What is the meaning? That teenage boys are smart and teenage girls stupid? Or that boys are selfish and don't think people should be payed for what they do, (unless they suddenly form a boy band, in which case they probably would want to get payed), and that girls have more empathy and are ok with paying artists/the labels or otherwise buy indie?
I can't think of a single reading of that stupid sentence that would make it 'Insightful'. Is it because the slashdot crowd is mostly computer nerds? Does that mean computer programmers? As in, say, Grace Hopper?
All of this is handled properly since v5.0 However, for backwards compatibility, the default mode is that of older MySQL versions, and hence you get default values for invalid data when constraints aren't met.
However, these don't go silently. It's true that an error isn't thrown, but warnings are generated every time a column is truncated or set to it's default data type.
If you want an error while inserting null into a not null column, or while inserting an out of range value, setting sql_mode into something like 'STRICT_TRANS_TABLES' or 'TRADITIONAL' will make MySQL work the way you expect.
It's true that combining MyISAM and Innodb tables in transactional statements will screw up your data, but that's only because you shouldn't be using MyISAM tables in transactions in the first place! If you want transactions, use InnoDB, or BDB, if you need something else. InnoDB is good for 99.9% of the cases in which transactions are needed for MySQL. Complaining that your referential constraints and transactions aren't respected while MyISAM tables are involved is like, I don't know, trying to write data to a closed socket and then complaining that it blows up in your face:)
All of this is properly documented in the manual. As any complex piece of engineering, one shouldn't try to do anything big with MySQL without reading the corresponding manual sections first, or unexpected behavior will arise, and frustration/anger is sure to follow:)
I wouldn't blame postgresql for any bad performance I may get out of it, I would blame my lack of knowledge, since I know next to nothing about it.
Finally, I believe this 'war' thing is just among people who don't really contribute much to either project. The Percona conference is coming by the end of april, and some PostgreSQL folks are giving talks there too, so I'm confident that the hacker community is well above any occasional flamewar:)
In MySQL, "coryking", "CorYKING" and "CORYKing" may or may not be all the same, depending if the datatype is binary (they wouldn't be the same) or non-binary (the could be the same or not, depending on the charset and collation).
You probably had a case insensitive collation on MySQL. I don't know much about Postgresql so I don't know what could have changed on your schema there, but the bottom line is that MySQL *is not case-insensitive*, individual string data types can be case sensitive or insensitive, depending on your application needs.
It really pays to RTFM:)
I have a Compaq Presario V2617LA happily running Fedora 5.
However, my keyboard/touchpad died a month ago and I found out through
HP's regional support that the warranty is only valid if you use
the original OS that comes with the notebook (in my case, it was
XP home edition).
Up until now, I had always purchased notebooks using tuxmobil.org as
a guide (I even contributed a page for this particular machine),
but now that Dell sells notebooks with Ubuntu and that there are
other providers that sell machines with GNU/Linux AND respect their
warranty, I'm never buying from a brand that screws me as a customer,
EVER.
If you still have your windows partition you're probably covered, but
I just wanted to get the word out to anyone considering buying a notebook
to use with GNU/Linux. Please go to the providers that officially support
any distribution.
This is not FUD.
I bought my computer through an official retailer in Montevideo,
Uruguay. My machine has been in HP/Compaq's official support for
this country since jun 7 and now their answer is that the
notebook is no longer produced and that there are no spare parts
to replace the keyboard/touchpad (all this on a machine I purchased
9 months ago and would still be on warranty if it wasn't for
the fact that I use GNU/Linux). The support company is
CNS
I know you're talking about your experience, but read the article: all of the programmers involved in this were from the NY and NJ areas
The article even mentions the user name (for rentacoder) for the
NY programmer that posted the children's database on repeated ocassions, even after getting a friendly warning from another programmer.
So while it's true that a worker in America can spill private data just as easily as a worker in the third world, *getting away* with it is a completely different matter. Companies which offshore private data deserve the lawsuits they'll face when something like this actually plays out wrong...
