Nice idea, but the club uses the strip as a counterfeit-prevention device, and likely would refuse service to anyone with a mangled bar code because they couldn't be sure it wasn't a fake id.
Maybe if youre the only one with a blanked license they could single you out, but its not uncommon for a licence a few years old to be unreadable. I worked as a grocery clerk for several years, and I can tell you that about 5%-10% of all credit cards are unreadable, and they are replaced much more frequently that driver's licenses. (probably because they are used that much more often)
Also there is the fact that they are in business to make money- they wont woo many customers by turning away obvious adults with valid licenses.
And cmon- The hologram, micro print, state seal, and all that other stuff have to count for something...
If you have a driver's license with a magnetic strip- just rub it over with a strong magnet until its blanked.
The license is still valid- the mag-strip is only there for "convenience", its whats on the front that counts.
The difference is that no bouncer/clerk/etc is going to have time te key in all that data, and you return to the gentle ranks of the anonymous dues to the carless oblivion of human short term memory.
There is a reason the Jedi appeal to us generally. We've been down the path of the Master and the apprentice.
Daniel Isaacs the Sysadmin? From what Ive heard you should probably be sympathizing with the Sith.
Where do you draw the line ??
on
ORBZ Shuts Down
·
· Score: 3, Insightful
Anybody can access a publicly available SMTP service and produce whatever type of SMTP headers they want. It is a publically available service.
However, you typical hacker does a similiar thing, he sends bytes to publically available service.
If you decide that any univited data being sent to your server is a crime, then sending an email to someone you dont know is a a crime. If you think its not a crime, then what script kidz do is a public service.
I personally hold to the latter, even though I abhor spam and hate malicious crackers. I think that by holding the server owner whos providing publicly available services accountable for his own security, that we would get more secure software out of it, and less coverups. (lawyers trying to do work that can only be done by programmers) SMTP servers should be able to handle munged headers!
I can imagine the PHB thinking now "Well since I cant sue the kiddie whos sending those bad SMTP headers, I guess im going to have to actually fix the bug in my mail server, oh the humanity!"
Of course fraud etc should still be a crime- but why should accessing publicly provided data services be one?
Your going to send your CPU's public key over the network? Good for you. Others will send some other public key, specifically one which they know the private key for. Then theyll have a cleartext binary- which compresses well and makes it onto the p2p nets.
Its no problem to reencrypt the binary, say if you have a CPU that only runs encrypted binaries.
They say you can never trust a third party's hardware/software. True, but you can trust their network traffic even less.
Note to overzealous protectors of GPL: OpenSSL is distributed under a BSD-style license.
Yes it is a BSD-license, but it contains the nasty adevrtising clause as well, which makes it GPL incompatible.
Worse yet the LICENSE ITSELF contains and anti-GPL screed, specifically forbidding combination with the GPL.
After reading this license that pretty much ended the "BSD in more free" argument in my mind. (I was interested in reusing bits in code I planned to GPL)
The extension, like the rest of the filename, is metadata.
Filenames, ignoring the practical issues, are at best a special case. For example you cant just not have a filename, and it would really suck if you could have non-unique ones. For just about ALL other forms of "metadata" that is not true.
Some types of metadata seem wholly inappropriate to file transfer, (such as a path to an icon to display for this file when using the dorkopod file manager) And of those that would seem appropriate, consider mac file types which say things like "Open me with photoshop!", but are not even really appropriate for transfer between two users on the same machine.
And sometimes, certain operations on metadata are quite specific to the data type: (the oblique style of a font file) that it hardly makes sense to encode them all into metadata. Taken to its logical conclusion, why dont you just encode ALL your data into the metadata section.
The point here, is that a filesystem is a special case optimized database, with a few special rules. Turning it into some sort of overgeneralized database has been a historical mistake over and over. (VMS)
Flat files with name, modes, owner, timestamps, and data, handle the general case. The name is a unique descriptor. If you want to know more then read the file. If you want a standardized format across related types of data, then what you want is a standardized data format.
Who got the hairbrained idea that having file metadata was superior???
Sure its great for marking a file as executable or not, instead of having the OS itself guess based upon the name.
But for documents, if all the type information is stuck away inside some metadata, then what happens when you transfer a file over FTP? do you have to guess what type of file it is?
What about the output of a pipe or socket? How does my PDF generator know tha "output.pdf" needs to have its metadata set to some damn obnoxious xml snippet? Is the file unusable until someone does that?
