I trust the government (for now) to use this flag properly. I don't trust J. Random Scriptkiddie down the street, though, and he can set the bit just as easily as the government can. Nope, the whole thing's going to have to be public-key verifiable before we can be sure that it's really the government's packet, and that's going to put such a load on the key servers that we're back to the original overload problem.
The funny thing is that during a real war, independent viewpoints like the BBC would be about the first thing to vanish from the U.S. Internet. It wouldn't take much at the MAEs to blackhole an independent news site for the majority of the population of the continental U.S. Sure, you can "route around" it - if you have a shell login in Europe.
Which makes me wonder - did the transcontinental telephone lines stay up during WWII? How about phone lines in and out of Germany?
Actually, newer all-digital radio systems can solve most of these problems. You can set up radios with talk groups, announcement groups, and multi groups for various kinds of info rather than using physical channels, you can quickly move users between these logical groups or some subset of them, and you can use radios that trunk across all of the available bandwidth rather than getting stuck when one channel is at capacity. These radio systems can solve the "tactical teams can't talk to each other" problem too, if they're set up right, by quickly patching groups from various systems together.
The funny thing about 9/11 is that so many rescue workers, etc. were saying that they couldn't get through on their cell phones, but if they'd had proper radios on dedicated public safety frequencies they would have been able to get through OK. With the possible problem that one of the antennae may have been on the WTC, but that's just an argument for redundancy, not a failing of the radio system itself.
Yes, I do work for a company that makes these radio systems. Why do you ask?:)
Here's what I want to know: did he really make any money at it? Was he even breaking even on the T1 costs?
Not that I'm going into that business myself, but the conventional wisdom is that spamming doesn't pay. So either this guy is too dumb to notice, or it really does pay and we've been miscalculating the intelligence of spammers all along.
Re:Incompetant Admins
on
ORBZ Shuts Down
·
· Score: 2, Insightful
Should the employer pay $60,000 a year to hire a sysadmin who can secure the one or two
servers the business operates? Even if the business doesn't have that kind of cash flow? Even if
the increased costs mean they can't compete? Even when the office coordinator can get the
system functional (though nonoptimal)?
Maybe they should contract it out at a greatly reduced rate. The office coordinator could also install the business' alarm system and get it functional (though nonoptimal), but businesses understand that to get that kind of security right you hire a professional. Thus it is with software systems security as well.
That sort-of makes sense. Although I still think they could remain in existence and just not test for that particular error condition. There's still some value in testing for just garden-variety open relays, isn't there? Surely it doesn't make sense for ORBZ to disappear just because they can't test for something obscure like this which probably doesn't affect very many servers.
Assuming that you actually agree that testing other people's mail relays is an OK thing to do, that is.
I'm sure I'm missing something here, but why can't ORBZ use a different envelope that doesn't bounce to 127.0.0.1? If they would just use an envelope that bounces back to one of their machines, for example, then they could still test open relays in a non-destructive manner.
Can someone more knowledgeable than myself explain why they would rather go out of business than slightly alter their envelope that they test with?
It's not so much that their quality is going to plummet; it's more that they've already gotten rid of the segments of the company that made high-quality products. Namely, the calculators, and the test and measurement equipment.
What I can't believe about this merger is that anyone is fighting so hard for the PC market; a market which is pretty much over. Or at least, it's no longer the high-growth market that Wall Street likes.
Once video codecs become a commodity item, the user begins to ignore them and decides which
player to use based on quality. If this plugin can provide the features we all want along with the
stability we're all accustomed to, the shores of Microsoft just eroded that minute bit more.
That would be great, except:
Microsoft controls this particular codec
Microsoft is well known for changing interfaces in order to foil third-party apps
Microsoft has plenty of good reasons to act in such a way towards Linux support
There are a lot of problems associated with taking the Microsoft road when you're not on good terms with them.
Likewise. But I've quit flaming people about it - usually they moan that English isn't their first language, and then I feel bad about the whole thing. So instead I'm just accommodating myself to the atmosphere of mediocrity that our English-spelling-as-a-nth-language counterparts are promoting. Maybe in a few years I just won't care anymore...
It's funny, though. I remember when I had to take four years of French classes, and we got marked off every single time we misspelled a French word. Apparently the foreign English teachers of the world are much kinder than my French professor was:)
I think that in practice explicitness is going to end up being in the eye of the beholder (the jury), though, law be damned. An old single guy with a lot of photos of naked babies is going to end up being suspect, no matter that they're not really explicit. Your parents probably think that that photo of you at your birthday pool party when your suit fell off is hilarious, but someone else might have impure thoughts at the sight of it. It could even be the case that dear old Dad is that person, in which case does that make the photo pornography or not? If the law is that only photos of kids actually having sex with something or someone are illegal, then I think that's avoiding a whole range of stuff that most people would think are covered by the law.