In the third, no wait, fourth world ...
on
Best BBS Memories?
·
· Score: 4, Interesting
In Uruguay, and most of South America, BBS ruled for as late as 1996-97, when internet access finally made it's way to the public.
I remember expensive phone bills (which my dad covered at the time of course, it's a good thing DSL finally found our little country by the time of my financial independance), and a terrible sense of envy for the folks with 9600 and 14400 connections (i had a 2400 modem).
On a more positive note though, i got a 24 hour reminder of the whole 'BBS era' thing, since i met my wife in one of those networks:). (and no, it was not a dating service, it was a geeky BBS that suddenly got crawled with not-so-geeky types, my wife included, which gave us nerds the chance to meet and relate to people with real world experiences!).
or a president without a high school diploma [worldpaper.com] (da Silva)
let me get this straight: you're putting
the lack of a high school diploma on the same
level as corruption? (de Mello was forced to
resign, right?). and exactly how was high school
useful for a guy who said Africa is a country?? (and i just picked up a random 'bushism' here)
i'm neither from brazil nor from the us, but it
pisses me of that someone from the land of the free and equality of oportunity puts off a president for not having a high school diploma, please, give it a second thought and stop being so racist (yes, academic elitism is a form of racism, mind you).
HTTPS is a joke for e-commerce. No one breaks into a router and sniffs for credit card numbers. They go after poorly secured databases of tens of thousands of numbers.
and let's not forget social engineering. i worked for a place with a major e-commerce site (actually, major in my country alone, but it moved a lot of money daily) and the security was once
compromised because someone called tech support and
asked their e-mail to be changed. this was done by the support 'technician' right away, and the attacker then used a 'forgot password' form to get a new password for the account. (the password remember question/answer mechanism is a joke since most people use dumb questions such as 'my dog's name' and other sort of easy to brute-force-attack data).
my bottom line is that whatever process is involved in e-commerce, security is important not only in your servers but in your people, and tech support folks have a series of ugly qualities:
are scared of their boss and will try to please the customer (even if he/she is no real customer) fast as long as the call doesn't escalate
have low wages and are usually rotated frequently (every 3 months in the place i mentioned) for 'security' reasons (i guess the intention was to keep security lax)
tend to think they know more than the sysadmin/programmers/DBAs about how the system works
finally, security procedures are usually not well documented or not documented at all, especially if the IT department is small or unimportant in the jerarquic structure of the enterprise.
my advise would be to outsource the billing process only. it wouldn't be profitable for your company to set up a billing gateway, so go for one of the many alternatives out there (authorize.net, fraudless.com, trustcommerce.com, et al). as for the rest of the e-commerce development (shopping cart, tracking requests, etc), i've used osCommerce (oscommerce.com) with sucess. AFAIK, it's the most complete open source e-commerce suite out there, very well written (it's php code), and easy to extend (you can write your specific modules for billing, shipping, etc).
has both a public part (called the 'catalog') and an admin interface for the merchant (this one allows tracking of users, orders, products, etc).
check out the oscdox.com site for documentation on installing and customizing the package
(note: i'm not related to them in any way, i'm just a satisfied programmer:)
i agree, while i prefer content-oriented sites to web pages loaded with images and animations, this layout has a very negative impact on the usability of the site. however, give it a try with lynx, i just did and it looks much better (kinda like reading through a man or info page).
ok, so in a sense the broadcasters own the content they broadcast and therefore can somehow manage to get a law like this passed. don't you own your house?, what about the broadcasted waves that go through your place?. can't someone make it ilegal to broadcast copy-controlled content through his/her house?. i don't live in the us, but if this gets passed, it probably will spread to third world countries such as mine who are always passing laws in order to get more money lent.
Right now the Writers of America are boycotting Amazon. Every time you buy a used book from them the author gets nothing, nada, not a cent.
