Rails has everything you need to make the webapp secure. Everything.
The bug was in a wiki'd tutorial and was only up for about 30 minutes before corrected but you'd think that every single Rails developer has horns now. Most people never even saw the tutorial during that transition.
If I call your SQL line directly, isntead of going through the framework, how exactly can said bypassed framework protect you? Rails gives you a trivial way to safely execute arbitrary SQL, and several ways to execute specific types of common SQL qualifiers on common actions (like find-by-id or find-by-field).
YARV is Rite, now (I linked the announcement Matz made).
The point of YARV is to make Ruby run faster (as in, the VM itself is optimized and has JIT support being built), and help reduce memory footprints (Ruby code-as-text is reduced to ruby-code-as-bytecode). It moves towards both these goals with "superinstructions", which are statistically common groups of instructions that are made into one.
Before people mention it, RISC architectures are considered by many to be best for hardware, but in VMs, CISC architectures are generally better (and that's why YARV is a CISC system).
YARV may not speed up rails all that much though. Rails allready can cache and serve pages at the limit of the web server's caching ability, and with action caching (which is slightly more set back from page caching) you get nearly the full speed (1000req/sec instead of 1500req/sec).
There was a brief example of this on ONE of the wiki-based tutorials in which the person posting the tutorial didn't use Rails's built in SQL search features or safety features. Because of this, there was an SQL injection hole. It was promptly corrected.
No amount of safety can make up for novice mistakes. Rails provides everything you need to make secure webapps, and it lets you do it painlessly.
Obvious jokes about your spelling aside, Ruby provides these already. Rails does not need to provide them.
or messaging mechanisms.
This complaint is flawed. However, Rails can accomplish what you're asking for if you want to. It's just that, assuming I understand what you're parroting, it's a very bad idea to do it.
Justin is a respected and skilled Java developer who's got a Developer's Notebook for Spring set to hit the shelves any day now.
The app he wrote was quite complicated, and he freely admits that Rails got some free jump-starting because of his understanding of the domain. But you're going too far in saying he'd get a 50% speedup from a rewrite. His Java codebase needs work, but not that much work.
He observed that the more complex the action, the faster RoR ran compared to Java. This is very counter-intuitive, so he went into an explanation of why.
While it's undeniable there are tons of people who got into compsci for the money (and subsequently had the rug pulled out from under them), and many of these people have skills sorely lacking as professionals, I think you're going a bit too far.
In software production, oursourcing is a mistake begat by a mistake, not a solution to the slovenly state of US developers. Indeed, the US has a lot of developer talent that companies refuse to hire because, in the minds of accountants, it makes no sense to hire one expensive and skilled developer when they could hire three cheap inexperienced developers at a lower cost.
This roots itself in the false assumption that three newbies can do the work of one skilled developer. The truth is this is almost always not the case. But projects keep failing, and accountants and managers busy themselves by missing the point and hiring more people more cheaply. I mean, the problem was they spent too much, not that they did too little.
The assumption that high level managers love to make is that 90% of all workers are equal in their capacity for toil in the proverbial salt mines, and the other 10% should be moved into management. It's a horribly wrong and misguided assumption, but it's what's lead us to the near slave-wage practices of visa'd immigrants and the absurd situation with outsourcing (which has backfired badly). Big companies are floundering on IT work, and floudering badly.
Meanwhile, American based Software amd Research and industry is enjoying something of a grass-roots revival. Lots of small, agile companies are popping up making focused products that no big software haus can possibly compete with. American research is more and more about the working demo than the paper (although when appropriate, the Paper is almighty).
Even better for American research, we've got compaies doing it privately but publicly disclosing the results. Yes, Avaya, I'm looking at you and giving a big thumbs up.
You're right though, that the destiny of the American Software Industry is at a turning point. Either we make it or break it at this point. Big companies need to make the jump to small, agile software units. Open Source and Agile Development are making big inroads in this, and these techniques are an American invention.
At the same time, American universities are having this huge influx of foreign talent and these folks are realizing that if you're bright, now is the time to make a startup! It's like we've finally hit the point in time when the ".com bubble" should have begun to form. We have the tech now, we understand the practices. All we need to do is shake off the dogmatic policies of corporate fear and do what Americans are notorious for doing best, "Getting it done."
So, I program for Lockheed, and therefore for the Air Force directly, and I can tell you the kind of feedback we've been getting. I can also tell about the kind of feedback we got when I was hanging around the Computer Security groups at UCSB's graduate labs.
The Government seems fed up with Computers. They need them, they need them incredibly badly, but they can't seem to get exactly what they want. This goes for both contract work and research work. I'll adress it in two parts.
