That sounds like a great idea, but how can all that be accomplished without a noticeable performance decrease of nearly everything a user runs inside the guest OS?
I'm not sure how well it would work for games, but other than that, it's simple: given that a VM causes a 5-10% slowdown, just buy a computer that is 5-10% faster.:^) Most users won't notice the difference anyway... and if doing it this way means they can get rid of some or all of their current security-ware cruft, then this might actually result in a net speedup.
I can't really feel sorry for these people. In my book, if you're dumb enough to run some strange executable, then you deserve what you get.
Maybe so, but the rest of us don't deserve what we get. Even if I'm a careful computer user and never get compromised, I still have to deal with the resulting spam, DDOS attacks, increased IT costs, etc, caused by people who do. Therefore it's in everybody's best interest to make security more idiot-proof -- we can't just say "to hell with the n00bs", because we still have to live on the same Internet as them.
Keep a database of safe programs to use on untrusted content like you keep a database of plugins people have explicitly installed. This would resolve SO MANY security issues... damnit
Or, perhaps easier than deciding which programs are "safe" (which is sure to bite you eventually since sooner or later one of your "safe" programs will turn out to have a bug that allows an exploit), just add the ability to run these viewer programs in a sandbox, so that they aren't allowed to do anything except read the one file they were meant to display, and display it. No network access, no write access to any disks, no access to shared memory or IPC, etc.
Then it won't matter if the program is "safe" or not, because even if the program gets compromised, the malware can never leave the process's sandbox.
I think that things like selinux will really help, keeping programmes from doing things which they are not meant to do.
I think using virtual machines as sandboxes could go a long way towards improving security also. Imagine a distro with a super-locked-down secure OS that only ever runs a single app, which is a virtual machine app (VMWare, Xen, whatever). The user does everything inside this virtual machine's guest OS, and never installs or runs any other software on the host OS.
With that setup, it would be easy to "checkpoint" the state of the system and restore it whenever things have gone wrong (due to malware, user mistakes, whatever). (A clever diff-based mechanism might be able to make OS-state saves/restores fast enough to be done automatically in the background, say once a day). Even if the guest OS was completely compromised by malware, it would still be impossible for the malware to prevent the user from using the (uncorrupted) host OS to "rewind" the computer back to before the infection occurred. The host OS could also keep an audit trail of what happened when inside the guest OS, to help the user find out where things went wrong.
I'm not sure that WINE is up to the task, just yet.
WINE may not be, but VMware is... how soon until viruses just install a copy of VMWare, then run your original OS image inside of VMware while silently doing whatever they like out in the "real" OS?
Instead of paying to have your album advertised, give the advertisement away for free! Not only that, release it under a "free" license you don't really understand in a format nobody can do anything with! And then, get your lawyers to add some stupid conditions to the license so it really isn't "free" anymore! Then have marketing post a link to slashdot.
I'm sorry you've had such a bad day, dear -- why don't you go to bed and get some rest, you'll probably feel a whole lot better in the morning.
The Sudden Motion Sensor is accurate enough that there is a dashboard widget that emulates a bubble level.
Cool... but do they have an emulation of that annoying wooden table game, where you steer a little steel ball through a tilting maze while trying to not to fall into the holes? That's clearly what the SMS was originally designed for...
I didn't know AppleCare covers braining a Sith Lord!:P
The secret to defeating Darth Ballmer is to use the Force, not your eyes. Only with the Force will you be able to parry the onslaught of flying furniture in time.
Too many developers check things into CVS and ignore the fact that CVS/ SubVersion/Other Revision Control System is a guarantee that you won't be able to readily obtain and compile it for the average person. There is a distinctly non-trivial learning curve associated with even the simplest RCS.
That sounds like an opportunity to me... how about a nice (open-source?) app that knows how to check out code from the revision control system, compile the program, and present the user with the generated app/tarball? Since it doesn't have to support all the features of the RCS, just a basic checkout-and-build, it could be quite simple to use... just paste in the URL from the project's RCS page, and click "Go".