But isn't that how it's supposed to be?. After all, the author of a book should be paid when each copy of his/her book is sold.
But if you buy a book, read it, and decide that you don't like it, you can sell it to someone else and
pay nothing to the writer, because it's the same book. It's not like you're making a copy of the book
and selling that copy, you are selling the original.
According to your view, if i buy a used mustang
from someone else, i must give some money to
the ford company too.
systems programming (which accounts for perhaps 95% of CPU cycles executed)
This may not have much to do with the discussion, but, assuming that by systems programming you mean OS code, you are here implying that 95% of the CPU cycles are consumed by the OS. This would be considered a TERRIBLE ammount of overhead, even for a redmond-based OS designer.
this might be usefull for some very large database tables (assuming you don't use rawdevices).
that said, this is when i turn this into a mini ask-slashdot:
while i have no problems writing/reading large files (i.e., >2GB), most regular linux software can't
deal with them
for instance, i can't upload them with ftp. i'm having this problem with a mysqldump file that's part of a system backup.
right now it's not a real problem since i can gzip the file and the size goes down to 250MB aprox, but how do you guys handle large files in linux anyway?
This year's feb. edition of Communications of the ACM has
an article covering WAP' security problems.
I don't have it with me now (so this post is
somewhat useless) but the general idea was
that several security issues weren't consideres during the design stage, and "fixing" those
issues would mean a great deal of redesign for
the protocol.
Besides this security problem, i think WAP was
doomed from the start, if you consider the
fact that most
providers are including or going to include a
TCP/IP stack on their units (and mobility issues
can be solved using Mobile-IP as transport).
it might be a good idea, still, if every host polls each
other host, the network use overhead will probably
outcost the benefit.
perhaps it would be better to poll between long
intervals, and to have a host in trouble notify some
other hosts on the p2p network, but then again, this
is already done in SNMP.
what might be better is to have a host poll only
some nearby hosts (maybe just one), and on
reasonable intervals (according to the service being
checked, a ping could be done every minute, but
a MySQL check should better be done between
20-30 mins.). you could also have each host
notifying another host of it's check
results say, every 2 hours. that way, if this
host get's no report over that period of time, it could
first attempt to poll the reporting host, and it
could also take over it's monitored hosts too.
the times specified would obviously depend on the
network latency time and the availability
requirements of each service being checked.
I agree with you on that one, but also think that linus
missed a few more important points in relation to the
original article.
For instance, Mundie presents arguments against the
business model followed by many internet startups during
what ms (gates, actually) calles the "internet gold rush".
However, it was Microsoft who bought (and at a very
high price, indeed) Hotmail, a company that provided
their service for free. The most important fact about
this contradiction is, i think, that Mundie admits that
Microsofts endorses said business model if is used
on a company which might be useful for MS.
Another important issue that i found on the article
is the remark about OSS being the cause for
"incompatible versions of programs, weakened interoperability,
product instability ,..."
I may be wrong, but i think that issues have
nothing to do with a software being Open Source.
I think that the success of a software projects
depends on a good development group, a good
management (things such as a properly administered
CVS tree, for example), a good relationship with
the customer and proper gathering of requirements
(be it business customers or the user base of an
open source and free operating system) ; but not
on the software being open source or propietary.
If applications use XML over port 80 as an API, we will have to put application level proxies on things that used to be simple services. All firewalls will have to include an analytical engine as strong as that of an IDS for each service they want to run.
I'm not a security expert but i have some
experience implementing distributed systems
that use HTTP, and you can easily use SSL (or
any stronger PKI based authentication system)
to integrate security into your services.
Maybe the biggest problem i see in this is that
the average programmer will have to be more
security-aware than before, but i'm sure that
most vendors will provide frameworks to help
incorporate this authentication systems into
networking code in a transparent way.
Re:Sounds like a good idea, but..
on
The Dot in .mars
·
· Score: 1
That 8 minute delay only means that the link would not be useful
for real-time or on-line applications.