And its not like you can have different files with the same name having only different metadata. I cant have "temp/document.txt" and "temp/document.rtf" because they would be "temp/document" (ambiguous) to a shell script.
And what the hell does a version number mean? Does it have the same meaning for a word document as it does for a Makefile as it does for a device driver? Then why should they be stored the same?
Im not a big fan of MS's retarded implementation of OS enforced extensions, but I do think that filename extension are here to stay because they work better.
A file is a file, and the extension is just a hint on what to do with it, or what it might contain.
And if you want to sort your MP3's, there is this nice thing called Id3 tags, you might want to look into it...
If you are smart enough to setup email filers, etc, then you are smart enough not to use microsoft server products.
After all MS does billet its warez as "easy to use", so it puts people in the mindset that they shouldnt have to do anything intelligent.
(I worked at defense contractor where the Air Force's security demands amounted to: "all traffic must go through port 80, because that makes it secure")...
This connotation is overplayed
on
Penguin2Apple
·
· Score: 3, Interesting
Wow - what the hell are you doing on that computer? What kind of 'development' are you doing? I've had a system with W2k on it in use daily for a year with probably 20 reboots, mostly to swap to Linux for some reason. Less than 10 were due to hanging/crashing issues.
Honestly, what are you doing?
Im am sortof tired of people gushing about the stability of W2K. If you use a few client apps and dont install too much, or limit yourself to High level (VB) programming, yea sure itll be stable.
Do anything inteseting such as sending malformed UDP packets onto the ethernet, run IIS, play quciktime movies, any serious development, have the exchange server crash, install software with less than admin privledges, etc, and you may find it less stable than you imagine.
I use Windown 2000 for network programming, building/debugging embedded platforms, creating GUI appliciations, client apps, using differing hardware platforms an so on. I am unimpressed with its stability nor security. (sometimes itll go for a few weeks without freezing. sometimes it crashes several times a day. certain network traffic will always trash it. sometimes thing start acting flakey until a reboot. Contrast this to Unix, where reboots generally dont change anything, and they certainly arent recommended for fixing problems)
The primary things done by cheats (looking through walls, etc) are things that the game does not prevent.
When you design a game you have to consider the players hardware to be untrusted. You cannot prevent a persons computer from telling him all it knows, nor can you prevent it from obeying his commands.
So to limit the information a person knows, you have to limit the information that is given to his computer. (If you dont want someone to know the location of all the other players in an FPS, you simply dont send them that information.)
Taken to its logical conclusion, The player's PC would end up being thin terminals doing I/O, while all the game logic is hosted on a central trusted server.
For games with a central server, then the game is only as fair as the server is. This does break down a bit with servant-peer topology- such as starcraft. In this, since everyone's computer has total knowledge of the game state knowledges cheats are possible (knowing how many resources everyone has and where they are).
However, if anyone cheats in a detectable way the game is aborted by all.
Admit it. The first time you saw someone download something from Napster/GNUtella/whatever, you had a pang in your gut that said "Isn't there something wrong with this?" It's called guilt.
I think you are overestimating guilt here; the only ones feeling it are the misguided "moral" prudes who feel pangs of guilt when they fast forward commercials.
In reality the first thing most people thought when they meet napster et. al. was "man those downloads are kinda slow, and some of the songs are truncated or low-quality"
Non-commercial private sharing poses scarce threat to copyright holders if the would JUST MEET DEMAND. How long does it take for someone to offer affordable high quality-low hassle subscriptions to digital media? Simply on the books copyright law is enough protection, more than enough- all this SDMI crap is a collosal waste.
Until someone steps forward to meet demand, there is little room for "guilt". The longer they delay, the more effort is put into filesharing regardless.
The reason computers arent useful in school is because almost all teachers are completely ignorant of them. If they were made available in a more natural way with competent educators around then computers in the classroom wouldnt be such a colossal waste.
(perhaps this goes back to how horribly underpaid teachers are)
Although I learned nothing from shcool computers, I did aquire a taste for programming at around 8 years old, outside of school. (You know you are a hardcore programmer when you give a presentation on binary arithmetic in elementary school)
What these parents arent saying is that they will be making computers available to their childern outside of the school, and that they will be knowledgeable mentors to the curious. That's what matters.
Damn, this was almost as bad at this [slashdot.org] arrogant asshole.
