Mr. Lasser can talk about using apt-get with signed packages, etc. but that doesn't really get to the heart of software upgrade woes. My biggest concern is not "is this a malicious update?" (because that's pretty much a solved problem), but rather "what got broken in this software when the other fixes went in?". There's no way I'm going to let even the most trusted package updater touch a production system without my first having manually tested the new code for suitability, read the release info to find out what's changed, looked for situations where the config file format changes, and all the other other "enhancements" that get rolled up into bug fix releases these days.
There is no way that I would accept an untested auto-update of machines that I'm responsible for. So therefore any proposal that would put me in such a position would be a huge mistake IMHO.
If the distro doesn't work right, complain to them - they're supposed to be integrating this sort of thing. Fonts are not a problem with recent RedHat or Mandrake distributions, for instance. I really don't care if you use or like Linux on the desktop, but don't say that it isn't usable on the desktop, because I know plenty of people including myself who are quite happy with it.
Personally, I don't see the whole font problem at all, but that's just me. As long as I have a fixed-width and a variable-width serif font then I'm just fine. I don't see much of the point to having a zillion font choices that all look alike, except that some are anti-aliased and thus are fuzzy as hell too.
The feature article discussed the site running on *nix. It didn't discuss the fact that the site is now hosed as a result of moving off of *nix. So that is news to anyone who didn't read about it on news.com this morning.
That's why there are distributions - so that these problems can be ironed out by people with the time to do so. If you were going to install (and possibly compile) by hand an updated major version of the Windows GUI, you wouldn't be too surprised that there were some issues, would you?
Fonts will be fixed out of the box in new distributions that include KDE 3. This is not a problem for the mainstream user. Lack of applications is maybe a problem, but configuring fonts is not.
Re:Next: Is Globalism good or evil ?
on
Globalism Post 9/11
·
· Score: 3, Funny
Chaotic neutral?
root servers are redundant, how 'bout MAE?
on
The Root of All E-Mail
·
· Score: 5, Interesting
The article seemed to be a little scare-mongery, considering how they go on to describe that the other root servers can easily take over.
A bigger question is: how well protected are the public peering points, like MAE East and MAE West? Since even international traffic is often routed through them, we would see an instant slowdown if one of those two nerve centers were destroyed. Big businesses might have private peering arrangements that would survive, but you can bet that a ton of smaller sites would be affected by a loss of a MAE.
To use scissors, you do have to understand the basic concepts of "put something between the blades" and "squeeze the handles". You do have to understand that if the little bolt that holds the two blades together gets loose, then the scissors won't work as well. So there is a certain amount of functional knowledge about a tool that is needed to successfully use the tool.
Thus it is with computers - you have to understand that they are an information storage and processing device, that there are certain things that must be done in order to activate the processing and/or storage capabilities, and that like all machines they will fail eventually. Considering the trememdously increased utility of a computer versus a pair of scissors, I don't think that the additional knowledge required is too overwhelming.
The company that developed the software and is actively supporting it though is going to already
know about the ins and outs of it and will have the necessary skills and procedures in place. They
may or may not profit from your support requirements, but that profit is more than made up for by
their increased efficiency.
...if they want to, that is. Sometimes you run into a vendor who will not do the necessary work to fix things for you - either because they are too busy working on the new version, or because it is too expensive for them to support the old version, or because they want the old version to have bugs to encourage you to buy the new version.
With Open Source, you can get literally anything done with your software, provided that you're willing to pay for it. Nothing is impossible. With closed source software, some things are literally impossible for you to get done.
So it depends on how much you're willing to pay for control of your own business software, and how much risk you assign to the problems that proprietary software companies will give you.
But the U.S. stations have to cover a larger geographical area, so they broadcast with more power, don't they? Thus the heightened concerns about adjacent channel interference. Or is that not really the issue here?
Re:dragging design mistakes into the 21st century
on
iPod on Windows
·
· Score: 1
Nope - I've never tried to get files off of/dev/hda. I get files off of/usr,/usr/local, or/home. Much easier to remember than C: D: E:, especially once you've added a CDROM drive or something like that and Windows has shuffled all the drive letters, thus breaking your hand-crafted links to a particular application.
dragging design mistakes into the 21st century
on
iPod on Windows
·
· Score: 1
Case study: drive letters. If there was a dumber idea, a more useless vestigial limb, a generally lamer user interface paradigm, I don't know what it could be. Drive letters - Hah!
Look on the bright side: we've already won the war on them watching pirated DVDs on their C64s. U.S. copyright policy reigns supreme in Afghanistan - Michael Eisner must be so happy right now:)
I think VA failed more because they expanded too fast during the boom times, than because there wasn't a market. There is a market for machines that come preloaded and certified for Linux; it's just not a Dell-sized market. If VA had stayed small (or at least stayed the appropriate size relative to demand) they'd still be fine. Granted, the server demand did peak and then recede somewhat, but the demand is still there even now.