For Research Work: Two major factors are at work here. First is the rule of 80/20. We can do 80 percent of what DARPA (or whatever they're named this week) wants, but that last 20% ("Now make it distributed!" or "Now make it fault tolerant!" or "Now make it cryptographically secure!") needed to make the system usable is really really hard. Lots of research projects have hit dead ends. You expect this to happen in research, of course, but still...
Also, I always got the vibe that DARPA was more than slightly pissed off with us Open Sourcing everything left and right. Maybe it was just us they seemed cross at (and by cross I mean grants and funding tended to shift away from projects with lots of open source offerings), but I've heard other folks doing research mention this too.
I mean, you can easily get the impression that the Government has an attitude of, "You're supposed to be working for us!" Every time a group open sources DARPA-funded stuff (or the components of it, which is usually the case), other people benefit from the research. This may leave a sour taste in the mouth of the accountants over there.
For Contract Work: The US Government's policy is horribly broken. "Cost Plus" contracts may have been great in the 50's for jets and stuff, but we're reaching the point with computer systems and software where we're proving that Design Up Front does not work for large projects.
But, the various millitary branches have so much CYA (Cover Your Ass) paperwork, precedent and process that they cannot disentangle themselves. It's a really bad situation for them, because they have to adapt or die, and they're dying. This is not to say that the Army or Air Force will "go out of business," it's that projects... multi-billion dollar projects... are failing every year now. New projects, huge projects that even a lightweight process would need hundreds of people to deal with, are starting at costs that are so low they'd barely turn a profit for a contractor, because the Army/Navy/Air Force expects to fail.
What I think the Government really needs to do is become more tech-savvy in general. They need to start paying top dollar to hire the best engineers. No more of this "We Give Good Benefits" junk. The Government needs to have its own research groups and they need to be driven by results, technical excellence, and they need to have open-ended budgets (that are limited by results).
You're totally right that sometimes we need menubar-less applications, and I think that Dashboard is going to be the king of these sorts of things.
The problem with apps that do that sort of thing on OS X these days is that they're hard to get right. The developer has some hard choices. Do you clutter the Dock with an icon? No? If so how do I close your app, how do I relauch it? Do you put a Menubar Item up there? Isn't that contributing to the clutter? Do you make the app float on top or below? How do you explose it to the apple-tab mechanism?
Dashboard is going to resolve all that and give us a slick new way to microapps.
Sorry, but for most people CoreImage and CoreVideo is going to be utterly useless. Apple still ships shit, shit, shit video processors on the iBook, Mac Mini and only the latest generation Powerbooks, PMs and iMac have the much-needed Pixel Shader on their GPUs.
CoreImage and CoreVideo are going to make these effects go as fast as they can on your hardware. It puts the power to do what the Quartz EX people have been doing into the hands of developers. Of course it won't be as fast on older machines, but that doesn't mean it's going to be any slower. Indeed, I'm sure we'll see a speed boost. And when developers can leverage these algorithms then suddenly 3rd party apps become faster too, which really helps with the perception of OSX's speed.
CoreImage and CoreVideo are groundworks for future apps, and proof that Apple really does care about the quality of tools available for its developer community.
So are you honestly going to tell me developers are going to bother developing with features that only 10-20% of their already small userbase can use?
If we based our criterion for software features based solely off how many people could derive immediate benefit, we'd end up with Windows, where the masses rule your OS. Apple is growing the OS towards certain goals. CoreImage and CoreMovie are cool, but they're only pieces in a larger puzzle.
Personally I don't see any one feature that Tiger has that I really want. Hopefully it'll be a lot more polished and have some nice performance increases, but the vast majoirty of stuff in Tiger is totally useless to me
Then I suspect you're not paying attention. Or not thinking about the implications or these products.
I don't need spotlight since I organise my stuff well,
See? What did I tell you. You're missing the point. Let me bold it so you don't miss it: Spotlight unifies application and file data together! You may be the king of organization, fastidiously organizing every file, but when it comes time you find an address in AddressBook or a Mail in Mail.app, you still need to open these apps.
Spotlight is going to make the content of various apps searchable from a single point. So instead of deciding where to go, opening that app, and using its search feature, you open one search dialog and get all the relative hits.
Any Mac user who's tried LaunchBar or the up-and-coming Quicksilver can attest to how powerful this idea is. Being able to open and control apps all from one small, powerful, searchable interface is fast, fun, and efficient. It also follows the theme of Apple caring about its developer community. Your app provides the data in an indexed format and Spotlight integrates the searching into the OS for almost not cost (you need to tell spotlight how to read your data).
