at various client sites as gateways, mail and web servers, etc. Best tool for the job, right?
Anyway, the point is, I don't (nor do my clients) surf as root/administrator. If we remember our lessons from "Computing 101" we run our day to day tasks as a regular user with the most restrictive set of permissions that allow us to do our jobs effectively. For the vast majority of these locally exploitable holes (worms, viruses, etc.) we can only damage our personal documents (which are backed up periodically and stored offline).
I'm not gonna take sides in the great "Microsoft is evil" debate today. I just hope more people will follow my lead and remember the basics.
I can't say I agree that JSP, ASP, PHP, or any of the *SP family of languages are good design. They encourage exactly the opposite of MVC, they encourage you to mix HTML and (non-display related) programming code.
This is why n-tier apps were invented. Javabeans, COM components, whatever. Just because you can put logic in your pages doesn't mean you should. Gives you the option to run threads asynchronously and/or via message queuing and increase your performance considerably.
Remarkably, in my experience building high performance (not necessarily highly scalable) sites, I've learned (from pain and suffering and/or other coders) that building those strings to push outo the buffer is often very expensive. You wouldn't think...
The other lesson I learned is the value of profiling tools. Particularly tools to show you what is going on at your database and a sniffer to show you what's going over the wire under load. I found problems that I would never have noticed without these tools.
Considering AOL wasn't exactly thrilled with "Unauthorized" versions of their messaging software (Jabber) I wonder how long it will take them to have a stroke over this.
I supported this OS on a 68k based VME bus system in the mid to late 90's. It was used to control a Leica Confocal Laser microscope. The system currently lives at Mount Sinai School of Medicine in New York City and the last time I checked it was still running A-OK. Now if I could only remember the IP.:)
Hmmm...now I'm no heavy duty sysadmin or anything, just a lowly coder. However, most of these patches can be installed through the use of (a) SMS scripts; (b) Windows Installer packages automated via domain policies; (c) plain old shell scripts written in VB, JavaScript, Perl, or any other scripting language. I do this sort of thing all the time as I do not have physical access to many of the servers I use.
The tools are available. It's a shame (and a recurring theme) that most Windows admins have not learned to use them.
We've had this service in Canada for about two years now. The hardware is branded "Look Communications" among others. I don't know a single soul who's bought the service for personal use. Most people here have digital cable or satellite and receive digital music that way.
However, there are a lot of these receivers out there. Almost all of them are owned by bars/restaurants/malls/etc. They can switch on the musical genre of choice and forget about it. No more CD's to get lost or stolen. No commercials. No employees bringing in their latest punk indie tracks to play during the wine tasting. Management just mandates a Channel # and that's it. Works pretty well. There might be a similar market in the US.
That's an excellent point. I like my privacy as much as the next guy. However, if a site is able to "learn" my preferences, or designers have access to ongoing usability data, that's a good thing isn't it???
- and if you're the boss, tell your employees that speaking to the press is voluntary resignation (e.g. nobody does it except you).
You really ought to read the ClueTrain Manifesto. One of the core arguments is that this sort of centralized communication from within companies is ignored by your customers.
Think about it. What gives you the warm and fuzzies? Would you rather an engineer at XYZ Co. tell you that they're having problems with the Linux drivers for their latest video card, or read the press release stating "the platform is currently unsupported."
This file may contain a virus that may be harmful to your computer.
-- Microsoft Outlook
mean anything to you?
I don't think it's such a bad thing that users like myself will have to enable the security policy to merely warn about these drivers. Seems like "stable by default" is a good thing.
I've been looking at the problems and opportunities posed by weblogs, content syndication, comment systems (like those here on Slashdot) and one thing occurs to me. Except for the ratings systems...
Unfortunately, Gracenote requires that you obtain a key from them in order to query the database except for test queries (which are limited in number)
This may not be true for the CDDB database as opposed to the new CDDB2 database which is the only one being actively updated. Its been several months since I last looked at the docs
You hit it on the head. This exhibition is nothing short of amazing in its ability to help me to relate to these times. Many of the pictures, especially the one of the rail bridge, look as they would today. Some of the pictures such as those of the turbines and other machinery bring me back to my childhood (I'm only 25) and my dad bringing me to power plants that were built around this time.
A relative of mine works for the power company here in Nova Scotia and tells me they're thinking of using 802.11b for distances of up to 100km (62.5mi).
I don't know anything about the technology behind it, but they indicate that if it works, the cost of the project will be under CDN$10,000. The alternative, more established, point to point radio setup costs five times that much. It'll pay for itself in no time when compared to a T1 from the phone company as well.
