Cue the "Nobody needs more than []300GB []1TB []x because I don't have a reason for it" posters
Actually, my sickened mind went a completely different direction... remember when we were going to have 8 Ghz Pentium 4s with 6 GB of RAM to run Windows Vista?
Heck, it's still common to see computers sold with 256 MB of RAM, which wasn't a particularly large amount 5 years ago... that it's even salable today speaks volumes. I have an "end of life" Pentium 4 2.4 Ghz that I picked up this w/e for like $50. 20 GB HDD, 512 DDR RAM, CD, Sound, etc.
Other than the small-ish HD and the CD instead of the DVD, this system is not significantly different than a low-end new system. And, when it was first sold 3-4 years ago, its specs weren't particularly exciting.
Point being, there's a "we don't talk about it" stagnation going on in the Computer industry. I honestly think that most of the new purchases are based on the expectation of EOL and the spread of viruses. It's gotten to where it's actually cheaper to buy a new computer than it is to reload your old one. Part of that is the fact that it takes a full business day of rebooting the computer to update Windows from whatever came on the CD.
This part just floors me. I have the original install disk for the aforementioned $50 Dell 2.4 Ghz system, and am reloading from scratch so it's all clean. It takes ALL FREAKIN DAY simply to update Windows to the latest release, with a 1.5 Mb Internet connection. (not high end, but still no particular slouch)
Yet it takes about an hour and just ONE short line to update CentOS (RHEL) to current:
# yum -y update; shutdown -r now; I'm getting spoiled by the "ready to go in 10 minutes, fully updated in under an hour with no oversight" way of getting things loaded. Windows is just a serious pain in the neck, IMHO.
My point to all this?
The computer industry has (finally) reached a stable point. Performance increases are flat-lining to incremental, rather than exponential, and there's little incentive to change this, since a 4-year-old computer still does most anything anybody needs a computer to do. There will always be a high-performance niche, but it's a niche. The money has moved from computing power to connectivity.
People no longer pay for processing power, they pay for connections. Thus the Intarweb...
My very first contribution to the OSS community can be found at PHPBuilder. Notice that the login names match?
Anyway, take a look at the first snippet if you want to see truly simple, juvenile code. No error checking, etc. Except that it solved a need, and somebody else who was (at the time) more developed than I, took my stupid little proof of concept and turned it into something a little more robust. And so have a few other people.
I don't recall anybody ever criticizing the simplicity and the juvenile nature of my first contribution. I would never contribute code like that again, but then, the lessons I learned from this guide me to this day.
Really, the best sysadmin is one so good that he/she/it doesn't appear to do much of anything at all - because that's exactly what he/she/it should be doing. Who is really going to nominate a guy who seems to just sit around while everything around him seems to work just perfectly?
Thus, the contest is biased. You'll either get:
A) The guy that always seems "industrious", nominated by people who aren't sysadmins, or
B) The guy that seems "lazy", sits around not doing much at all while dozens to hundreds of carefully written scripts fire off all day long, sending an occasional message when an error condition is detected. Since this guy would have to be nominated by a sysadmin, and sysadmins are in the minority, this contest is biased in favor of the incompetent.
I used to develop a GPL app, the GNUstep-based character map Charmap. It had a few dozen users, and I'm pretty sure none of them ever took a single look at the source. Only the very biggest applications get attention, and very often quite uncritical examination at that.
In a sort of backhanded way, the fact that nobody bothered to look is a complement!
Programmers typically look at sources when they need it to do something it doesn't already do. There's an itch they're looking to scratch, and your stuff doesn't do it. Years ago, when I was still pretty green at coding, I threw out some code that allowed you to send email through a remote server.
What I originally threw out was pretty weak, and was extended by other programmers who wanted to scratch an itch that my original code did not fulfill. This is code review at work...
It is unfortunate that the teaching system (of which my wife is a part) is stuck in a 19th century methodology of teaching the masses to act in unison. It is as if they're preparing these kids for the rote factory jobs of yesterday instead of the knowledge-critical jobs of today.
At least in California, there's a very positive dynamic known as the "Charter School". Basically, it's a school set up with alternative teaching strategies. Many of these are "Home School" philosophy, but they really run the gamut in educational strategies.
It's exciting to be part of this movement; My company provides software to track information for these alternative education programs. What prompted me to reply instead of moderate was your comment about "factory jobs" because I believe that's exactly what the standard, public school system prepares you for.
And it doesn't work anymore. Technology has progressed beyond the factory worker, but the schools teach everybody to work in lockstep with your team-mates. Its time has passed, and now it's time to move on. Get involved with your local alternative education program(s) - you won't regret it!
What college did you go to? Because it seems that some of those "idiots" now work for the State Dept. of Education! Seriously, in my line of work, I get notices from SDE (State Dept. of Educ.) and in nearly every case, ALL THE RECIPIENTS ARE ON THE TO LINE.
I've been SO TEMPTED to reply all with the message: "Do you realize that the State Department of Education has provided me with your Email address, and if the computer of any of these kazillion recipients is infected with a virus, you'll soon be inundated with lots of SPAM regarding the size of your genitalia, don't you? So, next time you get a p3niz p1llz email, don't blame me!" except that since most of the recipients of the email are my clients or potential clients, I would never, ever, ever, do that.