That link you posted refers to a programmer who is sucessfull despite having no formal degree, and you call him an "arrogant asshole".
I had to reply here because I am in fact in the same situation of that person you despise (jealous?). Why do think people pay him so much more for his work? Maybe because he GETS THE JOB DONE, and is WORTH IT. Why do you assume that he is some overpaid snippity scripter?
50% salary growth per year for 5 years is not that hard when you are starting really low. From my personal observation education is inversely proportional to programming skill anyway. (every PHD of CS Ive met has been a complete idiot)
So DOS the heel out off those servers and make it gpl software!
I wonder who modded that down...
Thats actually an interesting point: the intent of their license is to free the code in the case they go out of business, but the wording leaves open the possibility that an attack could make the source code GPL.
They may wish to consider modifying their license to exempt that case. (They modify the terms so frequently its not a big deal for them) Its not far fetched to imagine a ddos attack run for a few days may cause their service provider to drop them. Combine that with a bit of DNS cache poisoning, and 180 days really isnt that long.
Anyway- the license itself seems to violate some fundamental concept: its designed to look more attractive to free software programmers, yet it encourages them to hope the company doesnt succeed.
Windows security holes typically have exploits in the field, whereas linux vulnerabilities are commonly realeased from code review- hence having no preexisting exploits (that are known and demonstrated). Some are in fact purely theoretical, and may have to use to a malicious user.
So even if you keep on top of your windows updates religiously, keep in mind that they are generally reactive. So there is always that window of vulnerability...
Of course, that's not the case in the server market. If you want to talk about worms, remember one thing - the ONLY reason Code Red and other such worms exist is because of the popularity if the windows platform, on desktops and servers. Don't kid yourself for a second into thinking that the reason there aren't any widespread worms for *nix systems is because it's more secure.
Dont kid yourself. The various free o/s's are simply a harder target. They are more diverse, both across O/S's and distributions, and even within a distribution there are different configurations. On top of all that any individual box can be a totally custom system built from the source pool.
There are countless email readers, multiple web browsers, all types of competing server daemons. When you take the windows monoculture you simply dont find such diversity. The competing software are simply wiped out.
Its a well known and intuitive fact that monocultures are far more vulnerable to disease and parasites than a healthy diverse population.
Which is basically a poor rehash of Lisp plus same syntactical sugar. In that case java ( not to mention half the languages in vogue today) go back even further than C does for their basic concepts.
Simply put C/C++ is an elegant language that gets the job done. I use it for work and for pleasure, despite having tried almost every alternative. It certainly isnt the first language Ive used- but it is certainly the best (for my needs).
As for buffer overflows: using sharp tools requires a measure of skill. I will never resort to a play-doh knife while I have a choice.
A software foundry would work the other way
on
Last Word on Loki
·
· Score: 2
Doing speculative software development, where you produce a program upfront then sells copies makes up about 5% of software development (money wise). This model works best if you consider software a product, which you shrink wrap and ship. It also encourages consolidation of all software companies into one, which uses its size and distribution channel to force the others out of business.
Sharing of software hurts software manufactures potential profits. They are incompatible with Free software.
The rest is done on a service contract basis, where you pay for it up front or as you go. This works best when the software is considered a service. It can be done by employee's, or by contractors. It encourages multitudes of small companies and indviduals, who offer lower rates, as well as larger companies who offer name-recognition.
Sharing of software help software service providers. They work best with Free software, where it's available.
Which of these two business models has a brighter future? Exercise for the reader...
Bollocks. Is it so hard to understand that we're just giving away our code? No agenda, we just want people to use it with the only condition being that our names remain on the source?
The point at hand was not "why choose the BSD", but rather "why are BSDer's typically so GPL hostile?"
Ive got nothing against someone slapping a BSD on a piece of good code- that is something to be admired. Especially because I can combine it with GPL'd source and distribute the product.
What im talking about is things like the SSLeay licence: a BSD license with a nasty clause saying that it cannot be combined with anything GPL as a special (annoying) tack on. (which remains in openssl till today)
The above may explain the creation of the GNUtls project to an extent, and thats the kind of thing Im talking about.
BSD advocates typically rant on and on about how GPL is terrible the way it contaminates software, and yet somehow this license is considered OK?
In that sense, the BSD is just as viral as the GPL. What they whine about is different:
BSDites are under the illusion that they may one day want to close access to the source and become the next SUN. (This is exactly what Bill Joy did)
They feel that if they use the GPL they wont be able to commercialize in the microsoft sense, which is true unless they own all contributions.