Heck, the page that you linked to describes how even faked child pornography (which is almost by definition not exploitative of a real child) is illegal, so I don't think that logic and reason are really entering into this particular debate.
That's not really a good example, though, is it? Your sister's bathtub photo was probably taken by your parents, so either you're saying that Mom and Pop are child pornographers, or else you think that masturbation should be a crime.
Which is a good question, actually: although some child pornography is very harmful to the child, I imagine (not having investigated myself) that some of it is probably at that "kid in a tub" level. So is it really exploitative for Mom to have snapped that photo of me on a bearskin rug? Or does it become exploitative when it's on the Internet? Or am I only exploited when my photo arouses someone? What if nobody saw the photo until I was grown up - am I still exploited? What if Mom only gets out the photo at family gatherings and also to show my prospective girlfriends - is that when the exploitation occurs?
I'm not trying to minimize the harm that child pornography does to children, of course. I'm just pointing out that you could have found a better example to get all uppity about. And, also that the popular conception of "photos of children == evil" may not be so black and white as we would think. There's a lot of black, and there's some amount of grey.
Ouch! Put a little warning before you link to that smut, OK? God, now my boss thinks I'm looking at pictures of little pink children all the time at work.
Instead of thinking that I post on/. all the time at work, which would really be more accurate.
OK, that's a closer analogy (I'm not sure if that's the one that Joel was thinking of, but whatever). Although the browser plugin/helper app model for these actually makes them less bloat-like in my mind - many of these aren't part of the browser itself, so you don't have to deal with them unless you want to. If I never read pdf files, then I don't care how buggy or large the Acrobat Reader code base is.
Now, new web standards or languages like CSS, DHTML, javascript, etc. do fit the bloat definition pretty well. Including the fact that they introduce new security holes at times as a result of their featuritis (especially javascript). I agree that inasmuch as this functionality becomes more integrated into the browser, the browser becomes more bloated.
Yep, after all the fanboys started demanding the games in 3d, and then the game companies turned to supplying them, the effective graphic quality of computer games plummeted, and has only now maybe reached the beauty that we had at the pinnacle of sprite-based games. Sure, you could only see one side of the monsters, etc., but they were good-looking monsters - none of these chunky triangular-looking things that didn't even have fingers, toes, etc. and were plastered with dim-looking repetitive textures.
3d is almost getting good enough that I can stand to look at it. But for a while there, it really made games look a lot worse, just for some undefined promise of realism that was never really satisfied until maybe recently - those early 3d games just looked unrealistic in different ways than the 2d ones had. It's like the gaming industry fired anyone with taste and just kept all the techs.
Sure, it's all fun and games until airport security starts ripping them off of people at the gates. Then we'll have starry-eyed cyborgs blundering into baggage racks and falling down all over the place:)
(yes, I feel sorry for the guy who got worked over by customs, but I also find the idea of confused cyborgs running into things very funny. So sue me.)
The point is the cost of each incremental small feature. Each additional feature in Word increases the storage costs, memory costs, and security risks on my machine - software features cost me something, whether they give me something in return or not. In contrast, each individual "pictures of my cat" page on Yahoo has no effect on me at all, unless I go and look at it. So I do think it was a bad analogy because the costs of software bloat don't really map up to the costs of a more complete WWW.
Exactly - and in fact, if you're making all sorts of refactoring and redesign decisions when in the midst of an otherwise normal bug fix, you're actually adding risk to the bug fix by increasing the amount of code that is changed. It also makes it harder to back out that bug fix if you decide it isn't working, since it's tied in to the refactoring effort.
I'll agree with his original argument that old code does represent stored knowledge (generally hidden requirements) and that those requirements are sometimes hard to reverse-engineer when you re-write the whole thing. I've been involved in that sort of effort, and it's true that you do miss things in the rewrite that worked in the original code. (On the other hand, you also often fix things that you never noticed were broken in the old code.)
In fact, I would say that you're more likely to capture all of these hidden requirements in the code when doing a full rewrite, as opposed to the piecemeal cleanup that he describes. If you do the rewrite all at once, you can take the time to understand the whole system and all of its stored knowledge. If you do the rewrite bit-by-bit, you may think that you can clean up an ugliness, not realizing that it really has a purpose somewhere else in the codebase, because your scope of refactoring at the moment doesn't include that other part of the code. So Joel's system may work for him, but I don't think you can necessarily apply it to all software systems.
He's definitely correct that you want to make an economic decision, not just a gut reaction that the codebase sucks and needs to be replaced. Software projects are too expensive to make these decisions on non-economic grounds.
Although, if you want to be 'leet on Mandrake and re-arrange the default menus, be prepared for Mandrake to blow away your changes every once in a while. That's my biggest complaint with Mandrake - if I get rid of the umpteen half-broken apps so that my wife isn't confused by all the choices, then I don't need Mandrake adding them back in:)
So from the "stays where I puts it" standpoint, Mandrake isn't entirely 'leet enough.
