Um, you CAN have features AND security. At the same time even. That's no excuse. I'm not talking bugs here, all software has bugs. I'm talking design decisions that leave the OS wide open for malware.
You know, defending MS is a VERY tough job. MS has TONS of chances to fix things for Win2K and XP yet chose NOT to. I'm not talking buffer overflows and such here, I'm talking REALLY basic design decisions. MS has consistantly chosen the other option when making security related design decisions. The excuse has been "our users are asking for that".
People have been bitching for YEARS about the way MS sets the default settings as wide fucking open. The default settings (especially on home systems) still allow users to read and write every file on the system. Outlook and friends still are wide open to viruses / worms. Until the DEFAULT setting of windows forbids normal users (applications) from fucking with the system directory without entering the special admin password (like OSX or pretty much any other modern OS on the planet) then I (and most security concious people) will continue to hammer on MS to improve.
MS's security initiatives have historically been nothing but lip service. MAYBE they are changing, but I will remain skeptical until I see REAL change. MS's "we're secure" claims are like the boy who cried wolf.
Anyway, if you want to stick your head in the sand and ignore the last 5 years of windows insecurity, be my guest. Frankly, it's childish to ignore history.
Um, 2.4 works VERY well. Every major distro uses it. Are you thinking of the initial release back in 2.4.0? and.1? It's the same in MS land which is why no IT guy in their right mind migrates to a new version of windows until there are at least 2 service packs out. When a major new version of the Linux kernel is released, anyone in their right mind waits a few months as settles down.
Frankly, this is the way pretty much ANY major software product is. Deal with it dude.
While there are problems with SPEWS, spamassasin (which I also use) is locking the door after the cows got out. Spews (and other IP based blacklist) is about preventing spam from even getting to your server.
By sending spammers a "500" level error, some will actually remove you from their list. By accepting the mail (spamassasin) you basically confirm that the mail address is deliverable.
I don't personally use any spews like service, jut my own private blacklist which helps reduce the amount of crap that spamassasin has to go through.
I have found spamassasin to only be about 90% effective. If I crank up the settings, I start getting false positives on a regular basis.
It's pretty clear why. Their system is a mess. It takes too much time to maintain and is too hard for a non-tech to work with.
Unfortunately, there isn't NEARLY enough detail here to give this person ANY meaningful answer. There are also enough restrictions that it makes it all but impossible to reccomend ANYTHING.
Frankly, it sounds like this company is about toast. About the best thing they could do is convert the site to mostly static HTML (or leave it as ASP) and go host it somewhere with one of the bazillion web hosting companies. Most offer an NT platform option with SQL server access for pretty cheap (of course the Linux hosting options are generally a bit cheaper.)
Well, I don't know about that. I took a job YEARS ago as a Novell network admin. I had Never worked novell before. Before I started the job, I read a Novell book cover to cover. First day I was productive. Other than peeking at the book every now and then, I was able to get my job done.
What DOES kinda irritate me is the "24 Hours" part. Sorry, you can't even scratch the surface in 24 hours - especially with UNIX. While I WAS productive right off the bat with Novell, my prior experience with UNIX and other networking systems allowed me to figure things out quickly. Without a good solid background, I would have been toast. I really was a "junior" novell admin. Over the next several months at that job, I felt totally comfortable doing quite advanced tasks with novell.
While you can pick up some simplistic skills in 24 hours, there is a LOT more to UNIX system administration that you just can't learn from a book, or even another administrator. You have to do things for yourself. You have to understand the concepts. You have to play with things, look around, compile some apps, install some systems, run into problems and solve them, learn scripting, regular expressions, read TONS of man pages, etc. This takes MONTHS. Most of your true learning comes from problem solving.
I do take some exception to the "learn more from a sysadmin" comment. The problem with this approach is that sysadmins FREQUENTLY are not good teachers. In fact, I find sysadmins in general to be among the WORST teachers of any profession. Working side by side with one, you will learn small little snipits of valuable stuff, but rarely will you understand the WHY of things. S/He probably isn't going to present info to you in any organized manor, and the info will most likely be very incomplete. Hey, that's just been my experience working with / managing dozens of admins - many of them VERY good at what they do.
Where in the Windows 98 license agreement does it state that Win98 will be EOL in under 4 years?
Where in the NT4 license agreement does it state that it will be EOL in 2? (I last bought NT4 in 2000) Win2000 was only 1 year old before XP came out. Please. At this rate, the lifespan for MS OS's will drop to 1 month in a few years. Yeah, that's a little silly, but so is MS's expectation that customers will replace a perfectly good OS every year just so they can keep their sales revenue up.
To answer your question, YES. I STRONGLY believe that OS manufacturers should continue to maintain SECURITY FIXES for their products for a MINIMUM of 6 years from last date of sale. Note that I did NOT state that they must be FREE (but that would be the Right thing to do IMHO.)
