I think that may be the mark of a good marketroid - you feel like you really got something out of it, but really you didn't. Look at how skillfully he dodged some of the questions but at the same time kept you nodding right along with him. It really was a pleasant read and an interesting take on reality; Mr. Miller is clearly a master of his craft.
That's also a good reason that I hadn't thought of and that didn't come through in the article. The given reason of "to support domain names with Chinese characters" would still be reason enough, I would think.
I agree that search engines are the key - if you can get search engines to start returning results from alternate DNS, and if there's something there that people want to see, and if it can be made easy enough for people to update their network settings to do so (on the order of "lynx -source http://go-gnome.com/ | sh" for example, or maybe just "click here and then select OK when Windows asks if you want to update your settings") then there will be a mass movement to alternate DNS. In the long run I don't see DNS being that useful for finding things on the 'net anyway, though. It's never been a foolproof plan to just type in widget.com and get WidgetCo, and it's getting tougher and tougher as more similar domain names are registered (two that I find difficult to get right: Loki games and Mandrake Linux).
It would be far better to use a collaborative net of search engines to query for stuff, like a combination of hopped-up Google rankings and those ghastly "AOL keywords". Really, just finding the right domain doesn't help you find stuff anyway, as anyone who's tried to find technical documentation on a product's web site and instead found marketing crap can tell you. Since we'll have to depend on search engines anyway, why not just cut out the DNS middleman? This would require a vast advance in search engine ability, but I think that might be possible in the fairly near future.
Plus, then you could have a neat feature in a web browser where you select some words, right click, and select "search for this" (or "I feel lucky!").
Come to think of it, to really make this work a search engine would almost have to be run distributed.net style. No single big search engine comes close to indexing the web, but if I've got a great collection of Linux USB links (just for example), maybe my computer could share those with Google from time to time. If my machine had a semi-autonomous agent or spider that was constantly searching for my interests on the web, and I sync this info with Google from time to time, then Google stays up to date better, more of the web gets indexed, and anyone else can benefit from my contribution to the whole. The more I think about this the more I think it's a good idea.
I also found it interesting that China has broken free of ICANN too. That may have the biggest long-term effect - once all of those people are online there will have to be a way to access their part of the network, or else the world's networks will be effectively partitioned in half (at least from a DNS standpoint). With all of the U.S. business interest in China, this may have been the unkindest cut that ICANN's received yet.
OK, a bit of hyperbole in fact. My point is that you should have little or no real heavy lifting to do by the time you're ready to start coding, so I'm not sure how actually having two people in front of a computer helps. At that point you should have module interface defined and understand the algorithms that you'll be using within them. It's really more of a detailed design stage after architecture but before coding.
Re:"Your 802.11 Wireless Network has No Clothes"
on
New flaws in 802.11B
·
· Score: 1
OK, I didn't think it was that insightful, but thanks, I guess.
Wait a minute - next-level stuff doesn't need proper design up front, peer review, and testing? I agree that one genius programmer could probably do without that stuff, but as soon as you've got more than one person working on a project you have to have some process infrastructure to keep them coordinated.
I suspect that the overall need for a defined software development process (not just XP) is related more closely to the number of developers on the team, than the expertise of the individual developers. At least until the mean developer ability drops into the can't-tie-shoes range, at which point you're screwed either way:)
Even with just one evil genius turning out the whole project, the coding style and development process of that one person still matter, because of course there's going to be support after the initial release. Unless you want to do the drone-like work of supporting the software you turned out so well, you'll have to have a design that a maintenance programmer can grok, and test cases so they can be sure they didn't break anything important with a one-line bug fix.
It's exhilarating to be a hero, but it's not a successful long-term strategy for a software shop.
It works better to have reviews in a smaller meeting with just the immediate peer group for the project. Sure, there may be 20 coders on the project but there are probably only 3 or 4 other people whom your modules interface with that need to be there. If there's more, just pick those with the time and expertise to really review the code properly and understand the implications of it. Plus the distraction level of a meeting rises sharply as you add more than 5 people (or at least it seems to me).
It also helps to issue a review agenda ahead of time, and have the reviewers look over the code ahead of time as well. That way if they see anything really dumb, they can talk to you one-on-one before the meeting about it, and when you get to the actual meeting they can just summarize quickly, you agree to implement "what we discussed yesterday", and everybody moves on with face saved.
