Slashdot Mirror


User: mcrbids

mcrbids's activity in the archive.

Stories
0
Comments
4,341
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,341

  1. Did EVERYBODY miss the point? on The Rise of Open-Source Politics · · Score: 2, Interesting

    Is there anybody here who actually RTFA!?!? Did EVERYBODY see the words "Open Source Politics" in the parent article and start blathering immediately about patents in a conditioned-response fashion?

    1) It's not about gcc,

    2) It's not about abolishing software patents,

    3) It's not about mandating open-source software in govornment installations,

    4) It's not about the DMCA.

    Folks, It's about using the open-source organizational method in the political realm.

    To which I can only say - in representative democracies, such as the U.S., politics has always been "open source"!!!!

    Now, the recent rise of the "blogosphere" is starting to change the balance of power in various nations. Improved collaborationa and moderation methods result in a quicker method of collecting and filtering huge amounts of data, which has typically been the job of the media. (CNN/NBC/CBS/FOX) The "media" won't go away, but it's power is definitely dwindling. How far, only time (and the media) can tell.

    The core concepts of end-user involvement, as seen in open-source circles, is the point of representative democracies!

  2. Re:We should do more of this on Programmers Hold Funerals for Old Code · · Score: 1

    I've sat in front of my source code knowing that not only could it be made better, but that there is probably a better way to do it. Unfortunately, the reason old code stays around hobbling around the system with plaster casts around its legs and band aids covering its heads, yes more than one head because at some point I figured that it would be better to stick a brand new head on there rather than refactor the functionality out and create a brand new program.

    Old code has much embedded wisdom. Lots of little bug fixes, solutions thought out, methods applied and debugged. Usually it's a really bad idea to scrap it.

    If you apply proper refactoring techniques and some underlying method to allow the code to evolve, and you'll find that most cases of code rot are really just code neglect.

    Of course, there may be licensing, or other reasons (designed for an environment that no longer exists) why it's best to scrap a particular codebase, but as a general rule, only drop software that's actually unsuccessful in the marketplace.

    If it sells, update/extend/refactor rather than rewrite.

  3. Re:Linux as a viable OS? on NHS Awards Contract to Microsoft · · Score: 2, Interesting

    there are virtually NO practice management solutions for Linux.

    There is an application called "DentalPro" that my father, a dentist, used for years on his 80286 PC running Dos 5.0. It was based on Foxpro. It does EVERYTHING - dunning messages, insurance claims, dispute claims, the works. It came on a 1.2 MB 5.25" floppy set. The only limitation is that it's a single-user system, for smaller practices.

    It works like a charm under Freedos on a Linux system, in a termminal window over SSH! The only thing that's weird is printing - it prints on the local machine, not the remote xterm system...

    I don't know what you seek, but the answer may be less obvious than "Version X for Linux!"...

  4. Re:If there's an end to moore's law... on Latest SCSI Drive Reviewed · · Score: 1

    Wow. Long post. Careful idetification of "stages" of evolution, as though EIDE, PCI, AGP, MMX, 3dNow, and widespread modem use had annything at all to do with each other.

    So, what defines these stages you babble about?

  5. Re:Dangerous Trend on Anti-Spyware Vendor Partners with Spyware Company? · · Score: 1

    Even a nontechnical user can do a Google search for a product name.

    You'd be amazed at how many people won't do a Google before posting here on Slashdot. Jokes aside, people here tend to be a bit smarter than average. And they frequently don't take the 45 seconds it'd take to Google something prior to spouting information that's simply wrong.

    We have the tools to comment intelligently on just about any subject in 60 seconds or less. But, by and large, most people don't. What does that say about humanity?

    As Robert A. Heinlein once wrote: "Never underestimate the power of human stupidity"

  6. Re:*sigh* on Electoral-vote.com Under Heavy Load; Attack? · · Score: 5, Insightful

    I don't understand why Slashbots assume that people who support Bush are dumb.

    Choosing to drive a VW bug is not stupid, unless you're going to haul cement by the ton.

    In much the same way, choosing to go with George Bush is not stupid, unless you're trying to run a country.

    Now, assume that you're sitting at a construction site, with contractors everywhere. Somebody shows up in a VW full of concrete bags, promsing to make a run to get more.

    VW != stupid.

    Concrete != stupid.

    VW + concrete == stupid.

    Simple math, no?

  7. Re:Why libertarians/conservatives can't support Bu on Monitoring the U.S. Elections Online? · · Score: 1

    Your site is unreadable.

    Fix your site so it's readable in Mmozilla, please?