Why 6 years? That is a reasonable term that people can reasonably expect to be able to run their systems, get repair parts, etc. I would be in favor of letting companies out of that requirement if they release source allowing customers to maintain their own systems when they discontinue support.
Auto manufacturers continue to release saftey related fixes / recalls long after the next several model years cars are out. I just got a saftey recall for a 5 year old volvo as an example.
We have a real problem in the industry. Software almost always comes with no guarantees, warranties, etc. (rare case when they do is Very high end software with custom contracts.) Software companies have NO requirement to produce code that works at all. About the only thing they DO guarantee is that the CDROM is readable. I can't think of ANY other type of product that we buy where we would be willing to put up with the shoddy workmanship, instabilities, constant problems, etc. Hell, we have lemon laws for cars, why not software? It's obvious that the industry won't police itself.
I'm not letting ANYONE off the hook here. I think Apple needs to be better about this issue too. I think they have pretty much said "stuff it. Upgrade to 10.2" which is a paid update.
So what would you say if MS no longer offered ANY security patches unless you had a PAID subscription to Windows Update? What if they only released fixes by reving the OS therefore requireing you to buy the new version? These are all things MS COULD do. The percentage of people that would bitch and moan would be MUCH higher than it is today, which is why MS doesn't do that. People bitch and moan now, but only those that NEED to stay downrev for one reason or another. Patience however is beginning to wear out.
Ahh, but the point is that they are AVAILABLE. Updates from MS are not available at ANY price for products that they consider EOL. Which is my point. If the most recent product that they EOL'ed was Win 3.1, I wouldn't have a problem with it. The fact that they are EOLing RECENT products. That's just not cool.
Again, when MS stops releasing security fixes for you product, then you will have no choice. That is not an issue for open-source systems, and other vendors of commercial OS's generally support their OS's for MUCH longer than MS does. Sun is still providing updates for Sunos 4 which is something like 8 years old, IBM still supports mainframe OS's from over 20 years ago, HP does the same.
Of course if you LIKE getting hacked and your business doesn't depend any info stored on these old systems, then stay with the old stuff. No big deal to ME.
When MS stops releasing service packs and hot fixes, what choice will you have? Can you afford to be a target for every script kiddie on the planet? It's not open source where anyone can pick up and maintain old versions of the OS.
MS announced that Office 11 won't run on Windows 98. What do you bet that Office 12 won't run on Win2K? History proves that MS changes the.doc format at every release. If you want to continue to seamlessly integrate with other users of MS products, you will have no choice but to upgrade. This will probably force you to upgrade your OS if nothing else will.
So the answer to your question is "Microsoft." They are pretty good at forcing people to upgrade through planned obsolecence.
IMHO, not releasing sercurity fixes for some of their not-so-old products is a crime. Win98 is only 4 years old, Nt4 was sold as recently as 2 years ago. MS has made MORE than enough off those products to support them (from a security standpoint) for at LEAST 10 - 15 years.
Most other OS vendors charge customers an annual maintenance fee (generally about 20% of the purchase price) per year if you want to continue to get updates. IBM still maintains and supports OS's and HARDWARE for machines that are 25 years old or MORE - and they don't have NEAR the userbase of ANY windows product.
MS has other options too. Sell off support to some third party company. Let THAT company charge for, and provide updates for MS's old code. MS WILL NOT do that because it breaks their business model of forcing upgrades.
Now I'll go out on a limb here (I'm not an MS fan by any stretch of the imagination) but MS has every right to do this (yeah, I just said above that it should be a crime, but it currently isn't.) For the way they designed their revenue stream, it's the right move for them. I'll go further to say that anyone who buys MS products should be aware of this, and plan (budget) for this. It's part of your TCO. Note that you can actually go to MS Licensing v 6 and pay through the nose anually, but that still won't get you support for older releases.
While your poor attempt at humor is noted, the facts are that many larger businesses / government agencies use the same software for much longer time periods than the typical Microsoft product lifetime. Many systems are custom software - software that usually needs only minor enhancements over its lifetime, or continually evolving depending on business need.
In looking at TCO, the MS numbers begin to fail when you take into the constant cost of licenses, upgrades, re-deployments, re-porting custom software, constant re-training / recertification of staff to handle the "latest and greatest" versions of windows, etc. Many of these costs are hidden, but valid. If you look at any flavor of UNIX, they haven't changed much in how they work or how you interface to them.
It wouldn't be so bad if MS just continued to improve their core (kinda like every other OS on the planet does), but it seems that with every revision or so they replace core functionality, radically change look and feel, interfaces, API's, management tools, etc. This costs business big money. It's that constant sprial of useless updates and repurchasing the same core functionality over and over again.