Still, e-mail could be used together with a messaging system (perhaps XML) to perform tasks such as
system monitoring and alert dispatching.
i have done this myself with machines that can't
talk to each other except through e- mail due to firewall restrictions and it works just fine.
In fact, using something like SMS anyone could
have an alert delivered to his/her cellphone if something goes wrong up there.
Slashdot Mirror
This gets modded Insightful?
What is the meaning? That teenage boys are smart and teenage girls stupid? Or that boys are selfish and don't think people should be payed for what they do, (unless they suddenly form a boy band, in which case they probably would want to get payed), and that girls have more empathy and are ok with paying artists/the labels or otherwise buy indie?
I can't think of a single reading of that stupid sentence that would make it 'Insightful'.
Is it because the slashdot crowd is mostly computer nerds? Does that mean computer programmers? As in, say, Grace Hopper?
All of this is handled properly since v5.0
However, for backwards compatibility, the default mode is that of older MySQL versions, and hence you get default values for invalid data when constraints aren't met.
However, these don't go silently. It's true that an error isn't thrown, but warnings are generated every time a column is truncated or set to it's default data type.
If you want an error while inserting null into a not null column, or while inserting an out of range value, setting sql_mode into something like 'STRICT_TRANS_TABLES' or 'TRADITIONAL' will make MySQL work the way you expect.
It's true that combining MyISAM and Innodb tables in transactional statements will screw up your data, but that's only because you shouldn't be using MyISAM tables in transactions in the first place! If you want transactions, use InnoDB, or BDB, if you need something else. InnoDB is good for 99.9% of the cases in which transactions are needed for MySQL. Complaining that your referential constraints and transactions aren't respected while MyISAM tables are involved is like, I don't know, trying to write data to a closed socket and then complaining that it blows up in your face :)
All of this is properly documented in the manual. As any complex piece of engineering, one shouldn't try to do anything big with MySQL without reading the corresponding manual sections first, or unexpected behavior will arise, and frustration/anger is sure to follow :)
I wouldn't blame postgresql for any bad performance I may get out of it, I would blame my lack of knowledge, since I know next to nothing about it.
Finally, I believe this 'war' thing is just among people who don't really contribute much to either project. The Percona conference is coming by the end of april, and some PostgreSQL folks are giving talks there too, so I'm confident that the hacker community is well above any occasional flamewar :)
In MySQL, "coryking", "CorYKING" and "CORYKing" may or may not be all the same, depending if the datatype is binary (they wouldn't be the same) or non-binary (the could be the same or not, depending on the charset and collation). You probably had a case insensitive collation on MySQL. I don't know much about Postgresql so I don't know what could have changed on your schema there, but the bottom line is that MySQL *is not case-insensitive*, individual string data types can be case sensitive or insensitive, depending on your application needs. It really pays to RTFM :)
I have a Compaq Presario V2617LA happily running Fedora 5.
However, my keyboard/touchpad died a month ago and I found out through HP's regional support that the warranty is only valid if you use the original OS that comes with the notebook (in my case, it was XP home edition).
Up until now, I had always purchased notebooks using tuxmobil.org as a guide (I even contributed a page for this particular machine), but now that Dell sells notebooks with Ubuntu and that there are other providers that sell machines with GNU/Linux AND respect their warranty, I'm never buying from a brand that screws me as a customer, EVER.
If you still have your windows partition you're probably covered, but I just wanted to get the word out to anyone considering buying a notebook to use with GNU/Linux. Please go to the providers that officially support any distribution.
This is not FUD.
I bought my computer through an official retailer in Montevideo, Uruguay. My machine has been in HP/Compaq's official support for this country since jun 7 and now their answer is that the notebook is no longer produced and that there are no spare parts to replace the keyboard/touchpad (all this on a machine I purchased 9 months ago and would still be on warranty if it wasn't for the fact that I use GNU/Linux). The support company is CNS
Here are a couple of places you can start:
ubuntu on dell
linux certified laptops
Please!!. Someone make a t-shirt out of this one!.