Re:Not unique to open source
on
The CVS Cop-Out
·
· Score: 1
How many non-techy computer (mainly Windows) users can compile a program?
Not many, I agree... but it doesn't need to be that way. Most people don't know how to install a program by hand either, which is why most applications come with installer utilities that do the install for them, so that the user only needs to know to double click an icon and then click "Next" a few times.
Is there any reason why an installer program could not be distributed with the source code? The installer program would be the same as the one that came with the binaries, except it would also issue a "./configure; make" as the first step.
Then why are the "majority" of the people supporting it? No matter what accounting you use, there is no way you can claim that the insurgency is the result of a MAJORITY sentiment. For instance, THEIR election turnout puts OURS to shame.
High election turnout and support for the resulting government are related, but not the same thing. Especially when the election was six months ago, and things have been deteriorating ever since.
link: By age five [chimps] are stronger than most human adults. They become destructive and resentful of discipline. They can, and will, bite. Chimpanzee owners have lost fingers and suffered severe facial damage.
Wherever did you get the idea that commercial software packages couldn't reuse the source code? I can't think of any widely-used free software licenses that prohibit commercial use. Certainly the GNU GPL doesn't, as you can see quite plainly from the number of commercial distributions, many of them (such as Red Hat) selling Linux-based operating systems for the same price as Microsoft Windows.
Come on, get your head out of the sand. If I, as a commercial developer, want to compile a GPL library into my application, I have to agree to distribute my application under the GPL also. That's the key difference between the GPL and BSD licenses. Many (most?) commercial developers are not willing to GPL their source code, so they are effectively prevented from linking GPL'd code into their apps. To argue otherwise is simply to deny reality.
I have to say, though, I totally fail to see how your devil's-advocate utopia of people taking other people's work without compensation fits into a capitalist society.
I never mentioned anything about utopias or capitalism. Perhaps you ought to re-read my post.
Car manufacturers can't just take open-source engines for free and use them in their cars. That doesn't particularly seem to have hurt the auto market, now, does it?
If open-source engines existed, car manufacturers absolutely could take them for free and use them in their cars... and their cars would be that much cheaper as a result, because the car manufacturers would no longer have pass on to their customers the costs of designing and building the engines. So yes, it does hurt the auto market.
My question is, and I have yet to hear an answer, is why have they done this? [...] One obvious reason is so that you can run OSX on non-apple hardware.
Looks like you've answered your own question. Apple does not want you to run OSX on non-Apple hardware, because that might discourage you from buying Apple hardware, which is where they make their money.
In other words, we're the kind of people who care more about Freedom (for the user) than having the code distributed as widely as possible.
Devil's Advocate here: If commercial software packages can't re-use the source code, that the companies selling them will be impeded to some extent in producing their software -- they will either have to find a usable substitute or write their own implementation. That means that either the commercial software won't be available as soon (or at all), or it will cost more (due to the extra cost of development and/or licensing that was incurred).
That means fewer products available to the user at a given price point, and therefore that the user less choice than if the open source code was usable in commercial products. It's not entirely clear how that supports Freedom(tm).
Then a day or so later, they're like, "WTF? You deleted weatherbug" and I find they've reinstalled it. People just don't care, and I don't expect to ever understand why
People assume that anything that happens on their computer is visible in the GUI. Therefore if weatherbug doesn't pop up a requester saying "I'm spying on you now, please type something interesting", naive people will assume it's not doing that.
I suspect this misapprehension will change only through hard experience.
Does anyone on slashdot actually WANT to have uncrashable hardware?
I certainly do. My computer is supposed to solve problems for me, not the other way around. Life is too short to spend time fiddling with widgets for fun. I want to work on my work, not on fixing unnecessary problems with my computer.
It's not only ugly. It shows the Minix3 'microkernel' is not even a kernel
No, it shows that Minix3 doesn't have a proper memory manager implemented. Clearly it's not a usable system for actual work at the moment, but everybody admits that. It's under development.
Remember microkernel-loving theorists out there, we're talking about Minix, something quite alot _older_ than Linux.