Many (most?) businesses were caught blindsided by the true scope of the problem, and many MS pundits STILL don't understand. It's easy to get caught up in the "ease of use" arguments, and the relativly low upfront cost (although the upfront costs is nowhere NEAR as low as it used to be.) Now, many businesses are stuck with proprietary MS based systems and face a potentially HUGE cost of migrating to other platforms. It's no wonder so many balk, especially in a down economy.
On the good side, businesses and governments world-wide are beginning to wake up and realize that MS's answer isn't as good as they were led to believe. They are finding that they don't have the flexability, reliability, or control that they want, and the price is much higher than they expected.
OK, so read the above carefully. In NO place did I say MS is bad, or that MS software is bad. I AM saying that if you buy into the MS paradigm, you are going to pay, and pay, and pay many times over for only incremental improvements in technology, and the true total costs of doing this is much higher than other competing systems.
Going to the main page (after flushing my caches) google still loads MUCH faster. Searches return faster too.
If you want to compete, you have to offer something either different, or better, or both. AV doesn't do anything better that I can see, and they are still just a search engine with ads.
I also notice that the cached results tend to be older with AV. They REALLY need to address that if they want to compete.
So what the ehll is going on at AV? If they are going to "reinvent" themselves, you think that they would actually try and do something BETTER than the competition, not just be a "me too."
Pinhead. Just because YOU can't think of anything doesn't mean that there isn't a valid use. At a former company, we used a device kinda like this except it was external and looked like a scsi drive. Had it's own internal battery and hard drive for backing up the image.
We only needed about a gig of space, yet the only other option was a massive raid system that would have cost 4 - 5x more. It worked PERFECTLY.
It also works well on databases. You only per certain tables in it, not the entire database. Think caching proxies, web servers, etc.
Yah, probably not much use for gamers / home users, but I SEROUSLY doubt that gamers are their target market.
Some RAID controllers have this - they use NVRAM. It basically caches all the writes. When the power comes back, it continues the pending writes. Hence, no lost data due to the power dying in the middle of a write. Nice for transactional databases, as writes "commit" instantly.
Oh please. Encoding of a serial stream has ZERO need for really fast I/O. All you need is a normal drive that has a high enough sustained transfer rate to handle the stream. Any normal hard drive is up to the task.
Think of applications that need to randomly access the drive. Think web servers, caching proxies, databases, etc. We had a custom app that needed to write to around 40,000 files simultainiously, and read from them randomly. The only feasable solution was a rather large RAM drive system. The one we used was external, had it's own hard drive for backing up the image, UPS, etc., hooked up to the normal SCSI bus, and cost around $12K for a 2G box (this was a number of years ago when RAM was much more expensive).
Nice thing was NO DRIVERS. It was a SCSI drive to the OS. You could boot off it if you wanted to.
Um, you have never worked for a large company have you? Virtually ALL do some inhouse software development. I would even go so far to say that most mid sized companies do too. Adding database lookup to dhcpd is not all that large of a programming task frankly. Probably take a competent programmer a couple days at most. I'd be surprised if it hasn't been done before. I would suggest a dbm style database as opposed to a SQL database however, as you don't need the overhead for such a simple task.
One example of a poorly written driver (nvidia) is not a valid argument. There are other binary-only drivers that are much more stable, but binary-only is a bad-thing (more later.)
Driver modules are compiled separately from the kernel. This is why you do a "make bzImage" and then a separate "make modules".
So you claim that source drivers are bad. OK, I'll bite.
In Windows, every time the OS revs, you need all new drivers. This is horrible - an example of how NOT to write a driver subsystem. I do admit that the OSX interface is cool, but that still doesn't mean that the Linux interface is bad or undesirable. What if apple decides they need to change the interface for performance / flexability reasons? Same problem with all drivers everywhere on every platform.
An example of how drivers in Linux are done RIGHT, is vmware. It automatically compiles and installs its drivers. When you rev ther kernel, it detects this and lets you know that you need to reinstall. There is nothing really stopping them from just detecting this case and doing it automatically except for the fact that "you just don't do that" in linux. Stopping bootup while something compiles would be impolite, and may not be what the user really wants to do. The system may also not be in a state to allow compilation. Note that once the sysytem completes booting, you can install and run the driver without another reboot.
OK, you say that binary drivers in linux are a problem. I agree. This is still not a Linux problem, it's a vendor problem. It has ZERO to do with the linux driver model. Again, the vendor should release a source driver or specs to allow someone else to write that driver. Many (most?) vendors understand this. Some just don't get it. What is the vendor goes away? What if they discontinue the model and discontinue support? Is your hardware then garbage? If you have specs and / or source, the community can continue to support the hardware without a massive reverse-engineering effort. Sometimes reverse-engineering is not feasable.