Although they make alot of good server and security code, the BSD programmers have a really uptight and clannish community.
You must be joking
on
Browsing Alone
·
· Score: 3, Insightful
You may meet people who share your views over IM, but ultimately, you have too much control over your environment, and can cease communication at any time with anyone who might have new ways of thinking or new ideas that you have a hard time feeling comfortable with. IM isn't the only medium which facilitates self-censorship, but it's certainly one of them. Maybe if you're of an age where your person and opinions have already been formed, this isn't so dangerous. However, I can tell you that it is ideological suicide for still-forming minds.
People have self-censorship built in from the get go. If you really think that you can change someone's mind by ranting at them in person you are sadly mistaken. You have no better or worse chance of doing so than you do online.
Some people are so tuned into herd think, that they dont even need TV to tell them what to think- their subconscious plucks it out of the air. These people will search for things that agree with what they think online, and they will ignore people who try to change their minds.
Those who are inquisitive and open minded will gather information, then attempt to discuss it with others before they come to a semi-final opinion. This happen whether they have access to dusty books in a library or broadband. The latter is quicker however.
One of the main differences is that online you _can_ find someone who wants to talk about what you want to talk about quickly, whereas without it doing so is slow and difficult to impossible.
About 8 years ago I had a philosophical split with some of my friends: We were all into computers and programming but I was the only who was planning to take it up as a career.
They told me "All programming will be automated soon, and that which isnt will be done by $5 an hour hordes of 3rd wold programmers. Plus look how many people are enrolling in CS these days, theyll be a glut of programmers anyway..."
Well, seeing how I wasnt in it for the money really anyway, I stuck to programming while they went into law, accounting, etc...
Needless to say the dreaded programmer glut never happened, while > 50% of those CS students dropped out, leaving me with little competition, and I found myself in a high paying job doing something I would do for free.
Fast forward a decade and you hear the same arguments creeping out again. Despite the dot-com bust, I see no flagging of demand for competent programmers, and none on the forseable horizon.
Conclusion: CPU speeds will never make up for people being idiots, and knowing what to solve is harder that knowing how to solve it.
Slashdot Mirror
Maybe if youre the only one with a blanked license they could single you out, but its not uncommon for a licence a few years old to be unreadable. I worked as a grocery clerk for several years, and I can tell you that about 5%-10% of all credit cards are unreadable, and they are replaced much more frequently that driver's licenses. (probably because they are used that much more often)
Also there is the fact that they are in business to make money- they wont woo many customers by turning away obvious adults with valid licenses.
And cmon- The hologram, micro print, state seal, and all that other stuff have to count for something...
If you have a driver's license with a magnetic strip- just rub it over with a strong magnet until its blanked.
The license is still valid- the mag-strip is only there for "convenience", its whats on the front that counts.
The difference is that no bouncer/clerk/etc is going to have time te key in all that data, and you return to the gentle ranks of the anonymous dues to the carless oblivion of human short term memory.
Sorry, just some faceless entity making a vague attempt at humor late in a dying thread.
Well, after reading your comments, perhaps we are friends, in an internet kind of way...
There is a reason the Jedi appeal to us generally. We've been down the path of the Master and the apprentice.
Daniel Isaacs the Sysadmin?
From what Ive heard you should probably be sympathizing with the Sith.
Anybody can access a publicly available SMTP service and produce whatever type of SMTP headers they want. It is a publically available service.
However, you typical hacker does a similiar thing, he sends bytes to publically available service.
If you decide that any univited data being sent to your server is a crime, then sending an email to someone you dont know is a a crime. If you think its not a crime, then what script kidz do is a public service.
I personally hold to the latter, even though I abhor spam and hate malicious crackers. I think that by holding the server owner whos providing publicly available services accountable for his own security, that we would get more secure software out of it, and less coverups. (lawyers trying to do work that can only be done by programmers) SMTP servers should be able to handle munged headers!
I can imagine the PHB thinking now "Well since I cant sue the kiddie whos sending those bad SMTP headers, I guess im going to have to actually fix the bug in my mail server, oh the humanity!"
Of course fraud etc should still be a crime- but why should accessing publicly provided data services be one?
Your going to send your CPU's public key over the network? Good for you. Others will send some other public key, specifically one which they know the private key for. Then theyll have a cleartext binary- which compresses well and makes it onto the p2p nets.
