You know, its pretty fashionable to argue these days that CEOs are just like everyone else, interchangeable parts that you can just get rid of. Steve Jobs isn't one of them, and I don't think Bill Gates was either, for that matter.
But, in the case of Steve Jobs, the dude could walk out onto a stage, show you a product, and you would think, wow, that's really brilliant.
Regardless of how Shiller is, he's not the guy that founded Apple, beat developers into the ground trying to make a product better. Sometimes took the company into the ground chasing after a vision but a lot of times made a mountain of money chasing after the same.
You can't get the same vision from somebody who runs as a company as you can get from the guy that founded it. Even for CEOs, its just a job, but for founders, its a vision, and I'm going to miss the Apple of Jobs old, even as I miss the Microsoft of Gates the Evil.
I would have thought you would have learned the lesson right now that nearly every manmade change to climate has come from the unforseen consequences of massive scale of deployment of a technology.
People that have the idea for the next big thing, really have lots of ideas for lots of next big things. They just can't help it. If you've only got one idea, probably it sucked anyway and you shouldn't get too wrapped up in it. We all can't be creative people, any more than we can be rock stars.
By any reasonable estimation, the size of a solar panel must be considerably larger in area than the roofline of the building that it powers, particularly in cities. So.. yeah, there is huge land use issue with solar panels. For every building that you see, you will need a solar panel with several times its surface area to power it. Run that through your mind and ask me if there's not going to be an environmental impact. It's obvious.
McCain was everything that you said the GOP needed and he got destroyed
I was wrong about McCain, but a look at the demographics of this election is illuminating. Free trade cost McCain dearly. Every state that McCain lost is a state that has lost big in free trade, and that includes Virginia and North Carolina. The conventional wisdom is that values don't matter and Republicans should stick to their economic guns, but its just political suicide.
And what exactly do you think a different looking new model every year is then?
GM, even early in its history, understood that the largest market for cars, by far, was used cars. So, they targeted their builds only for people that were slightly more affluent and wanted new cars. Microsoft, on the other hand, tries to upgrade everyone. GM would never say that you cannot drive a car after 10 years, but that's what Microsoft does with Windows versions.
Japanese car manufacturers saw the folly on this and moved to much less dramatic changes year/year.
Well, no, the Japanese just did marketing. They didn't have the resources to do marketing rollouts of all new brands, so they just kept the same brand in place to build on for a customer experience. But also there is a cultural thing too, in that, a GM car or a Ford car is designed to be a story by itself...a sort of a rolling work of art. You couldn't just keep Chevelle or Vega around, because the Vega story or Chevelle story just isn't the same.
We reported a serious bug with their compiler. Their answer, written in legalese, was a f**k off letter
That sucks. I actually had written a rather scathing review on my blog about Visual Studio 2005 for C++ programming, and went through comparing it to KDE KDevelop 3.x. My point was that Microsoft isn't doing crap for SDK and C++ developers and its true, honestly, but you know that as well as I do. I got a rather polite email exchange from one of the Tools leads, and to some extent, they did respond.
1. You can site them anywhere. Solar and wind have to be sited where there is solar and wind.
2. They are available 24/7. Solar and wind are up to mother nature.
3. They have a higher power density. You need less area to power a bunch of homes. This translates into more safety, and ultimately a lower land use footprint, leaving more room for, well, things that live in the environment.
4. Lower environmental risk. We have barely studied the long term effects caused by draining energy out of the wind, or, of robbing the ground from solar energy to convert to electricity. The aggregate effects of billions of windmills and solar panels upon the earth are not understood. With nukes, we know the risks. We might have a meltdown, some radiation, and a leak, but that's about it.
Microsoft has a lot of its cash sitting in mortgage backed securities, corporate bonds, stocks and other things that are devalued. Right now they have a lot of t-bills, which currently are effectively paying negative interest. That's where their balance sheet is getting whacked.
For product naysayers, the facts are thus:
a) Windows sales are UP. Not only Vista sales have largely gone off ok in the OEM space, but, Windows Server 2008 sales are going well. However, Microsoft did say that the sales are not up as much as they would like as they are more aggressively pricing OEM installs. Guess which OS they are competing with here!
b) Tools sales are UP. Visual Studio sales are up.
c) Office sales are up. Everyone is still addicted to Excel and those new ribbon bars moved the upgrades.
d) Online sales suck. Microsoft last a half a billion dollars in the online space, this time due to the acquisition of yet another company that no one heard of. [who wouldn't want to own one of them]
e) XBOX revenues are down, owing to price cuts.
So, there's some sad spots, but, overall, I'd say that Microsoft is a fundamentally profitable company that has to lay off a ton of people to remake the cash they lost due to an inept accounting department.