Maybe I could get away some with inane comment about the message, maybe a point of clarification? Dunno. When your income/job/career is on the line, you'll (not) do amazing things to keep everything on course...
The nice thing about wildcard SSL is that it effectively allows you to host multiple sites under a single IP address and port. Simply use subdomains of your root domain, and use Apache's VirtualHost directive!
Or, we could take it one step further and actually USE dnssec - but that might be asking a bit too much...
This attack is old. Technology to prevent it is well known and mature. Why are we still doing this?
You got that right - there is no point, but not for the reasons you specify.
If you RTFTA you'd see that this is nothing more than a glorified WebDAV directory. The functionality they're talking about is something we've been using for freaking ever with Apache/Mod_SSL/WebDAV. We routinely read, write, and save documents to and from anywhere in the world collaboratively with other people in the office, with the server being an old P3 Desktop too old and slow to work as a desktop anymore running CentOS for free with the above configuration hosted on the company Internet Connection.
Works a champ. I don't have any idea why they think this is in any way relevant.
I'm also a little annoyed about the $200 annual fee for the "privilege" of getting to write apps for the platform. That cuts out any possibility of a small business ever making money off of writing apps for the phone. You pretty much have to be able to guarantee $200 with of sales to break even, which either means small apps cost way more than they are worth or they don't get written at all. Any business that has to put out any effort at all to justify a $200 annual expense has no business calling itself a business. You saying this makes it clear that you have no business commenting on what a business does when it does business since you obviously haven't done any.
IMHO, the definition of an open platform is one in which anyone can write software for it without fee. Period. Open is relative, and is compared to something that's more closed, and that fact depends on the observer. Linux is less "open" than BSD when viewed from a commercial standpoint, it's more open when viewed from a free software author's perspective. For a long time, DOS/Windows was more open than Sun Solaris or SGI Irix since you could run it on a variety of hardware, rather than that officially endorsed by the powers-that-be. Compared to the thoroughly locked-down iPhone, simply having the ability to write a 3rd party app for the phone is quite "open".
If the telecom providers are really so terrified about the stability of their network that they require this level of paranoia, that speaks volumes about how poorly designed their data networks are.... The cell phone manufacturers shouldn't be protecting them with signed applications. They should be exposing the cell providers' incompetence for everyone to see. Maybe then we would get a provider in the picture that actually knows something about designing a robust data network.... Companies tend to not bite the hand(s) that feed them. Cell phone companies want to sell phones. They would actively try to prevent any embarrassment of the network providers, simply so they could sell more phones.
Put another way, the first telecom to dispose of the signed application requirement will immediately win me away from AT&T Wireless. Which is a lie. It's possible that you mean "The first company who does everything that AT&T does and ALSO disposes of the signed application requirement, probably for a better price, and gives me a free phone to boot will immediately win me away from AT&T Wireless".
Consider that a challenge to all the telcos out there. We don't want excuses. We want a network that works. Give us one, and we'll go there. Keep this crap up, and we'll start our own. Google 700 MHz, here I come. (Ahem) Verizon (my cell provider) works rather well for me. I pick up my phone, I dial. It rings a few times, and then I talk to whom I dialed. I don't want a phone that installs signed applications. I'm not going to do my taxes on my phone. Using a phone like a computer is a frustrating exercises for me - too small to be easy to read and access, too big to use well as a phone.
I've known/seen companies who have indicated a willingness to open-source their code -- meaning that they've thought about the competitive aspects and realize that it's not going to hurt, and might help, them -- suddenly drag their feet at the last minute, or spend months or years "preparing" to open-source their code. I think this is directly related to embarrassment over the poor state of their codebase.
Yep, here I am. I'm a CTO of a rapidly-growing software company. Our big money maker is a product initially conceived as a "quick project" of a few months' duration and was given similar consideration on design and construction. But it worked! It solved a need at a level that was unanticipated, and now, 4 years later, is satisfying 20x the dataset and 100x the customers originally envisioned.
And it was not originally designed for this level of scale.
So, going from a single, solo software engineer, to several programmers, (and growing fast) and developing a rapidly growing suite of products in a rapidly growing company, the cash-cow project remains, alas, solely in my hands.
Does the product work well? Yes, at least, reasonably well. Users routinely rave about how much time it saves and how it's improved their professional lives. It works well for the problem it solves and the problem is not met effectively by any competitor.
But, the dirty secret is that it's simply inelegant. It's a bunch of not-well-structured code only organized by a sloppy ad-hoc naming convention and riddled with minor bugs that are fixed quickly and distributed well, but shouldn't exist in a better design in the first place.
And, once saddled with the code, Code Inertia takes place and it becomes an exercise in how to move to something more sane while doing the following:
1) Keep the customers happy through multiple upgrades that don't appear any different than original. Introduce features that are obvious just fast enough to make it all seem worthwhile!
2) Keep the additional costs of development inline with "maintenance level". This cuts the rate of improvement, and also increases the amount of inertia accumulated with #1, since #1 is written to the "old way".