Its no problem to reencrypt the binary, say if you have a CPU that only runs encrypted binaries.
They say you can never trust a third party's hardware/software. True, but you can trust their network traffic even less.
Note to overzealous protectors of GPL: OpenSSL is distributed under a BSD-style license.
Yes it is a BSD-license, but it contains the nasty adevrtising clause as well, which makes it GPL incompatible.
Worse yet the LICENSE ITSELF contains and anti-GPL screed, specifically forbidding combination with the GPL.
After reading this license that pretty much ended the "BSD in more free" argument in my mind. (I was interested in reusing bits in code I planned to GPL)
The extension, like the rest of the filename, is metadata.
Filenames, ignoring the practical issues, are at best a special case. For example you cant just not have a filename, and it would really suck if you could have non-unique ones. For just about ALL other forms of "metadata" that is not true.
Some types of metadata seem wholly inappropriate to file transfer, (such as a path to an icon to display for this file when using the dorkopod file manager) And of those that would seem appropriate, consider mac file types which say things like "Open me with photoshop!", but are not even really appropriate for transfer between two users on the same machine.
And sometimes, certain operations on metadata are quite specific to the data type: (the oblique style of a font file) that it hardly makes sense to encode them all into metadata.
Taken to its logical conclusion, why dont you just encode ALL your data into the metadata section.
The point here, is that a filesystem is a special case optimized database, with a few special rules.
Turning it into some sort of overgeneralized database has been a historical mistake over and over. (VMS)
Flat files with name, modes, owner, timestamps, and data, handle the general case. The name is a unique descriptor. If you want to know more then read the file. If you want a standardized format across related types of data, then what you want is a standardized data format.
Who got the hairbrained idea that having file metadata was superior???
Sure its great for marking a file as executable or not, instead of having the OS itself guess based upon the name.
But for documents, if all the type information is stuck away inside some metadata, then what happens when you transfer a file over FTP? do you have to guess what type of file it is?
What about the output of a pipe or socket? How does my PDF generator know tha "output.pdf" needs to have its metadata set to some damn obnoxious xml snippet? Is the file unusable until someone does that?
And its not like you can have different files with the same name having only different metadata. I cant have "temp/document.txt" and "temp/document.rtf" because they would be "temp/document" (ambiguous) to a shell script.
And what the hell does a version number mean? Does it have the same meaning for a word document as it does for a Makefile as it does for a device driver? Then why should they be stored the same?
Im not a big fan of MS's retarded implementation of OS enforced extensions, but I do think that filename extension are here to stay because they work better.
A file is a file, and the extension is just a hint on what to do with it, or what it might contain.
And if you want to sort your MP3's, there is this nice thing called Id3 tags, you might want to look into it...
If you are smart enough to setup email filers, etc, then you are smart enough not to use microsoft server products.
After all MS does billet its warez as "easy to use", so it puts people in the mindset that they shouldnt have to do anything intelligent.
(I worked at defense contractor where the Air Force's security demands amounted to: "all traffic must go through port 80, because that makes it secure")...
Wow - what the hell are you doing on that computer? What kind of 'development' are you doing? I've had a system with W2k on it in use daily for a year with probably 20 reboots, mostly to swap to Linux for some reason. Less than 10 were due to hanging/crashing issues.
Honestly, what are you doing?
Im am sortof tired of people gushing about the stability of W2K. If you use a few client apps and dont install too much, or limit yourself to High level (VB) programming, yea sure itll be stable.
Do anything inteseting such as sending malformed UDP packets onto the ethernet, run IIS, play quciktime movies, any serious development, have the exchange server crash, install software with less than admin privledges, etc, and you may find it less stable than you imagine.
I use Windown 2000 for network programming, building/debugging embedded platforms, creating GUI appliciations, client apps, using differing hardware platforms an so on. I am unimpressed with its stability nor security. (sometimes itll go for a few weeks without freezing. sometimes it crashes several times a day. certain network traffic will always trash it. sometimes thing start acting flakey until a reboot. Contrast this to Unix, where reboots generally dont change anything, and they certainly arent recommended for fixing problems)
there are no secrets in chess: no info hacks
The game is turn based: not bots to give extreme reaction speeds.
The moves are all well defined, and making an illegal
move is so obvious as to be pointless: the server/peer will abort the game or refuse the move.