1. GM, back in its day, would have never have pushed out Windows upgrades after upgrades. GM in its prime basically kept the same tool and die in place for 20 years and didn't invest in improved engineering and manufacturing techniques. Microsoft has tried to avoid this. AS a rule, the quality of Microsoft products has improved over time. I remember having to set DIP switches to get Windows 3.1 to boot, or fiddle with config.sys and himem.sys to get DOS to start, and every instance of Windows I've had has had some issues coming down the pike. Vista, for me, has been rather famously stable and I dread leaving it for Windows XP when I have to.
2. Microsoft doesn't ignore the customer. They just have a lot of customers that don't care about security. Look at how many people complained about Vista's UAC dialogs, when, my Linux box has had the same thing for quite some time.
3. Microsoft's vision isn't at the top, its in the head of each of the product groups. There is a vision to Visual Studio and C#, even if a lot of us don't like it. There is a method to the madness of Office and there is certainly a vision to Windows.
That's not to say that Microsoft won't go GM on us. They always could, but, they at least see that they need to make changes to improve.
I think we on the right need to stop crying about the "left wing" media, when, we now have our own media outlets too. We dominate radio, we have a good and growing presence on TV, and our print is expanding while theirs is shrinking.
The fact is, we lost this election because the Republican Party has tried to fuse libertarian economic policies with social conservatism and that plan could not work at a time when libertarian economics is in considerable doubt. The conventional wisdom is that Republicans should focus on free trade and low taxes and drop the religious stuff, but that's political suicide given that the religious stuff has kept Bush in the oval office despite two wars and the economy in the tank. Tossing out the entire south and the midwest to placate a few libertarians arguing the proliferation of Walmarts, Toyotas and plenty of imported Chinese stuff is a good thing for America seems hardly a winning message.
If the GOP wants to win, it needs to get more country, more parochial, wrap itself in the flag even more, ditch the free trade, and be as much in favor of Made-In-The-USA on economic issues as it is on social issues.
1) Be nice to unions 2) Tout American stuff 3) Support the bailout of Detroit
Right there, with that, the GOP picks up PA and OH and probably even Michigan, and that wins oval office. Support the repeal of the voting rights act, stay anti-abortion and pro-gun, and that locks up the south.
Instead, we had John McCain running around arguing about saving America and putting country first, while at the same time defending free trade. Charges of isolationism are silly. Remember, America re-elected George W Bush in 2004 because he told the United Nations to pound sand, not in spite of it. Remember, in America, when Jesus wants to go hunting, he does so in his Chevy.
You may as well rename this, "Crackpottery goes mainstream". Instead of calling a few people, doing a couple of interviews, writing up their impressions as a story, journalists will now have automation to help them do what nuts do. Just like so-called UFO, alien and jfk assassination researchers do manually, journalists will be able to arrange players, dates and events to fit any tale imaginable. Government, UN, corporate, environmental conspiracy stories will abound, and the sky is the limit.
You, my friend, are the one that needs to think for yourself. You seem to think that tolerance for tolerance sakes, is really a social advancement, when really, it is part of an overall set of tools advanced by corporate interests designed to reduce us to interchangable parts. Frankly, christians sticking with christians, jews with jews, and so, families preferring family members, seems to offer more lasting, real promise, than, some wishy washy corporate social model that has brought us 10% unemployment, 10 trillion dollars of government debt, and a total dislocation of the world economy as the rich line up for a bailout at our expense. These parachial values that I mentioned might have some problems, but, they did produce a viable economy and lasting culture that persisted successfully for almost 2,000 years. What does your corporate multiculturalism done for humanity lately, that compares to the culture that produced Raphael and Bach?
You only call me a troll, in this case, because you don't want to acknowledge the truth of environmentalism. At its heart, fears of environmental change are designed to protect the current status quo.
Usually when there is a huge contraction of the human population due to some rapid calamity, the economy improves for the survivors. Just look at how the black death was instrumental in the birth of a middle class because the price of labor went up in Europe.
That's the thing. Everyone looks at the rise in global temperatures and calls it bad, but if you live not on the coastlines, and in an area where your growing season is longer and you get better rainfall to match, then, a higher CO2 content is a good thing. When we talk about "saving the planet", we really mean to say, to preserve the current climate so that current real estate values remain the same, but economically speaking, if you are a guy in upstate PA who owns what could become beachfront property, or a major port, then, greenhouse gasses and rising sea levels are a boon.
The problem with curbing CO2 is that the strategy only works if, in fact, manmade CO2 is the sole source. Now, today, it may well be, but there are plenty of natural forces out there that can add significant and climate altering CO2 and other greenhouse gasses to the atmosphere. What climate science teaches us, and this is unfortunate for environmentalists, is that the climate must be managed in the best interests of humanity and humanity first.