This means that your bookmarks, RSS feeds, IRC/IM logs, text files, OmniGraffle documents, whatever, they all get cheap, fast, OS-integrated searching at minimal developer cost.
I don't use Safari for anything more than basic browsing (I have a perfectly good RSS client already, thanks)
Excellent example of where Spotlight could do some good. Searching your feeds. Safari stores them and makes Spotlight.framework aware of them, and you get powerful, fast, integrated searching of your feeds.
NetNewsWire and NewsFire will add this as soon as Tiger comes out. You watch.
Incedentally, it seems that the next Safari is going to have incredible HTML and CSS support. This RSS thing is probably just an example to show how to leverage their new XSLT and CSS3 handling. The new web framework looks amazing, if the developer's blogs are to be believed.
Seriously- the web is supposed to be decentralized. Why do I keep seeing all these people expecting me to put my eggs in their basket?
Ahh! You're right, but you're missing something. With RSS syndication, SOAP backends, and now swank javascript bookmarklets to instantly add stuff, del.icio.us actually makes it easier to keep your data around and get it to where it needs to be. With the increasing popularity of RSS, it turns out that data isn't really "locked up" inside webapps. Indeed, a good interface and fast RSS summaries can mean that content is more accessible once it goes into one of these services, instead of languishing on your hard drive.
I can easily make a portal page from del.icio.us, by using the rss feature combined with tags search. I can dynamically query and feed my del.icio.us bookmarks into my blog or webpage info. I can integrate them right into my browser UI with Firefox's "live bookmarks". Compare that to them sitting in a directory, statically, on my home computer.
The days where web apps are tarpits of information are slowly disappearing. Soon, apps will interoperate with each other because it provides a competitive advantage (want to move from livejournal to blogger? Blogger is going to make this as easy as possible for you, and Livejournal provides the interface because people use it for site syndication). Already, data sharing is very easy, and getting easier. It's only a matter of time before the real tipping point happens, and then the real question will be "Who has the best interface for handling my data," instead of "Who will avoid squirreling my data away in a dark hole."
Some people use del.icio.us as a social service, but I think they're in the minority. Most people I talk to (myself included) use del.icio.us as a way to organize and sync bookmarks between multiple machines.
And now as I use the service more with FireFox's "Live Bookmarks" feature, I use it to make a "hotlist" of new stuff for given topics. You can keep an eye on certain tags, watching for new links. I can, for example, keep an ear to the ground for ruby links with a live bookmark pointed at http://del.icio.us/rss/tag/ruby/.
To go even further on researching a subject, I can find a link I liked and check the relevantly tagged entries of other people who made that link. Maybe they found something I missed.
I was skeptical of del.icio.us, and I was a pretty late adopter, but I'm a believer now. It's a very cool service.
Look, I like my mac a lot, and I'm very bullish about its security, but much of what you are saying is false. Uninformed evangelism is the worst kind. When people read this and see the huge gaping holes or obvious inaccuracies in your arguments, they're going to assume OS X in insecure.
You're making FUD, even if you don't mean to.
Let's break it down:
Unlike Windows, the MacOS uses filesystem embedded filetype and resource fork information to determine what kind of file a file is. You can't just change the filename into photo.jpg or letter.doc to make the attachment look like a photo or a word document. If it is an executable, the Mac will show it as such.
WRONG! This is not true in our scenario. Mac OS X infers filetype by file extension in the absense of meta-data. Since sending a lone file via email will strip that meta-data, the OS relies on the filetype. If it is a.doc, it will be shown as a.doc. Since OSX doesn't recognize typical shell-script extensions and a no-extention means it will not execute, it's actually rather difficult to make OS X execute anything from Mail.app anyways.
But let's say you have another exploaitable application, or you send a.DMG (disk image), which OS X can open and which may have scripting elements which can damage your system. Then you get a dialog box warning you that opening things right frome email is about as safe as necking with a leper.
... At that point most Mac users will cancel if they are not sure what this application is and where it came from.
Hopefully this is true, but many users do not realize that some file types can be hazardous. For instance, people are trading quicksilver plugins these days, and these execute when installed. Can you say "safe-looking filetype" vector?
The secret to all those mail-based attacks was that they looked innocuous. Mail.app makes it harder, but not that much harder.
But even if they proceed to launch the application, then the application still won't be able to install anything on the user's machine.
WRONG! They can install all kinds of things locally! Did you realize your ~/Library directory is writable by you? You do realize what I can do to you if I can write to that directory. God help you if you use APE and someone leverages that fact.