> Mozilla = Netscape
A message from the slashdot compiler:
Thanks a lot, you've just overwritten all the fixes in mozilla since the last AOL fork.
Next time please pay more attention and write the proper Mozilla == Netscape statement
The article even mentions the user name (for rentacoder) for the NY programmer that posted the children's database on repeated ocassions, even after getting a friendly warning from another programmer.
In Uruguay, and most of South America, BBS ruled for as late as 1996-97, when internet access finally made it's way to the public.
:). (and no, it was not a dating service, it was a geeky BBS that suddenly got crawled with not-so-geeky types, my wife included, which gave us nerds the chance to meet and relate to people with real world experiences!).
I remember expensive phone bills (which my dad covered at the time of course, it's a good thing DSL finally found our little country by the time of my financial independance), and a terrible sense of envy for the folks with 9600 and 14400 connections (i had a 2400 modem).
On a more positive note though, i got a 24 hour reminder of the whole 'BBS era' thing, since i met my wife in one of those networks
let me get this straight: you're putting the lack of a high school diploma on the same level as corruption? (de Mello was forced to resign, right?). and exactly how was high school useful for a guy who said Africa is a country?? (and i just picked up a random 'bushism' here)
i'm neither from brazil nor from the us, but it pisses me of that someone from the land of the free and equality of oportunity puts off a president for not having a high school diploma, please, give it a second thought and stop being so racist (yes, academic elitism is a form of racism, mind you).
and let's not forget social engineering. i worked for a place with a major e-commerce site (actually, major in my country alone, but it moved a lot of money daily) and the security was once compromised because someone called tech support and asked their e-mail to be changed. this was done by the support 'technician' right away, and the attacker then used a 'forgot password' form to get a new password for the account. (the password remember question/answer mechanism is a joke since most people use dumb questions such as 'my dog's name' and other sort of easy to brute-force-attack data).
my bottom line is that whatever process is involved in e-commerce, security is important not only in your servers but in your people, and tech support folks have a series of ugly qualities:
- are scared of their boss and will try to please the customer (even if he/she is no real customer) fast as long as the call doesn't escalate
- have low wages and are usually rotated frequently (every 3 months in the place i mentioned) for 'security' reasons (i guess the intention was to keep security lax)
- tend to think they know more than the sysadmin/programmers/DBAs about how the system works
finally, security procedures are usually not well documented or not documented at all, especially if the IT department is small or unimportant in the jerarquic structure of the enterprise.my advise would be to outsource the billing process only. it wouldn't be profitable for your company to set up
a billing gateway, so go for one of the many alternatives out there (authorize.net, fraudless.com, trustcommerce.com, et al).
as for the rest of the e-commerce development (shopping cart, tracking requests, etc), i've used osCommerce (oscommerce.com) with sucess. AFAIK, it's the most complete open source e-commerce suite out there, very well written (it's php code), and easy to extend (you can write your
specific modules for billing, shipping, etc).
has both a public part (called the 'catalog') and an admin interface for the
merchant (this one allows tracking of users, orders, products, etc).
check out the oscdox.com site for documentation
on installing and customizing the package
(note: i'm not related to them in any way, i'm just a satisfied programmer:)
happy hacking
i agree, while i prefer content-oriented sites to web pages loaded with images and
animations, this layout has a very negative impact on the usability of the site.
however, give it a try with lynx, i just did and it looks much better (kinda like reading
through a man or info page).
ok, so in a sense the broadcasters own the content they broadcast and therefore can somehow manage to get a law like this passed.
don't you own your house?, what about the broadcasted waves that go through your place?.
can't someone make it ilegal to broadcast copy-controlled content through his/her house?.
i don't live in the us, but if this gets passed, it probably will spread to third world countries
such as mine who are always passing laws in order
to get more money lent.