  8. Re:China needs to join the ISS on China Plans 5-day Manned Space Mission · · Score: 2, Insightful

    we don't need another Cold War style space race

    Except that the 1960/1970's era cold war won't happen again. Power in the 1960/1970s was concentrated into the US govt and the USSR govt.

    Today, there's too much distributed power.

    I watched an old James Bond movie not too long ago with my kids. In one scene, the phone rings in the car, and Bond goes to answer it.

    My teen children, watching, had no idea that was even unusual, since between my wife, myself, and my household, we have 6 phone numbers, two of them cellular! (work phone, home phone, home-office phone, my cell, wife cell)

    I had to explain to them how COOL that was back in 1980 when the movie first came out!

    Nowadays, it's not NASA vs USSR space, it's NASA, USSR, China, ID Sofware, Scaled Composites, the EU space consortium, etc.

    In short, the days of the two-sided pissing match are over. Power is distributing, as it does with technology, and the rules today are fundamentally different.

    Nowadays, it's damn hard for the Bond franchise to find technologies cool enough for the next Bond movie. Recently, they've all but stopped trying.

  9. Re:Good movement from China's Gov. on China Closes 1,600 "Internet Bars" · · Score: 1

    NewsFlash: The government only knows what is best for IT.

    NewsFlash: What's good for people is good for the govornment of those people.

    See, if every female in a particular population were to become a crack whore, it would result in extreme detriment to the children of that society, and the children would grow up dysfunctional and incapable of supporting their govornment.

    Thus, it's in a govt's best interest to work to ensure a reasonable degree of health, sanity, and productivity in a society. Schools, hospitals, universities, social services, jails, parks, and libraries are all part of this effort by a govt to ensure that its population is reasonably controlled and reasonably healthy and happy to ensure its own survival.

    NEWSFLASH: What's good for the goose is usually good for the gander.

  10. Re:Don't hold your breath... on Hibernating to Mars · · Score: 2, Interesting

    A bit cynical, I know, but I've been disappointed by NASA for 30 years now; I watched Armstrong set foot on the moon when I was eight and was told that we'd be on Mars by the mid-80's. By the time I got out of high school, we were trapped in LEO by the shuttle. Things like this worry me because they can keep us waiting for a "perfect" solution for a loooong time...

    NASA is something of a fluke. It's the result of a "pissing match" between the USSR and the USA. It would not exist in any meaningful form except fro the cold war.

    Notwithstanding the tremendous benefits that have come from the space program, (eg: NMh batteries, satellites, and too many others to name) the space program would only exist so long as there are private (CAPITAL) reasons to do so. In 100 year, NASA will be a dim memory of a failed model of developing outer-space.

  11. Re:So Al Gore on Internet Turns 35 Today · · Score: 1

    Al Gore is 56, which means that he would have been 21 at the time of the 'net's first incarnation, not 10.

    I grit my teeth when I here the "I invented the Internet" jokes. Mainly because he wasn't lying when he sait that. (sort of)

    Just like when GW says "nukular" or "My wife speaks much better English than me", Al made a booboo. A mistake, as it were.

    See, he dinn't invent the internet, he is in large part responsible for its creation.

    See, Al Gore saw someithin in this "Internet" and worked with a number of other funders to develop the Internetat into what it is today. Cook eh?

    So, no, he didn't "invent" the Internet. But, he is largely responsible for its devvelopment in its current form.

  12. Re:How on Apache 1.3.33 Released · · Score: 2, Insightful
    "Why are you passing text directly to the database". Um... because the API to a SQL database is SQL which is... text?

    Ahem...

    Here's an example of BAD YOU-ARE-SO-OWNED CODE ...
    $sql="SELECT * FROM userdb WHERE login='".$_REQUEST['login']."' AND password='".$_REQUEST['password'].'";
    $res=mysql_ query($conn, $sql);
    Here's an example of MUCH BETTER CODE...
    $DB=New Database();
    $DB->SetQuery("SELECT * FROM userdb WHERE login='@login' AND password='@password'");
    $DB->Set('login', $_REQUEST['login']);
    $DB->Set('password', $_REQUEST['password']);
    if (!$res=$DB->Query())
    return Error("Sorry. There was an error while processing your request");
    Notice that the values being passed thru to the database are not being sent directly (there's that word, maybe you missed it?) to the database. This way, you can't (easily) make the mistake of not escaping the value before it's passed to the database - that's handled by object $DB.

    Ratboy.
  13. Mod_ssl? on Apache 1.3.33 Released · · Score: 2, Informative

    It doesn't appear that mod_ssl 1.3.33-NNN is available yet. I can't update until this is done, or all my ssl sites break.

    ugh...

    and I'd just started rolling out 1.3.32!