The reality of computing is that hardware changes. The OS's change. Nothing is static forever. No device driver interface is universal, or perfect. I seriously doubt that that fact will change in the forseable future. There is no TECHNICAL reason why RedHat (for example) couldn't have a driver database of pre-compiled drivers for automatic detection and download. There is no TECHNICAL reason why vendors couldn't support the many flavors of Windows, OSX, Several flavors of Linux, BeOS, or any other OS, just like there is no TECHNICAL reason that they don't release detailed specs of their hardware. OSX's nice interface is useless if the vendor doesn't support OSX. It's also useless if apple changes the interface.
It's basically not a technical issue at all, and the driver model used by any OS is irrelevent.
First, you are making a common error. You are making the assumption that the lack of integrated device drivers is a problem with linux as opposed to a problem with vendor support.
You are also making the common error that Windows always works and supports everything automatically. Why just the other day I plugged my Wife's Win2K box into my 2 year old Brother 1270N printer via USB and Windows detected new hardware. Then it told me it couldn't find a driver, but I could search the CDROM and Windows update. Oops, STILL couldn't find a driver so I ended up having to go to the brother web site, manually download and install the driver.
In contrast, my Debian box just worked. All the drivers were there. Most hardware autodects just fine thankyouverymuch.
It's actually quite rare that I can get a driver for ANYTHING directly from MS. I usually have to go to the vendors web site or dig up an old CDROM and go the manual install route. Lack of Linux support is almost UNIVERALLY because the vendor does not release a linux driver and refuses to release the tech info so that someone else can write a driver. This has NOTHING to do with Linux and ALL to do with the vendors being a bunch of fucking idiots. Most hardware autodects just fine thankyouverymuch. There is nothing wrong with the modular driver model in Linux except for the current historical limits on major/minor device numbering that is being addressed. I can load, unload, and replace device driver modules on the fly without rebooting for most hardware (there are some exceptions like the disk driver you are currently using and such, but this is to be expected.) In contrast, Windows STILL needs to be rebooted several times if you are replacing a driver for example. When things go right in Windows, people are happy and things are easy. When things go wrong, all hell breaks lose. Since only MS really knows what's going on inside, the frequent "fix" is to re-install everything from scratch.
Back to the article, this guy is naive. While Windows is fairly universal in the desktop area, that's the ONLY place that it's mostly universal. In the PDA space, server space, set-top space, embedded space, etc. it's an equal player, a minor player, or a non-player. In non-US markets, Windows is taking a MAJOR hit and its dominance is far from universal.
OK, enough on the OS ranting.
The problem with higher levels of abstration is that it starts to fail when the amount of data increases. Sure it's easy to find your resume on a view of a few documents, but when you have thousands of documents this model starts to fail. You need to start organizing stuff in a logical manor. You need to organize stuff the way YOU think, not the way some programmer at MS or somewhere else thinks.
It's interesting looking at how people organize files on their computers. From a very simplistic and general view, I have noticed that Low-level employees tend to keep all their documents in one folder and high level employees (managers, executives) tend to have things orgnized several levels deep. Again, a very general observation.
Looking at your PDA example, you can organize your contacts in categories. How many people do that? It depends on how many contacts you have. In a small company I may load the phonelist in to one "company" category. In a larger company, I may load the phone list into departmental categories. How would his 3D view handle this? Would it always organize stuff in a very granular manor or would it tend to lump things all together? Who decides? Do I have to do this manually? If so, how is this better than the file / folder mentality?
Actually, it's how the AS/400 was designed back in the 80's. In the AS/400, things just reside in a database. Everything is VM. There are no files / folders except as an abstraction on top of the underlying OS.
Though if you can buy a 10 year contract for the product, it will be supported for the length of the contract.
Not often true. All that will get you is that someone will answer the phone in most cases. In the worst cases, the company will no longer be around.
I have NEVER seen a support contract that guarentees that bugs will be fixed to customer satisfaction, and that the software will be enhanced to support additional needed functionality.
Most support contracts are of limited value. The flexability and power you get with OSS is priceless.
I can only imagine how it is in a.gov org.. where not only do they pay less, but have to justify their expenses to tax payers.
Um, since WHEN do they have to justify their expenses? The only time this happens is when there are whistleblowers / $900 toilet seats.
Seriously, 90% of our government is waste. Year after year, projects / organizations get re-funded because they were funded last year. Every year they claim they need more money.
Slashdot Mirror
Um, you CAN have features AND security. At the same time even. That's no excuse. I'm not talking bugs here, all software has bugs. I'm talking design decisions that leave the OS wide open for malware.
You know, defending MS is a VERY tough job. MS has TONS of chances to fix things for Win2K and XP yet chose NOT to. I'm not talking buffer overflows and such here, I'm talking REALLY basic design decisions. MS has consistantly chosen the other option when making security related design decisions. The excuse has been "our users are asking for that".