Still, they have to get something to execute. Email virii have been so successful because they get to circumvent all your fancy security measures and go right to the user, asking the user to let them through just like any other common-day chore. This is extremely challenging to guard against, precisely because it looks like normal use.
This type of attack is rather unlikely to be successful in causing a spreading of the trojan. The propagation mechanism is far too weak. The news about such an attack will be all over the net before the trojan had a chance to propagate.
This is exactly what people said about email worms back before they were common. I remember. No one realized how fast they really could spread.
No, it's not like you're totally wrong. OS X has very good out-of-the-box security. Its patched most of its "execute-by-clicking" web browser problems and its remote.dmg problems. It comes with no services enabled, and the provided default services are all well reviewed and patched within a few days of the exploit in most cases. The default Mail client is not internally scriptable in any way. Apple seems to be very careful about how it runs scripts that come fresh off the wire. And of course, you have a UNIX security model with an authentication framework, so even if your account goes south, at least it won't tank your machine.
PSP might have some serious homebrew action
on
PSP Launch Coverage
·
· Score: 1
Well, the problem with homebrew PSP games is that Sony is the only one who can make UMD disks. This is kind of a cramp on the style.
But, there is a ray of light. The PSP can execute from the memory card. Sure, you need a pretty big stick to hold a good game, but it's doable.
So right there it's far more friendly than the DS or GBA to indie work. Also, add in the fact that games aren't region coded, and I can't help but wonder if this is one of Sony's secret plans.
The puzzle game I haven't played but heard it's supposed to be good. Looked like another Tetris hack and honestly, if I wanted this I would whip out the old b&w gameboy.
Lumines is not a tetris hack. It's a very different game focusing on different sorts of mechanics. It's a puzzle game that not only focuses on block-dropping to form geometries (in this case 4x4 blocks of equal color) but also has a very different time element. Check out the cursor that sweeps the screen, that is what clears the blocks. If you make a match while the cursor is over that, strange things happen.
Not to mention the fact that the game is visually and audibly stunning is also key. At the same time, it's actually quite a bit more difficult than tetris.
It's the best launch title by a fair margin, so give it a fair chance!
As for the touchscreen, all I can say is Yetch. I really dislike it, for any use. Maybe some kind of Mario Party game will make use of it (and it might be a context where Mario Party will really shine). But I couldn't get used to it.
But then, that doesn't break my heart. I'm not exactly a fan of FPSs on handhelds. That vampiric genre has sucked the life out of PC games already. I'm happy that portables, thus far, have been free of it.
On the games issue...
Well, Lumine is not a rehash. I've played this game more than any other so far. It's a bizzare, trippy puzzle game that kicks a fair amount of ass. I really want to try the multiplayer. Metal Gear Acid is a fairly neat take on tactical games, using a card-based system. I'm enjoying it quite a bit.
Ridge Racer is not anything new, per se, but that doesn't mean it's not a damn fun game. Dynasty Warriors is much the same. It's not supposed to be new, just provide a kind of mobile experience for the existing game. I got to try (but haven't bought) Wipeout Pure, and it's a very very solid game.
Keep in mind some of these titles don't have to be new, they just need to be fun, reliable games that work well on the PSP (especially with the PSPs crazy multiplayer and internet play abilities).
It's like a friendlier PS2.
on
PSP Launch Coverage
·
· Score: 2, Interesting
Surely it does. The PSP's specs actually slightly exceed that of the PS2, and the PS2 can emulate most of those late 90's games-with some exceptions relating to devices, of course.
But remember, emulating those old games is much easier on a portable because the screen, large and beautiful as it is, is still smaller. You can get away with less detail and let more things slide because people just won't be able to notice. Much like the free anti-aliasing effect consoles enjoy when displayed on televisions.
Oh, and I've talked to someone with a PSP developer kit. Heresay, so take it with a grain of salt, but by all accounts the PSP developer experience is not the painful ordeal that PS2 development is.
More powerful, more portable, better networking, AND easier to code?
Umm, someone allready did. The PSP comes with a remote just like the iPod's. So you can do all the ipod-remote things, like fast-forward, skip back, raise the volume, etc... I haven't tried using it yet though.
As for the interface, it's not as elegant as the scroll wheel, but it does have an analog stick, which will make it possible to make a reasonable if not award-winning experience.
You think that touch screen is not an extraneous feature? If Nintendo was going to do something with it, they had a chance at launch.
Because the DS has so many more games! Wait, that's wrong. You realize how few games the DS has, right? The PSP has some strong launch titles and some good games are in the pipe allready. The DS, on the other hand, seems almost stagnant.