Not only that, but the ability of 802.11b to dynamically adjust the bandwidth based upon signal strength allows them to avoid the large amount of "spare" signal they normally have to factor into these things to allow for varying conditions.
Sorry to be blunt, but users are an important part of the software development process. It's not enough to build technically competent software. You have to build the right software. Software people want to use. ---
Brent Rockwood, Senior Software Developer
There is actually a pretty decent framework that my company uses for product development. It is a framework, and as such is only designed to be a starting point to be adapted to your project's needs. I think review of it could provide open source developers with a good basis for thinking about their own product development roles. Coding is only the beginning.
Keep in mind, this framework is designed to be used by shrink-wrap firms, so lots of things may not apply. Nevertheless... the roles are as follows:
Program Management - This person or group's role is to provide the liason with the customer. The customer might be your intended internet audience, another business unit within your organization, or a paying shrink wrap customer. The idea is that this role acts as the advocate for the customer to the team, and vice-versa, communicating information about requirements, development difficulties, etc.
Project Management - This person or group owns the schedule and the budget (if there is one). They provide information on projected slippages, etc., and generally provide everyone involved with a view of the project's progress.
Development - This person or group owns the codebase and is very often the only group in many open source projects. Their role is to make sure that the software fulfills the requirements as set out in the requirements docs.
Testing - The reason this group is called testing and not QA is because QA often embodies procedures and standards for development. This group's only role is to make sure all issues are known and addressed at release time. This doesn't mean they have to be fixed. It just means that the team knows about them and understands their impact.
User Education - This role is in charge of developing materials like help systems, paper docs, etc. They may also conduct usability testing, etc. Basically, they act as the advocate for the end user to the team, commenting on UI, etc. where appropriate. Very often, the customer and the end user are not the same person, especially in business systems. Consumer software, windowing systems, or any other package designed to be used by the mainstream user can benefit from this role.
Logistics - This group handles all the administrative tasks involved with building and deploying software. It might include your webmaster, the guy who administers your sourceforge site, your build lab people, among others. All the people who provide the infrastructure for development fall into this category.
On a small team many of these roles may be shared by one person. For example, it is no problem to have the coder be the same guy who sets up the servers. Some roles don't mix well, however. As most of you know, the last person who should be testing software is the guy (or gal) who wrote it. Every team is different, and so it should be used as a starting point for thinking about the composition of your team only. Since my company has adopted it's own version of this framework, however, we've found that we've had great success in delivering the right software at the right time. I assume that is what many open source developers wish to do also, as open source becomes more and more mainstream (and provides a living for more and more developers.)
By now, many of you may have realized I'm talking about the Microsoft Solutions Framework. Flames to/dev/null please. Take it for what it's worth (a random comment you read on Slashdot). If you want more information, however, and don't mind surfing over to the evil empire, you can find whitepapers at http://www.microsoft.com/msf. I am not compensated for my opinions, nor do they indicate those of anyone else at all. Just my two cents worth!
There are several excellent utilities out there for managing incident reports. Two of the most popular are Bugzilla and the bug system at SourceForge.
Both of these systems allow a bug to be assigned, prioritized, and tracked. I know of many closed source companies (most of whom prefer to remain nameless) who use these systems as they are robust, reasonably mature, and don't cost a dime! Highly recommended.:)
Perhaps you misunderstood my sig. MCF is the ticker symbol of the company I work for (Microforum) on the TSE (Toronto Stock Exchange) --- Brent Rockwood, Senior Software Developer
Now if they'd only come out with a version for Windows I'd be thrilled. It's such a pain having to install a whole application suite just so I can test for compatibility when building sites. --- Brent Rockwood, Senior Software Developer
Slashdot Mirror
While they don't give specifics on which extension/content type combo exhibits the behaviour, I don't believe it would be too difficult to test. I remember reading an old MSDN article explaining how to spoof mime types to force IE to render your content using an unexpected application.
At any rate, here is an article explaining the tests IE uses to determine the mime type. Furthermore, one can manipulate the mime type reported by an IIS server simply by changing the text listed in the Folder Options > File Types property page in Explorer on the web server.
I have mod points today but I've just gotta post here. In the interests of full disclosure, I run Windows 2000 Server on my main development box and Windows XP Pro on my personal/multimedia box. I'm quite pleased with both. I also run RedHat and Slackware distros at various client sites as gateways, mail and web servers, etc. Best tool for the job, right?