People have been bitching for YEARS about the way MS sets the default settings as wide fucking open. The default settings (especially on home systems) still allow users to read and write every file on the system. Outlook and friends still are wide open to viruses / worms. Until the DEFAULT setting of windows forbids normal users (applications) from fucking with the system directory without entering the special admin password (like OSX or pretty much any other modern OS on the planet) then I (and most security concious people) will continue to hammer on MS to improve.
MS's security initiatives have historically been nothing but lip service. MAYBE they are changing, but I will remain skeptical until I see REAL change. MS's "we're secure" claims are like the boy who cried wolf.
Anyway, if you want to stick your head in the sand and ignore the last 5 years of windows insecurity, be my guest. Frankly, it's childish to ignore history.
Um, 2.4 works VERY well. Every major distro uses it. Are you thinking of the initial release back in 2.4.0? and .1? It's the same in MS land which is why no IT guy in their right mind migrates to a new version of windows until there are at least 2 service packs out. When a major new version of the Linux kernel is released, anyone in their right mind waits a few months as settles down.
Frankly, this is the way pretty much ANY major software product is. Deal with it dude.
While there are problems with SPEWS, spamassasin (which I also use) is locking the door after the cows got out. Spews (and other IP based blacklist) is about preventing spam from even getting to your server.
By sending spammers a "500" level error, some will actually remove you from their list. By accepting the mail (spamassasin) you basically confirm that the mail address is deliverable.
I don't personally use any spews like service, jut my own private blacklist which helps reduce the amount of crap that spamassasin has to go through.
I have found spamassasin to only be about 90% effective. If I crank up the settings, I start getting false positives on a regular basis.
It's pretty clear why. Their system is a mess. It takes too much time to maintain and is too hard for a non-tech to work with.
Unfortunately, there isn't NEARLY enough detail here to give this person ANY meaningful answer. There are also enough restrictions that it makes it all but impossible to reccomend ANYTHING.
Frankly, it sounds like this company is about toast. About the best thing they could do is convert the site to mostly static HTML (or leave it as ASP) and go host it somewhere with one of the bazillion web hosting companies. Most offer an NT platform option with SQL server access for pretty cheap (of course the Linux hosting options are generally a bit cheaper.)
When told of the project's move to open source, Source Busters was called:
PETER
You could accept the fact that this city is headed for a disaster of biblical proportions.
MAYOR
What do you mean, biblical?
RAY
What he means is Old Testament biblical, Mr. Mayor. Real wrath-of-God-type stuff. Fire and brimstone coming from the sky! Rivers and seas boiling!
EGON
Forty years of darkness! Earthquakes! Volcanoes!
WINSTON
The dead rising from the grave!
PETER
Human sacrifice, dogs and cats living together, mass hysteria!
-- Sorry, I could't resist!
If OpenSSH has not been ported, buy a copy from the various proprietary vendors, or hire someone to port OpenSSH.
REAL sysadmins would port it themselves.
Well, I don't know about that. I took a job YEARS ago as a Novell network admin. I had Never worked novell before. Before I started the job, I read a Novell book cover to cover. First day I was productive. Other than peeking at the book every now and then, I was able to get my job done.
What DOES kinda irritate me is the "24 Hours" part. Sorry, you can't even scratch the surface in 24 hours - especially with UNIX. While I WAS productive right off the bat with Novell, my prior experience with UNIX and other networking systems allowed me to figure things out quickly. Without a good solid background, I would have been toast. I really was a "junior" novell admin. Over the next several months at that job, I felt totally comfortable doing quite advanced tasks with novell.
While you can pick up some simplistic skills in 24 hours, there is a LOT more to UNIX system administration that you just can't learn from a book, or even another administrator. You have to do things for yourself. You have to understand the concepts. You have to play with things, look around, compile some apps, install some systems, run into problems and solve them, learn scripting, regular expressions, read TONS of man pages, etc. This takes MONTHS. Most of your true learning comes from problem solving.
I do take some exception to the "learn more from a sysadmin" comment. The problem with this approach is that sysadmins FREQUENTLY are not good teachers. In fact, I find sysadmins in general to be among the WORST teachers of any profession. Working side by side with one, you will learn small little snipits of valuable stuff, but rarely will you understand the WHY of things. S/He probably isn't going to present info to you in any organized manor, and the info will most likely be very incomplete. Hey, that's just been my experience working with / managing dozens of admins - many of them VERY good at what they do.
Where in the Windows 98 license agreement does it state that Win98 will be EOL in under 4 years?
Where in the NT4 license agreement does it state that it will be EOL in 2? (I last bought NT4 in 2000) Win2000 was only 1 year old before XP came out. Please. At this rate, the lifespan for MS OS's will drop to 1 month in a few years. Yeah, that's a little silly, but so is MS's expectation that customers will replace a perfectly good OS every year just so they can keep their sales revenue up.