3) Improve the codebase enough to provide meaningful results demonstrated to the august powers, (this means ROI) and
4) Clean up the kludge enough to allow for improved pace of future development. You want to get rid of all the uglies, but there are so many since a few of your original, naive assumptions about the problem were simply wrong.
It's a hard row to hoe, and there's a bit of a "loan" being made, where design decisions early on made to shortcut development woes carry a long-term burden, almost like an interest rate. Since the company has passed the million-dollar-a-year stage, arguing about those original decisions is pointless; the only thing to do now is to figure out how to take what you started with and make it do what you need it to do hereafter.
I've been working for over a year on a basic design decision change that will close out lots of badness and produce almost an order of magnitude better data integrity. Since starting the project, we've almost tripled in client base, and yet I won't be done for at least another year, if ever.
I suppose the argument is moot - if I hadn't come up with the original product in time, the whole business would have failed. The company, then on the rocks, would have closed, and it would all be for naught. But, with the compromises made, it can be amazing just how badly inertia sets in.
Moral? Write the best quality code you can within the budget you have. Always. Because you'll live with a significant percentage of whatever you create, and the future costs of change may well be orders of magnitude more than your initial cost of creation. And you'll never quite know what it is that you end up living with.
PS: While it might sound like I'm complaining, I'm not! I'm living the dr
The guy said "on the box," if you were paying attention.
The guy was me, if you were paying attention. I know what I said. I meant "box" as a synonym for case.
Also, "imprinting" on the outside of the equipment is not exactly trivial and certainly not free, especially if something goes wrong.
Should be rather easy with a smidgeon of WORM Flash memory to set this at the time of imprinting. In other words, the machine that stamps the password is simultaneously burning the password into WORM memory electronically.
And of course in the mean time all you've done is shift the problem. Now there'll be thousands of routers with the password printed right on them!
First, let me fix that for you:
And of course in the mean time all you've done is shift the problem. Now there'll be thousands of routers with the default password printed right on them!
Which isn't better than all these thousands of routers with the EXACT SAME default password, how, exactly?
Very true, and the legal fix is simple. If you run a network, and interfere with the contents of any message, then you are responsible for the contents of every message. If you censor things, then any message that is illegal (slander, libel, copyright infringement, etc.), is your legal liability.
Sounds simple, doesn't it? It isn't.
Text messages now have attachments (pictures, video, etc) which can then access potential vulnerabilities in your phone. Thus, they are no different than Email in practice.
What about antivirus on your Email? If your antivirus catches a virus trace in a benign (but life-changing) message, who's liable for nondelivery? What about the use of Bayes filtering to mitigate SPAM?
"Common Carrier" type statutes have limited applicability when dealing with pseudo-intelligent communications vehicles (EG: anything with a computer on it)
if you filter based on origin, destination, or content then you are liable.
So, using something like a realtime blacklist (RBL) to block junk messages from known junk-message senders would make the carrier liable for ALL messages? Using an RBL is a form of filtering by origin... as an admin, I'd never do it, and so would your carrier. Thus, you get ENl463 y0ur P3N1S!!I! messages all day.
Thanks, but no thanks.
"Common Carrier" statutes have their place, but they also have their limitations.
If you're paying attention... what actually could possibly go wrong?
If the default password is imprinted on the outside of the equipment (say, on the bottom) and is a relatively good password, how is that not better than "admin" or "Cisco0" as the password?
The weakest link is often the user: leaving the default password of a router,
Are you sure it's the user?
So, let me ask you this - why is the default password on routers all the same? Why isn't it different for each unit, and imprinted on the box or something? Such a trivial thing to do, yet it would do so, so much for improving security, and would have a trivial effect on usability.
Routers are security devices. Other security devices (such as bike locks) have the default being rather secure, why can't routers?
No, the real problem is apathy, laziness and an inability to think independently.
Insulting me is not a replacement for meaningful information. Since you have not provided any, (meaningful information) I can only assume you have none. Come back when you have something to say.
Do you know where money REALLY comes from? (no it's not the government or the mint)
What you mean by "money" is obviously different than mine. My "money" has the stamp of the location it was minted in.
Do you know what inflation REALLY is?
Eh... Inflation is where money becomes less valuable when compared to other commodities. Money is a commodity, and all commodities have relative worth based on their availability.
Do you know who benefits from inflation and who loses out?
Benefits == people who owe. Loses out == people with cash savings?
If you think you know something valuable, out with it. Don't be a pompous jackass. Free exchange of ideas, and all that.
But let me guess: Your answer involves [a] Illuminati [b] Jewish bankers [c] Fractional Reserve Banking [d] Federal Reserve conspiracies or [e] Trilatteral Commision / Council on Foreign Relations?
When Gnome or KDE copies features from OS X 10.6 or greater, owners of this newly excluded hardware will be able to get in on the fun as well.