Anyway, the point is, I don't (nor do my clients) surf as root/administrator. If we remember our lessons from "Computing 101" we run our day to day tasks as a regular user with the most restrictive set of permissions that allow us to do our jobs effectively. For the vast majority of these locally exploitable holes (worms, viruses, etc.) we can only damage our personal documents (which are backed up periodically and stored offline).
I'm not gonna take sides in the great "Microsoft is evil" debate today. I just hope more people will follow my lead and remember the basics.
Assuming they use the "Windows Driver Model" or whatever they're calling it these days, the drivers for XP and 2000 should be identical.
I can't say I agree that JSP, ASP, PHP, or any of the *SP family of languages are good design. They encourage exactly the opposite of MVC, they encourage you to mix HTML and (non-display related) programming code.
This is why n-tier apps were invented. Javabeans, COM components, whatever. Just because you can put logic in your pages doesn't mean you should. Gives you the option to run threads asynchronously and/or via message queuing and increase your performance considerably.
Remarkably, in my experience building high performance (not necessarily highly scalable) sites, I've learned (from pain and suffering and/or other coders) that building those strings to push outo the buffer is often very expensive. You wouldn't think...
The other lesson I learned is the value of profiling tools. Particularly tools to show you what is going on at your database and a sniffer to show you what's going over the wire under load. I found problems that I would never have noticed without these tools.
Yeah, but MySQL doesn't have the paperclip, does it? Nuff said. :)
Considering AOL wasn't exactly thrilled with "Unauthorized" versions of their messaging software (Jabber) I wonder how long it will take them to have a stroke over this.
I supported this OS on a 68k based VME bus system in the mid to late 90's. It was used to control a Leica Confocal Laser microscope. The system currently lives at Mount Sinai School of Medicine in New York City and the last time I checked it was still running A-OK. Now if I could only remember the IP. :)
"What the FUCK were the writers smoking?!"
They're usually drunk. Just show up at the Economy Shoe Shop on Argyle Street in Halifax during shooting season. It explains many things.
Hmmm...now I'm no heavy duty sysadmin or anything, just a lowly coder. However, most of these patches can be installed through the use of (a) SMS scripts; (b) Windows Installer packages automated via domain policies; (c) plain old shell scripts written in VB, JavaScript, Perl, or any other scripting language. I do this sort of thing all the time as I do not have physical access to many of the servers I use.
The tools are available. It's a shame (and a recurring theme) that most Windows admins have not learned to use them.
We've had this service in Canada for about two years now. The hardware is branded "Look Communications" among others. I don't know a single soul who's bought the service for personal use. Most people here have digital cable or satellite and receive digital music that way.
However, there are a lot of these receivers out there. Almost all of them are owned by bars/restaurants/malls/etc. They can switch on the musical genre of choice and forget about it. No more CD's to get lost or stolen. No commercials. No employees bringing in their latest punk indie tracks to play during the wine tasting. Management just mandates a Channel # and that's it. Works pretty well. There might be a similar market in the US.
That's an excellent point. I like my privacy as much as the next guy. However, if a site is able to "learn" my preferences, or designers have access to ongoing usability data, that's a good thing isn't it???
You really ought to read the ClueTrain Manifesto. One of the core arguments is that this sort of centralized communication from within companies is ignored by your customers.
Think about it. What gives you the warm and fuzzies? Would you rather an engineer at XYZ Co. tell you that they're having problems with the Linux drivers for their latest video card, or read the press release stating "the platform is currently unsupported."
Your friendly neigborhood devil's advocate...
Does the warning:
mean anything to you?I don't think it's such a bad thing that users like myself will have to enable the security policy to merely warn about these drivers. Seems like "stable by default" is a good thing.
This is probably off-topic but here goes...
I've been looking at the problems and opportunities posed by weblogs, content syndication, comment systems (like those here on Slashdot) and one thing occurs to me. Except for the ratings systems...
ISN'T THIS USENET NEWS????
Comments to the email above. Flames to /dev/null.
--- Brent Rockwood, Development Lead
"In this house we OBEY THE LAWS OF THERMODYNAMICS!" -- Homer Simpson
--- Brent Rockwood, Development Lead
Unfortunately, Gracenote requires that you obtain a key from them in order to query the database except for test queries (which are limited in number)
This may not be true for the CDDB database as opposed to the new CDDB2 database which is the only one being actively updated. Its been several months since I last looked at the docs
--- Brent Rockwood, Development Lead
You hit it on the head. This exhibition is nothing short of amazing in its ability to help me to relate to these times. Many of the pictures, especially the one of the rail bridge, look as they would today. Some of the pictures such as those of the turbines and other machinery bring me back to my childhood (I'm only 25) and my dad bringing me to power plants that were built around this time.