To answer your question, YES. I STRONGLY believe that OS manufacturers should continue to maintain SECURITY FIXES for their products for a MINIMUM of 6 years from last date of sale. Note that I did NOT state that they must be FREE (but that would be the Right thing to do IMHO.)
Why 6 years? That is a reasonable term that people can reasonably expect to be able to run their systems, get repair parts, etc. I would be in favor of letting companies out of that requirement if they release source allowing customers to maintain their own systems when they discontinue support.
Auto manufacturers continue to release saftey related fixes / recalls long after the next several model years cars are out. I just got a saftey recall for a 5 year old volvo as an example.
We have a real problem in the industry. Software almost always comes with no guarantees, warranties, etc. (rare case when they do is Very high end software with custom contracts.) Software companies have NO requirement to produce code that works at all. About the only thing they DO guarantee is that the CDROM is readable. I can't think of ANY other type of product that we buy where we would be willing to put up with the shoddy workmanship, instabilities, constant problems, etc. Hell, we have lemon laws for cars, why not software? It's obvious that the industry won't police itself.
I'm not letting ANYONE off the hook here. I think Apple needs to be better about this issue too. I think they have pretty much said "stuff it. Upgrade to 10.2" which is a paid update.
So what would you say if MS no longer offered ANY security patches unless you had a PAID subscription to Windows Update? What if they only released fixes by reving the OS therefore requireing you to buy the new version? These are all things MS COULD do. The percentage of people that would bitch and moan would be MUCH higher than it is today, which is why MS doesn't do that. People bitch and moan now, but only those that NEED to stay downrev for one reason or another. Patience however is beginning to wear out.
Ahh, but the point is that they are AVAILABLE. Updates from MS are not available at ANY price for products that they consider EOL. Which is my point. If the most recent product that they EOL'ed was Win 3.1, I wouldn't have a problem with it. The fact that they are EOLing RECENT products. That's just not cool.
Again, when MS stops releasing security fixes for you product, then you will have no choice. That is not an issue for open-source systems, and other vendors of commercial OS's generally support their OS's for MUCH longer than MS does. Sun is still providing updates for Sunos 4 which is something like 8 years old, IBM still supports mainframe OS's from over 20 years ago, HP does the same.
Of course if you LIKE getting hacked and your business doesn't depend any info stored on these old systems, then stay with the old stuff. No big deal to ME.
When MS stops releasing service packs and hot fixes, what choice will you have? Can you afford to be a target for every script kiddie on the planet? It's not open source where anyone can pick up and maintain old versions of the OS.
.doc format at every release. If you want to continue to seamlessly integrate with other users of MS products, you will have no choice but to upgrade. This will probably force you to upgrade your OS if nothing else will.
MS announced that Office 11 won't run on Windows 98. What do you bet that Office 12 won't run on Win2K? History proves that MS changes the
So the answer to your question is "Microsoft." They are pretty good at forcing people to upgrade through planned obsolecence.
IMHO, not releasing sercurity fixes for some of their not-so-old products is a crime. Win98 is only 4 years old, Nt4 was sold as recently as 2 years ago. MS has made MORE than enough off those products to support them (from a security standpoint) for at LEAST 10 - 15 years.
Most other OS vendors charge customers an annual maintenance fee (generally about 20% of the purchase price) per year if you want to continue to get updates. IBM still maintains and supports OS's and HARDWARE for machines that are 25 years old or MORE - and they don't have NEAR the userbase of ANY windows product.
MS has other options too. Sell off support to some third party company. Let THAT company charge for, and provide updates for MS's old code. MS WILL NOT do that because it breaks their business model of forcing upgrades.
Now I'll go out on a limb here (I'm not an MS fan by any stretch of the imagination) but MS has every right to do this (yeah, I just said above that it should be a crime, but it currently isn't.) For the way they designed their revenue stream, it's the right move for them. I'll go further to say that anyone who buys MS products should be aware of this, and plan (budget) for this. It's part of your TCO. Note that you can actually go to MS Licensing v 6 and pay through the nose anually, but that still won't get you support for older releases.
While your poor attempt at humor is noted, the facts are that many larger businesses / government agencies use the same software for much longer time periods than the typical Microsoft product lifetime. Many systems are custom software - software that usually needs only minor enhancements over its lifetime, or continually evolving depending on business need.
In looking at TCO, the MS numbers begin to fail when you take into the constant cost of licenses, upgrades, re-deployments, re-porting custom software, constant re-training / recertification of staff to handle the "latest and greatest" versions of windows, etc. Many of these costs are hidden, but valid. If you look at any flavor of UNIX, they haven't changed much in how they work or how you interface to them.
It wouldn't be so bad if MS just continued to improve their core (kinda like every other OS on the planet does), but it seems that with every revision or so they replace core functionality, radically change
look and feel, interfaces, API's, management tools, etc. This costs business big money. It's that constant sprial of useless updates and repurchasing the same core functionality over and over again.