You also have to have somebody at the review with mgmt power and/or sufficient expertise to be able to ultimately resolve all arguments about how things should work, if you can't reach a consensus among your peers. The worst thing you can do is just have a lot of criticism with no resolution. Good or bad, there has to be someone who provides resolution, even if it's just a plan to go back and rethink things.
Extreme Programming may be the latest buzz word, but peer review is an established technique used throughout the fields of science and engineering. I agree with the previous poster - if you can't handle peer review, then I don't want to work on a project with you because I don't want my code to fail because of something you did in a hurry.
Notice that I didn't say constant peer review; I think the whole two-programmers-at-one-machine plan sounds nuts too, but I guess if you're not going to take the time for architecture design and coding standards up front, maybe it works. We generally do peer review on a module-by-module basis as they are completed, and if you've invested enough design time up front the reviews (and in fact the coding phase itself) are pretty straightforward and relatively painless. Bottom line, if your team is tasked with a project, then all of the code belongs to the team and the team gets a say in what you do and how you do it.
If anything I would say XP doesn't go far enough - if you're catching serious errors at the point of typing out the actual code, you're catching errors way too late in the process. But I guess you've got to start somewhere, so if XP stops the worst bleeding in your organization's development process, then I say go for it.
Except, as discussed in other stories today, you can't really get away with a much cheaper Windows admin without losing the ability to stay on top of security updates (especially the ones that Microsoft tells you you don't need:), service packs, etc. I agree that many companies are hiring cheaper Windows admins, but I disagree that the quality of service provided is the same as it was before switching to Windows.
Ultimately you get what you pay for, and you may have to pay the same amount in different ways with an open source solution. However, you're still better off because then you have a trained staff on-site who understands the technology and will let you decide what direction to move in. Control of the technology that you depend on is hard to measure at the end of the day may be your business' biggest asset.
What if your developers were working on open source software for company use on company time? I don't get any time at work for my personal projects, but I'm assigned to working with open source all day long when it helps the company bottom line.
Maybe this is what you were getting at, but I got the opposite impression.
"Your 802.11 Wireless Network has No Clothes"
on
New flaws in 802.11B
·
· Score: 3
That's a pretty 1337 title for a paper, why didn't they just call it:
"All Your WEP Are Belong To Us"
But seriously, this points out that you can't just trust someone to tell you their product is secure. Lucent's "closed network" sounds great, except for the part where it broadcasts the shared secret in the clear!
[smacks head in disgust, and hopes to never commit such a colossal blunder in my own work]
Yes, his standing as a guru of "human interface evangelism" and "practical design" has dropped in my eyes. Guess what, Tog? Real humans read straight quotes all day long and like 'em.
The only way your post could have stayed on-topic was if your 1974 stereo had been secretly "upgraded" by the manafacturer in
the middle of the night so that it lacked any frequencies above 16KHz (since they're so annoying). Did that happen?
A more likely upgrade would be to "accidentally" disable the analog (assuming a '74 stereo didn't have digital) outputs so that you can't record off of the stereo onto cassette tapes. They're going to destroy the music industry, I tell you:)
The cron script is eventually what I decided to do. Also I decreased the logrotation for mail and news either from daily to weekly or weekly to monthly, I can't remember which ATM.
In the future I'll always be putting/opt on its own small partition, because if you install RPMs that are not from your distribution or build from source, some packages will create/opt and populate it for themselves. This is a good way to fill up / quickly too. I don't know if KDE still does this but it used to at one point.
There really should be a standard that no install procedure can create a new directory off of / without confirmation from the user. I have my filesystem set up the way I like it, and I'm not interested in changing just because I installed KDE today!
Another good way to fill up/var: my Mandrake install (originally 6.1 upgraded to 7.2) has problems with log rotation where it tries to gzip and rotate the previous batch of gzipped log files. After months of idly wondering why the disk would grind so hard when running logrotate (especially since I don't run any real servers that would be generating log files), I discovered a full/var with literally thousands of mail.log.gz.1.gz.2.gz.4.gz and so on. I'm not sure how many files there were to begin with, since I got tired of waiting for "ls | wc -l" to complete, but more than halfway through the "ls | xargs rm" process it counted 13000+ files!
Of course, this could be my misconfiguration since I've messed around with a bunch of stuff on this machine, so I can't necessarily blame Mandrake. Has anyone else seen this happen?
Playing the devil's advocate for the moment, I could argue that Microsoft has to protect the home user, because that person must be their own sysadmin. The corporate desktop, on the other hand, should be managed by the company IT team who are subscribed to the necessary Microsoft security mailing lists. One could argue that there's a higher standard of security required for corporate networks and an expectation that a company will have a real security team to handle it.