Actually, we're talking about Minix3, which isn't all that old. To paraphrase Tanenbaum: "Minix3 is to Minix1 as WinXP is to Win3.1: they share the first word in their name".
[Minix] has had much more time to develop, and if the theory is correct, it should have been much easier to develop to an advanced level than the Linux kernel has been...
If you compared the man-hours that have been spent developing Linux to the man-hours spent developing Minix3, you'd find that Linux has had several orders of magnitude more developer time spent on it. So comparing the two OS's as if they had had an equal amount of developer support is silly.
It should have at least basic, basic, basic functionality such as fully functional memory management today...
Minix3 is being developed by Tanenbaum and two (2) other programmers. If you think development is going too slowly, feel free to help out.
What I mean is that for two processes to communicate over a normal serial socket they do it one byte at a time.
I don't think the above is true in any meaningful sense. Only poorly written programs send/recv a single byte at a time, as it is quite inefficient to do that. Most programs will try to send as much data as possible per call to send()/recv().
With a page socket, one process could in effect send an entire page of memory to another. It would infact be sending simply a pointer to some page of memory. This pointer could be to a read-only or read-write part of memory enforced in the MMU. Thus sending a page of a data structure would be instantenous.
I think the same trick might be doable as an extra-clever implementation of the standard send()/recv() API (in fact, I suspect that some OS's already do something like this). When both the sending and receiving process live on the same hardware, send() could implicitly mark the send-buffer as a shared memory space for the receiving process to look at.
Since when do you get a blowjob out of having a pretty Sony Playstation?
Clearly this is the "must have" feature that Sony has been looking for. I think any number of teenage boys would pay $699 for a game console that gives blow jobs.
But don't accuse the other 63% of being stupid sheep unless you know what reasoning they applied to their opinion.
I agree... the problem is that certain politicians will now use these oversimplified results as an excuse for their continuing abuses of power. "See? The public approves!"
You seem to be saying that hydrogen will be great once we find a source of unlimited energy (i.e., the world's energy problems are already solved). While I may agree with you, at present this is not the case.
Except that it very much is the case: we receive an effectively unlimited amount of energy from the sun. The only obstacle (and I admit it is a big one) is figuring out how to capture enough of that energy and convert it into a useful form (electrons, hydrogen, whatever) that we can use. But the energy is there for the taking:
Quote: The amount of energy from the sun that falls on the earth is enormous. All the energy stored in the earth's reserves of coal, oil, and natural gas is matched by the energy from 20 days of sunshine.
Go to Journey to Forever and look around a bit, it seems to address most of your points.
From the page you linked to:
Replacing fossil fuels with biofuels isn't the answer. Replacing fossil fuels isn't even an option -- current energy use, especially in the industrialised countries, is not sustainable anyway, whatever the energy source.
So what that page is really proposing drastic cutbacks in per-capita energy usage, not that biofuels can be used as a substitute for fossil fuels.
That's a fine and admirable plan, but my feeling is that it will only be politically feasible if conditions get extremely bad and no other solutions can be found. As your article says, people and nations are extremely addicted to using lots of energy, and would have to be dragged kicking and screaming away from it. Which is why things like hydrogen have such popular appeal: if a sufficient energy source can be found/tapped to supply enough of it, people wouldn't have to return to a 19th-century localized agricultural economy when the oil runs out.
I envision a system of smaller vehicles, possibly 6- or 8-passenger vans, where each vehicle is given dynamic tasking based on requests through an internet portal.
I'm not sure how well it would work for games, but other than that, it's simple: given that a VM causes a 5-10% slowdown, just buy a computer that is 5-10% faster.
Maybe so, but the rest of us don't deserve what we get. Even if I'm a careful computer user and never get compromised, I still have to deal with the resulting spam, DDOS attacks, increased IT costs, etc, caused by people who do. Therefore it's in everybody's best interest to make security more idiot-proof -- we can't just say "to hell with the n00bs", because we still have to live on the same Internet as them.