  14. Re:How on Apache 1.3.33 Released · · Score: 4, Insightful

    Secure code is HARD to write!

    Even properly structured, carefully written stuff will contain securiity bugs! It requires attention, more attention, and yet more attention still.

    It requires proper layering of the code so that the number of variables to track at any one point is as small as possible.

    Spend lots of time on design. Draw flowcharts to cover key areas of your application. kivio is your friend! Consult your flowcharts before you make changes to the program. A well-layed-out flowchart can be worth more than reams of notes in the code.

    Above all, structure your code so that the default behavior is secure in the event of a failure.

    For example, you've done something stupid, and you're passing unescaped text to the database.

    Whoops!

    1) Why are you passing text directly to the database? If you communicate with the database with a proper API, you *can't* pass unescaped text to the database.

    2) Are you capturing the errors from the database, so that you aren't displaying any obvious sign (to the public) of what's gone wrong?

    3) Is the database connection transacted, so that you can return to a known good state?

    4) Do you have some kind of error trap or handler so that you can find out exactly what the errors were and fix them in a sane way?

    5) Have you tested your code with DELIBERATE bugs so that you know how it will behave in the event of a failure?

    The hendling of any errors from that should *NEVER* be made clear to the outside, only that "an error has occured".

    The goal is a system designed with multiple layers of protection so that a failure at any point does not result in a security breach! It should fail securely, so that problems result only in error reports, NOT SECURITY HOLES.

    Easy to say, damn hard to do...

  15. Re:Yuck on Are we Headed for a Wiki World? · · Score: 1

    There really should be a wiki with a decent front-end for generating the actual HTML. I know of two that could be part of the codebase...

    1) SPAW editor

    2) HTML Area

    Both are pretty decent, and available under free(ish) licenses. Spaw could use a security audit, but both are very nice and work well in popular browsers (IE & Moz, I don't know about others)

    Why hasn't anybody integrated this with a wiki?

  16. Re:Stop the Press! on Researcher Only High Bandwidth Network · · Score: 0, Flamebait
    Technically, any IP-based network could be called "internet" but "Internet" is a specific network, that one which I post this note to.

    Of course, why knock George on "Internets" when he can't even say "nuclear" without sounding like a gen-yoo-wine redneck....

    It scares me that such an dolt could actually be in one of the most powerful seats in the free world. Bush's campaign has been something on the order of
    "Yessir, I drove the truck right off the cliff, but I did so calmly and deliberately, and I never waivered. I'd do it again, too."
    What's even sicker is that people are buying it enough to make this a very close race! Which brings me to perhaps the most insightful quote I've ever seen:
    "Never underestimate the power of human stupidity" - Heinlein
  17. Executive Summary on Why IBM Open Sourced Cloudscape · · Score: 1

    I develop PHP apps on Postgres. Why would I consider Cloudscape?

  18. Re:Trying to answer the question that was asked... on How Cheap Can A PC Be? · · Score: 1


    Except that the purpose of the hardware is to run the software. It's not "We have the hardware, now what are we going to run on it?", it's more like "What do I have to buy to get NNN?".

    I believe this is one of many purposes Free/Open Source software serves- to break that archeotype. For most purposes (and when configured properly), a Linux box running OpenOffice provides the same, if not more levels of functionality as a $100 copy of Windows, and an $80 copy of Works Suite for the average person (average person defined as a user who surfs the net, checks email, types letters, does finances, etc).


    But what has changed? I moved to OpenOffice some time ago, and I won't switch to a platform that does not support OpenOffice. (EG: HURD) The hardward is still taking a back seat to the IP.

    Don't confuse "X86" with "alternate Intellectual Property platform".

    I like Linux, and use it extensively. But, it's an alternate platform for IP, not its replacement. I've invested heavily in Linux, and moving to BSD or Windows is largely out of the question for me.

    Also, I'll stick with X86 unless there's a REAL compelling reason to go with anything else. It's the IP that counts...

  19. Re:Trying to answer the question that was asked... on How Cheap Can A PC Be? · · Score: 4, Insightful

    Yes, I know the software has value when I sit down and type with it, but tangible property will always have more physical value than intellectual property, simply because there's a physical representation of the money spent.

    Except that the purpose of the hardware is to run the software. It's not "We have the hardware, now what are we going to run on it?", it's more like "What do I have to buy to get NNN?".

    The intellectual property is not an afterthought - it's the central point. Case in point - at numerous points in the past (including the present) you can/could buy hardware far better designed for day-to-day use than the X86. But, the X86 reigns supreme.

    Intel has twice tried to shift away from X86 towards other hardware with numerous benefits over x86, only to bomb twice, despite massive advertisement, promotion, and spending.