Brother,
If you think that Gnome or KDE compare to MacOS, it's because you have not used MacOS. Gnome/KDE are decent. They are pretty, but truthfully, rough around the edges. (The edges being that no-man's land that's neither Gnome or KDE land - things like cron, xinet.d, nmap, rpm, modules.conf, and so on)
MacOS is like Gnome or KDE, except the entire system is built to work together smoothly without a lot of stupid hacks. Until you've experienced it for 3-6 months, you really can't comment on it.
And I say this as a Linux lover! I've built a million-dollar (and growing fast) business using 100% Linux technology for servers and hosting, which is the core of the business. Myself and my programming team all use Linux on the desktop, where, as developers, Linux remains the top notch.
But my kids tend to prefer the Mac to Windows for things like videos, YouTube, homework, etc. and I sure do, because "it just works" without having to reload the !@# thing every year or so because it got h4mm3r3d with stupid bugs, trojans, and god knows what else despite using restricted users and 2 different blends of antivirus.
Actually the session system is very similar to PHP : session variables are stored in memory, so your load-balancer has to manage session/server affinity, and if you can't afford to lose your session data, you have to activate session replication an this is a PITA (both design- and performance-wise), anyway you should not rely on session data in the first place.
But this isn't all that similar. PHP Session variables are stored in any number of places - on disk, in memory, in a database, or in any user-defined manner, which leads to interesting possibilities such as ShareDance.
This gives you the ability to decouple session management from any specific server - your load balancer doesn't have to care one whit about sessions, making their use much more reliable and trustworthy. BTW, ShareDance scales VERY nicely, and for me, took about 20 minutes to install.
Usually, Java performance mostly depends on developper culture, quantity of black-box code, and the use of XML. I've seen really awesome performance achieved in Java.
Yes, you can avoid the painter's algorithm in Java, too. =) I didn't mean to pick on Java, but it's shared environment does cause issues when you try to get it to scale.
Your post leaves alot to be desired. Such as, for example, any useful information to back up your claims of being "naively implemented". Here's my breakdown of your post:
You know, the sad thing about all the comparisons you make is that they are all choices between bad technologies. Assembler vs. PL/I, C vs. Java, Windows vs. Linux--they're all questions like whether you want to be drawn or quartered, drowned or burned, poisoned or starved. At each of those choice points, there were better technologies available.
ANY examples? None? How am I to assume you actually have any?
As for PHP vs. Ruby, both technologies suck: except for minor differences in syntax and object model, they are naively designed and implemented.
Care to define "suck"? With a short learning curve, they allow a programmer to get started quickly, both are free, offer reasonable performance on current hardware, and offer a robust set of information processing functions.
What exactly is it that "sucks"?
After decades of research in dynamic languages and OOP, it is a testament to widespread ignorance that people would produce and use something like that.
Ignorance of.... (?) More of that "hidden information" you pretend to have, perhaps?
But if I have to work with bad technologies, the one that's more popular, more mature, and more widely supported one is, relatively speaking, better.
Ignoring unsupported adjectives like "bad", I can agree with this sentence, though it's like saying "stuff people like tends to be more popular". It's still a non-statement.
That's why I prefer to be poisoned with PHP rather than starved by Ruby: poison is quicker and less painful.
What is this sentence even saying? Your post is a pointless, information-less, indefensible set of vague insults. Why you were modded up is an exercise left to the moderator, but your post is nothing but pure troll.
After 30 years development, "How far will it scale" is
* the question that scares me most,
* the one that you can never get honest information about from OS or component suppliers,
* and the one that's hardest to test because the most-used features are rarely those you expected. After my 10 years of development, "How far will it scale" is
the question that scares me most,
based only on an honest assessment of how I structure the software, and
utterly irrelevant to OS or component suppliers
Seriously - if you want to scale, you need to avoid the Shlemiel the painter's algorithm. Avoid this sucker with passion and verve. Hunt for ANY CASE where this algorithm is hard at work, sucking away CPU cycles endlessly towards the abyss of swapped memory, session timeouts, and database deadlocks. When you've learned to look for it, you'll be amazed at just how rampant this nasty little bugger actually is.
I wish there was something more to it than that, but I've seen time, and time, and time again, lousy performance made snappy simply by finding and refactoring code that uses this kind of algorithm. Simply put, it's code that processes each bit of data slower as you add more total information to process.
And that's where PHP shines incredibly bright. For as much as you'd hate to admit it, Java's server "shared" VM is a variation of the dreaded painter's algorithm, as is any other form of "shared environment". PHP shares nothing. Each hit is unique, and the only thing that's shared are a few session variables. So, if you structure your application right, you can have 100 servers all serving your PHP application, no matter how computationally dense it is.
And that, brother, is the key to real scalability - Knowing that you can add performance in a linear fashion as the amount of information processed grows. If load climbs faster than the amount of information being processed, hunt the painter! He's in there somewhere...
Anyone who thinks the cameras have anything to do with deterring crime are fooling themselves. They're meant as a means to control the populace and nothing more.
What is "deterring crime" but simply a goal of controlling the populace? Isn't policing a form of population control? And, if cameras are ineffective at reducing crime, doesn't that imply that they would be equally ineffective at other forms of population control?
