Part of the reason may be that, until parts of the last century, it would have been a lot easier for kids to experiment with sex than with violence. Now that kids are getting more dangerous weapons more often, perhaps society will have to revisit how important childhood exposure to violence is, as compared to exposure to sex.
That's how trade secrets should work; it is not what happens in practice. For example, DeCSS is based in part on reverse-engineered trade secrets (a secret key) which the courts acted to penalize even once the trade secret was out there. IANAL, but apparently there are some ways of making a trade secret public which don't actually make it an open secret in the eyes of the (U.S.) law. Doesn't make sense to me, or seem to be in the spirit of the Constitution, but that has seemed to be the recent legal interpretation.
"Price Fixing" is when sellers secretly collude to not undercut each other, preventing market forces from driving them all to the lowest possible retail price. This can and does happen, resulting in higher costs to consumers.
It does mean that Linux is generally more configurable, though. If you don't want a KDE or Windows-like GUI, only one system will let you remove it. It's not a fair comparison of performance, but it is a fair comparison of customizability.
Visual Studio is a not-too-terrible IDE wrapped around some pretty awful languages / language subsets. Like most Microsoft products, it makes it easy for a newbie to get started in the Microsoft way, but tough for an experienced professional to get real work done without changing their entire work habits.
Really big buffers, or maybe temp files behind the scenes? There's technically nothing about the concept of a pipe that requires multitasking. It's just really painful without it.
"eat your own dog food" is one of the maxims in pretty much every project management-type book from Microsoft Press.
How do I know? My software engineering prof. in school wanted us to all study Microsoft very closely, since they were so successful and must be doing something right. I'm not sure what he teaches in that class now, since it's turned out that most of the success was due to business and legal teams. Oh, and some smart people worked way too hard.
This commentary helps the slides make a lot more sense; maybe you could include this in the "Notes" section of the applicable slides? In particular, the fuzzy triangles didn't make much sense at all on the slides until I read this.
It may not be hackable, but it is probably crashable with some bad input data. Especially since customization likely implies specific exception handling, etc. More chances for something to go wrong or for some design element to have been missed.
Of course, an intermediate coder with a very good test team behind him or her might still result in a very solid product once (if?) it finally ships. You can test in the quality if you're willing to wait:)
Really, it's probably safer to use an existing string class that other people have used, tested, and verified in many different applications. Reinventing the wheel almost always involves non-trivial debugging and verification, no matter how smart you may be. I'm willing to except a couple people on this score (Daniel J Bernstein, for instance, and maybe Donald Knuth) but for the rest of us, reusing proven good code is a lot safer than recreating our own knock-off.
I know. My first thought: "You keep saying that word. I do not think it means what you think it means."
From a cosmic perspective, our world already languishes in oblivion. From the perspective of anyone actually living here, the world has little chance of ending up in oblivion, at least until we're all living in some sort of Matrix/EverCrack-generated artificial reality.
The editors are just conflicted 'cause it hurts so much to reboot and play Diablo II:) We know 'cause CmdrTaco mentions it at every opportunity.
/. is the voice of the loyal and slightly crazed opposition. As in any debate, people sometimes feel the need to overstate their point, not noticing that it really weakens their position when they exaggerate. Fortunately, Microsoft does the same thing, making this much less of an adult debate than one would think it should be.
The people behind it, unfortunately, don't consider it to be your music. They think (somewhat appropriately) that it's their music, and they also think (entirely inappropriately) that they should be able to control how you use their music.
I'd rather hear a lot of bitching now that warns the populace about what DRM and "trusted computing" really means, than have everyone realize in a couple years that in order to apply the latest security patches you also have to accept a system where you surrender control of your music.
Come to think about it, I wonder if the whole point of Microsoft's poor security approach is aimed at encouraging an "upgrade often" mentality, so that it's easier to sneak in new license terms, new monopoly-building apps, and/or flip the DRM switch to full on.
Actually, the article itself pointed out a leaky abstraction in assembly - your memory model from an assembly language programmer's viewpoint doesn't necessarily match up to the real model supported by the system's VM, so you can have some memory operations take a lot longer than others. The OS and CPU itself are abstracting things from you, in a sense.
First off: I submitted this yesterday with a much less biased writeup. "Luck of the editor", I guess. My overall/. submission record is now 2 and 16.
Second: the problem is not big business vs. small, or even public sector vs. private. The issue is confidential data about the public and what expectation the public should be able to place on those who promise confidentiality. I don't think it's unreasonable for the legislature to define what that expectation is, the same way they define what the expectations on a company are in terms of pollution or accounting or workplace safety. Businesses have to meet certain standards to operate in a particular region; doing what they say with respect to confidential customer data is just one more standard, and probably a more important one than some of the other standards a business has to meet.