In reality, of course, they've sold corporations on how they won't need to pay for those extra admins because of "TCO" and "ease of use". So in the end I'll agree with you that corporate networks get screwed, but I think they're more screwed by Microsoft marketing than by the inherent security of Microsoft code.
No, I'm not bitter, I just got switched to Exchange mail (latest stats: in 2 weeks, 2 emails inexplicably deleted and 1 duplicated). Why do you ask?:)
Re: What's wrong with this title?
on
OS X
·
· Score: 1
The problem is that if the "X" means "10", then for incremental releases you would have "Mac OS X.0.1", "X.1.2", etc. and that's really confusing. Plus there's no way they're calling the next major release "Mac OS XI"!
Yes, I have to boot into OS9 to watch DVD's. Windows doesn't ship with a DVD player (Media Player doesn't count. I don't
use it to play my mp3's, I won't use it to watch my DVD's) and certainly has issues, and Linux has been
not-ready-for-primetime since its inception.
Well, Windows Media Player DVD support wouldn't be in great shape either if Microsoft had to fight off the RIAA, the US court system, and the Norwegian police:)
- why not "ameritechsucks.com" or "ameritechcablesucks.com"? You're not really about "ameritech cable" (more about how it sucks), are you deliberately trying to gain viewers who are looking for Ameritech Cable? I could see how they would be unhappy with that.
- how about a little more readable background and text color? Please?
Good point (and not offtopic in my opinion, although I did have to think for a moment about how that would work), but that's not really the way you're supposed handle flight risks, is it? Bail is supposed to be set based on flight risk at the arraignment. Oh wait, this guy hasn't been arrested for anything yet, has he? I agree that your cynical explanation is likely close to the truth, but I still think it's an abuse of police powers if there is no evidentiary value to his birth certificate.
It's days like this that make me wonder why I defend the U.S. Constitution so much in this forum. Now if only the government would respect it as much.
...Why does the Secret Service need the guy's birth certificate? How is that evidence of anything? I would be very wary of surrendering potentially irreplaceable personal documentation to any government agency, otherwise the government could quickly make you a non-person.
And another thing: is it really illegal to own gold bullion in the U.S.? What possible justification is there for that? I'm hoping that's an urban legend...
So let me get this straight: "Microsoft Screws Turning Customers" is +1, Funny, but "Screwing Customers Turns On Microsoft?" is -1, Offtopic? How does that work?
Slashdot Mirror
I'm pretty sure it was sarcasm, my spidey-sense was tingling :)
(or was it my Bill the Cat-sense? Ack, I must consider. thpffffft!)
I think that may be the mark of a good marketroid - you feel like you really got something out of it, but really you didn't. Look at how skillfully he dodged some of the questions but at the same time kept you nodding right along with him. It really was a pleasant read and an interesting take on reality; Mr. Miller is clearly a master of his craft.
That's also a good reason that I hadn't thought of and that didn't come through in the article. The given reason of "to support domain names with Chinese characters" would still be reason enough, I would think.
I agree that search engines are the key - if you can get search engines to start returning results from alternate DNS, and if there's something there that people want to see, and if it can be made easy enough for people to update their network settings to do so (on the order of "lynx -source http://go-gnome.com/ | sh" for example, or maybe just "click here and then select OK when Windows asks if you want to update your settings") then there will be a mass movement to alternate DNS. In the long run I don't see DNS being that useful for finding things on the 'net anyway, though. It's never been a foolproof plan to just type in widget.com and get WidgetCo, and it's getting tougher and tougher as more similar domain names are registered (two that I find difficult to get right: Loki games and Mandrake Linux).
It would be far better to use a collaborative net of search engines to query for stuff, like a combination of hopped-up Google rankings and those ghastly "AOL keywords". Really, just finding the right domain doesn't help you find stuff anyway, as anyone who's tried to find technical documentation on a product's web site and instead found marketing crap can tell you. Since we'll have to depend on search engines anyway, why not just cut out the DNS middleman? This would require a vast advance in search engine ability, but I think that might be possible in the fairly near future.
Plus, then you could have a neat feature in a web browser where you select some words, right click, and select "search for this" (or "I feel lucky!").
Come to think of it, to really make this work a search engine would almost have to be run distributed.net style. No single big search engine comes close to indexing the web, but if I've got a great collection of Linux USB links (just for example), maybe my computer could share those with Google from time to time. If my machine had a semi-autonomous agent or spider that was constantly searching for my interests on the web, and I sync this info with Google from time to time, then Google stays up to date better, more of the web gets indexed, and anyone else can benefit from my contribution to the whole. The more I think about this the more I think it's a good idea.