Many (most?) businesses were caught blindsided by the true scope of the problem, and many MS pundits STILL don't understand. It's easy to get caught up in the "ease of use" arguments, and the relativly low upfront cost (although the upfront costs is nowhere NEAR as low as it used to be.) Now, many businesses are stuck with proprietary MS based systems and face a potentially HUGE cost of migrating to other platforms. It's no wonder so many balk, especially in a down economy.
On the good side, businesses and governments world-wide are beginning to wake up and realize that MS's answer isn't as good as they were led to believe. They are finding that they don't have the flexability, reliability, or control that they want, and the price is much higher than they expected.
OK, so read the above carefully. In NO place did I say MS is bad, or that MS software is bad. I AM saying that if you buy into the MS paradigm, you are going to pay, and pay, and pay many times over for only incremental improvements in technology, and the true total costs of doing this is much higher than other competing systems.
Going to the main page (after flushing my caches) google still loads MUCH faster. Searches return faster too.
If you want to compete, you have to offer something either different, or better, or both. AV doesn't do anything better that I can see, and they are still just a search engine with ads.
I also notice that the cached results tend to be older with AV. They REALLY need to address that if they want to compete.
So what the ehll is going on at AV? If they are going to "reinvent" themselves, you think that they would actually try and do something BETTER than the competition, not just be a "me too."
Pinhead. Just because YOU can't think of anything doesn't mean that there isn't a valid use. At a former company, we used a device kinda like this except it was external and looked like a scsi drive. Had it's own internal battery and hard drive for backing up the image.
We only needed about a gig of space, yet the only other option was a massive raid system that would have cost 4 - 5x more. It worked PERFECTLY.
It also works well on databases. You only per certain tables in it, not the entire database. Think caching proxies, web servers, etc.
Yah, probably not much use for gamers / home users, but I SEROUSLY doubt that gamers are their target market.
Some RAID controllers have this - they use NVRAM. It basically caches all the writes. When the power comes back, it continues the pending writes. Hence, no lost data due to the power dying in the middle of a write. Nice for transactional databases, as writes "commit" instantly.
Oh please. Encoding of a serial stream has ZERO need for really fast I/O. All you need is a normal drive that has a high enough sustained transfer rate to handle the stream. Any normal hard drive is up to the task.
Think of applications that need to randomly access the drive. Think web servers, caching proxies, databases, etc. We had a custom app that needed to write to around 40,000 files simultainiously, and read from them randomly. The only feasable solution was a rather large RAM drive system. The one we used was external, had it's own hard drive for backing up the image, UPS, etc., hooked up to the normal SCSI bus, and cost around $12K for a 2G box (this was a number of years ago when RAM was much more expensive).
Nice thing was NO DRIVERS. It was a SCSI drive to the OS. You could boot off it if you wanted to.
Soliddata.com in case you are wondering.
Does the CD work after you've scratched it up
With a new AOL CD in the mail every day, he got an endless supply.
Um, you have never worked for a large company have you? Virtually ALL do some inhouse software development. I would even go so far to say that most mid sized companies do too. Adding database lookup to dhcpd is not all that large of a programming task frankly. Probably take a competent programmer a couple days at most. I'd be surprised if it hasn't been done before. I would suggest a dbm style database as opposed to a SQL database however, as you don't need the overhead for such a simple task.
One example of a poorly written driver (nvidia) is not a valid argument. There are other binary-only drivers that are much more stable, but binary-only is a bad-thing (more later.)
Driver modules are compiled separately from the kernel. This is why you do a "make bzImage" and then a separate "make modules".
So you claim that source drivers are bad. OK, I'll bite.
In Windows, every time the OS revs, you need all new drivers. This is horrible - an example of how NOT to write a driver subsystem. I do admit that the OSX interface is cool, but that still doesn't mean that the Linux interface is bad or undesirable. What if apple decides they need to change the interface for performance / flexability reasons? Same problem with all drivers everywhere on every platform.
An example of how drivers in Linux are done RIGHT, is vmware. It automatically compiles and installs its drivers. When you rev ther kernel, it detects this and lets you know that you need to reinstall. There is nothing really stopping them from just detecting this case and doing it automatically except for the fact that "you just don't do that" in linux. Stopping bootup while something compiles would be impolite, and may not be what the user really wants to do. The system may also not be in a state to allow compilation. Note that once the sysytem completes booting, you can install and run the driver without another reboot.
OK, you say that binary drivers in linux are a problem. I agree. This is still not a Linux problem, it's a vendor problem. It has ZERO to do with the linux driver model. Again, the vendor should release a source driver or specs to allow someone else to write that driver. Many (most?) vendors understand this. Some just don't get it. What is the vendor goes away? What if they discontinue the model and discontinue support? Is your hardware then garbage? If you have specs and / or source, the community can continue to support the hardware without a massive reverse-engineering effort. Sometimes reverse-engineering is not feasable.