I mean, seriously. You know, everyone continues to rip American culture for its reluctance to accept everyone else's quirks, but god forbid you know, you draw a picture of mohammed or ask a woman to dress, like, its the 21st century. Tolerance is a two way street, and I'm not seeing too much of it on the other side. I see muslims dressed up in full jihad regalia of those beards and stupid suits they were, and I just think, f-- them. I know that, if the power roles were reversed in the USA, muslims are and would be far less tolerant of christian culture than christian culture is of them. Mod me down for being politically incorrect if you want, but when you do, kindly point out the block of muslim nations that have the same level of civil advancement as the USA, Canada, UK, France, or even Germany.
The latter can be done via existing ACLs in both Windows and Linux.
User based security isn't really designed to do this problem. Could what you describe work? Yeah, it could, but it has problems.
a) You have to your server Logon and Logoff a user every time you called a function in the plugin. What if the "plugin" user creates a file.. it then has to have a notion of the a user it can grant permissions to on that file so that the plugin owner user can see it. Now your audit trail is messed up... the plugin user is the guy that gets all screwed up but really it is the human user that you want to audit. the plugin is really the agent that is acting on behalf of the user.
b) Suddenly you have to have the installer have rights to create administrative accounts.
c) Conceptually, its a dubious proposition.. I mean, how many network admins would let any user create a new user that delegates their own ids to someone else? In essence, that's what using user security to solve the plugin problem does.
You know, as much as everyone hates Clippy, Microsoft sold so many copies of Office that there's bound to be a few million people that like him. I would be willing to bet that anyone who wrote a spreadsheet with a clippy like help system would wind up making a pretty good amount of money. For what its worth, I think today's Office help absolutely sucks compared to Clippy. FOr me, that text box of asking what Clippy I wanted to do was usually pretty damn good. Clippy always came through for me.
I think the idea of a personified computer, creating one that expresses interaction, is something that Microsoft should have stuck it out with. Someday, some competitor is going to look at the ashes of clippy, and bob, have an "aha moment", identify where it all went wrong, and everyone will be cheering a great breakthrough in technology.
It wouldn't be the first time this happened. The US car companies put a lot of money into a lot of automotive and engine technologies that didn't see a practical light of day, and, ultimately, the likes of Toyota and Honda would pick up the pieces and run with them in the late 1980s and establish themselves not just as low cost alternatives but as technology players.
And, I will tell you, I know exactly what Microsoft's failure was with Clippy, right when I announce my new Storky based help in my spreadsheet!
At the end of the day, both IE Active X controls and Mozilla plugins have the same fundamental problem. They are native code DLLs, and so, cannot be verified so easily by the browser when downloaded and so a user could always install a plug in, when running as administrator, that could call DeleteFile or any other Windows API.
The most interesting promise in plugins is Google Chrome, which allows for verifiable native code and thus sandboxing of plugins. However, as you already pointed out, this only really matters because, you can't set ACLs to functions under Windows, only to users.
The ideal mechanism for DLLs, that is internet safe, would be to be able to say that a caller could specify the permissions of the DLL when it was running. So, if I were writing a FireFox or an IE, or some sort of internet loadable thing, I could say, yeah sure, go ahead and let me load up this DLL, and I'll just tag it so that it can only call a certain set of Windows OS functions, and for that matter, only a set of Windows OS functions with a particular set of handles. Like, the DLL's functions could only call GDI functions with the DC I supplied. I would also like to say that the DLL could only access certain pages of memory. For that matter, I would like to be able to do that to my own application, so that, a buffer overrun or some other malicious code couldn't do anything... other than hose me myself, and even then, my own internal states and document would be protected.
I would bet that you could hack some of this into Windows, basically by modifying the way GetProcAddress and LoadLibrary worked. To LoadLibrary you could add a permissions mask that would, for that HINSTANCE, modify how that library's GetProcAddress worked. So, if loaded up a library, I could set it up so that when it called GetProcAddress, to say, find out where DeleteFile was, it would instead redirect itself to my sandbox chumpy saying that this was a no-no.
This would improve matters, but it would not be perfect. Ultimately, I think, the whole mechanism of a function call would need to have an associated "allowed" set of function calls be associated with it. IF there was maybe some chumpy in the kernel that would say, "just block all these syscalls", but even then, that would only address the file system type of stuff, which is good, but you also want to use that mechanism to cover everything else. It may well turn out that everything has to be a file in order to make this sort of safe and securable sandboxing actually work.
I guess my question to Linux people would be, doesn't Red Hat have something like this in its enhanced security? Like, you can at least tag applications with permissions but could it work with function calls?