We're still waiting for Nintendo to release that darn Metroid game that has been demoing since launch, and I've tried using the DS's screen as an analog controller. It sucks!
I can't look into the future and say that the PSP wins out, but I sure hope it does. It really is a superior console, and the games its offering fill out genres and franchies I'm far more interested in.
You want Must-Haves? Let me tell you what you Must-Have.
Ridge Racer : This game is an awesome arcade racer. The multiplayer is terrific. The graphics are practically PS2 quality.
Lumines : This game is the puzzle game I've been pining for for years. And it's drop-dead beautiful.
Metal Gear Acid : A tactical/strategy game? Metal Gear Franchise? Card-based mechanics that don't suck? I may not be as eloquent of Tycho about strategy games, but I'll still try to say what I feel: Gimme! GIMME NOW!
You may not like these games, but I sure do. Ridge Racer is a high quality racer with fun multiplayer that's also on a handheld! What more do you want from a racer? Whatever it doesn't give you, NFS:R will.
Metal Gear Acid is an awesome strategy game. You know, strategy? Where you have to think? Occasionally?
And for puzzles, which are a big portable genre, Lumines is a big deal. It's fast, fun, has a good multiplayer, has a good soundtrack, looks good, and has good short-session playability.
You can wait as long as you like, and that's prudent. But don't assume these titles aren't must-have just because you don't like the genres. For anyone who's into these kinds of games, the PSP has some kickass titles.
Slashdot Mirror
Of course, you don't need me to tell you this, you could just check the documentation yourself.
C'mon, can you even pretend to look into things before you FUD them? There are plenty of valid criticisms for Rails, if you care to find them.
Rails has everything you need to make the webapp secure. Everything.
The bug was in a wiki'd tutorial and was only up for about 30 minutes before corrected but you'd think that every single Rails developer has horns now. Most people never even saw the tutorial during that transition.
If I call your SQL line directly, isntead of going through the framework, how exactly can said bypassed framework protect you? Rails gives you a trivial way to safely execute arbitrary SQL, and several ways to execute specific types of common SQL qualifiers on common actions (like find-by-id or find-by-field).
Please, stop FUDing.
YARV is Rite, now (I linked the announcement Matz made).
The point of YARV is to make Ruby run faster (as in, the VM itself is optimized and has JIT support being built), and help reduce memory footprints (Ruby code-as-text is reduced to ruby-code-as-bytecode). It moves towards both these goals with "superinstructions", which are statistically common groups of instructions that are made into one.
Before people mention it, RISC architectures are considered by many to be best for hardware, but in VMs, CISC architectures are generally better (and that's why YARV is a CISC system).
YARV may not speed up rails all that much though. Rails allready can cache and serve pages at the limit of the web server's caching ability, and with action caching (which is slightly more set back from page caching) you get nearly the full speed (1000req/sec instead of 1500req/sec).
There was a brief example of this on ONE of the wiki-based tutorials in which the person posting the tutorial didn't use Rails's built in SQL search features or safety features. Because of this, there was an SQL injection hole. It was promptly corrected.
No amount of safety can make up for novice mistakes. Rails provides everything you need to make secure webapps, and it lets you do it painlessly.
Justin is a respected and skilled Java developer who's got a Developer's Notebook for Spring set to hit the shelves any day now.
The app he wrote was quite complicated, and he freely admits that Rails got some free jump-starting because of his understanding of the domain. But you're going too far in saying he'd get a 50% speedup from a rewrite. His Java codebase needs work, but not that much work.
He observed that the more complex the action, the faster RoR ran compared to Java. This is very counter-intuitive, so he went into an explanation of why.
The blog is not a ruby-on-rails application.
In software production, oursourcing is a mistake begat by a mistake, not a solution to the slovenly state of US developers. Indeed, the US has a lot of developer talent that companies refuse to hire because, in the minds of accountants, it makes no sense to hire one expensive and skilled developer when they could hire three cheap inexperienced developers at a lower cost.
This roots itself in the false assumption that three newbies can do the work of one skilled developer. The truth is this is almost always not the case. But projects keep failing, and accountants and managers busy themselves by missing the point and hiring more people more cheaply. I mean, the problem was they spent too much, not that they did too little.
The assumption that high level managers love to make is that 90% of all workers are equal in their capacity for toil in the proverbial salt mines, and the other 10% should be moved into management. It's a horribly wrong and misguided assumption, but it's what's lead us to the near slave-wage practices of visa'd immigrants and the absurd situation with outsourcing (which has backfired badly). Big companies are floundering on IT work, and floudering badly.