The argument that disclosure harms enforcement and education is only true as long as disclosure isn't mandatory for all. Once there's no longer a choice about disclosure, the public will quickly learn who can be trusted, and law enforcement and the business community will quickly learn what are the most common security issues to address. The marketplace will quickly put an appropriate premium on security once this law forces information about lax security out into the open. It's an effective way of letting the public determine how important security is - this is a much better solution than the state just requiring a particular patch level or certification or something like that. We say we don't want the state dictating how software is written - ensuring full disclosure of software faults is a great way to allow the public more voice in determining the right tradeoff, rather than having the state do it.
And if a vulnerability is discovered for which there isn't a patch yet, some people ask whether the company should be in trouble for not taking their systems off the 'net and getting 0wn3d. Of course they should! Their inability to plan a secure and maintainable computing infrastructure should not necessitate the exposure of my personal data to all and sundry. Just like the BIA, if you can't show that you're secure, you need to be off the 'net. This will have the effect of placing a premium on computing platforms that are quicker to patch when security problems are found, likely making Open Source solutions more popular.
All in all, it's a win-win-win situation once the adjustment period is complete.
All right, same difference. I blame McNealy on that one, he definitely said "escape velocity". I suppose since "velocity" is a vector combining direction and speed, you are correct.
Ah, but they're all in the press, thus creating confusion. If Microsoft wants to use secret code words, they should keep them *secret* and quit confusing everybody else.
Hailstorm - a ton of ice cubes hurtling at you at escape velocity (thanks to Scott McNealy for the definition). Not really a consumer-friendly release name, one would think.
Of course, if you have the source, who cares about binary incompatibility? Not that that's a sufficient excuse, but one has to wonder if the free software-oriented GCC crew doesn't think in those terms sometimes...
Slashdot Mirror
I agree that is disturbing.
Part of the reason may be that, until parts of the last century, it would have been a lot easier for kids to experiment with sex than with violence. Now that kids are getting more dangerous weapons more often, perhaps society will have to revisit how important childhood exposure to violence is, as compared to exposure to sex.
I'm going to get multi-headed squirrels for my next box. Possibly with a clear case cover and blinkenlights (so you can see the squirrels at work).
Inside of a box, it's too dark to boycott.
That's how trade secrets should work; it is not what happens in practice. For example, DeCSS is based in part on reverse-engineered trade secrets (a secret key) which the courts acted to penalize even once the trade secret was out there. IANAL, but apparently there are some ways of making a trade secret public which don't actually make it an open secret in the eyes of the (U.S.) law. Doesn't make sense to me, or seem to be in the spirit of the Constitution, but that has seemed to be the recent legal interpretation.
"Price Fixing" is when sellers secretly collude to not undercut each other, preventing market forces from driving them all to the lowest possible retail price. This can and does happen, resulting in higher costs to consumers.
CHARNEL HOUSE! Say it!
It does mean that Linux is generally more configurable, though. If you don't want a KDE or Windows-like GUI, only one system will let you remove it. It's not a fair comparison of performance, but it is a fair comparison of customizability.
Visual Studio is a not-too-terrible IDE wrapped around some pretty awful languages / language subsets. Like most Microsoft products, it makes it easy for a newbie to get started in the Microsoft way, but tough for an experienced professional to get real work done without changing their entire work habits.
Really big buffers, or maybe temp files behind the scenes? There's technically nothing about the concept of a pipe that requires multitasking. It's just really painful without it.
...and the only REAL OS you need is Emacs :)
"eat your own dog food" is one of the maxims in pretty much every project management-type book from Microsoft Press.
How do I know? My software engineering prof. in school wanted us to all study Microsoft very closely, since they were so successful and must be doing something right. I'm not sure what he teaches in that class now, since it's turned out that most of the success was due to business and legal teams. Oh, and some smart people worked way too hard.
This commentary helps the slides make a lot more sense; maybe you could include this in the "Notes" section of the applicable slides? In particular, the fuzzy triangles didn't make much sense at all on the slides until I read this.
Thanks a lot for some pretty cool ideas!
It may not be hackable, but it is probably crashable with some bad input data. Especially since customization likely implies specific exception handling, etc. More chances for something to go wrong or for some design element to have been missed.