In 1995 or 2000 I would be inclined to agree with you, but, is the same Microsoft still around? When Bill Gates was at the helm, or more importantly, employee stock was treated differently by accountants, you could count on Microsoft to be focused and deliver a good ass whooping as needed. I still think Bill's best moment of crushing was his destruction of Borland. First, he rolled out with VB to counter their C++ and OWL. Then, when Borland (why did they do this...bought Ashton Tate), Bill Gates opened up his phone book and bought tiny Fox Software, which everyone in the old xBase world knows made a much better product. I remember reading that, and I was a big Borland fan, but I just fell out of my chair laughing.... I thought, Fox, with Microsoft's backing, and Borland was finished. But of course, Gates was not. Not content with one desktop database, he then turned around and wrote the big check and got Access 1.0 and Access 2.0, both of which were ridiculed and are still ridiculed, but there's a ton of those 'mdbs out there to this day. So he had a friendlier programming tool, and two databases that were better than Borland's one database tool (which, to make matters worse for Borland, was insanely late). Yeah, Borland would later roll out with Delphi, but, by that time, the contest for desktop dominance was basically over. Delphi was cool, but VB was entrenched, Visual C++ had arrived, and there was FoxPro, Access and a budding SQL Server for database. IT was just over for Borland.. Gates made all the right moves, and Borland honestly made the wrong ones. What's ironic now, is that the guy that wrote Delphi is the guy that is now leading the charge on.NET... and I'm sure Anders is smart and all, but, like, why hire the loser? VB won, Delphi lost, and now Microsoft has the Delphi guy doing its languages. It just seems kinda stupid.
More important is the fact that ActiveX is a BAD IDEA
ActiveX was hardly a bad idea. All ActiveX is is, is a marketing term for COM, which is nothing more than a way for binary executable files to talk to each other in a rich and programmer friendly way. Saying ActiveX is a bad idea is like saying "C" style externs on libraries are a bad idea. You have to call a library somehow. ActiveX is just a technology for calling libraries.
Two problems really hurt ActiveX. The first hurt all libraries on Windows, and that was the default path for loading a library forced multiple applications to share a single library amongst themselves and so if there was a breaking version change in one, then both apps would go down.
Now, the one part of ActiveX that was a bad implementation was the registry. The idea behind the registry was simple enough - to make a better Windows INI file because scanning text files for a central object repository was so slow. The idea of first OLE 1 then, COM is that an application would query the repository using a known symbolic name of a component using either a GUID or a name that maps to a GUID. The Registry just tried to make this thing more centralized, and easier to manage through tools, and to have better performance, all of which, they achieved, but, what MS missed the boat on was that in an era where memory and disk were becoming cheap, it made more sense to just have different copies of the same COM object floating around.
Now, the one question I have, which I should probably test, if I were still really into COM, is what happens if you only specify the name of a binary but not its path in the Windows folder. I would think that because CoGetClassObject runs in the context of its caller, then, you could have multiple applications each with its own object path so long as the InProcServer reference associated with the CLSID only had the name of the binary and not its full path. If you were doing ActiveX today I would think that would be the preferred way to go, because that would allow, indeed, require each application to have its own copy.
Of course, in the bad old days, everyone used to shove everything in the Window folder and then, even worse, MS used to essentially delegate OS updates to application developers so you could have Joe's Paint Program go and blow away all the COM underpinnings of Windows with a version for the app.. and the OS wouldn't care. I actually in test, actually replaced the Windows 95 32 bit COM stuff with 16 bit Windows 3.1 COM whilst writing an installer, and, well, it was a rather painful way to trash my desktop, I must say.
The point is, though, the bad idea of objects isn't objects, its the central registration and built in conflict of multiple versions.
Everyone trashes Active X as a security problem while Mozilla plugins get a pass and this is rather silly. The essence of both is that you download a DLL and it runs arbitary code in the process space of the browser (and then hence, often the user). Active X is just a different way of talking to the DLL, nothing more.
If you can run flash plugins, java plugins, and other plugins, inside of a browser, they can and will have the same security problems that plague Active X. It's random binary code that a user gets off of the internet.
SERIOUSLY, ANYONE BITCHING ABOUT ACTIVE X SHOULD JUST READ THIS GODDAMNED LINK.
You know, its pretty fashionable to argue these days that CEOs are just like everyone else, interchangeable parts that you can just get rid of. Steve Jobs isn't one of them, and I don't think Bill Gates was either, for that matter.
But, in the case of Steve Jobs, the dude could walk out onto a stage, show you a product, and you would think, wow, that's really brilliant.