Meanwhile, American based Software amd Research and industry is enjoying something of a grass-roots revival. Lots of small, agile companies are popping up making focused products that no big software haus can possibly compete with. American research is more and more about the working demo than the paper (although when appropriate, the Paper is almighty).
Even better for American research, we've got compaies doing it privately but publicly disclosing the results. Yes, Avaya, I'm looking at you and giving a big thumbs up.
You're right though, that the destiny of the American Software Industry is at a turning point. Either we make it or break it at this point. Big companies need to make the jump to small, agile software units. Open Source and Agile Development are making big inroads in this, and these techniques are an American invention.
At the same time, American universities are having this huge influx of foreign talent and these folks are realizing that if you're bright, now is the time to make a startup! It's like we've finally hit the point in time when the ".com bubble" should have begun to form. We have the tech now, we understand the practices. All we need to do is shake off the dogmatic policies of corporate fear and do what Americans are notorious for doing best, "Getting it done."
So, I program for Lockheed, and therefore for the Air Force directly, and I can tell you the kind of feedback we've been getting. I can also tell about the kind of feedback we got when I was hanging around the Computer Security groups at UCSB's graduate labs.
The Government seems fed up with Computers. They need them, they need them incredibly badly, but they can't seem to get exactly what they want. This goes for both contract work and research work. I'll adress it in two parts.
For Research Work: Two major factors are at work here. First is the rule of 80/20. We can do 80 percent of what DARPA (or whatever they're named this week) wants, but that last 20% ("Now make it distributed!" or "Now make it fault tolerant!" or "Now make it cryptographically secure!") needed to make the system usable is really really hard. Lots of research projects have hit dead ends. You expect this to happen in research, of course, but still...
Also, I always got the vibe that DARPA was more than slightly pissed off with us Open Sourcing everything left and right. Maybe it was just us they seemed cross at (and by cross I mean grants and funding tended to shift away from projects with lots of open source offerings), but I've heard other folks doing research mention this too.
I mean, you can easily get the impression that the Government has an attitude of, "You're supposed to be working for us!" Every time a group open sources DARPA-funded stuff (or the components of it, which is usually the case), other people benefit from the research. This may leave a sour taste in the mouth of the accountants over there.
For Contract Work: The US Government's policy is horribly broken. "Cost Plus" contracts may have been great in the 50's for jets and stuff, but we're reaching the point with computer systems and software where we're proving that Design Up Front does not work for large projects.
But, the various millitary branches have so much CYA (Cover Your Ass) paperwork, precedent and process that they cannot disentangle themselves. It's a really bad situation for them, because they have to adapt or die, and they're dying. This is not to say that the Army or Air Force will "go out of business," it's that projects... multi-billion dollar projects... are failing every year now. New projects, huge projects that even a lightweight process would need hundreds of people to deal with, are starting at costs that are so low they'd barely turn a profit for a contractor, because the Army/Navy/Air Force expects to fail.
What I think the Government really needs to do is become more tech-savvy in general. They need to start paying top dollar to hire the best engineers. No more of this "We Give Good Benefits" junk. The Government needs to have its own research groups and they need to be driven by results, technical excellence, and they need to have open-ended budgets (that are limited by results).
I didn't see the troll-post, had been modded. I thought you were one of said whiners.
My apologies.
You're totally right that sometimes we need menubar-less applications, and I think that Dashboard is going to be the king of these sorts of things.
The problem with apps that do that sort of thing on OS X these days is that they're hard to get right. The developer has some hard choices. Do you clutter the Dock with an icon? No? If so how do I close your app, how do I relauch it? Do you put a Menubar Item up there? Isn't that contributing to the clutter? Do you make the app float on top or below? How do you explose it to the apple-tab mechanism?
Dashboard is going to resolve all that and give us a slick new way to microapps.
CoreImage and CoreVideo are going to make these effects go as fast as they can on your hardware. It puts the power to do what the Quartz EX people have been doing into the hands of developers. Of course it won't be as fast on older machines, but that doesn't mean it's going to be any slower. Indeed, I'm sure we'll see a speed boost. And when developers can leverage these algorithms then suddenly 3rd party apps become faster too, which really helps with the perception of OSX's speed.
CoreImage and CoreVideo are groundworks for future apps, and proof that Apple really does care about the quality of tools available for its developer community.
If we based our criterion for software features based solely off how many people could derive immediate benefit, we'd end up with Windows, where the masses rule your OS. Apple is growing the OS towards certain goals. CoreImage and CoreMovie are cool, but they're only pieces in a larger puzzle.