I'd kill to have prints of this stuff. :)
--- Brent Rockwood, Development Lead
A relative of mine works for the power company here in Nova Scotia and tells me they're thinking of using 802.11b for distances of up to 100km (62.5mi).
I don't know anything about the technology behind it, but they indicate that if it works, the cost of the project will be under CDN$10,000. The alternative, more established, point to point radio setup costs five times that much. It'll pay for itself in no time when compared to a T1 from the phone company as well.
Not only that, but the ability of 802.11b to dynamically adjust the bandwidth based upon signal strength allows them to avoid the large amount of "spare" signal they normally have to factor into these things to allow for varying conditions.
Seems like a pretty good deal to me!
--- Brent Rockwood, Development Lead
Anyone who uses unencrypted e-mail for serious private communications doesn't deserve to be exploited but shouldn't be that surprised when they are.
--- Brent Rockwood, Senior Software Developer
Ever hear of a requirements analysis?
Sorry to be blunt, but users are an important part of the software development process. It's not enough to build technically competent software. You have to build the right software. Software people want to use.
--- Brent Rockwood, Senior Software Developer
Keep in mind, this framework is designed to be used by shrink-wrap firms, so lots of things may not apply. Nevertheless... the roles are as follows:
- Program Management - This person or group's role is to provide the liason with the customer. The customer might be your intended internet audience, another business unit within your organization, or a paying shrink wrap customer. The idea is that this role acts as the advocate for the customer to the team, and vice-versa, communicating information about requirements, development difficulties, etc.
-
Project Management - This person or group owns the schedule and the budget (if there is one). They provide information on projected slippages, etc., and generally provide everyone involved with a view of the project's progress.
-
Development - This person or group owns the codebase and is very often the only group in many open source projects. Their role is to make sure that the software fulfills the requirements as set out in the requirements docs.
-
Testing - The reason this group is called testing and not QA is because QA often embodies procedures and standards for development. This group's only role is to make sure all issues are known and addressed at release time. This doesn't mean they have to be fixed. It just means that the team knows about them and understands their impact.
-
User Education - This role is in charge of developing materials like help systems, paper docs, etc. They may also conduct usability testing, etc. Basically, they act as the advocate for the end user to the team, commenting on UI, etc. where appropriate. Very often, the customer and the end user are not the same person, especially in business systems. Consumer software, windowing systems, or any other package designed to be used by the mainstream user can benefit from this role.
-
Logistics - This group handles all the administrative tasks involved with building and deploying software. It might include your webmaster, the guy who administers your sourceforge site, your build lab people, among others. All the people who provide the infrastructure for development fall into this category.
On a small team many of these roles may be shared by one person. For example, it is no problem to have the coder be the same guy who sets up the servers. Some roles don't mix well, however. As most of you know, the last person who should be testing software is the guy (or gal) who wrote it. Every team is different, and so it should be used as a starting point for thinking about the composition of your team only. Since my company has adopted it's own version of this framework, however, we've found that we've had great success in delivering the right software at the right time. I assume that is what many open source developers wish to do also, as open source becomes more and more mainstream (and provides a living for more and more developers.)By now, many of you may have realized I'm talking about the Microsoft Solutions Framework. Flames to /dev/null please. Take it for what it's worth (a random comment you read on Slashdot). If you want more information, however, and don't mind surfing over to the evil empire, you can find whitepapers at http://www.microsoft.com/msf. I am not compensated for my opinions, nor do they indicate those of anyone else at all. Just my two cents worth!
--- Brent Rockwood, Senior Software Developer
Both of these systems allow a bug to be assigned, prioritized, and tracked. I know of many closed source companies (most of whom prefer to remain nameless) who use these systems as they are robust, reasonably mature, and don't cost a dime! Highly recommended. :)
--- Brent Rockwood, Senior Software Developer
Perhaps you misunderstood my sig. MCF is the ticker symbol of the company I work for (Microforum) on the TSE (Toronto Stock Exchange)
--- Brent Rockwood, Senior Software Developer
Now if they'd only come out with a version for Windows I'd be thrilled. It's such a pain having to install a whole application suite just so I can test for compatibility when building sites.
--- Brent Rockwood, Senior Software Developer
It's good to know that the cost of space flight is largely an economic problem...
Come to think of it...It might be because it's not cheap, or how much money it takes. Any one of these might be plausible reasons...
...couldn't help myself...
--- Brent Rockwood, Senior Software Developer