Regardless of how Shiller is, he's not the guy that founded Apple, beat developers into the ground trying to make a product better. Sometimes took the company into the ground chasing after a vision but a lot of times made a mountain of money chasing after the same.
You can't get the same vision from somebody who runs as a company as you can get from the guy that founded it. Even for CEOs, its just a job, but for founders, its a vision, and I'm going to miss the Apple of Jobs old, even as I miss the Microsoft of Gates the Evil.
long have trees been around...
I would have thought you would have learned the lesson right now that nearly every manmade change to climate has come from the unforseen consequences of massive scale of deployment of a technology.
People that have the idea for the next big thing, really have lots of ideas for lots of next big things. They just can't help it. If you've only got one idea, probably it sucked anyway and you shouldn't get too wrapped up in it. We all can't be creative people, any more than we can be rock stars.
1. You can site them anywhere. Solar and wind
have to be sited where there is solar and wind.
Fuel Transport
Next time you can lug the sun around in the back of a truck, or pipe the wind, just let me know.
I'd say that if robbing wind energy were at all a detriment to life, trees pretty much would have killed us by now.
That's like saying if, cars were a detriment to life, then CO2 would have killed us by now.
By any reasonable estimation, the size of a solar panel must be considerably larger in area than the roofline of the building that it powers, particularly in cities. So.. yeah, there is huge land use issue with solar panels. For every building that you see, you will need a solar panel with several times its surface area to power it. Run that through your mind and ask me if there's not going to be an environmental impact. It's obvious.
McCain was everything that you said the GOP needed and he got destroyed
I was wrong about McCain, but a look at the demographics of this election is illuminating. Free trade cost McCain dearly. Every state that McCain lost is a state that has lost big in free trade, and that includes Virginia and North Carolina. The conventional wisdom is that values don't matter and Republicans should stick to their economic guns, but its just political suicide.
And what exactly do you think a different looking new model every year is then?
GM, even early in its history, understood that the largest market for cars, by far, was used cars. So, they targeted their builds only for people that were slightly more affluent and wanted new cars. Microsoft, on the other hand, tries to upgrade everyone. GM would never say that you cannot drive a car after 10 years, but that's what Microsoft does with Windows versions.
Japanese car manufacturers saw the folly on this and moved to much less dramatic changes year/year.
Well, no, the Japanese just did marketing. They didn't have the resources to do marketing rollouts of all new brands, so they just kept the same brand in place to build on for a customer experience. But also there is a cultural thing too, in that, a GM car or a Ford car is designed to be a story by itself...a sort of a rolling work of art. You couldn't just keep Chevelle or Vega around, because the Vega story or Chevelle story just isn't the same.
We reported a serious bug with their compiler. Their answer, written in legalese, was a f**k off letter
That sucks. I actually had written a rather scathing review on my blog about Visual Studio 2005 for C++ programming, and went through comparing it to KDE KDevelop 3.x. My point was that Microsoft isn't doing crap for SDK and C++ developers and its true, honestly, but you know that as well as I do. I got a rather polite email exchange from one of the Tools leads, and to some extent, they did respond.
They are more flexible and more reliable.
1. You can site them anywhere. Solar and wind have to be sited where there is solar and wind.
2. They are available 24/7. Solar and wind are up to mother nature.
3. They have a higher power density. You need less area to power a bunch of homes. This translates into more safety, and ultimately a lower land use footprint, leaving more room for, well, things that live in the environment.
4. Lower environmental risk. We have barely studied the long term effects caused by draining energy out of the wind, or, of robbing the ground from solar energy to convert to electricity. The aggregate effects of billions of windmills and solar panels upon the earth are not understood. With nukes, we know the risks. We might have a meltdown, some radiation, and a leak, but that's about it.
Microsoft has a lot of its cash sitting in mortgage backed securities, corporate bonds, stocks and other things that are devalued. Right now they have a lot of t-bills, which currently are effectively paying negative interest. That's where their balance sheet is getting whacked.
For product naysayers, the facts are thus:
a) Windows sales are UP. Not only Vista sales have largely gone off ok in the OEM space, but, Windows Server 2008 sales are going well. However, Microsoft did say that the sales are not up as much as they would like as they are more aggressively pricing OEM installs. Guess which OS they are competing with here!
b) Tools sales are UP. Visual Studio sales are up.
c) Office sales are up. Everyone is still addicted to Excel and those new ribbon bars moved the upgrades.
d) Online sales suck. Microsoft last a half a billion dollars in the online space, this time due to the acquisition of yet another company that no one heard of. [who wouldn't want to own one of them]
e) XBOX revenues are down, owing to price cuts.
So, there's some sad spots, but, overall, I'd say that Microsoft is a fundamentally profitable company that has to lay off a ton of people to remake the cash they lost due to an inept accounting department.