I also found it interesting that China has broken free of ICANN too. That may have the biggest long-term effect - once all of those people are online there will have to be a way to access their part of the network, or else the world's networks will be effectively partitioned in half (at least from a DNS standpoint). With all of the U.S. business interest in China, this may have been the unkindest cut that ICANN's received yet.
OK, a bit of hyperbole in fact. My point is that you should have little or no real heavy lifting to do by the time you're ready to start coding, so I'm not sure how actually having two people in front of a computer helps. At that point you should have module interface defined and understand the algorithms that you'll be using within them. It's really more of a detailed design stage after architecture but before coding.
OK, I didn't think it was that insightful, but thanks, I guess.
Wait a minute - next-level stuff doesn't need proper design up front, peer review, and testing? I agree that one genius programmer could probably do without that stuff, but as soon as you've got more than one person working on a project you have to have some process infrastructure to keep them coordinated.
I suspect that the overall need for a defined software development process (not just XP) is related more closely to the number of developers on the team, than the expertise of the individual developers. At least until the mean developer ability drops into the can't-tie-shoes range, at which point you're screwed either way :)
Even with just one evil genius turning out the whole project, the coding style and development process of that one person still matter, because of course there's going to be support after the initial release. Unless you want to do the drone-like work of supporting the software you turned out so well, you'll have to have a design that a maintenance programmer can grok, and test cases so they can be sure they didn't break anything important with a one-line bug fix.
It's exhilarating to be a hero, but it's not a successful long-term strategy for a software shop.
It works better to have reviews in a smaller meeting with just the immediate peer group for the project. Sure, there may be 20 coders on the project but there are probably only 3 or 4 other people whom your modules interface with that need to be there. If there's more, just pick those with the time and expertise to really review the code properly and understand the implications of it. Plus the distraction level of a meeting rises sharply as you add more than 5 people (or at least it seems to me).
It also helps to issue a review agenda ahead of time, and have the reviewers look over the code ahead of time as well. That way if they see anything really dumb, they can talk to you one-on-one before the meeting about it, and when you get to the actual meeting they can just summarize quickly, you agree to implement "what we discussed yesterday", and everybody moves on with face saved.
You also have to have somebody at the review with mgmt power and/or sufficient expertise to be able to ultimately resolve all arguments about how things should work, if you can't reach a consensus among your peers. The worst thing you can do is just have a lot of criticism with no resolution. Good or bad, there has to be someone who provides resolution, even if it's just a plan to go back and rethink things.
Extreme Programming may be the latest buzz word, but peer review is an established technique used throughout the fields of science and engineering. I agree with the previous poster - if you can't handle peer review, then I don't want to work on a project with you because I don't want my code to fail because of something you did in a hurry.
Notice that I didn't say constant peer review; I think the whole two-programmers-at-one-machine plan sounds nuts too, but I guess if you're not going to take the time for architecture design and coding standards up front, maybe it works. We generally do peer review on a module-by-module basis as they are completed, and if you've invested enough design time up front the reviews (and in fact the coding phase itself) are pretty straightforward and relatively painless. Bottom line, if your team is tasked with a project, then all of the code belongs to the team and the team gets a say in what you do and how you do it.
If anything I would say XP doesn't go far enough - if you're catching serious errors at the point of typing out the actual code, you're catching errors way too late in the process. But I guess you've got to start somewhere, so if XP stops the worst bleeding in your organization's development process, then I say go for it.
Except, as discussed in other stories today, you can't really get away with a much cheaper Windows admin without losing the ability to stay on top of security updates (especially the ones that Microsoft tells you you don't need :), service packs, etc. I agree that many companies are hiring cheaper Windows admins, but I disagree that the quality of service provided is the same as it was before switching to Windows.
Ultimately you get what you pay for, and you may have to pay the same amount in different ways with an open source solution. However, you're still better off because then you have a trained staff on-site who understands the technology and will let you decide what direction to move in. Control of the technology that you depend on is hard to measure at the end of the day may be your business' biggest asset.
What if your developers were working on open source software for company use on company time? I don't get any time at work for my personal projects, but I'm assigned to working with open source all day long when it helps the company bottom line.
Maybe this is what you were getting at, but I got the opposite impression.