So that is a terrible example.
The primary things done by cheats (looking through walls, etc) are things that the game does not prevent.
When you design a game you have to consider the players hardware to be untrusted. You cannot prevent a persons computer from telling him all it knows, nor can you prevent it from obeying his commands.
So to limit the information a person knows, you have to limit the information that is given to his computer. (If you dont want someone to know the location of all the other players in an FPS, you simply dont send them that information.)
Taken to its logical conclusion, The player's PC would end up being thin terminals doing I/O, while all the game logic is hosted on a central trusted server.
For games with a central server, then the game is only as fair as the server is. This does break down a bit with servant-peer topology- such as starcraft. In this, since everyone's computer has total knowledge of the game state knowledges cheats are possible (knowing how many resources everyone has and where they are).
However, if anyone cheats in a detectable way the game is aborted by all.
Admit it. The first time you saw someone download something from Napster/GNUtella/whatever, you had a pang in your gut that said "Isn't there something wrong with this?" It's called guilt.
I think you are overestimating guilt here; the only ones feeling it are the misguided "moral" prudes who feel pangs of guilt when they fast forward commercials.
In reality the first thing most people thought when they meet napster et. al. was "man those downloads are kinda slow, and some of the songs are truncated or low-quality"
Non-commercial private sharing poses scarce threat to copyright holders if the would JUST MEET DEMAND. How long does it take for someone to offer affordable high quality-low hassle subscriptions to digital media? Simply on the books copyright law is enough protection, more than enough- all this SDMI crap is a collosal waste.
Until someone steps forward to meet demand, there is little room for "guilt". The longer they delay, the more effort is put into filesharing regardless.
The reason computers arent useful in school is because almost all teachers are completely ignorant of them. If they were made available in a more natural way with competent educators around then computers in the classroom wouldnt be such a colossal waste.
(perhaps this goes back to how horribly underpaid teachers are)
Although I learned nothing from shcool computers, I did aquire a taste for programming at around 8 years old, outside of school. (You know you are a hardcore programmer when you give a presentation on binary arithmetic in elementary school)
What these parents arent saying is that they will be making computers available to their childern outside of the school, and that they will be knowledgeable mentors to the curious. That's what matters.
Damn, this was almost as bad at this [slashdot.org] arrogant asshole.
That link you posted refers to a programmer who is sucessfull despite having no formal degree, and you call him an "arrogant asshole".
I had to reply here because I am in fact in the same situation of that person you despise (jealous?). Why do think people pay him so much more for his work? Maybe because he GETS THE JOB DONE, and is WORTH IT. Why do you assume that he is some overpaid snippity scripter?
50% salary growth per year for 5 years is not that hard when you are starting really low. From my personal observation education is inversely proportional to programming skill anyway. (every PHD of CS Ive met has been a complete idiot)
So DOS the heel out off those servers and make it gpl software!
I wonder who modded that down...
Thats actually an interesting point: the intent of their license is to free the code in the case they go out of business, but the wording leaves open the possibility that an attack could make the source code GPL.
They may wish to consider modifying their license to exempt that case. (They modify the terms so frequently its not a big deal for them) Its not far fetched to imagine a ddos attack run for a few days may cause their service provider to drop them. Combine that with a bit of DNS cache poisoning, and 180 days really isnt that long.
Anyway- the license itself seems to violate some fundamental concept: its designed to look more attractive to free software programmers, yet it encourages them to hope the company doesnt succeed.
Windows security holes typically have exploits in the field, whereas linux vulnerabilities are commonly realeased from code review- hence having no preexisting exploits (that are known and demonstrated). Some are in fact purely theoretical, and may have to use to a malicious user.
So even if you keep on top of your windows updates religiously, keep in mind that they are generally reactive. So there is always that window of vulnerability...
Of course, that's not the case in the server market. If you want to talk about worms, remember one thing - the ONLY reason Code Red and other such worms exist is because of the popularity if the windows platform, on desktops and servers. Don't kid yourself for a second into thinking that the reason there aren't any widespread worms for *nix systems is because it's more secure.
Dont kid yourself. The various free o/s's are simply a harder target. They are more diverse, both across O/S's and distributions, and even within a distribution there are different configurations. On top of all that any individual box can be a totally custom system built from the source pool.
There are countless email readers, multiple web browsers, all types of competing server daemons. When you take the windows monoculture you simply dont find such diversity. The competing software are simply wiped out.