1. GM, back in its day, would have never have pushed out Windows upgrades after upgrades. GM in its prime basically kept the same tool and die in place for 20 years and didn't invest in improved engineering and manufacturing techniques. Microsoft has tried to avoid this. AS a rule, the quality of Microsoft products has improved over time. I remember having to set DIP switches to get Windows 3.1 to boot, or fiddle with config.sys and himem.sys to get DOS to start, and every instance of Windows I've had has had some issues coming down the pike. Vista, for me, has been rather famously stable and I dread leaving it for Windows XP when I have to.
2. Microsoft doesn't ignore the customer. They just have a lot of customers that don't care about security. Look at how many people complained about Vista's UAC dialogs, when, my Linux box has had the same thing for quite some time.
3. Microsoft's vision isn't at the top, its in the head of each of the product groups. There is a vision to Visual Studio and C#, even if a lot of us don't like it. There is a method to the madness of Office and there is certainly a vision to Windows.
That's not to say that Microsoft won't go GM on us. They always could, but, they at least see that they need to make changes to improve.
I think we on the right need to stop crying about the "left wing" media, when, we now have our own media outlets too. We dominate radio, we have a good and growing presence on TV, and our print is expanding while theirs is shrinking.
The fact is, we lost this election because the Republican Party has tried to fuse libertarian economic policies with social conservatism and that plan could not work at a time when libertarian economics is in considerable doubt. The conventional wisdom is that Republicans should focus on free trade and low taxes and drop the religious stuff, but that's political suicide given that the religious stuff has kept Bush in the oval office despite two wars and the economy in the tank. Tossing out the entire south and the midwest to placate a few libertarians arguing the proliferation of Walmarts, Toyotas and plenty of imported Chinese stuff is a good thing for America seems hardly a winning message.
If the GOP wants to win, it needs to get more country, more parochial, wrap itself in the flag even more, ditch the free trade, and be as much in favor of Made-In-The-USA on economic issues as it is on social issues.
1) Be nice to unions
2) Tout American stuff
3) Support the bailout of Detroit
Right there, with that, the GOP picks up PA and OH and probably even Michigan, and that wins oval office. Support the repeal of the voting rights act, stay anti-abortion and pro-gun, and that locks up the south.
Instead, we had John McCain running around arguing about saving America and putting country first, while at the same time defending free trade. Charges of isolationism are silly. Remember, America re-elected George W Bush in 2004 because he told the United Nations to pound sand, not in spite of it. Remember, in America, when Jesus wants to go hunting, he does so in his Chevy.
You may as well rename this, "Crackpottery goes mainstream". Instead of calling a few people, doing a couple of interviews, writing up their impressions as a story, journalists will now have automation to help them do what nuts do. Just like so-called UFO, alien and jfk assassination researchers do manually, journalists will be able to arrange players, dates and events to fit any tale imaginable. Government, UN, corporate, environmental conspiracy stories will abound, and the sky is the limit.
You, my friend, are the one that needs to think for yourself. You seem to think that tolerance for tolerance sakes, is really a social advancement, when really, it is part of an overall set of tools advanced by corporate interests designed to reduce us to interchangable parts. Frankly, christians sticking with christians, jews with jews, and so, families preferring family members, seems to offer more lasting, real promise, than, some wishy washy corporate social model that has brought us 10% unemployment, 10 trillion dollars of government debt, and a total dislocation of the world economy as the rich line up for a bailout at our expense. These parachial values that I mentioned might have some problems, but, they did produce a viable economy and lasting culture that persisted successfully for almost 2,000 years. What does your corporate multiculturalism done for humanity lately, that compares to the culture that produced Raphael and Bach?
You only call me a troll, in this case, because you don't want to acknowledge the truth of environmentalism. At its heart, fears of environmental change are designed to protect the current status quo.
Usually when there is a huge contraction of the human population due to some rapid calamity, the economy improves for the survivors. Just look at how the black death was instrumental in the birth of a middle class because the price of labor went up in Europe.
That's the thing. Everyone looks at the rise in global temperatures and calls it bad, but if you live not on the coastlines, and in an area where your growing season is longer and you get better rainfall to match, then, a higher CO2 content is a good thing. When we talk about "saving the planet", we really mean to say, to preserve the current climate so that current real estate values remain the same, but economically speaking, if you are a guy in upstate PA who owns what could become beachfront property, or a major port, then, greenhouse gasses and rising sea levels are a boon.