Or, perhaps easier than deciding which programs are "safe" (which is sure to bite you eventually since sooner or later one of your "safe" programs will turn out to have a bug that allows an exploit), just add the ability to run these viewer programs in a sandbox, so that they aren't allowed to do anything except read the one file they were meant to display, and display it. No network access, no write access to any disks, no access to shared memory or IPC, etc.
Then it won't matter if the program is "safe" or not, because even if the program gets compromised, the malware can never leave the process's sandbox.
I think using virtual machines as sandboxes could go a long way towards improving security also. Imagine a distro with a super-locked-down secure OS that only ever runs a single app, which is a virtual machine app (VMWare, Xen, whatever). The user does everything inside this virtual machine's guest OS, and never installs or runs any other software on the host OS.
With that setup, it would be easy to "checkpoint" the state of the system and restore it whenever things have gone wrong (due to malware, user mistakes, whatever). (A clever diff-based mechanism might be able to make OS-state saves/restores fast enough to be done automatically in the background, say once a day). Even if the guest OS was completely compromised by malware, it would still be impossible for the malware to prevent the user from using the (uncorrupted) host OS to "rewind" the computer back to before the infection occurred. The host OS could also keep an audit trail of what happened when inside the guest OS, to help the user find out where things went wrong.
WINE may not be, but VMware is... how soon until viruses just install a copy of VMWare, then run your original OS image inside of VMware while silently doing whatever they like out in the "real" OS?
I'm sorry you've had such a bad day, dear -- why don't you go to bed and get some rest, you'll probably feel a whole lot better in the morning.
Cool... but do they have an emulation of that annoying wooden table game, where you steer a little steel ball through a tilting maze while trying to not to fall into the holes? That's clearly what the SMS was originally designed for...
The secret to defeating Darth Ballmer is to use the Force, not your eyes. Only with the Force will you be able to parry the onslaught of flying furniture in time.
SubVersion/Other Revision Control System is a guarantee that you won't be able to readily obtain and compile it for the average person. There is a distinctly non-trivial learning curve associated with even the simplest RCS.
That sounds like an opportunity to me... how about a nice (open-source?) app that knows how to check out code from the revision control system, compile the program, and present the user with the generated app/tarball? Since it doesn't have to support all the features of the RCS, just a basic checkout-and-build, it could be quite simple to use... just paste in the URL from the project's RCS page, and click "Go".
Not many, I agree... but it doesn't need to be that way. Most people don't know how to install a program by hand either, which is why most applications come with installer utilities that do the install for them, so that the user only needs to know to double click an icon and then click "Next" a few times.
Is there any reason why an installer program could not be distributed with the source code? The installer program would be the same as the one that came with the binaries, except it would also issue a "./configure; make" as the first step.
High election turnout and support for the resulting government are related, but not the same thing. Especially when the election was six months ago, and things have been deteriorating ever since.
Truly you are a brave and horny man:
link: By age five [chimps] are stronger than most human adults. They become destructive and resentful of discipline. They can, and will, bite. Chimpanzee owners have lost fingers and suffered severe facial damage.
Come on, get your head out of the sand. If I, as a commercial developer, want to compile a GPL library into my application, I have to agree to distribute my application under the GPL also. That's the key difference between the GPL and BSD licenses. Many (most?) commercial developers are not willing to GPL their source code, so they are effectively prevented from linking GPL'd code into their apps. To argue otherwise is simply to deny reality.
I have to say, though, I totally fail to see how your devil's-advocate utopia of people taking other people's work without compensation fits into a capitalist society.
I never mentioned anything about utopias or capitalism. Perhaps you ought to re-read my post.
Car manufacturers can't just take open-source engines for free and use them in their cars. That doesn't particularly seem to have hurt the auto market, now, does it?
If open-source engines existed, car manufacturers absolutely could take them for free and use them in their cars... and their cars would be that much cheaper as a result, because the car manufacturers would no longer have pass on to their customers the costs of designing and building the engines. So yes, it does hurt the auto market.
Looks like you've answered your own question. Apple does not want you to run OSX on non-Apple hardware, because that might discourage you from buying Apple hardware, which is where they make their money.