But isn't that how it's supposed to be?. After all, the author of a book should be paid when each copy of his/her book is sold.
But if you buy a book, read it, and decide that you don't like it, you can sell it to someone else and pay nothing to the writer, because it's the same book. It's not like you're making a copy of the book and selling that copy, you are selling the original.
According to your view, if i buy a used mustang from someone else, i must give some money to the ford company too.
this might be usefull for some very large database tables (assuming you don't use rawdevices).
that said, this is when i turn this into a mini ask-slashdot:
while i have no problems writing/reading large files (i.e., >2GB), most regular linux software can't deal with them
for instance, i can't upload them with ftp. i'm having this problem with a mysqldump file that's part of a system backup.
right now it's not a real problem since i can gzip the file and the size goes down to 250MB aprox, but how do you guys handle large files in linux anyway?
This year's feb. edition of Communications of the ACM has an article covering WAP' security problems.
I don't have it with me now (so this post is somewhat useless) but the general idea was that several security issues weren't consideres during the design stage, and "fixing" those
issues would mean a great deal of redesign for the protocol.
Besides this security problem, i think WAP was doomed from the start, if you consider the fact that most
providers are including or going to include a TCP/IP stack on their units (and mobility issues can be solved using Mobile-IP as transport).
it might be a good idea, still, if every host polls each
other host, the network use overhead will probably
outcost the benefit.
perhaps it would be better to poll between long
intervals, and to have a host in trouble notify some
other hosts on the p2p network, but then again, this
is already done in SNMP.
what might be better is to have a host poll only
some nearby hosts (maybe just one), and on
reasonable intervals (according to the service being
checked, a ping could be done every minute, but
a MySQL check should better be done between
20-30 mins.). you could also have each host
notifying another host of it's check
results say, every 2 hours. that way, if this
host get's no report over that period of time, it could
first attempt to poll the reporting host, and it
could also take over it's monitored hosts too.
the times specified would obviously depend on the
network latency time and the availability
requirements of each service being checked.
this explanation need some diagrams badly.
I agree with you on that one, but also think that linus
..."
missed a few more important points in relation to the
original article.
For instance, Mundie presents arguments against the
business model followed by many internet startups during
what ms (gates, actually) calles the "internet gold rush".
However, it was Microsoft who bought (and at a very
high price, indeed) Hotmail, a company that provided
their service for free. The most important fact about
this contradiction is, i think, that Mundie admits that
Microsofts endorses said business model if is used
on a company which might be useful for MS.
Another important issue that i found on the article
is the remark about OSS being the cause for
"incompatible versions of programs, weakened interoperability,
product instability ,
I may be wrong, but i think that issues have
nothing to do with a software being Open Source.
I think that the success of a software projects
depends on a good development group, a good
management (things such as a properly administered
CVS tree, for example), a good relationship with
the customer and proper gathering of requirements
(be it business customers or the user base of an
open source and free operating system) ; but not
on the software being open source or propietary.
Anyway, that's my view, sorry for the long rant.
If applications use XML over port 80 as an API, we will have to put application level proxies on things that used to be simple services. All firewalls will have to include an analytical engine as strong as that of an IDS for each service they want to run.
I'm not a security expert but i have some experience implementing distributed systems that use HTTP, and you can easily use SSL (or any stronger PKI based authentication system) to integrate security into your services.
Maybe the biggest problem i see in this is that the average programmer will have to be more security-aware than before, but i'm sure that most vendors will provide frameworks to help incorporate this authentication systems into networking code in a transparent way.
That 8 minute delay only means that the link would not be useful
for real-time or on-line applications.
Still, e-mail could be used together with a messaging system (perhaps XML) to perform tasks such as
system monitoring and alert dispatching.
i have done this myself with machines that can't
talk to each other except through e- mail due to firewall restrictions and it works just fine.
In fact, using something like SMS anyone could
have an alert delivered to his/her cellphone if something goes wrong up there.