That's a pretty 1337 title for a paper, why didn't they just call it:
But seriously, this points out that you can't just trust someone to tell you their product is secure. Lucent's "closed network" sounds great, except for the part where it broadcasts the shared secret in the clear!
[smacks head in disgust, and hopes to never commit such a colossal blunder in my own work]
Yes, his standing as a guru of "human interface evangelism" and "practical design" has dropped in my eyes. Guess what, Tog? Real humans read straight quotes all day long and like 'em.
A more likely upgrade would be to "accidentally" disable the analog (assuming a '74 stereo didn't have digital) outputs so that you can't record off of the stereo onto cassette tapes. They're going to destroy the music industry, I tell you :)
The cron script is eventually what I decided to do. Also I decreased the logrotation for mail and news either from daily to weekly or weekly to monthly, I can't remember which ATM.
In the future I'll always be putting /opt on its own small partition, because if you install RPMs that are not from your distribution or build from source, some packages will create /opt and populate it for themselves. This is a good way to fill up / quickly too. I don't know if KDE still does this but it used to at one point.
There really should be a standard that no install procedure can create a new directory off of / without confirmation from the user. I have my filesystem set up the way I like it, and I'm not interested in changing just because I installed KDE today!
Another good way to fill up /var: my Mandrake install (originally 6.1 upgraded to 7.2) has problems with log rotation where it tries to gzip and rotate the previous batch of gzipped log files. After months of idly wondering why the disk would grind so hard when running logrotate (especially since I don't run any real servers that would be generating log files), I discovered a full /var with literally thousands of mail.log.gz.1.gz.2.gz.4.gz and so on. I'm not sure how many files there were to begin with, since I got tired of waiting for "ls | wc -l" to complete, but more than halfway through the "ls | xargs rm" process it counted 13000+ files!
Of course, this could be my misconfiguration since I've messed around with a bunch of stuff on this machine, so I can't necessarily blame Mandrake. Has anyone else seen this happen?
Playing the devil's advocate for the moment, I could argue that Microsoft has to protect the home user, because that person must be their own sysadmin. The corporate desktop, on the other hand, should be managed by the company IT team who are subscribed to the necessary Microsoft security mailing lists. One could argue that there's a higher standard of security required for corporate networks and an expectation that a company will have a real security team to handle it.
In reality, of course, they've sold corporations on how they won't need to pay for those extra admins because of "TCO" and "ease of use". So in the end I'll agree with you that corporate networks get screwed, but I think they're more screwed by Microsoft marketing than by the inherent security of Microsoft code.
No, I'm not bitter, I just got switched to Exchange mail (latest stats: in 2 weeks, 2 emails inexplicably deleted and 1 duplicated). Why do you ask? :)
The problem is that if the "X" means "10", then for incremental releases you would have "Mac OS X.0.1", "X.1.2", etc. and that's really confusing. Plus there's no way they're calling the next major release "Mac OS XI"!
Well, Windows Media Player DVD support wouldn't be in great shape either if Microsoft had to fight off the RIAA, the US court system, and the Norwegian police :)
You might almost say it turned your machine to stone :) hee hee
...or maybe not.
But "ameritechcable.com" isn't? That would be an even more open-and-shut violation, wouldn't it?
I have to ask:
- why not "ameritechsucks.com" or "ameritechcablesucks.com"? You're not really about "ameritech cable" (more about how it sucks), are you deliberately trying to gain viewers who are looking for Ameritech Cable? I could see how they would be unhappy with that.
- how about a little more readable background and text color? Please?
Good point (and not offtopic in my opinion, although I did have to think for a moment about how that would work), but that's not really the way you're supposed handle flight risks, is it? Bail is supposed to be set based on flight risk at the arraignment. Oh wait, this guy hasn't been arrested for anything yet, has he? I agree that your cynical explanation is likely close to the truth, but I still think it's an abuse of police powers if there is no evidentiary value to his birth certificate.
It's days like this that make me wonder why I defend the U.S. Constitution so much in this forum. Now if only the government would respect it as much.
...Why does the Secret Service need the guy's birth certificate? How is that evidence of anything? I would be very wary of surrendering potentially irreplaceable personal documentation to any government agency, otherwise the government could quickly make you a non-person.
And another thing: is it really illegal to own gold bullion in the U.S.? What possible justification is there for that? I'm hoping that's an urban legend...
So let me get this straight: "Microsoft Screws Turning Customers" is +1, Funny, but "Screwing Customers Turns On Microsoft?" is -1, Offtopic? How does that work?