Slashdot Mirror
That was not flamebait.
I trust the government (for now) to use this flag properly. I don't trust J. Random Scriptkiddie down the street, though, and he can set the bit just as easily as the government can. Nope, the whole thing's going to have to be public-key verifiable before we can be sure that it's really the government's packet, and that's going to put such a load on the key servers that we're back to the original overload problem.
The funny thing is that during a real war, independent viewpoints like the BBC would be about the first thing to vanish from the U.S. Internet. It wouldn't take much at the MAEs to blackhole an independent news site for the majority of the population of the continental U.S. Sure, you can "route around" it - if you have a shell login in Europe.
Which makes me wonder - did the transcontinental telephone lines stay up during WWII? How about phone lines in and out of Germany?
Actually, newer all-digital radio systems can solve most of these problems. You can set up radios with talk groups, announcement groups, and multi groups for various kinds of info rather than using physical channels, you can quickly move users between these logical groups or some subset of them, and you can use radios that trunk across all of the available bandwidth rather than getting stuck when one channel is at capacity. These radio systems can solve the "tactical teams can't talk to each other" problem too, if they're set up right, by quickly patching groups from various systems together.
The funny thing about 9/11 is that so many rescue workers, etc. were saying that they couldn't get through on their cell phones, but if they'd had proper radios on dedicated public safety frequencies they would have been able to get through OK. With the possible problem that one of the antennae may have been on the WTC, but that's just an argument for redundancy, not a failing of the radio system itself.
Yes, I do work for a company that makes these radio systems. Why do you ask? :)
Here's what I want to know: did he really make any money at it? Was he even breaking even on the T1 costs?
Not that I'm going into that business myself, but the conventional wisdom is that spamming doesn't pay. So either this guy is too dumb to notice, or it really does pay and we've been miscalculating the intelligence of spammers all along.
Maybe they should contract it out at a greatly reduced rate. The office coordinator could also install the business' alarm system and get it functional (though nonoptimal), but businesses understand that to get that kind of security right you hire a professional. Thus it is with software systems security as well.
That sort-of makes sense. Although I still think they could remain in existence and just not test for that particular error condition. There's still some value in testing for just garden-variety open relays, isn't there? Surely it doesn't make sense for ORBZ to disappear just because they can't test for something obscure like this which probably doesn't affect very many servers.
Assuming that you actually agree that testing other people's mail relays is an OK thing to do, that is.
I'm sure I'm missing something here, but why can't ORBZ use a different envelope that doesn't bounce to 127.0.0.1? If they would just use an envelope that bounces back to one of their machines, for example, then they could still test open relays in a non-destructive manner.
Can someone more knowledgeable than myself explain why they would rather go out of business than slightly alter their envelope that they test with?
It's not so much that their quality is going to plummet; it's more that they've already gotten rid of the segments of the company that made high-quality products. Namely, the calculators, and the test and measurement equipment.
What I can't believe about this merger is that anyone is fighting so hard for the PC market; a market which is pretty much over. Or at least, it's no longer the high-growth market that Wall Street likes.
Just as long as he didn't already concede, and then decide to unconcede :)
That would be great, except:
There are a lot of problems associated with taking the Microsoft road when you're not on good terms with them.
Likewise. But I've quit flaming people about it - usually they moan that English isn't their first language, and then I feel bad about the whole thing. So instead I'm just accommodating myself to the atmosphere of mediocrity that our English-spelling-as-a-nth-language counterparts are promoting. Maybe in a few years I just won't care anymore...
It's funny, though. I remember when I had to take four years of French classes, and we got marked off every single time we misspelled a French word. Apparently the foreign English teachers of the world are much kinder than my French professor was :)
First time for everything!
I think that in practice explicitness is going to end up being in the eye of the beholder (the jury), though, law be damned. An old single guy with a lot of photos of naked babies is going to end up being suspect, no matter that they're not really explicit. Your parents probably think that that photo of you at your birthday pool party when your suit fell off is hilarious, but someone else might have impure thoughts at the sight of it. It could even be the case that dear old Dad is that person, in which case does that make the photo pornography or not? If the law is that only photos of kids actually having sex with something or someone are illegal, then I think that's avoiding a whole range of stuff that most people would think are covered by the law.
Heck, the page that you linked to describes how even faked child pornography (which is almost by definition not exploitative of a real child) is illegal, so I don't think that logic and reason are really entering into this particular debate.
That's not really a good example, though, is it? Your sister's bathtub photo was probably taken by your parents, so either you're saying that Mom and Pop are child pornographers, or else you think that masturbation should be a crime.