Then I suspect you're not paying attention. Or not thinking about the implications or these products.
See? What did I tell you. You're missing the point. Let me bold it so you don't miss it: Spotlight unifies application and file data together! You may be the king of organization, fastidiously organizing every file, but when it comes time you find an address in AddressBook or a Mail in Mail.app, you still need to open these apps.
Spotlight is going to make the content of various apps searchable from a single point. So instead of deciding where to go, opening that app, and using its search feature, you open one search dialog and get all the relative hits. Any Mac user who's tried LaunchBar or the up-and-coming Quicksilver can attest to how powerful this idea is. Being able to open and control apps all from one small, powerful, searchable interface is fast, fun, and efficient. It also follows the theme of Apple caring about its developer community. Your app provides the data in an indexed format and Spotlight integrates the searching into the OS for almost not cost (you need to tell spotlight how to read your data).
This means that your bookmarks, RSS feeds, IRC/IM logs, text files, OmniGraffle documents, whatever, they all get cheap, fast, OS-integrated searching at minimal developer cost.
Excellent example of where Spotlight could do some good. Searching your feeds. Safari stores them and makes Spotlight.framework aware of them, and you get powerful, fast, integrated searching of your feeds.
NetNewsWire and NewsFire will add this as soon as Tiger comes out. You watch.
Incedentally, it seems that the next Safari is going to have incredible HTML and CSS support. This RSS thing is probably just an example to show how to leverage their new XSLT and CSS3 handling. The new web framework looks amazing, if the developer's blogs are to be believed.
For anyone who does develop
Yeah, but the Dashboard stuff is significantly better than Konfabulator, and it's going to have a development API that isn't retarded.
Since I'm going to buy 10.4 anyways, why-oh-why would I buy Konfabulator as well?
I can easily make a portal page from del.icio.us, by using the rss feature combined with tags search. I can dynamically query and feed my del.icio.us bookmarks into my blog or webpage info. I can integrate them right into my browser UI with Firefox's "live bookmarks". Compare that to them sitting in a directory, statically, on my home computer.
The days where web apps are tarpits of information are slowly disappearing. Soon, apps will interoperate with each other because it provides a competitive advantage (want to move from livejournal to blogger? Blogger is going to make this as easy as possible for you, and Livejournal provides the interface because people use it for site syndication). Already, data sharing is very easy, and getting easier. It's only a matter of time before the real tipping point happens, and then the real question will be "Who has the best interface for handling my data," instead of "Who will avoid squirreling my data away in a dark hole."
Some people use del.icio.us as a social service, but I think they're in the minority. Most people I talk to (myself included) use del.icio.us as a way to organize and sync bookmarks between multiple machines.
.
And now as I use the service more with FireFox's "Live Bookmarks" feature, I use it to make a "hotlist" of new stuff for given topics. You can keep an eye on certain tags, watching for new links. I can, for example, keep an ear to the ground for ruby links with a live bookmark pointed at http://del.icio.us/rss/tag/ruby/
To go even further on researching a subject, I can find a link I liked and check the relevantly tagged entries of other people who made that link. Maybe they found something I missed.
I was skeptical of del.icio.us, and I was a pretty late adopter, but I'm a believer now. It's a very cool service.
You're making FUD, even if you don't mean to.
Let's break it down:
WRONG! This is not true in our scenario. Mac OS X infers filetype by file extension in the absense of meta-data. Since sending a lone file via email will strip that meta-data, the OS relies on the filetype. If it is aBut let's say you have another exploaitable application, or you send a .DMG (disk image), which OS X can open and which may have scripting elements which can damage your system. Then you get a dialog box warning you that opening things right frome email is about as safe as necking with a leper.
Hopefully this is true, but many users do not realize that some file types can be hazardous. For instance, people are trading quicksilver plugins these days, and these execute when installed. Can you say "safe-looking filetype" vector?The secret to all those mail-based attacks was that they looked innocuous. Mail.app makes it harder, but not that much harder.
WRONG! They can install all kinds of things locally! Did you realize your ~/Library directory is writable by you? You do realize what I can do to you if I can write to that directory. God help you if you use APE and someone leverages that fact.Still, they have to get something to execute. Email virii have been so successful because they get to circumvent all your fancy security measures and go right to the user, asking the user to let them through just like any other common-day chore. This is extremely challenging to guard against, precisely because it looks like normal use.
This is exactly what people said about email worms back before they were common. I remember. No one realized how fast they really could spread.No, it's not like you're totally wrong. OS X has very good out-of-the-box security. Its patched most of its "execute-by-clicking" web browser problems and its remote
My way of remembering?