That's it. If my laptop is stolen, I can review my logs on the webserver to see if my laptop has been online. (it'll access http://mywebserver.com/iamhere.html every hour)
I'm afraid that for the majority of Linux users, there is nothing more to their experience than this, and maybe tooling around in cfg files for 25 hours before they are finished and have nothing left to do with their computer after setting it up. That's something of a norm for hobbyist OS's. The fun comes from the challenge of making it all work and once you've completed that, well, there is IRC for a while...
I guess I'm not in the majority of Linux users, then. After getting the cfg files all worked up, I built a successful, million-dollar technology business providing information management systems on (you guessed it!) Linux-based servers. Although cost was an initial concern, it is security, stability and performance that keep me using Linux.
I'm typing this, however, on a Mac mini. Use the right tool for the job!
Slashdot Mirror
Actually, my sickened mind went a completely different direction... remember when we were going to have 8 Ghz Pentium 4s with 6 GB of RAM to run Windows Vista?
Heck, it's still common to see computers sold with 256 MB of RAM, which wasn't a particularly large amount 5 years ago... that it's even salable today speaks volumes. I have an "end of life" Pentium 4 2.4 Ghz that I picked up this w/e for like $50. 20 GB HDD, 512 DDR RAM, CD, Sound, etc.
Other than the small-ish HD and the CD instead of the DVD, this system is not significantly different than a low-end new system. And, when it was first sold 3-4 years ago, its specs weren't particularly exciting.
Point being, there's a "we don't talk about it" stagnation going on in the Computer industry. I honestly think that most of the new purchases are based on the expectation of EOL and the spread of viruses. It's gotten to where it's actually cheaper to buy a new computer than it is to reload your old one. Part of that is the fact that it takes a full business day of rebooting the computer to update Windows from whatever came on the CD.
This part just floors me. I have the original install disk for the aforementioned $50 Dell 2.4 Ghz system, and am reloading from scratch so it's all clean. It takes ALL FREAKIN DAY simply to update Windows to the latest release, with a 1.5 Mb Internet connection. (not high end, but still no particular slouch)
Yet it takes about an hour and just ONE short line to update CentOS (RHEL) to current: # yum -y update; shutdown -r now; I'm getting spoiled by the "ready to go in 10 minutes, fully updated in under an hour with no oversight" way of getting things loaded. Windows is just a serious pain in the neck, IMHO.
My point to all this?
The computer industry has (finally) reached a stable point. Performance increases are flat-lining to incremental, rather than exponential, and there's little incentive to change this, since a 4-year-old computer still does most anything anybody needs a computer to do. There will always be a high-performance niche, but it's a niche. The money has moved from computing power to connectivity.
People no longer pay for processing power, they pay for connections. Thus the Intarweb...
My very first contribution to the OSS community can be found at PHPBuilder. Notice that the login names match?
Anyway, take a look at the first snippet if you want to see truly simple, juvenile code. No error checking, etc. Except that it solved a need, and somebody else who was (at the time) more developed than I, took my stupid little proof of concept and turned it into something a little more robust. And so have a few other people.
I don't recall anybody ever criticizing the simplicity and the juvenile nature of my first contribution. I would never contribute code like that again, but then, the lessons I learned from this guide me to this day.
Really, the best sysadmin is one so good that he/she/it doesn't appear to do much of anything at all - because that's exactly what he/she/it should be doing. Who is really going to nominate a guy who seems to just sit around while everything around him seems to work just perfectly?
Thus, the contest is biased. You'll either get:
A) The guy that always seems "industrious", nominated by people who aren't sysadmins, or
B) The guy that seems "lazy", sits around not doing much at all while dozens to hundreds of carefully written scripts fire off all day long, sending an occasional message when an error condition is detected. Since this guy would have to be nominated by a sysadmin, and sysadmins are in the minority, this contest is biased in favor of the incompetent.
I used to develop a GPL app, the GNUstep-based character map Charmap. It had a few dozen users, and I'm pretty sure none of them ever took a single look at the source. Only the very biggest applications get attention, and very often quite uncritical examination at that.
In a sort of backhanded way, the fact that nobody bothered to look is a complement!
Programmers typically look at sources when they need it to do something it doesn't already do. There's an itch they're looking to scratch, and your stuff doesn't do it. Years ago, when I was still pretty green at coding, I threw out some code that allowed you to send email through a remote server.
It was about as basic as you could get. And, the many revisions that happened thereafter over the years are a clear example of how source review is done.
What I originally threw out was pretty weak, and was extended by other programmers who wanted to scratch an itch that my original code did not fulfill. This is code review at work...
It is unfortunate that the teaching system (of which my wife is a part) is stuck in a 19th century methodology of teaching the masses to act in unison. It is as if they're preparing these kids for the rote factory jobs of yesterday instead of the knowledge-critical jobs of today.
At least in California, there's a very positive dynamic known as the "Charter School". Basically, it's a school set up with alternative teaching strategies. Many of these are "Home School" philosophy, but they really run the gamut in educational strategies.
It's exciting to be part of this movement; My company provides software to track information for these alternative education programs. What prompted me to reply instead of moderate was your comment about "factory jobs" because I believe that's exactly what the standard, public school system prepares you for.