Really, it's the pressure on the OEMs to not ship dual-boot systems that's the real issue. By shipping a ~free Linux distro on another partition, they could have built consumer knowledge of that product as an alternative to Windows in a very cheap and easy way. By acting to effectively prohibit dual-boot systems, Microsoft has essentially removed the last way that the already low-marketing and geek-oriented Linux market could break into the consumer mainstream.
Unfortunately, the laws are based on the theory that the government will be keeping the market free and open, so that competitors shouldn't have to. This has not been the case recently, though.
Does your grocery store endorse Pepsi when they sell Pepsi? Do you find that their "endorsement" has less meaning when they also sell Coke in the same aisle?
I guess I don't see the "endorsement" angle here - retailers like Gateway or your local grocery store aren't endorsers of anything; they just stock what the public will buy and advertise it all.
A better question would be: do the Tibetan people want to be independent right now? I don't see why the dead hand of history should have more weight than right of self-determination of the living.
I hate to tell your wife this, but no matter what grades you get in school, people will still look down on you in real life if you don't have good grammar (well, or if you're a/. editor:). She's just fooling yourself if she thinks that using good grammar in school papers but not in the rest of her life will really succeed in the long term. It's better to just practice good grammar all the time, by reading well-written works of literature, engaging in conversation at dinner rather than just eating as fast as you can, and above all not watching Fox or MTV.
"The corporate standard for mail and scheduling is now Outlook, so we're going to park this PC on your desk next to your real development machine so that you can still see your schedule." (The "embrace" phase)
"We need to contain support costs, so we're discontinuing support for all clients besides Outlook and shutting off non-standard service protocols like IMAP. Since you required a PC that runs Outlook, you greedy developer bastard you, you can't complain about that, now can you?" (The "guilt" phase)
"We've just realized that we're averaging 1.4 computers per worker, which is.4 too many. Since you need the PC for everything we mandated that you need it for, we'll be taking away your good development machine." (The "knocking down the straw man that we set up" phase)
And that is how IT shows you that it ownz you, a little bit at a time:)
I was reading up on this the other day, actually. There are two NT authentication mechanisms - NTLM, and the Windows 2000 Kerberos-based "negotiate" authentication. NTLM is pretty well known and there are a number of implementations of it available on the 'net, although I don't know if any are actually built into a browser yet. Apparently NTLM isn't much of an improvement over the "Basic" http auth, though, and it has a weird connection-based authentication mechanism which doesn't proxy well.
The Kerberos-like authentication is apparently much stronger, but there don't seem to be any open implementations of it yet. I did find a couple IETF drafts that purported to explain it - search for "brezak spegno draft" or something like that.
So, the short answer to your question is: probably not.
Slashdot Mirror
And all y'all took the bait, unfortunately :)
Mr. Lasser can talk about using apt-get with signed packages, etc. but that doesn't really get to the heart of software upgrade woes. My biggest concern is not "is this a malicious update?" (because that's pretty much a solved problem), but rather "what got broken in this software when the other fixes went in?". There's no way I'm going to let even the most trusted package updater touch a production system without my first having manually tested the new code for suitability, read the release info to find out what's changed, looked for situations where the config file format changes, and all the other other "enhancements" that get rolled up into bug fix releases these days.
There is no way that I would accept an untested auto-update of machines that I'm responsible for. So therefore any proposal that would put me in such a position would be a huge mistake IMHO.
If the distro doesn't work right, complain to them - they're supposed to be integrating this sort of thing. Fonts are not a problem with recent RedHat or Mandrake distributions, for instance. I really don't care if you use or like Linux on the desktop, but don't say that it isn't usable on the desktop, because I know plenty of people including myself who are quite happy with it.
Personally, I don't see the whole font problem at all, but that's just me. As long as I have a fixed-width and a variable-width serif font then I'm just fine. I don't see much of the point to having a zillion font choices that all look alike, except that some are anti-aliased and thus are fuzzy as hell too.
The feature article discussed the site running on *nix. It didn't discuss the fact that the site is now hosed as a result of moving off of *nix. So that is news to anyone who didn't read about it on news.com this morning.
That's why there are distributions - so that these problems can be ironed out by people with the time to do so. If you were going to install (and possibly compile) by hand an updated major version of the Windows GUI, you wouldn't be too surprised that there were some issues, would you?
Fonts will be fixed out of the box in new distributions that include KDE 3. This is not a problem for the mainstream user. Lack of applications is maybe a problem, but configuring fonts is not.
Chaotic neutral?
The article seemed to be a little scare-mongery, considering how they go on to describe that the other root servers can easily take over.
A bigger question is: how well protected are the public peering points, like MAE East and MAE West? Since even international traffic is often routed through them, we would see an instant slowdown if one of those two nerve centers were destroyed. Big businesses might have private peering arrangements that would survive, but you can bet that a ton of smaller sites would be affected by a loss of a MAE.