The problem with curbing CO2 is that the strategy only works if, in fact, manmade CO2 is the sole source. Now, today, it may well be, but there are plenty of natural forces out there that can add significant and climate altering CO2 and other greenhouse gasses to the atmosphere. What climate science teaches us, and this is unfortunate for environmentalists, is that the climate must be managed in the best interests of humanity and humanity first.
I mean, seriously. You know, everyone continues to rip American culture for its reluctance to accept everyone else's quirks, but god forbid you know, you draw a picture of mohammed or ask a woman to dress, like, its the 21st century. Tolerance is a two way street, and I'm not seeing too much of it on the other side. I see muslims dressed up in full jihad regalia of those beards and stupid suits they were, and I just think, f-- them. I know that, if the power roles were reversed in the USA, muslims are and would be far less tolerant of christian culture than christian culture is of them. Mod me down for being politically incorrect if you want, but when you do, kindly point out the block of muslim nations that have the same level of civil advancement as the USA, Canada, UK, France, or even Germany.
The latter can be done via existing ACLs in both Windows and Linux.
User based security isn't really designed to do this problem. Could what you describe work? Yeah, it could, but it has problems.
a) You have to your server Logon and Logoff a user every time you called a function in the plugin. What if the "plugin" user creates a file.. it then has to have a notion of the a user it can grant permissions to on that file so that the plugin owner user can see it. Now your audit trail is messed up... the plugin user is the guy that gets all screwed up but really it is the human user that you want to audit. the plugin is really the agent that is acting on behalf of the user.
b) Suddenly you have to have the installer have rights to create administrative accounts.
c) Conceptually, its a dubious proposition.. I mean, how many network admins would let any user create a new user that delegates their own ids to someone else? In essence, that's what using user security to solve the plugin problem does.
There's been plenty of times in human history where civilization reaches a certain peak and then backslides.
You know, as much as everyone hates Clippy, Microsoft sold so many copies of Office that there's bound to be a few million people that like him. I would be willing to bet that anyone who wrote a spreadsheet with a clippy like help system would wind up making a pretty good amount of money. For what its worth, I think today's Office help absolutely sucks compared to Clippy. FOr me, that text box of asking what Clippy I wanted to do was usually pretty damn good. Clippy always came through for me.
I think the idea of a personified computer, creating one that expresses interaction, is something that Microsoft should have stuck it out with. Someday, some competitor is going to look at the ashes of clippy, and bob, have an "aha moment", identify where it all went wrong, and everyone will be cheering a great breakthrough in technology.
It wouldn't be the first time this happened. The US car companies put a lot of money into a lot of automotive and engine technologies that didn't see a practical light of day, and, ultimately, the likes of Toyota and Honda would pick up the pieces and run with them in the late 1980s and establish themselves not just as low cost alternatives but as technology players.
And, I will tell you, I know exactly what Microsoft's failure was with Clippy, right when I announce my new Storky based help in my spreadsheet!
At the end of the day, both IE Active X controls and Mozilla plugins have the same fundamental problem. They are native code DLLs, and so, cannot be verified so easily by the browser when downloaded and so a user could always install a plug in, when running as administrator, that could call DeleteFile or any other Windows API.
The most interesting promise in plugins is Google Chrome, which allows for verifiable native code and thus sandboxing of plugins. However, as you already pointed out, this only really matters because, you can't set ACLs to functions under Windows, only to users.
The ideal mechanism for DLLs, that is internet safe, would be to be able to say that a caller could specify the permissions of the DLL when it was running. So, if I were writing a FireFox or an IE, or some sort of internet loadable thing, I could say, yeah sure, go ahead and let me load up this DLL, and I'll just tag it so that it can only call a certain set of Windows OS functions, and for that matter, only a set of Windows OS functions with a particular set of handles. Like, the DLL's functions could only call GDI functions with the DC I supplied. I would also like to say that the DLL could only access certain pages of memory. For that matter, I would like to be able to do that to my own application, so that, a buffer overrun or some other malicious code couldn't do anything... other than hose me myself, and even then, my own internal states and document would be protected.
I would bet that you could hack some of this into Windows, basically by modifying the way GetProcAddress and LoadLibrary worked. To LoadLibrary you could add a permissions mask that would, for that HINSTANCE, modify how that library's GetProcAddress worked. So, if loaded up a library, I could set it up so that when it called GetProcAddress, to say, find out where DeleteFile was, it would instead redirect itself to my sandbox chumpy saying that this was a no-no.
This would improve matters, but it would not be perfect. Ultimately, I think, the whole mechanism of a function call would need to have an associated "allowed" set of function calls be associated with it. IF there was maybe some chumpy in the kernel that would say, "just block all these syscalls", but even then, that would only address the file system type of stuff, which is good, but you also want to use that mechanism to cover everything else. It may well turn out that everything has to be a file in order to make this sort of safe and securable sandboxing actually work.