And it doesn't work anymore. Technology has progressed beyond the factory worker, but the schools teach everybody to work in lockstep with your team-mates. Its time has passed, and now it's time to move on. Get involved with your local alternative education program(s) - you won't regret it!
lol, happened at college all the time
What college did you go to? Because it seems that some of those "idiots" now work for the State Dept. of Education! Seriously, in my line of work, I get notices from SDE (State Dept. of Educ.) and in nearly every case, ALL THE RECIPIENTS ARE ON THE TO LINE.
I've been SO TEMPTED to reply all with the message: "Do you realize that the State Department of Education has provided me with your Email address, and if the computer of any of these kazillion recipients is infected with a virus, you'll soon be inundated with lots of SPAM regarding the size of your genitalia, don't you? So, next time you get a p3niz p1llz email, don't blame me!" except that since most of the recipients of the email are my clients or potential clients, I would never, ever, ever, do that.
Maybe I could get away some with inane comment about the message, maybe a point of clarification? Dunno. When your income/job/career is on the line, you'll (not) do amazing things to keep everything on course...
But it's fun to think about...
Except it's not being inserted into the website itself, the page is being modified en-route to the client.
Read up on ARP spoofing...[SNIP]
Which is why SSL should be more commonly used. Seriously - an SSL cert costs less than a hundred bux/year, or less than two hundred bux per year for one that allows wildcard subdomains and completely defeats this, and loads of other attacks. (No, I'm not affiliated with RapidSSL, but I am a happy customer)
The nice thing about wildcard SSL is that it effectively allows you to host multiple sites under a single IP address and port. Simply use subdomains of your root domain, and use Apache's VirtualHost directive!
Or, we could take it one step further and actually USE dnssec - but that might be asking a bit too much...
This attack is old. Technology to prevent it is well known and mature. Why are we still doing this?
You got that right - there is no point, but not for the reasons you specify.
If you RTFTA you'd see that this is nothing more than a glorified WebDAV directory. The functionality they're talking about is something we've been using for freaking ever with Apache/Mod_SSL/WebDAV. We routinely read, write, and save documents to and from anywhere in the world collaboratively with other people in the office, with the server being an old P3 Desktop too old and slow to work as a desktop anymore running CentOS for free with the above configuration hosted on the company Internet Connection.
Works a champ. I don't have any idea why they think this is in any way relevant.
I don't want to start a cell company.
I've known/seen companies who have indicated a willingness to open-source their code -- meaning that they've thought about the competitive aspects and realize that it's not going to hurt, and might help, them -- suddenly drag their feet at the last minute, or spend months or years "preparing" to open-source their code. I think this is directly related to embarrassment over the poor state of their codebase.
Yep, here I am. I'm a CTO of a rapidly-growing software company. Our big money maker is a product initially conceived as a "quick project" of a few months' duration and was given similar consideration on design and construction. But it worked! It solved a need at a level that was unanticipated, and now, 4 years later, is satisfying 20x the dataset and 100x the customers originally envisioned.
And it was not originally designed for this level of scale.
So, going from a single, solo software engineer, to several programmers, (and growing fast) and developing a rapidly growing suite of products in a rapidly growing company, the cash-cow project remains, alas, solely in my hands.
Does the product work well? Yes, at least, reasonably well. Users routinely rave about how much time it saves and how it's improved their professional lives. It works well for the problem it solves and the problem is not met effectively by any competitor.
But, the dirty secret is that it's simply inelegant. It's a bunch of not-well-structured code only organized by a sloppy ad-hoc naming convention and riddled with minor bugs that are fixed quickly and distributed well, but shouldn't exist in a better design in the first place.
And, once saddled with the code, Code Inertia takes place and it becomes an exercise in how to move to something more sane while doing the following:
1) Keep the customers happy through multiple upgrades that don't appear any different than original. Introduce features that are obvious just fast enough to make it all seem worthwhile!
2) Keep the additional costs of development inline with "maintenance level". This cuts the rate of improvement, and also increases the amount of inertia accumulated with #1, since #1 is written to the "old way".
3) Improve the codebase enough to provide meaningful results demonstrated to the august powers, (this means ROI) and
4) Clean up the kludge enough to allow for improved pace of future development. You want to get rid of all the uglies, but there are so many since a few of your original, naive assumptions about the problem were simply wrong.
It's a hard row to hoe, and there's a bit of a "loan" being made, where design decisions early on made to shortcut development woes carry a long-term burden, almost like an interest rate. Since the company has passed the million-dollar-a-year stage, arguing about those original decisions is pointless; the only thing to do now is to figure out how to take what you started with and make it do what you need it to do hereafter.
I've been working for over a year on a basic design decision change that will close out lots of badness and produce almost an order of magnitude better data integrity. Since starting the project, we've almost tripled in client base, and yet I won't be done for at least another year, if ever.
I suppose the argument is moot - if I hadn't come up with the original product in time, the whole business would have failed. The company, then on the rocks, would have closed, and it would all be for naught. But, with the compromises made, it can be amazing just how badly inertia sets in.