By my count, that leaves you five bullets short.
Yes! I knew there was a reason that I didn't like Matlab, and now I know what it is.
To use scissors, you do have to understand the basic concepts of "put something between the blades" and "squeeze the handles". You do have to understand that if the little bolt that holds the two blades together gets loose, then the scissors won't work as well. So there is a certain amount of functional knowledge about a tool that is needed to successfully use the tool.
Thus it is with computers - you have to understand that they are an information storage and processing device, that there are certain things that must be done in order to activate the processing and/or storage capabilities, and that like all machines they will fail eventually. Considering the trememdously increased utility of a computer versus a pair of scissors, I don't think that the additional knowledge required is too overwhelming.
...if they want to, that is. Sometimes you run into a vendor who will not do the necessary work to fix things for you - either because they are too busy working on the new version, or because it is too expensive for them to support the old version, or because they want the old version to have bugs to encourage you to buy the new version.
With Open Source, you can get literally anything done with your software, provided that you're willing to pay for it. Nothing is impossible. With closed source software, some things are literally impossible for you to get done.
So it depends on how much you're willing to pay for control of your own business software, and how much risk you assign to the problems that proprietary software companies will give you.
But the U.S. stations have to cover a larger geographical area, so they broadcast with more power, don't they? Thus the heightened concerns about adjacent channel interference. Or is that not really the issue here?
Nope - I've never tried to get files off of /dev/hda. I get files off of /usr, /usr/local, or /home. Much easier to remember than C: D: E:, especially once you've added a CDROM drive or something like that and Windows has shuffled all the drive letters, thus breaking your hand-crafted links to a particular application.
Case study: drive letters. If there was a dumber idea, a more useless vestigial limb, a generally lamer user interface paradigm, I don't know what it could be. Drive letters - Hah!
Look on the bright side: we've already won the war on them watching pirated DVDs on their C64s. U.S. copyright policy reigns supreme in Afghanistan - Michael Eisner must be so happy right now :)
I think VA failed more because they expanded too fast during the boom times, than because there wasn't a market. There is a market for machines that come preloaded and certified for Linux; it's just not a Dell-sized market. If VA had stayed small (or at least stayed the appropriate size relative to demand) they'd still be fine. Granted, the server demand did peak and then recede somewhat, but the demand is still there even now.
Really, it's the pressure on the OEMs to not ship dual-boot systems that's the real issue. By shipping a ~free Linux distro on another partition, they could have built consumer knowledge of that product as an alternative to Windows in a very cheap and easy way. By acting to effectively prohibit dual-boot systems, Microsoft has essentially removed the last way that the already low-marketing and geek-oriented Linux market could break into the consumer mainstream.
Unfortunately, the laws are based on the theory that the government will be keeping the market free and open, so that competitors shouldn't have to. This has not been the case recently, though.
Does your grocery store endorse Pepsi when they sell Pepsi? Do you find that their "endorsement" has less meaning when they also sell Coke in the same aisle?
I guess I don't see the "endorsement" angle here - retailers like Gateway or your local grocery store aren't endorsers of anything; they just stock what the public will buy and advertise it all.
That's OK - once the Revolution is complete, we won't need the Dictatorship anymore :)
A better question would be: do the Tibetan people want to be independent right now? I don't see why the dead hand of history should have more weight than right of self-determination of the living.
Lex
You know, the giant bug/starship that eats planets?
I hate to tell your wife this, but no matter what grades you get in school, people will still look down on you in real life if you don't have good grammar (well, or if you're a /. editor :). She's just fooling yourself if she thinks that using good grammar in school papers but not in the rest of her life will really succeed in the long term. It's better to just practice good grammar all the time, by reading well-written works of literature, engaging in conversation at dinner rather than just eating as fast as you can, and above all not watching Fox or MTV.
You. Guys. Rock. That's all there is to say about that.
That gets my nomination o' the week for "Why didn't I think of doing that?". That's exactly what I've been looking for as well, thanks!
Here's the three-step process, in brief:
And that is how IT shows you that it ownz you, a little bit at a time :)
I was reading up on this the other day, actually. There are two NT authentication mechanisms - NTLM, and the Windows 2000 Kerberos-based "negotiate" authentication. NTLM is pretty well known and there are a number of implementations of it available on the 'net, although I don't know if any are actually built into a browser yet. Apparently NTLM isn't much of an improvement over the "Basic" http auth, though, and it has a weird connection-based authentication mechanism which doesn't proxy well.
The Kerberos-like authentication is apparently much stronger, but there don't seem to be any open implementations of it yet. I did find a couple IETF drafts that purported to explain it - search for "brezak spegno draft" or something like that.
So, the short answer to your question is: probably not.