Its a well known and intuitive fact that monocultures are far more vulnerable to disease and parasites than a healthy diverse population.
Which is basically a poor rehash of Lisp plus same syntactical sugar. In that case java ( not to mention half the languages in vogue today) go back even further than C does for their basic concepts.
Simply put C/C++ is an elegant language that gets the job done. I use it for work and for pleasure, despite having tried almost every alternative. It certainly isnt the first language Ive used- but it is certainly the best (for my needs).
As for buffer overflows: using sharp tools requires a measure of skill. I will never resort to a play-doh knife while I have a choice.
Doing speculative software development, where you produce a program upfront then sells copies makes up about 5% of software development (money wise). This model works best if you consider software a product, which you shrink wrap and ship. It also encourages consolidation of all software companies into one, which uses its size and distribution channel to force the others out of business.
Sharing of software hurts software manufactures potential profits. They are incompatible with Free software.
The rest is done on a service contract basis, where you pay for it up front or as you go. This works best when the software is considered a service. It can be done by employee's, or by contractors. It encourages multitudes of small companies and indviduals, who offer lower rates, as well as larger companies who offer name-recognition.
Sharing of software help software service providers. They work best with Free software, where it's available.
Which of these two business models has a brighter future? Exercise for the reader...
Bollocks. Is it so hard to understand that we're just giving away our code? No agenda, we just want people to use it with the only condition being that our names remain on the source?
The point at hand was not "why choose the BSD", but rather "why are BSDer's typically so GPL hostile?"
Ive got nothing against someone slapping a BSD on a piece of good code- that is something to be admired. Especially because I can combine it with GPL'd source and distribute the product.
What im talking about is things like the SSLeay licence: a BSD license with a nasty clause saying that it cannot be combined with anything GPL as a special (annoying) tack on. (which remains in openssl till today)
The above may explain the creation of the GNUtls project to an extent, and thats the kind of thing Im talking about.
BSD advocates typically rant on and on about how GPL is terrible the way it contaminates software, and yet somehow this license is considered OK?
In that sense, the BSD is just as viral as the GPL. What they whine about is different:
BSDites are under the illusion that they may one day want to close access to the source and become the next SUN. (This is exactly what Bill Joy did)
They feel that if they use the GPL they wont be able to commercialize in the microsoft sense, which is true unless they own all contributions.
Although they make alot of good server and security code, the BSD programmers have a really uptight and clannish community.
You may meet people who share your views over IM, but ultimately, you have too much control over your environment, and can cease communication at any time with anyone who might have new ways of thinking or new ideas that you have a hard time feeling comfortable with. IM isn't the only medium which facilitates self-censorship, but it's certainly one of them. Maybe if you're of an age where your person and opinions have already been formed, this isn't so dangerous. However, I can tell you that it is ideological suicide for still-forming minds.
People have self-censorship built in from the get go. If you really think that you can change someone's mind by ranting at them in person you are sadly mistaken. You have no better or worse chance of doing so than you do online.
Some people are so tuned into herd think, that they dont even need TV to tell them what to think- their subconscious plucks it out of the air. These people will search for things that agree with what they think online, and they will ignore people who try to change their minds.
Those who are inquisitive and open minded will gather information, then attempt to discuss it with others before they come to a semi-final opinion. This happen whether they have access to dusty books in a library or broadband. The latter is quicker however.
One of the main differences is that online you _can_ find someone who wants to talk about what you want to talk about quickly, whereas without it doing so is slow and difficult to impossible.
About 8 years ago I had a philosophical split with some of my friends: We were all into computers and programming but I was the only who was planning to take it up as a career.
They told me "All programming will be automated soon, and that which isnt will be done by $5 an hour hordes of 3rd wold programmers. Plus look how many people are enrolling in CS these days, theyll be a glut of programmers anyway..."
Well, seeing how I wasnt in it for the money really anyway, I stuck to programming while they went into law, accounting, etc...
Needless to say the dreaded programmer glut never happened, while > 50% of those CS students dropped out, leaving me with little competition, and I found myself in a high paying job doing something I would do for free.
Fast forward a decade and you hear the same arguments creeping out again. Despite the dot-com bust, I see no flagging of demand for competent programmers, and none on the forseable horizon.
Conclusion: CPU speeds will never make up for people being idiots, and knowing what to solve is harder that knowing how to solve it.