Moral? Write the best quality code you can within the budget you have. Always. Because you'll live with a significant percentage of whatever you create, and the future costs of change may well be orders of magnitude more than your initial cost of creation. And you'll never quite know what it is that you end up living with.
PS: While it might sound like I'm complaining, I'm not! I'm living the dr
The guy said "on the box," if you were paying attention.
The guy was me, if you were paying attention. I know what I said. I meant "box" as a synonym for case.
Also, "imprinting" on the outside of the equipment is not exactly trivial and certainly not free, especially if something goes wrong.
Should be rather easy with a smidgeon of WORM Flash memory to set this at the time of imprinting. In other words, the machine that stamps the password is simultaneously burning the password into WORM memory electronically.
And of course in the mean time all you've done is shift the problem. Now there'll be thousands of routers with the password printed right on them!
First, let me fix that for you:
And of course in the mean time all you've done is shift the problem. Now there'll be thousands of routers with the default password printed right on them!
Which isn't better than all these thousands of routers with the EXACT SAME default password, how, exactly?
Very true, and the legal fix is simple. If you run a network, and interfere with the contents of any message, then you are responsible for the contents of every message. If you censor things, then any message that is illegal (slander, libel, copyright infringement, etc.), is your legal liability.
Sounds simple, doesn't it? It isn't.
Text messages now have attachments (pictures, video, etc) which can then access potential vulnerabilities in your phone. Thus, they are no different than Email in practice.
What about antivirus on your Email? If your antivirus catches a virus trace in a benign (but life-changing) message, who's liable for nondelivery? What about the use of Bayes filtering to mitigate SPAM?
"Common Carrier" type statutes have limited applicability when dealing with pseudo-intelligent communications vehicles (EG: anything with a computer on it)
if you filter based on origin, destination, or content then you are liable.
So, using something like a realtime blacklist (RBL) to block junk messages from known junk-message senders would make the carrier liable for ALL messages? Using an RBL is a form of filtering by origin... as an admin, I'd never do it, and so would your carrier. Thus, you get ENl463 y0ur P3N1S!!I! messages all day.
Thanks, but no thanks.
"Common Carrier" statutes have their place, but they also have their limitations.
If you're paying attention... what actually could possibly go wrong?
If the default password is imprinted on the outside of the equipment (say, on the bottom) and is a relatively good password, how is that not better than "admin" or "Cisco0" as the password?
The weakest link is often the user: leaving the default password of a router,
Are you sure it's the user?
So, let me ask you this - why is the default password on routers all the same? Why isn't it different for each unit, and imprinted on the box or something? Such a trivial thing to do, yet it would do so, so much for improving security, and would have a trivial effect on usability.
Routers are security devices. Other security devices (such as bike locks) have the default being rather secure, why can't routers?
No, the real problem is apathy, laziness and an inability to think independently.
Insulting me is not a replacement for meaningful information. Since you have not provided any, (meaningful information) I can only assume you have none. Come back when you have something to say.
Back to the "Don't be a pompous jackass" part - explain yourself.
If you have something to say (perhaps, about debt) then say it. Otherwise, you're part of the problem - Go away.
But I'm still betting you have nothing meaningful to say.
Do you know where money REALLY comes from? (no it's not the government or the mint)
What you mean by "money" is obviously different than mine. My "money" has the stamp of the location it was minted in.
Do you know what inflation REALLY is?
Eh... Inflation is where money becomes less valuable when compared to other commodities. Money is a commodity, and all commodities have relative worth based on their availability.
Do you know who benefits from inflation and who loses out?
Benefits == people who owe. Loses out == people with cash savings?
If you think you know something valuable, out with it. Don't be a pompous jackass. Free exchange of ideas, and all that.
But let me guess: Your answer involves [a] Illuminati [b] Jewish bankers [c] Fractional Reserve Banking [d] Federal Reserve conspiracies or [e] Trilatteral Commision / Council on Foreign Relations?
When Gnome or KDE copies features from OS X 10.6 or greater, owners of this newly excluded hardware will be able to get in on the fun as well.
Brother,
If you think that Gnome or KDE compare to MacOS, it's because you have not used MacOS. Gnome/KDE are decent. They are pretty, but truthfully, rough around the edges. (The edges being that no-man's land that's neither Gnome or KDE land - things like cron, xinet.d, nmap, rpm, modules.conf, and so on)
MacOS is like Gnome or KDE, except the entire system is built to work together smoothly without a lot of stupid hacks. Until you've experienced it for 3-6 months, you really can't comment on it.
And I say this as a Linux lover! I've built a million-dollar (and growing fast) business using 100% Linux technology for servers and hosting, which is the core of the business. Myself and my programming team all use Linux on the desktop, where, as developers, Linux remains the top notch.
But my kids tend to prefer the Mac to Windows for things like videos, YouTube, homework, etc. and I sure do, because "it just works" without having to reload the !@# thing every year or so because it got h4mm3r3d with stupid bugs, trojans, and god knows what else despite using restricted users and 2 different blends of antivirus.