Examples are Great, for e.g.
In Exact terms, for i.e.
Well, the problem with homebrew PSP games is that Sony is the only one who can make UMD disks. This is kind of a cramp on the style.
But, there is a ray of light. The PSP can execute from the memory card. Sure, you need a pretty big stick to hold a good game, but it's doable.
So right there it's far more friendly than the DS or GBA to indie work. Also, add in the fact that games aren't region coded, and I can't help but wonder if this is one of Sony's secret plans.
Not to mention the fact that the game is visually and audibly stunning is also key. At the same time, it's actually quite a bit more difficult than tetris.
It's the best launch title by a fair margin, so give it a fair chance!
You are correct.
:)
However, I'm low on sig characters. Really low. I can't fit that in. So I took "for example" because it gets the point across.
As for the touchscreen, all I can say is Yetch. I really dislike it, for any use. Maybe some kind of Mario Party game will make use of it (and it might be a context where Mario Party will really shine). But I couldn't get used to it.
But then, that doesn't break my heart. I'm not exactly a fan of FPSs on handhelds. That vampiric genre has sucked the life out of PC games already. I'm happy that portables, thus far, have been free of it.
On the games issue...
Well, Lumine is not a rehash. I've played this game more than any other so far. It's a bizzare, trippy puzzle game that kicks a fair amount of ass. I really want to try the multiplayer. Metal Gear Acid is a fairly neat take on tactical games, using a card-based system. I'm enjoying it quite a bit.
Ridge Racer is not anything new, per se, but that doesn't mean it's not a damn fun game. Dynasty Warriors is much the same. It's not supposed to be new, just provide a kind of mobile experience for the existing game. I got to try (but haven't bought) Wipeout Pure, and it's a very very solid game.
Keep in mind some of these titles don't have to be new, they just need to be fun, reliable games that work well on the PSP (especially with the PSPs crazy multiplayer and internet play abilities).
Surely it does. The PSP's specs actually slightly exceed that of the PS2, and the PS2 can emulate most of those late 90's games-with some exceptions relating to devices, of course.
But remember, emulating those old games is much easier on a portable because the screen, large and beautiful as it is, is still smaller. You can get away with less detail and let more things slide because people just won't be able to notice. Much like the free anti-aliasing effect consoles enjoy when displayed on televisions.
Oh, and I've talked to someone with a PSP developer kit. Heresay, so take it with a grain of salt, but by all accounts the PSP developer experience is not the painful ordeal that PS2 development is.
More powerful, more portable, better networking, AND easier to code?
Umm, someone allready did. The PSP comes with a remote just like the iPod's. So you can do all the ipod-remote things, like fast-forward, skip back, raise the volume, etc... I haven't tried using it yet though.
As for the interface, it's not as elegant as the scroll wheel, but it does have an analog stick, which will make it possible to make a reasonable if not award-winning experience.
My concern is more with memory capacity.
Oh yeah.
You think that touch screen is not an extraneous feature? If Nintendo was going to do something with it, they had a chance at launch.
Because the DS has so many more games! Wait, that's wrong. You realize how few games the DS has, right? The PSP has some strong launch titles and some good games are in the pipe allready. The DS, on the other hand, seems almost stagnant.
We're still waiting for Nintendo to release that darn Metroid game that has been demoing since launch, and I've tried using the DS's screen as an analog controller. It sucks!
I can't look into the future and say that the PSP wins out, but I sure hope it does. It really is a superior console, and the games its offering fill out genres and franchies I'm far more interested in.
- Ridge Racer : This game is an awesome arcade racer. The multiplayer is terrific. The graphics are practically PS2 quality.
- Lumines : This game is the puzzle game I've been pining for for years. And it's drop-dead beautiful.
- Metal Gear Acid : A tactical/strategy game? Metal Gear Franchise? Card-based mechanics that don't suck? I may not be as eloquent of Tycho about strategy games, but I'll still try to say what I feel: Gimme! GIMME NOW!
You may not like these games, but I sure do. Ridge Racer is a high quality racer with fun multiplayer that's also on a handheld! What more do you want from a racer? Whatever it doesn't give you, NFS:R will.Metal Gear Acid is an awesome strategy game. You know, strategy? Where you have to think? Occasionally?
And for puzzles, which are a big portable genre, Lumines is a big deal. It's fast, fun, has a good multiplayer, has a good soundtrack, looks good, and has good short-session playability.
You can wait as long as you like, and that's prudent. But don't assume these titles aren't must-have just because you don't like the genres. For anyone who's into these kinds of games, the PSP has some kickass titles.