Which is a good question, actually: although some child pornography is very harmful to the child, I imagine (not having investigated myself) that some of it is probably at that "kid in a tub" level. So is it really exploitative for Mom to have snapped that photo of me on a bearskin rug? Or does it become exploitative when it's on the Internet? Or am I only exploited when my photo arouses someone? What if nobody saw the photo until I was grown up - am I still exploited? What if Mom only gets out the photo at family gatherings and also to show my prospective girlfriends - is that when the exploitation occurs?
I'm not trying to minimize the harm that child pornography does to children, of course. I'm just pointing out that you could have found a better example to get all uppity about. And, also that the popular conception of "photos of children == evil" may not be so black and white as we would think. There's a lot of black, and there's some amount of grey.
Ouch! Put a little warning before you link to that smut, OK? God, now my boss thinks I'm looking at pictures of little pink children all the time at work.
Instead of thinking that I post on /. all the time at work, which would really be more accurate.
OK, that's a closer analogy (I'm not sure if that's the one that Joel was thinking of, but whatever). Although the browser plugin/helper app model for these actually makes them less bloat-like in my mind - many of these aren't part of the browser itself, so you don't have to deal with them unless you want to. If I never read pdf files, then I don't care how buggy or large the Acrobat Reader code base is.
Now, new web standards or languages like CSS, DHTML, javascript, etc. do fit the bloat definition pretty well. Including the fact that they introduce new security holes at times as a result of their featuritis (especially javascript). I agree that inasmuch as this functionality becomes more integrated into the browser, the browser becomes more bloated.
Yep, after all the fanboys started demanding the games in 3d, and then the game companies turned to supplying them, the effective graphic quality of computer games plummeted, and has only now maybe reached the beauty that we had at the pinnacle of sprite-based games. Sure, you could only see one side of the monsters, etc., but they were good-looking monsters - none of these chunky triangular-looking things that didn't even have fingers, toes, etc. and were plastered with dim-looking repetitive textures.
3d is almost getting good enough that I can stand to look at it. But for a while there, it really made games look a lot worse, just for some undefined promise of realism that was never really satisfied until maybe recently - those early 3d games just looked unrealistic in different ways than the 2d ones had. It's like the gaming industry fired anyone with taste and just kept all the techs.
OK, I think I'm done ranting now.
Sure, it's all fun and games until airport security starts ripping them off of people at the gates. Then we'll have starry-eyed cyborgs blundering into baggage racks and falling down all over the place :)
(yes, I feel sorry for the guy who got worked over by customs, but I also find the idea of confused cyborgs running into things very funny. So sue me.)
...and I never pedaled!
Well, you can have peer review without having public peer review, you know. Although if Microsoft does that, it doesn't seem to help them very much.
I predict the whole controversy is soon to be a new book from Jon Katz, and maybe a major motion picture.
I'd like to have Jon Sherman play Jon Katz, please.
The point is the cost of each incremental small feature. Each additional feature in Word increases the storage costs, memory costs, and security risks on my machine - software features cost me something, whether they give me something in return or not. In contrast, each individual "pictures of my cat" page on Yahoo has no effect on me at all, unless I go and look at it. So I do think it was a bad analogy because the costs of software bloat don't really map up to the costs of a more complete WWW.
Exactly - and in fact, if you're making all sorts of refactoring and redesign decisions when in the midst of an otherwise normal bug fix, you're actually adding risk to the bug fix by increasing the amount of code that is changed. It also makes it harder to back out that bug fix if you decide it isn't working, since it's tied in to the refactoring effort.
I'll agree with his original argument that old code does represent stored knowledge (generally hidden requirements) and that those requirements are sometimes hard to reverse-engineer when you re-write the whole thing. I've been involved in that sort of effort, and it's true that you do miss things in the rewrite that worked in the original code. (On the other hand, you also often fix things that you never noticed were broken in the old code.)
In fact, I would say that you're more likely to capture all of these hidden requirements in the code when doing a full rewrite, as opposed to the piecemeal cleanup that he describes. If you do the rewrite all at once, you can take the time to understand the whole system and all of its stored knowledge. If you do the rewrite bit-by-bit, you may think that you can clean up an ugliness, not realizing that it really has a purpose somewhere else in the codebase, because your scope of refactoring at the moment doesn't include that other part of the code. So Joel's system may work for him, but I don't think you can necessarily apply it to all software systems.
He's definitely correct that you want to make an economic decision, not just a gut reaction that the codebase sucks and needs to be replaced. Software projects are too expensive to make these decisions on non-economic grounds.
Although, if you want to be 'leet on Mandrake and re-arrange the default menus, be prepared for Mandrake to blow away your changes every once in a while. That's my biggest complaint with Mandrake - if I get rid of the umpteen half-broken apps so that my wife isn't confused by all the choices, then I don't need Mandrake adding them back in :)
So from the "stays where I puts it" standpoint, Mandrake isn't entirely 'leet enough.