    Why, you might ask?

    Oh, because those other platforms did a sucky job running software developed on x86. That Intellectual Property is what counts! Without it, the hardware is worth next to nothing!

  20. Re:Windows just might be ahead of *NIX here... on Windows vs. Linux Security, Once More · · Score: 1

    Dude, I dunno about you, but as a "Windows user" I have to admit it's rather tough getting all these RPMs to install...

    I'm not a "Windows user" unless you mean "Games on the weekend" but I certainly don't enjoy spending 6 hours recompiling applications that can be installed in 3 minutes with "yum install widget".

    AFAIK, most compiled RPMs are NOT compiled with any of these buffer-protection options! This is a systemic failure - good security technology is available for over 5 years, but is still not in use, despite having very few drawbacks?

  21. Re:let it be just a browser on Firefox - The Platform · · Score: 2, Interesting

    as soon a browser reach a bit of popularity, everybody seem to try to have it substitute his OS. why can't it just be a browser???

    A browser is one of those things that strictly follows the 80/20 rule - it's 80% of what we need to provide a decent application framework, and decent, centrally managed software.

    Many, many MANY developers would LOVE to have the browser be that extra 10-20% that would make the difference between a "web-based widget" and a "widget".

    One thing that a web client simply can't do well is populate a form with data based on a selection. Yes, javascript can be made to do it, but javascript is retarded as an application.

    Java allows for alot of control, but has its own problems. If a PHP or Perl app could be emebedded into a browser, I'd have to change my pants.

    A light, rich-UI interface that's portable across O/S boundaries, is stable, and reasonably secure?

    Where do I sign? Alas, Java is a boondoggle, Active-X is riddled with vendor lock-in, and javascript is a horrible hack thought up by some drunk, off-duty engineer on toilet paper one day while reading the graphiti over the urinal at work.

    It's lousy, and not advancing. XUL had my interest, until I learned that javascript was the back end for it.

    Gimme some smarts, dammit! Why can't a java VM be modularized so that language modules (javascript, PHP, Perl, Python, Ruby, etc) can be ported to the VM and let us use our language(s) of choice?

  22. Re:Christ, they didn't do a very good job... on Beware 'Fedora-Redhat' Fake Security Alert · · Score: 2, Funny

    What's interesting, is that I actually got this message as a forward from one of my clients, who uses Progeny updates.

    I was in a hurry, I didn't even think about the fact that Redhat is not Progeny, so my response was to simply run "yum update", a quick preview (there was only like two, not very important packages to update) and that was it. All of about 5 minutes, and I did nothing further, since the kernel wasn't updated and no running services were affected.

    I forgot all about it until now, reading this article!

  23. UPS+ on Keeping Computers (And People) Warm In Winter? · · Score: 1

    I recently obtained three deep cycle batteries, about 1.5 years old for cheap because a client upgraded to a backup generator, for like $50.

    I went to the local mega-mart and bought a 500-watt UPS for %49. ($89, $40 rebate) Then, I yanked out the dinky battery inside, and wired in the three deep-cycle batteries with 12-gauge wire, wiring the three batteries in parallel. I had to buy some brackets and stuff to do this.

    I now have nearly 24 hours of UPS time for my sensitive computer equipment, at a total cost of near $150!

    Helpful, too, since we're slowly remodelling our home, and I can now shut off the power to the house without disturbing anything.

  24. Re:Windows just might be ahead of *NIX here... on Windows vs. Linux Security, Once More · · Score: 1

    Fine, but why isn't ProPolice distributed/enabled by default in gcc?

    Yeah, it's "been around for ages!".

    But, if that's the case, then why do we have buffer overflow fixes in OpenSSH , Mozilla, and Apache?

    See, I know I could probably install this compiler extension, and pass flags and all that. I'm sure Gentoo nuts do it all the time.

    But why the hell is this not done by default, everwhere, if it's been available for NN years? This is where Microsoft may actually be ahead of us.

    But, I guess pointing out this unpopular fact makes me a troll?

  25. Windows just might be ahead of *NIX here... on Windows vs. Linux Security, Once More · · Score: 1, Interesting

    OK, shocker subject line. But, in a sense, it's true!

    I've read about the fact that while XP/SP2 contains numerous changes that present real improvements, it is largely a recompile of XP with a new compiler that enforces buffer size.

    While that doesn't fix buffer overrun bugs, it certainly limits their potential negative security implications. When will this buffer enforcement be available for gcc!?!? I know, there are 3rd party apps, but as long as it's a 3rd party app, I won't get these benefits with a torrent-obtained Debian CD...

    I would be perfectly happy to live with a few percentage points of performance hit to get this benefit!