Actually the session system is very similar to PHP : session variables are stored in memory, so your load-balancer has to manage session/server affinity, and if you can't afford to lose your session data, you have to activate session replication an this is a PITA (both design- and performance-wise), anyway you should not rely on session data in the first place.
But this isn't all that similar. PHP Session variables are stored in any number of places - on disk, in memory, in a database, or in any user-defined manner, which leads to interesting possibilities such as ShareDance.
This gives you the ability to decouple session management from any specific server - your load balancer doesn't have to care one whit about sessions, making their use much more reliable and trustworthy. BTW, ShareDance scales VERY nicely, and for me, took about 20 minutes to install.
Usually, Java performance mostly depends on developper culture, quantity of black-box code, and the use of XML. I've seen really awesome performance achieved in Java.
Yes, you can avoid the painter's algorithm in Java, too. =) I didn't mean to pick on Java, but it's shared environment does cause issues when you try to get it to scale.
Your post leaves alot to be desired. Such as, for example, any useful information to back up your claims of being "naively implemented". Here's my breakdown of your post:
You know, the sad thing about all the comparisons you make is that they are all choices between bad technologies. Assembler vs. PL/I, C vs. Java, Windows vs. Linux--they're all questions like whether you want to be drawn or quartered, drowned or burned, poisoned or starved. At each of those choice points, there were better technologies available.
ANY examples? None? How am I to assume you actually have any?
As for PHP vs. Ruby, both technologies suck: except for minor differences in syntax and object model, they are naively designed and implemented.
Care to define "suck"? With a short learning curve, they allow a programmer to get started quickly, both are free, offer reasonable performance on current hardware, and offer a robust set of information processing functions.
What exactly is it that "sucks"?
After decades of research in dynamic languages and OOP, it is a testament to widespread ignorance that people would produce and use something like that.
Ignorance of.... (?) More of that "hidden information" you pretend to have, perhaps?
But if I have to work with bad technologies, the one that's more popular, more mature, and more widely supported one is, relatively speaking, better.
Ignoring unsupported adjectives like "bad", I can agree with this sentence, though it's like saying "stuff people like tends to be more popular". It's still a non-statement.
That's why I prefer to be poisoned with PHP rather than starved by Ruby: poison is quicker and less painful.
What is this sentence even saying? Your post is a pointless, information-less, indefensible set of vague insults. Why you were modded up is an exercise left to the moderator, but your post is nothing but pure troll.
* the question that scares me most,
* the one that you can never get honest information about from OS or component suppliers,
* and the one that's hardest to test because the most-used features are rarely those you expected. After my 10 years of development, "How far will it scale" is
Seriously - if you want to scale, you need to avoid the Shlemiel the painter's algorithm. Avoid this sucker with passion and verve. Hunt for ANY CASE where this algorithm is hard at work, sucking away CPU cycles endlessly towards the abyss of swapped memory, session timeouts, and database deadlocks. When you've learned to look for it, you'll be amazed at just how rampant this nasty little bugger actually is.
I wish there was something more to it than that, but I've seen time, and time, and time again, lousy performance made snappy simply by finding and refactoring code that uses this kind of algorithm. Simply put, it's code that processes each bit of data slower as you add more total information to process.
And that's where PHP shines incredibly bright. For as much as you'd hate to admit it, Java's server "shared" VM is a variation of the dreaded painter's algorithm, as is any other form of "shared environment". PHP shares nothing. Each hit is unique, and the only thing that's shared are a few session variables. So, if you structure your application right, you can have 100 servers all serving your PHP application, no matter how computationally dense it is.
And that, brother, is the key to real scalability - Knowing that you can add performance in a linear fashion as the amount of information processed grows. If load climbs faster than the amount of information being processed, hunt the painter! He's in there somewhere...
I think I'll write a fictional story about what would happen if my neighbor took a shit.. Wanna read it?
I think I'll wait for the movie
Movie's out, complete with a dorkass who laughs at his own reflection on the video! But hey, don't listen to me, check it out fer yourself!
Anyone who thinks the cameras have anything to do with deterring crime are fooling themselves. They're meant as a means to control the populace and nothing more.
What is "deterring crime" but simply a goal of controlling the populace? Isn't policing a form of population control? And, if cameras are ineffective at reducing crime, doesn't that imply that they would be equally ineffective at other forms of population control?
crontab -e;
/dev/null http://mywebserver.com/iamhere.html :wq
1 * * * * wget -q -O
That's it. If my laptop is stolen, I can review my logs on the webserver to see if my laptop has been online. (it'll access http://mywebserver.com/iamhere.html every hour)
I'm afraid that for the majority of Linux users, there is nothing more to their experience than this, and maybe tooling around in cfg files for 25 hours before they are finished and have nothing left to do with their computer after setting it up. That's something of a norm for hobbyist OS's. The fun comes from the challenge of making it all work and once you've completed that, well, there is IRC for a while...
I guess I'm not in the majority of Linux users, then. After getting the cfg files all worked up, I built a successful, million-dollar technology business providing information management systems on (you guessed it!) Linux-based servers. Although cost was an initial concern, it is security, stability and performance that keep me using Linux.
I'm typing this, however, on a Mac mini. Use the right tool for the job!