I guess my question to Linux people would be, doesn't Red Hat have something like this in its enhanced security? Like, you can at least tag applications with permissions but could it work with function calls?
In 1995 or 2000 I would be inclined to agree with you, but, is the same Microsoft still around? When Bill Gates was at the helm, or more importantly, employee stock was treated differently by accountants, you could count on Microsoft to be focused and deliver a good ass whooping as needed. I still think Bill's best moment of crushing was his destruction of Borland. First, he rolled out with VB to counter their C++ and OWL. Then, when Borland (why did they do this...bought Ashton Tate), Bill Gates opened up his phone book and bought tiny Fox Software, which everyone in the old xBase world knows made a much better product. I remember reading that, and I was a big Borland fan, but I just fell out of my chair laughing.... I thought, Fox, with Microsoft's backing, and Borland was finished. But of course, Gates was not. Not content with one desktop database, he then turned around and wrote the big check and got Access 1.0 and Access 2.0, both of which were ridiculed and are still ridiculed, but there's a ton of those 'mdbs out there to this day. So he had a friendlier programming tool, and two databases that were better than Borland's one database tool (which, to make matters worse for Borland, was insanely late). Yeah, Borland would later roll out with Delphi, but, by that time, the contest for desktop dominance was basically over. Delphi was cool, but VB was entrenched, Visual C++ had arrived, and there was FoxPro, Access and a budding SQL Server for database. IT was just over for Borland.. Gates made all the right moves, and Borland honestly made the wrong ones. What's ironic now, is that the guy that wrote Delphi is the guy that is now leading the charge on .NET... and I'm sure Anders is smart and all, but, like, why hire the loser? VB won, Delphi lost, and now Microsoft has the Delphi guy doing its languages. It just seems kinda stupid.
More important is the fact that ActiveX is a BAD IDEA
ActiveX was hardly a bad idea. All ActiveX is is, is a marketing term for COM, which is nothing more than a way for binary executable files to talk to each other in a rich and programmer friendly way. Saying ActiveX is a bad idea is like saying "C" style externs on libraries are a bad idea. You have to call a library somehow. ActiveX is just a technology for calling libraries.
Two problems really hurt ActiveX. The first hurt all libraries on Windows, and that was the default path for loading a library forced multiple applications to share a single library amongst themselves and so if there was a breaking version change in one, then both apps would go down.
Now, the one part of ActiveX that was a bad implementation was the registry. The idea behind the registry was simple enough - to make a better Windows INI file because scanning text files for a central object repository was so slow. The idea of first OLE 1 then, COM is that an application would query the repository using a known symbolic name of a component using either a GUID or a name that maps to a GUID. The Registry just tried to make this thing more centralized, and easier to manage through tools, and to have better performance, all of which, they achieved, but, what MS missed the boat on was that in an era where memory and disk were becoming cheap, it made more sense to just have different copies of the same COM object floating around.
Now, the one question I have, which I should probably test, if I were still really into COM, is what happens if you only specify the name of a binary but not its path in the Windows folder. I would think that because CoGetClassObject runs in the context of its caller, then, you could have multiple applications each with its own object path so long as the InProcServer reference associated with the CLSID only had the name of the binary and not its full path. If you were doing ActiveX today I would think that would be the preferred way to go, because that would allow, indeed, require each application to have its own copy.
Of course, in the bad old days, everyone used to shove everything in the Window folder and then, even worse, MS used to essentially delegate OS updates to application developers so you could have Joe's Paint Program go and blow away all the COM underpinnings of Windows with a version for the app.. and the OS wouldn't care. I actually in test, actually replaced the Windows 95 32 bit COM stuff with 16 bit Windows 3.1 COM whilst writing an installer, and, well, it was a rather painful way to trash my desktop, I must say.
The point is, though, the bad idea of objects isn't objects, its the central registration and built in conflict of multiple versions.
Everyone trashes Active X as a security problem while Mozilla plugins get a pass and this is rather silly. The essence of both is that you download a DLL and it runs arbitary code in the process space of the browser (and then hence, often the user). Active X is just a different way of talking to the DLL, nothing more.
If you can run flash plugins, java plugins, and other plugins, inside of a browser, they can and will have the same security problems that plague Active X. It's random binary code that a user gets off of the internet.
SERIOUSLY, ANYONE BITCHING ABOUT ACTIVE X SHOULD JUST READ THIS GODDAMNED LINK.
http://www.mozilla.org/projects/plugins/
IT'S THE SAME FRICKING TECHNOLOGY... UNIDENTIFIED BINARY CODE RUNNING IN THE SAME ADDRESS SPACE AS THE BROWSER.
DUH.