The reality of computing is that hardware changes. The OS's change. Nothing is static forever. No device driver interface is universal, or perfect. I seriously doubt that that fact will change in the forseable future. There is no TECHNICAL reason why RedHat (for example) couldn't have a driver database of pre-compiled drivers for automatic detection and download. There is no TECHNICAL reason why vendors couldn't support the many flavors of Windows, OSX, Several flavors of Linux, BeOS, or any other OS, just like there is no TECHNICAL reason that they don't release detailed specs of their hardware. OSX's nice interface is useless if the vendor doesn't support OSX. It's also useless if apple changes the interface.
It's basically not a technical issue at all, and the driver model used by any OS is irrelevent.
First, you are making a common error. You are making the assumption that the lack of integrated device drivers is a problem with linux as opposed to a problem with vendor support.
You are also making the common error that Windows always works and supports everything automatically. Why just the other day I plugged my Wife's Win2K box into my 2 year old Brother 1270N printer via USB and Windows detected new hardware. Then it told me it couldn't find a driver, but I could search the CDROM and Windows update. Oops, STILL couldn't find a driver so I ended up having to go to the brother web site, manually download and install the driver.
In contrast, my Debian box just worked. All the drivers were there. Most hardware autodects just fine thankyouverymuch.
It's actually quite rare that I can get a driver for ANYTHING directly from MS. I usually have to go to the vendors web site or dig up an old CDROM and go the manual install route. Lack of Linux support is almost UNIVERALLY because the vendor does not release a linux driver and refuses to release the tech info so that someone else can write a driver. This has NOTHING to do with Linux and ALL to do with the vendors being a bunch of fucking idiots. Most hardware autodects just fine thankyouverymuch. There is nothing wrong with the modular driver model in Linux except for the current historical limits on major/minor device numbering that is being addressed. I can load, unload, and replace device driver modules on the fly without rebooting for most hardware (there are some exceptions like the disk driver you are currently using and such, but this is to be expected.) In contrast, Windows STILL needs to be rebooted several times if you are replacing a driver for example. When things go right in Windows, people are happy and things are easy. When things go wrong, all hell breaks lose. Since only MS really knows what's going on inside, the frequent "fix" is to re-install everything from scratch.
Back to the article, this guy is naive. While Windows is fairly universal in the desktop area, that's the ONLY place that it's mostly universal. In the PDA space, server space, set-top space, embedded space, etc. it's an equal player, a minor player, or a non-player. In non-US markets, Windows is taking a MAJOR hit and its dominance is far from universal.
OK, enough on the OS ranting.
The problem with higher levels of abstration is that it starts to fail when the amount of data increases. Sure it's easy to find your resume on a view of a few documents, but when you have thousands of documents this model starts to fail. You need to start organizing stuff in a logical manor. You need to organize stuff the way YOU think, not the way some programmer at MS or somewhere else thinks.
It's interesting looking at how people organize files on their computers. From a very simplistic and general view, I have noticed that Low-level employees tend to keep all their documents in one folder and high level employees (managers, executives) tend to have things orgnized several levels deep. Again, a very general observation.
Looking at your PDA example, you can organize your contacts in categories. How many people do that? It depends on how many contacts you have. In a small company I may load the phonelist in to one "company" category. In a larger company, I may load the phone list into departmental categories. How would his 3D view handle this? Would it always organize stuff in a very granular manor or would it tend to lump things all together? Who decides? Do I have to do this manually? If so, how is this better than the file / folder mentality?
Actually, it's how the AS/400 was designed back in the 80's. In the AS/400, things just reside in a database. Everything is VM. There are no files / folders except as an abstraction on top of the underlying OS.
You can learn more about the AS/400 here.
Doesn't that also depend on the cost of the support contract? Most are 20 - 25% of the purchase price per year.
You are also assuming that there are no contractors who are familiar with the source.
Having hired dozens of contractors, I just don't see the hassle for an occasional issue. You can generally keep the same ones on retainer too.
Though if you can buy a 10 year contract for the product, it will be supported for the length of the contract.
Not often true. All that will get you is that someone will answer the phone in most cases. In the worst cases, the company will no longer be around.
I have NEVER seen a support contract that guarentees that bugs will be fixed to customer satisfaction, and that the software will be enhanced to support additional needed functionality.
Most support contracts are of limited value. The flexability and power you get with OSS is priceless.
I can only imagine how it is in a .gov org .. where not only do they pay less, but have to justify their expenses to tax payers.
Um, since WHEN do they have to justify their expenses? The only time this happens is when there are whistleblowers / $900 toilet seats.
Seriously, 90% of our government is waste. Year after year, projects / organizations get re-funded because they were funded last year. Every year they claim they need more money.