Devil's Advocate here: If commercial software packages can't re-use the source code, that the companies selling them will be impeded to some extent in producing their software -- they will either have to find a usable substitute or write their own implementation. That means that either the commercial software won't be available as soon (or at all), or it will cost more (due to the extra cost of development and/or licensing that was incurred).
That means fewer products available to the user at a given price point, and therefore that the user less choice than if the open source code was usable in commercial products. It's not entirely clear how that supports Freedom(tm).
reinstalled it. People just don't care, and I don't expect to ever understand why
People assume that anything that happens on their computer is visible in the GUI. Therefore if weatherbug doesn't pop up a requester saying "I'm spying on you now, please type something interesting", naive people will assume it's not doing that.
I suspect this misapprehension will change only through hard experience.
I certainly do. My computer is supposed to solve problems for me, not the other way around. Life is too short to spend time fiddling with widgets for fun. I want to work on my work, not on fixing unnecessary problems with my computer.
No, it shows that Minix3 doesn't have a proper memory manager implemented. Clearly it's not a usable system for actual work at the moment, but everybody admits that. It's under development.
Remember microkernel-loving theorists out there, we're talking about Minix, something quite alot _older_ than Linux.
Actually, we're talking about Minix3, which isn't all that old. To paraphrase Tanenbaum: "Minix3 is to Minix1 as WinXP is to Win3.1: they share the first word in their name".
[Minix] has had much more time to develop, and if the theory is correct, it should have been much easier to develop to an advanced level than the Linux kernel has been...
If you compared the man-hours that have been spent developing Linux to the man-hours spent developing Minix3, you'd find that Linux has had several orders of magnitude more developer time spent on it. So comparing the two OS's as if they had had an equal amount of developer support is silly.
It should have at least basic, basic, basic functionality such as fully functional memory management today...
Minix3 is being developed by Tanenbaum and two (2) other programmers. If you think development is going too slowly, feel free to help out.
I don't think the above is true in any meaningful sense. Only poorly written programs send/recv a single byte at a time, as it is quite inefficient to do that. Most programs will try to send as much data as possible per call to send()/recv().
With a page socket, one process could in effect send an entire page of memory to another. It would infact be sending simply a pointer to some page of memory. This pointer could be to a read-only or read-write part of memory enforced in the MMU. Thus sending a page of a data structure would be instantenous.
I think the same trick might be doable as an extra-clever implementation of the standard send()/recv() API (in fact, I suspect that some OS's already do something like this). When both the sending and receiving process live on the same hardware, send() could implicitly mark the send-buffer as a shared memory space for the receiving process to look at.
Clearly this is the "must have" feature that Sony has been looking for. I think any number of teenage boys would pay $699 for a game console that gives blow jobs.
Lycra wasn't invented until the 1960s. Were tights made of some other material before then?
I agree... the problem is that certain politicians will now use these oversimplified results as an excuse for their continuing abuses of power. "See? The public approves!"
Except that it very much is the case: we receive an effectively unlimited amount of energy from the sun. The only obstacle (and I admit it is a big one) is figuring out how to capture enough of that energy and convert it into a useful form (electrons, hydrogen, whatever) that we can use. But the energy is there for the taking:
Quote: The amount of energy from the sun that falls on the earth is enormous. All the energy stored in the earth's reserves of coal, oil, and natural gas is matched by the energy from 20 days of sunshine.
From the page you linked to:
Replacing fossil fuels with biofuels isn't the answer. Replacing fossil fuels isn't even an option -- current energy use, especially in the industrialised countries, is not sustainable anyway, whatever the energy source.
So what that page is really proposing drastic cutbacks in per-capita energy usage, not that biofuels can be used as a substitute for fossil fuels.
That's a fine and admirable plan, but my feeling is that it will only be politically feasible if conditions get extremely bad and no other solutions can be found. As your article says, people and nations are extremely addicted to using lots of energy, and would have to be dragged kicking and screaming away from it. Which is why things like hydrogen have such popular appeal: if a sufficient energy source can be found/tapped to supply enough of it, people wouldn't have to return to a 19th-century localized agricultural economy when the oil runs out.
Hm, sounds a bit like this.