Of course, an intermediate coder with a very good test team behind him or her might still result in a very solid product once (if?) it finally ships. You can test in the quality if you're willing to wait :)
Really, it's probably safer to use an existing string class that other people have used, tested, and verified in many different applications. Reinventing the wheel almost always involves non-trivial debugging and verification, no matter how smart you may be. I'm willing to except a couple people on this score (Daniel J Bernstein, for instance, and maybe Donald Knuth) but for the rest of us, reusing proven good code is a lot safer than recreating our own knock-off.
I know. My first thought: "You keep saying that word. I do not think it means what you think it means."
From a cosmic perspective, our world already languishes in oblivion. From the perspective of anyone actually living here, the world has little chance of ending up in oblivion, at least until we're all living in some sort of Matrix/EverCrack-generated artificial reality.
I'm pretty sure you're supposed to work in "charnel house" somewhere, so points off for that.
Oh wait, that's the other troll. Sorry, I got you guys confused for a minute :)
The editors are just conflicted 'cause it hurts so much to reboot and play Diablo II :) We know 'cause CmdrTaco mentions it at every opportunity.
/. is the voice of the loyal and slightly crazed opposition. As in any debate, people sometimes feel the need to overstate their point, not noticing that it really weakens their position when they exaggerate. Fortunately, Microsoft does the same thing, making this much less of an adult debate than one would think it should be.
The people behind it, unfortunately, don't consider it to be your music. They think (somewhat appropriately) that it's their music, and they also think (entirely inappropriately) that they should be able to control how you use their music.
I'd rather hear a lot of bitching now that warns the populace about what DRM and "trusted computing" really means, than have everyone realize in a couple years that in order to apply the latest security patches you also have to accept a system where you surrender control of your music.
Come to think about it, I wonder if the whole point of Microsoft's poor security approach is aimed at encouraging an "upgrade often" mentality, so that it's easier to sneak in new license terms, new monopoly-building apps, and/or flip the DRM switch to full on.
He dropped out of Harvard, didn't he? So he just didn't graduate.
Actually, the article itself pointed out a leaky abstraction in assembly - your memory model from an assembly language programmer's viewpoint doesn't necessarily match up to the real model supported by the system's VM, so you can have some memory operations take a lot longer than others. The OS and CPU itself are abstracting things from you, in a sense.
First off: I submitted this yesterday with a much less biased writeup. "Luck of the editor", I guess. My overall /. submission record is now 2 and 16.
Second: the problem is not big business vs. small, or even public sector vs. private. The issue is confidential data about the public and what expectation the public should be able to place on those who promise confidentiality. I don't think it's unreasonable for the legislature to define what that expectation is, the same way they define what the expectations on a company are in terms of pollution or accounting or workplace safety. Businesses have to meet certain standards to operate in a particular region; doing what they say with respect to confidential customer data is just one more standard, and probably a more important one than some of the other standards a business has to meet.
The argument that disclosure harms enforcement and education is only true as long as disclosure isn't mandatory for all. Once there's no longer a choice about disclosure, the public will quickly learn who can be trusted, and law enforcement and the business community will quickly learn what are the most common security issues to address. The marketplace will quickly put an appropriate premium on security once this law forces information about lax security out into the open. It's an effective way of letting the public determine how important security is - this is a much better solution than the state just requiring a particular patch level or certification or something like that. We say we don't want the state dictating how software is written - ensuring full disclosure of software faults is a great way to allow the public more voice in determining the right tradeoff, rather than having the state do it.
And if a vulnerability is discovered for which there isn't a patch yet, some people ask whether the company should be in trouble for not taking their systems off the 'net and getting 0wn3d. Of course they should! Their inability to plan a secure and maintainable computing infrastructure should not necessitate the exposure of my personal data to all and sundry. Just like the BIA, if you can't show that you're secure, you need to be off the 'net. This will have the effect of placing a premium on computing platforms that are quicker to patch when security problems are found, likely making Open Source solutions more popular. All in all, it's a win-win-win situation once the adjustment period is complete.
All right, same difference. I blame McNealy on that one, he definitely said "escape velocity". I suppose since "velocity" is a vector combining direction and speed, you are correct.
Ah, but they're all in the press, thus creating confusion. If Microsoft wants to use secret code words, they should keep them *secret* and quit confusing everybody else.
Hailstorm - a ton of ice cubes hurtling at you at escape velocity (thanks to Scott McNealy for the definition). Not really a consumer-friendly release name, one would think.
Of course, if you have the source, who cares about binary incompatibility? Not that that's a sufficient excuse, but one has to wonder if the free software-oriented GCC crew doesn't think in those terms sometimes...